route53-dns-challenge-updater

    0.3.0 • Public • Published

    route53-dns-challenge-updater

    Stability: 1 - Experimental

    NPM version

    AWS Route53 DNS challenge updater plugin for Certificate Manager Service.

    Contents

    Installation

    The intended usage of route53-dns-challenge-updater is as part of capability-cli certificate-manager config aws functionality.

    Alternatively, to install locally:

    npm install route53-dns-challenge-updater
    

    Usage

    This module is intended to be executed as an AWS Lambda function as part of capability-cli certificate-manager config aws functionality that configures this module as well as grants the requisite permissions and creates required supporting infrastructure.

    Required IAM Permissions:

    PolicyDocument:
      Version: 2012-10-17
      Statement:
        Effect: Allow
          Action:
            - "route53:ListHostedZones"
            - "route53:ChangeResourceRecordSets"
            - "route53:GetChange"
          Resource:
            - "*"

    For a more restricted set, you can limit route53:ChangeResourceRecordSets to a specific HostedZoneId:

    PolicyDocument:
      Version: 2012-10-17
      Statement:
        Effect: Allow
          Action:
            - "route53:ListHostedZones"
            - "route53:GetChange"
          Resource:
            - "*"
        Effect: Allow
          Action:
            - "route53:ChangeResourceRecordSets"
          Resource:
            - "arn:aws:route53:::hostedzone/${HostedZoneId}"

    Tests

    npm test
    

    Documentation

    Updater.handle(message, context, callback)

    • message: Object Message from Certificate Manager Service requesting a challenge update.
      • capabilities: Object Capabilities included in the message.
        • challengeUpdated: CapabilityURI Capability to invoke once challenge has been updated.
      • challenge: String Challenge to update with.
      • domain: String Domain name for which to update the challenge.
    • context: Object AWS Lambda context.
    • callback: Function (error, resp) => {} AWS Lambda callback.

    Retrieves AWS Route53 hosted zone id for the domain. Creates a _acme-challenge.${domain}. TXT record containing the challenge. Invokes capabilities.challengeUpdated on success, fails otherwise.

    Errors

    BadRequest

    Inbound request message does not match schema.

    NotFound

    Domain to update challenge for not found.

    ServiceUnavailable

    The challenge updater is unavailable, please try again soon.

    Releases

    Policy

    We follow the semantic versioning policy (semver.org) with a caveat:

    Given a version number MAJOR.MINOR.PATCH, increment the:

    MAJOR version when you make incompatible API changes,
    MINOR version when you add functionality in a backwards-compatible manner, and
    PATCH version when you make backwards-compatible bug fixes.

    caveat: Major version zero is a special case indicating development version that may make incompatible API changes without incrementing MAJOR version.

    Install

    npm i route53-dns-challenge-updater

    DownloadsWeekly Downloads

    1

    Version

    0.3.0

    License

    Apache-2.0

    Unpacked Size

    90.4 kB

    Total Files

    16

    Last publish

    Collaborators

    • tristanls