Comments (4)
bsharma-tavisca
commented on July 18, 2024
@bpotaczek Can you please have a look?
from aws-privateca-issuer.
varunvallabhan52
commented on July 18, 2024
Thank you for raising this issue with the AWS Private CA Issue plugin. We have reviewed your submission and replicated the issue you raised. The issue has been prioritized with our support and engineering teams.
from aws-privateca-issuer.
varunvallabhan52
commented on July 18, 2024
There is currently a known issue with the plugin that is preventing certificate issuance due to STS GetCallerIdentity failing because of a region not specified bug, regardless of whether a region was specified or not (#54). There is an existing pull request to fix this (#53), but we are holding off on accepting any pull requests until our testing is redesigned. To fix this issue until then, please checkout the cleanup branch by running
git fetch -a
git checkout cleanup
Also, please be sure you are using the plugin with an IAM user, as that is the most reliable workflow https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html#Using_CreateAccessKey
This user must have minimum permissions listed here: https://github.com/cert-manager/aws-privateca-issuer#configuration
export AWS_SECRET_ACCESS_KEY=<Secret Access Key you generated>
export AWS_ACCESS_KEY_ID=<Access Key you generated>
from aws-privateca-issuer.
varunvallabhan52
commented on July 18, 2024
Thank you for reaching out to Amazon AWS. We have resolved the query and are closing the issue. Please reopen if you have any issues or questions.
from aws-privateca-issuer.
Related Issues (20)
- [Feature Request]: List the chart repository on artifacthub.io HOT 1
- [Feature Request]: Integration with cert-manager 1.10 HOT 4
- [Bug]: Using the default version causes image pull failures HOT 4
- Integration with cert-manager, istio-csr fails pod to pod mTLS. HOT 5
- [Bug]: Image Tag in Helm Chart doesn't match Contianer Image Tag HOT 9
- topologySpreadConstraints support in helm chart HOT 6
- [Bug]: cert-manager.io/cluster-issuer annotation does not work for AWSPCAClusterIssuer HOT 12
- [Feature Request]: helm chart: support optional podDisruptionBudget HOT 1
- [Feature Request]: Documentation of useage with ingress annotations HOT 2
- [Bug]: panic: runtime error: invalid memory address or nil pointer dereference HOT 8
- security HOT 3
- [Feature Request]: Support temporary AWS credentials (including AWS_SESSION_TOKEN) HOT 1
- [Bug]: Error: failed to sts.GetCallerIdentity when using IRSA HOT 11
- [Bug]: awspca-issuer not using secretRef to obtain CA HOT 7
- [Feature Request]: Issue image out of more official ECR Public Repo HOT 2
- [Feature Request]: Support ARM64 architecture HOT 4
- [Feature Request]: Add feature to call kubernetes secrets for the AWSPCAClusterIssuer spec.arn value HOT 3
- [Bug]: Issuer is not ready and certificate creation fails HOT 10
- [Bug]: Connection to AWS PCA not working HOT 5
- [Feature Request]: Replace deprecated `set-output` command with environment file HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from aws-privateca-issuer.