in usecase-9/code/create-certs.py [0:0]
def main():
try:
#boto3 Setups
client = boto3.client('acm-pca')
acmClient = boto3.client('acm')
#Variables
domainNames = ['hr.testdomain.com', 'dev.testdomain.com', 'prod.testdomain.com', 'finance.testdomain.com', 'intra.testdomain.com']
numCerts = len(domainNames)
#Get Subordinate CA information
response = client.list_certificate_authorities(
MaxResults=20
)
SubArn = None
max = len(response['CertificateAuthorities'])
for x in range(0, max):
if response['CertificateAuthorities'][x]['Status'] == 'ACTIVE' and response['CertificateAuthorities'][x]['Type'] == 'SUBORDINATE':
SubArn = str(response['CertificateAuthorities'][x]['Arn'])
if SubArn is None:
print ("Error: Could not find subordinate certificate")
else:
#Get Subordinate CA CSR
csr = client.get_certificate_authority_csr(
CertificateAuthorityArn=SubArn
)
#Generate private end entity certificates
for x in range(0, numCerts):
response = acmClient.request_certificate(
DomainName=domainNames[x],
IdempotencyToken= str(x),
Options={
'CertificateTransparencyLoggingPreference': 'ENABLED'
},
CertificateAuthorityArn=SubArn
)
tagResponse = acmClient.add_tags_to_certificate(
CertificateArn=response['CertificateArn'],
Tags=[
{
'Key': 'project',
'Value': 'applicationV1'
},
]
)
print(response['CertificateArn'])
print('Certificates created. Navigate to ACM Console.')
except:
print("Unexpected error:", sys.exc_info()[0])
raise