This repository has been archived by the owner on Dec 15, 2022. It is now read-only.
AWS Certificate requires X.509 certificate body and CA chain to be specified individually #242
Labels
enhancement
New feature or request
What problem are you facing?
While I understand that the Terrajet AWS provider mimics the AWS API, I have a use case in which I would need that the X.509 certificate body and the CA chain to be specified as a single attribute, that is, as a base64-encoded PEM blob. Looking at https://doc.crds.dev/github.com/crossplane-contrib/provider-jet-aws/acm.aws.jet.crossplane.io/Certificate/[email protected], confirms that: the
Certificate
object states thatcertificateBody
andcertificateChain
are both mandatory.I have a prototype of a Crossplane composition that allows fetching an X.509 certificate provisioned by
cert-manager
stored in a Secret, and uploads it to AWS. At the moment, I am using Crossplane's Terraform provider because of what I said previously. I could use the Terrajet AWS provider only if it supports the certificate body and CA chain to be specified in a single attribute.The Terrajet AWS code could detect this condition: if the certificate body consists of multiple certificate blocks, it can take the first block as the certificate body, and the remaining as the CA chain. This is what I am currently doing in plain Terraform:
How could Crossplane help solve your problem?
By having the Terrajet AWS provider allow the CA chain to be an optional argument, and detect when the certificate body is a multi-part base64-encoded PEM blob and, in that case, perform the split that I implemented above in Terraform.
The text was updated successfully, but these errors were encountered: