我想读取 Kubernetes 机密,然后将这些证书导入 AWS ACM。下面是我的代码
#Read master ingress cert
data "kubernetes_secret" "master_cert" {
metadata {
name = "${var.env}-api-gw-ingress"
namespace = var.env
}
binary_data = {
"tls.key" = ""
"tls.crt" = ""
"ca.crt" = ""
}
depends_on = [kubernetes_manifest.master_ingress]
}
#Upload master ingress cert
resource "aws_acm_certificate" "master_cert" {
private_key = base64decode(lookup(data.kubernetes_secret.master_cert.binary_data, "tls.key"))
certificate_body = base64decode(lookup(data.kubernetes_secret.master_cert.binary_data, "tls.crt"))
certificate_chain = base64decode(lookup(data.kubernetes_secret.master_cert.binary_data, "ca.crt" ))
}
但我收到以下错误
Error: error importing ACM Certificate: ValidationException: Provided certificate is not a valid self signed. Please provide either a valid self-signed certi
ficate or certificate chain.
│
│ with aws_acm_certificate.master_cert,
│ on main.tf line 48, in resource "aws_acm_certificate" "master_cert":
│ 48: resource "aws_acm_certificate" "master_cert" {
我检查了证书,链条都是正确的。我将不胜感激任何帮助或建议。
谢谢