From 5a607d5d111f80538c697cd4747ecd6976f86412 Mon Sep 17 00:00:00 2001
From: Kelsey Hightower <kelsey.hightower@gmail.com>
Date: Sat, 10 Sep 2016 18:49:06 -0700
Subject: [PATCH] add aws support

---
 docs/02-certificate-authority.md | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/docs/02-certificate-authority.md b/docs/02-certificate-authority.md
index 88abd10..cd25a5a 100644
--- a/docs/02-certificate-authority.md
+++ b/docs/02-certificate-authority.md
@@ -120,13 +120,27 @@ openssl x509 -in ca.pem -text -noout
 
 In this section we will generate a TLS certificate that will be valid for all Kubernetes components. This is being done for ease of use. In production you should strongly consider generating individual TLS certificates for each component.
 
-Create the `kubernetes-csr.json` file:
+### Set the Kubernetes Public IP Address
+
+#### GCE
 
 ```
 export KUBERNETES_PUBLIC_IP_ADDRESS=$(gcloud compute addresses describe kubernetes \
   --format 'value(address)')
 ```
 
+#### AWS
+
+```
+export KUBERNETES_PUBLIC_IP_ADDRESS=$(aws ec2 allocate-address \
+  --domain vpc | \
+  jq -r '.PublicIp') 
+```
+
+---
+
+Create the `kubernetes-csr.json` file:
+
 ```
 cat > kubernetes-csr.json <<EOF
 {