madsonic · March 2, 2020 23:10
diff --git a/gistfile1.txt b/gistfile1.txt
 # rotate without restart if current connections are non SSL
 for db in "db1" "db2"; do
  aws rds modify-db-instance \
    --db-instance-identifier "$db" \
    --ca-certificate-identifier "rds-ca-2019" \
    --apply-immediately \
    --no-certificate-rotation-restart
 done

 # viewing certs
 aws rds --region $region describe-db-instances | 
  'jq .DBInstances[] | select(.CACertificateIdentifier|test("2019")) | {"name": .DBInstanceIdentifier,"engine":.Engine,"cert":.DBCertificateIdentifier}'
	# rotate without restart if current connections are non SSL
	for db in "db1" "db2"; do
	aws rds modify-db-instance \
	--db-instance-identifier "$db" \
	--ca-certificate-identifier "rds-ca-2019" \
	--apply-immediately \
	--no-certificate-rotation-restart
	done

	# viewing certs
	aws rds --region $region describe-db-instances \|
	'jq .DBInstances[] \| select(.CACertificateIdentifier\|test("2019")) \| {"name": .DBInstanceIdentifier,"engine":.Engine,"cert":.DBCertificateIdentifier}'