I’m trying to get TLS certs generated by acme_certificate using the dns_challenge but having TF manipulate the DNS records isn’t something that will work. I have the ability to create the records, but TF doesn’t have that ability. (Without even considering technical issues, policies not open for discussion disallow the access that it would require.)
Is there a dns_challenge provider that will just spit out the relevant information and then either wait for me to set up the records out of band or quit part way thought and finish the job the next time I apply? Ideally, I’d actually prefer the second if it would let me use a local_file resource to dump the info some place more persistent than my console’s scroll back buffer.