bneutra · April 17, 2025 23:30
diff --git a/acm.py b/acm.py
 import boto3
 from datetime import datetime
 import sys

 def get_acm_certificates(region):
    """
    Query ACM certificates and report their domain name, in-use status, and certificate status.
    """
    # Initialize ACM client
    acm_client = boto3.client('acm', region_name=region)
    
    # Get list of all certificates
    response = acm_client.list_certificates(
        CertificateStatuses=['ISSUED', 'EXPIRED', 'PENDING_VALIDATION', 'VALIDATION_TIMED_OUT', 
                            'REVOKED', 'FAILED']
    )
    
    certificates = []
    
    # Process each certificate
    for cert in response['CertificateSummaryList']:
        # Get detailed information about the certificate
        certificate_arn = cert['CertificateArn']
        cert_details = acm_client.describe_certificate(
            CertificateArn=cert['CertificateArn']
        )['Certificate']
        
        # Extract domain name (subject)
        domain_name = cert_details['DomainName']
        
        # Extract certificate status
        status = cert_details['Status']
        
        # Check if certificate is in use
        in_use = "No"
        if 'InUseBy' in cert_details and cert_details['InUseBy']:
            in_use = "Yes"
        
        # Add certificate info to the list
        certificates.append({
            'DomainName': domain_name,
            'Status': status,
            'InUse': in_use,
            'ExpiryDate': cert_details.get('NotAfter', 'N/A'),
            'CertificatARN': certificate_arn
        })
    
    return certificates

 def main():
    """
    Main function to run the script and display results.
    """
    print("Retrieving ACM certificates...")
    
    regions = ["us-east-1", "us-west-2", "us-east-2", "eu-central-1", "eu-west-1"]
    # Print each certificate
    for region in regions:
        certificates = get_acm_certificates(region)
        for cert in certificates:
            expiry = "N/A"
            if cert['ExpiryDate'] != 'N/A':
                expiry = cert['ExpiryDate'].strftime('%Y-%m-%d')
            
            # print space separated values
            if cert['InUse'] == "No":
                print("{} {} {} {} {}".format(
                    cert['Status'], cert['DomainName'],  cert['InUse'], expiry, cert['CertificatARN']
                ))

    
    print("\nTotal certificates: {}".format(len(certificates)))

 if __name__ == "__main__":
    main()
	import boto3
	from datetime import datetime
	import sys

	def get_acm_certificates(region):
	"""
	Query ACM certificates and report their domain name, in-use status, and certificate status.
	"""
	# Initialize ACM client
	acm_client = boto3.client('acm', region_name=region)

	# Get list of all certificates
	response = acm_client.list_certificates(
	CertificateStatuses=['ISSUED', 'EXPIRED', 'PENDING_VALIDATION', 'VALIDATION_TIMED_OUT',
	'REVOKED', 'FAILED']
	)

	certificates = []

	# Process each certificate
	for cert in response['CertificateSummaryList']:
	# Get detailed information about the certificate
	certificate_arn = cert['CertificateArn']
	cert_details = acm_client.describe_certificate(
	CertificateArn=cert['CertificateArn']
	)['Certificate']

	# Extract domain name (subject)
	domain_name = cert_details['DomainName']

	# Extract certificate status
	status = cert_details['Status']

	# Check if certificate is in use
	in_use = "No"
	if 'InUseBy' in cert_details and cert_details['InUseBy']:
	in_use = "Yes"

	# Add certificate info to the list
	certificates.append({
	'DomainName': domain_name,
	'Status': status,
	'InUse': in_use,
	'ExpiryDate': cert_details.get('NotAfter', 'N/A'),
	'CertificatARN': certificate_arn
	})

	return certificates

	def main():
	"""
	Main function to run the script and display results.
	"""
	print("Retrieving ACM certificates...")

	regions = ["us-east-1", "us-west-2", "us-east-2", "eu-central-1", "eu-west-1"]
	# Print each certificate
	for region in regions:
	certificates = get_acm_certificates(region)
	for cert in certificates:
	expiry = "N/A"
	if cert['ExpiryDate'] != 'N/A':
	expiry = cert['ExpiryDate'].strftime('%Y-%m-%d')

	# print space separated values
	if cert['InUse'] == "No":
	print("{} {} {} {} {}".format(
	cert['Status'], cert['DomainName'], cert['InUse'], expiry, cert['CertificatARN']
	))


	print("\nTotal certificates: {}".format(len(certificates)))

	if __name__ == "__main__":
	main()