An open API service indexing awesome lists of open source software.

https://github.com/geskunkworks/cert-uploader

Upload ACM/IAM Server Certificates to AWS and assign them to ELBs
https://github.com/geskunkworks/cert-uploader

acm aws certificate iam role

Last synced: 11 months ago
JSON representation

Upload ACM/IAM Server Certificates to AWS and assign them to ELBs

Awesome Lists containing this project

README

          

# Certificate Uploader

[![Build Status](https://travis-ci.com/GESkunkworks/cert-uploader.svg?branch=master)](https://travis-ci.com/GESkunkworks/cert-uploader)
[![Coverage Status](https://coveralls.io/repos/github/GESkunkworks/cert-uploader/badge.svg?branch=master)](https://coveralls.io/github/GESkunkworks/cert-uploader?branch=feature/unit-tests)

Upload ACM/IAM Server Certificates and apply them to ELBs

## Requirements
Python 2.7 or 3.7

## Installation
```
pip install cert-uploader
```

## Usage

### Help Text

```
cert-uploader --help

cert-uploader iam --help

cert-uploader acm --help
```

### IAM

Scan for certificates in the current directory and upload to IAM:
```
cert-uploader --scan \
iam \
--certificate-name cert-name
```

Upload a new certificate to IAM:
```
cert-uploader --certificate-path path/to/certificate.crt \
--private-key-path path/to/key.pem \
--certificate-chain-path path/to/chain.crt \
iam \
--certificate-name cert-name
```

Upload a new certificate to IAM and assign it to a load balancer:
```
cert-uploader --certificate-path path/to/certificate.crt \
--private-key-path path/to/key.pem \
--certificate-chain-path path/to/chain.crt \
--load-balancer load-balancer-name \
iam \
--certificate-name cert-name
```

Upload a new IAM certificate at the path "/test" and assign it to a load balancer:
```
cert-uploader --certificate-path path/to/certificate.crt \
--private-key-path path/to/key.pem \
--certificate-chain-path path/to/chain.crt \
--load-balancer load-balancer-name \
iam \
--certificate-name cert-name \
--iam-path /test
```

Upload a new IAM certificate and assign it to a load balancer on port 8443:
```
cert-uploader --load-balancer load-balancer-name \
--port 8443 \
--certificate-path path/to/certificate.crt \
--private-key-path path/to/key.pem \
--certificate-chain-path path/to/chain.crt \
iam \
--certificate-name cert-name
```

Assign an existing IAM certificate to a load balancer:
```
cert-uploader --load-balancer load-balancer-name \
iam \
--certificate-name cert-name
```

### ACM

Scan for certificates in the current directory and upload to ACM:
```
cert-uploader --scan \
acm \
--region region-name
```

Upload a new certificate to ACM:
```
cert-uploader --certificate-path path/to/certificate.crt \
--private-key-path path/to/key.pem \
--certificate-chain-path path/to/chain.crt \
acm
```

Upload a new certificate to ACM and add tags:
```
cert-uploader --certificate-path path/to/certificate.crt \
--private-key-path path/to/key.pem \
--certificate-chain-path path/to/chain.crt \
acm \
--tag Name=cert \
--tag App=app1
```

Upload a new certificate to ACM and assign it to a load balancer:
```
cert-uploader --certificate-path path/to/certificate.crt \
--private-key-path path/to/key.pem \
--certificate-chain-path path/to/chain.crt \
--load-balancer load-balancer-name \
acm \
--tag Name=cert \
--tag App=app1
```

Upload a new ACM certificate and assign it to a load balancer on port 8443:
```
cert-uploader --load-balancer load-balancer-name \
--port 8443 \
--certificate-path path/to/certificate.crt \
--private-key-path path/to/key.pem \
--certificate-chain-path path/to/chain.crt \
acm
```

Assign an existing ACM certificate to a load balancer:
```
cert-uploader --load-balancer load-balancer-name \
acm \
--certificate-arn arn:aws:acm:REGION:ACCOUNT:certificate/CERTIFICATE_ID
```

## Credentials

### Profile

AWS credentials can be passed in using the `--profile` command line argument:

```
cert-uploader --certificate-path path/to/certificate.crt \
--private-key-path path/to/key.pem \
--certificate-chain-path path/to/chain.crt \
--profile profile-name \
acm
```

or by setting the `AWS_PROFILE` environment variable:

```
export AWS_PROFILE=profile-name
cert-uploader --certificate-path path/to/certificate.crt \
--private-key-path path/to/key.pem \
--certificate-chain-path path/to/chain.crt \
acm
```

### Access Keys

If a profile is not configured, the `AWS_ACCESS_KEY_ID`, `AWS_SECRET_ACCESS_KEY`, and `AWS_DEFAULT_REGION`
environment variables can be set and used for authentication.

### Roles

Roles can be assumed using the `--role` command line argument:

```
cert-uploader --certificate-path path/to/certificate.crt \
--private-key-path path/to/key.pem \
--certificate-chain-path path/to/chain.crt \
--role role-arn \
acm
```