community icon indicating copy to clipboard operation
community copied to clipboard
verified publisher icon aws-controllers-k8s

ACM Allow to import certificates

Open mathias-muench opened this issue 1 year ago • 2 comments

Due to company policy, we have to use TLS certificates issued by a specific CA. To use these certificates, it would be very handy if importing them to ACM could be controlled by ACK, so that we do not need to fall back to different tools for AWS resources.

I propose to add "ImportCertificate" to the service spec, supported by all necessary certificate data.

Since the API call is available in the ACM service, it may already be possible to do this with the ACK ACM service. In that case, I propose to add it to the documentation / API reference.

mathias-muench avatar Mar 18 '24 16:03 mathias-muench

Issues go stale after 180d of inactivity. Mark the issue as fresh with /remove-lifecycle stale. Stale issues rot after an additional 60d of inactivity and eventually close. If this issue is safe to close now please do so with /close. Provide feedback via https://github.com/aws-controllers-k8s/community. /lifecycle stale

ack-bot avatar Sep 14 '24 23:09 ack-bot

/remove-lifecycle stale

mathias-muench avatar Sep 24 '24 11:09 mathias-muench

Love the support for opaque Kubernetes secrets to be imported into ACM. However, we use cert-manager to generate TLS Kubernetes secrets, and we have to build our own translation layer to convert them to opaque before they can be imported.

It'd be lovely if the ACK could support TLS secrets!

henryzhao95 avatar Feb 14 '25 22:02 henryzhao95

Those who found this via search, might also find interesting to read: https://github.com/kubernetes-sigs/aws-load-balancer-controller/issues/1084

sepich avatar May 07 '25 12:05 sepich