bendrucker/cloudfront-batch-certificates.sh

## cloudfront-batch-certificates.sh
old_certificate="A..."
new_certificate="A..."

distributions=($(aws cloudfront list-distributions | jq --arg certificate $old_certificate -r '.DistributionList.Items[] | select(.ViewerCertificate.IAMCertificateId == $certificate) | .Id'))

echo "Distributions"
echo "============="
printf "%s\n" "${distributions[@]}"

echo "\n"
echo "Results"
echo "======="

for i in "${distributions[@]}"
do
  previous=$(aws cloudfront get-distribution-config --id $i)
  update=$(echo "$previous" | sed "s/$old_certificate/$new_certificate/" | jq '.DistributionConfig')
  result=$(aws cloudfront update-distribution --id $i --distribution-config "$update" --if-match $(echo "$previous" | jq -r '.ETag'))
  echo "$(echo $result | jq -r '.Distribution.Id + ": " + .Distribution.Status')"
done
	old_certificate="A..."
	new_certificate="A..."

	distributions=($(aws cloudfront list-distributions \| jq --arg certificate $old_certificate -r '.DistributionList.Items[] \| select(.ViewerCertificate.IAMCertificateId == $certificate) \| .Id'))

	echo "Distributions"
	echo "============="
	printf "%s\n" "${distributions[@]}"

	echo "\n"
	echo "Results"
	echo "======="

	for i in "${distributions[@]}"
	do
	previous=$(aws cloudfront get-distribution-config --id $i)
	update=$(echo "$previous" \| sed "s/$old_certificate/$new_certificate/" \| jq '.DistributionConfig')
	result=$(aws cloudfront update-distribution --id $i --distribution-config "$update" --if-match $(echo "$previous" \| jq -r '.ETag'))
	echo "$(echo $result \| jq -r '.Distribution.Id + ": " + .Distribution.Status')"
	done