MattHealy · February 28, 2023 11:33
diff --git a/list-all-aws-certs.py b/list-all-aws-certs.py
 import boto3
 import csv


 client = boto3.client('ec2')
 regions = [region['RegionName'] for region in client.describe_regions()['Regions']]

 fieldnames = [
    'Certificate',
    'Common Name',
    'Subject Alternative Name(s)',
    'Signed By (CA)',
    'Issued Date',
    'Expiration Date',
    'Public Key Algorithm',
    'Signature Algorithm',
    'Key Size',
    'Support Group',
    'Status',
    'Description',
 ]

 outfilename = 'aws-certs.csv'

 with open(outfilename, 'a', newline='') as writecsv:

    writer = csv.DictWriter(writecsv, fieldnames=fieldnames, quoting=csv.QUOTE_ALL)

    writer.writeheader()

    for r in regions:

        print(f"Checking region {r}")
        client = boto3.client('acm', region_name=r)

        response = client.list_certificates(
            CertificateStatuses=['PENDING_VALIDATION', 'ISSUED'],
        )

        for item in response['CertificateSummaryList']:

            response2 = client.describe_certificate(
                CertificateArn=item['CertificateArn']
            )

            cert = response2['Certificate']

            issued = 'N/A'
            if 'IssuedAt' in cert:
                issued = cert['IssuedAt']

            row = {
                'Common Name': cert['DomainName'],
                'Subject Alternative Name(s)': ', '.join(cert['SubjectAlternativeNames']),
                'Signed By (CA)': 'AWS',
                'Issued Date': issued,
                'Expiration Date': cert['NotAfter'],
                'Public Key Algorithm': cert['KeyAlgorithm'],
                'Signature Algorithm': cert['SignatureAlgorithm'],
                'Key Size': '',
                'Support Group': '',
                'Status': cert['Status'],
                'Description': 'AWS Region: {}. Type: {}'.format(r, cert['Type']),
            }

            writer.writerow(row)
	import boto3
	import csv


	client = boto3.client('ec2')
	regions = [region['RegionName'] for region in client.describe_regions()['Regions']]

	fieldnames = [
	'Certificate',
	'Common Name',
	'Subject Alternative Name(s)',
	'Signed By (CA)',
	'Issued Date',
	'Expiration Date',
	'Public Key Algorithm',
	'Signature Algorithm',
	'Key Size',
	'Support Group',
	'Status',
	'Description',
	]

	outfilename = 'aws-certs.csv'

	with open(outfilename, 'a', newline='') as writecsv:

	writer = csv.DictWriter(writecsv, fieldnames=fieldnames, quoting=csv.QUOTE_ALL)

	writer.writeheader()

	for r in regions:

	print(f"Checking region {r}")
	client = boto3.client('acm', region_name=r)

	response = client.list_certificates(
	CertificateStatuses=['PENDING_VALIDATION', 'ISSUED'],
	)

	for item in response['CertificateSummaryList']:

	response2 = client.describe_certificate(
	CertificateArn=item['CertificateArn']
	)

	cert = response2['Certificate']

	issued = 'N/A'
	if 'IssuedAt' in cert:
	issued = cert['IssuedAt']

	row = {
	'Common Name': cert['DomainName'],
	'Subject Alternative Name(s)': ', '.join(cert['SubjectAlternativeNames']),
	'Signed By (CA)': 'AWS',
	'Issued Date': issued,
	'Expiration Date': cert['NotAfter'],
	'Public Key Algorithm': cert['KeyAlgorithm'],
	'Signature Algorithm': cert['SignatureAlgorithm'],
	'Key Size': '',
	'Support Group': '',
	'Status': cert['Status'],
	'Description': 'AWS Region: {}. Type: {}'.format(r, cert['Type']),
	}

	writer.writerow(row)