apiVersion: kubernetes.crossplane.io/v1alpha2
kind: Object
metadata:
  name: letsencrypt-prod-issuer
  namespace: crossplane-system
spec:
  providerConfigRef:
    name: kubernetes-provider
  forProvider:
    manifest:
      apiVersion: cert-manager.io/v1
      kind: ClusterIssuer
      metadata:
        name: letsencrypt-prod
      spec:
        acme:
          # You must replace this email address with your own.
          # Let's Encrypt will use this to contact you about expiring
          # certificates, and issues related to your account.
          email: admin@nge6.com
          server: https://acme-v02.api.letsencrypt.org/directory
          privateKeySecretRef:
            # Secret resource that will be used to store the account's private key.
            name: letsencrypt-prod
          # Add a single challenge solver, HTTP01 using ingress
          solvers:
          - http01:
              ingress:
                class: ambassador