Feature Request: Ability to Rotate Certificates by Source

[mitchcail]

Hello Lemur community,
I would like to propose an enhancement to rotate Certificates based on Source.

Enhancement Description:

I'm proposing a new function or enhancement to the certificate rotation mechanism in Lemur. This function would specifically target and rotate only those certificates associated with a designated source.

Current Behavior:

At present, Lemur supports the --region flag, which limits the certificate rotation to those load balancers associated with a specified region. This design works excellently for AWS infrastructures, as their LBs are typically mapped to DNS names.

Issue with Current Behavior:

However, the scenario changes with other Cloud Providers like GCP. For this use case, load balancers are often linked to static IPs instead of DNS names. Consequently, the existing --region flag is not as effective, leaving a gap in the functionality for non-AWS deployments.

Proposed Solution:

I would like to suggest introducing a new function or an enhancement to the existing one, allowing users to specify the source of the certificates they wish to rotate. This would help in effectively targeting certificates for rotation in cloud environments, where endpoints are associated with static IPs rather than DNS names.