docs/content/dns/zz_gen_yandexcloud.md
Configuration for Yandex Cloud.
<!--more-->yandexcloudHere is an example bash command using the Yandex Cloud provider:
YANDEX_CLOUD_IAM_TOKEN=<base64_IAM_token> \
YANDEX_CLOUD_FOLDER_ID=<folder/project_id> \
lego --dns yandexcloud -d '*.example.com' -d example.com run
# ---
YANDEX_CLOUD_IAM_TOKEN=$(echo '{ \
"id": "<string id>", \
"service_account_id": "<string id>", \
"created_at": "<datetime>", \
"key_algorithm": "RSA_2048", \
"public_key": "-----BEGIN PUBLIC KEY-----<rsa public key>-----END PUBLIC KEY-----", \
"private_key": "-----BEGIN PRIVATE KEY-----<rsa private key>-----END PRIVATE KEY-----" \
}' | base64) \
YANDEX_CLOUD_FOLDER_ID=<yandex cloud folder(project) id> \
lego --dns yandexcloud -d '*.example.com' -d example.com run
| Environment Variable Name | Description |
|---|---|
YANDEX_CLOUD_FOLDER_ID | The string id of folder (aka project) in Yandex Cloud |
YANDEX_CLOUD_IAM_TOKEN | The base64 encoded json which contains information about iam token of service account with dns.admin permissions |
The environment variable names can be suffixed by _FILE to reference a file instead of a value.
More information [here]({{% ref "dns#configuration-and-credentials" %}}).
| Environment Variable Name | Description |
|---|---|
YANDEX_CLOUD_POLLING_INTERVAL | Time between DNS propagation check in seconds (Default: 2) |
YANDEX_CLOUD_PROPAGATION_TIMEOUT | Maximum waiting time for DNS propagation in seconds (Default: 60) |
YANDEX_CLOUD_TTL | The TTL of the TXT record used for the DNS challenge in seconds (Default: 60) |
The environment variable names can be suffixed by _FILE to reference a file instead of a value.
More information [here]({{% ref "dns#configuration-and-credentials" %}}).
The simplest way to retrieve IAM access token is usage of yc-cli, follow docs to get it
yc iam key create --service-account-name my-robot --output key.json
cat key.json | base64