bashtoni/gist:995c0683bb18fd19eaefdc296a9401d8

Created July 4, 2018 10:48

Star 12 You must be signed in to star a gist
Fork 0 You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/bashtoni/995c0683bb18fd19eaefdc296a9401d8.js"></script>
Save bashtoni/995c0683bb18fd19eaefdc296a9401d8 to your computer and use it in GitHub Desktop.

Download ZIP

Find ARN for ACM certificate for a given domain name

Raw

gistfile1.txt

	aws acm us-east-1 list-certificates --query CertificateSummaryList[].[CertificateArn,DomainName] \
	--output text \| grep example.com \| cut -f1

comster commented Sep 16, 2019

cool!

tabris2015 commented Dec 3, 2019

Thanks mate

meanderer-tech commented May 11, 2020

I'm surprised that the cli doesn't have built in to filter by domain name, thanks.

mehmetafsar510 commented Jul 31, 2021

Perfect

venkateshakarle commented Oct 14, 2021

This is perfect. Thank you.

One problem I see is, if there is domain with prefix, then it will provide those too.
for ex:
if we want to get ARN for example.com but there is one separate SSL for uat.example.com domain, then this command giving both of them.

DimitrijeManic commented Nov 8, 2021

Using AWS query

aws acm list-certificates --query "CertificateSummaryList[?DomainName=='example.com'].CertificateArn" --output text

venkateshakarle commented Nov 8, 2021

Using AWS query

aws acm list-certificates --query "CertificateSummaryList[?DomainName=='example.com'].CertificateArn" --output text

perfect. thanks 👍

mr-davidc commented Feb 1, 2022

That's exactly what I was looking for although I'm surprised there isn't a CLI switch option built directly into the aws acm command to get by domain name. Thanks @DimitrijeManic

proshoumma commented Apr 26, 2022

was looking for this, thanks mate!

jesselang commented Oct 4, 2022

Love that AWS query. ❤️ Thanks!

subhahemalatha commented Oct 11, 2022

Im getting Bad jmespath expression: Unknown token '-': error after command execution , can please guide me

dmoughabghab commented Feb 20, 2023

Nicely done

firxworx commented Jul 3, 2023

Thanks for the gist!

Here's a version with the JMESPath query that adds --region and --profile flags.

aws acm list-certificates --query "CertificateSummaryList[?DomainName=='example.com'].CertificateArn" --output text --region us-east-1 --profile default

In terms of writing a script I think you almost certainly want to specify the --region because this is so important for ACM certificates. For example, all CloudFront certificates must be in us-east-1, meanwhile you might have other resources in other regions.

If you omit the --region AWS will fallback to default and this could vary between users / AWS environments.

Author

bashtoni commented Jul 4, 2023

Thanks for the pure JMESPath verison!

In terms of writing a script I think you almost certainly want to specify the --region because this is so important for ACM certificates. For example, all CloudFront certificates must be in us-east-1, meanwhile you might have other resources in other regions.

If you omit the --region AWS will fallback to default and this could vary between users / AWS environments.

I'd suggest that you use the AWS_REGION and AWS_PROFILE variables to handle this - it allows the same script to be used across multiple regions and accounts.
https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.html

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment