Hi, everyone. I’m using tls.dns.route53 plugin for Caddy.
My caddy config is:
prometheus.domain.name {
prometheus
gzip
tls {
dns route53
}
proxy / localhost:9090 {
except /health
}
log /var/log/caddy/access.log {
rotate_size 300
rotate_age 60
rotate_keep 60
rotate_compress
}
errors /var/log/caddy/errors.log {
rotate_size 300
rotate_age 60
rotate_keep 60
rotate_compress
}
}
Caddy is running on EC2 AWS instance. I’m interested in which IAM policy need to tls.dns.route53 plugin. I tried to look to GoDocs here but unfortunately, doesn’t find this information.
It’s not a good practice to give all permissions for route53 and route53 domains to instance role. So any help will be appreciated.