We have one requirement where we have domain list we need to know the aws resources arn attached to it (load balancer, api or cloudfront arn)
We try below command to get cert arn 1st for one domain name
aws acm list-certificates --query "CertificateSummaryList[?DomainName=='example.com'].CertificateArn" --output text
this give output of aws cert arn for mentioned example.com domain
now we need to collect aws resources arn details which are attached to aws cert arn we can get this from console but we need it using cli/script
Is there any script or command where we will put aws cert arn and that will list aws resources arn associated with that aws cert arn?
Or if we can get script or command which will give aws resource arn details just by mentioning domain name that will work too so we can skip aws cert arn part.
After you get the certificate ARN, use
aws acm describe-certificate --certificate-arn arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012 to get the detail of specific cert.
The output will contain the key InUseBy, which is a list of ARNs for the AWS resources that are using the certificate
The full command to print the ARNs one by one would look something like this:
aws acm describe-certificate --certificate-arn arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012 --query 'Certificate.InUseBy' --output json | jq -r '.[]' | while read -r arn; do
echo "$arn"
done