# Create wildcard for every domain in us-east-1 and the current region.
for region in $(uniq <<< us-east-1$'\n'$(curl -s http://169.254.169.254/latest/meta-data/placement/availability-zone | sed 's/[a-z]$//'))
do
  for domain in $(aws route53 list-hosted-zones-by-name | jq -r '.HostedZones[]|.Name|rtrimstr(".")')
  do
    aws acm request-certificate --domain-name "*.$domain" --validation-method DNS --region "$region" --tags "Key=Name,Value=*.$domain" --output json | jq -r .CertificateArn
  done
done