HumationHuman + Automation
Back to Catalog

Auto-renew AWS certificates with Slack approval workflow

Trung TranTrung Tran
252 views
2/3/2026
ShopifyData ExtractionCustomer DataE-commerceAPI
Official Page

AWS Certificate Manager (ACM) Auto-Renew with Slack notify & approval

Who’s it for

  • SRE/DevOps teams managing many ACM certs.
  • Cloud ops who want hands-off renewals with an approval step in Slack.
  • MSPs that need auditable reminders and renewals on schedule.

How it works / What it does

  1. Schedule Trigger – runs daily (or your cadence).
  2. Get many certificates – fetches ACM certs (paginate if needed).
  3. Filter: expiring in next 7 days – keeps items where:
    • NotAfter before today + 7d
    • NotBefore before today (already valid)
  4. Send message and wait for response (Slack) – posts a certificate summary and pauses until Approve/Reject.
  5. Renew a certificate – on Approve, calls the renew action for the item.

How to set up

  1. Credentials
    • AWS in n8n with permissions to list/read/renew certs.
    • Slack OAuth (bot in the target channel).
  2. Schedule Trigger
    • Set to run once per day (e.g., 09:00 local).
  3. Get many certificates
    • Region: your ACM region(s).
    • If you have several regions, loop regions or run multiple branches.
  4. Filter (IF / Filter node)
    • Add these two conditions (AND):
      • {{ $json.NotAfter.toDateTime('s') }} is before {{ $today.plus(7,'days') }}
      • {{ $json.NotBefore.toDateTime('s') }} is before {{ $today }}
  5. Slack → Send & Wait
    • Message (text input): 
      :warning: *ACM Certificate Expiry Alert* :warning:

*Domain:* {{ $json.DomainName }}
*SANs:* {{ $json.SubjectAlternativeNameSummaries }}
*ARN:* {{ $json.CertificateArn }}
*Algo:* {{ $json.KeyAlgorithm }}
*Status:* {{ $json.Status }}
*Issued:* {{ $json.IssuedAt | toDate | formatDate("YYYY-MM-DD HH:mm") }}
*Expires:* {{ $json.NotAfter | toDate | formatDate("YYYY-MM-DD HH:mm") }}

Approve to start renewal.
    • Add two buttons: Approve / Reject (the node will output which was clicked).
  6. Renew a certificate
    • Map the CertificateArn from the Slack Approved branch.

Requirements

  • n8n (current version with Slack Send & Wait).
  • AWS IAM permissions (read + renew ACM), e.g.:
    • acm:ListCertificates, acm:DescribeCertificate, acm:RenewCertificate (plus region access).
  • Slack bot with permission to post & use interactivity in the target channel.

How to customize the workflow

  • Window size: change 7 to 14 or 30 days in the filter.
  • Catch expired: add an OR path {{ $json.NotAfter.toDateTime('s') }} is before {{ $today }} → send a red Slack alert.
  • Auto-renew w/o approval: bypass Slack and renew directly for low-risk domains.
  • Multiple regions/accounts: iterate over a list of regions or assume roles per account.
  • Logging: add a Google Sheet/DB append after Slack click with user, time, result.
  • Escalation: if no Slack response after N hours, ping @oncall or open a ticket.

Notes

  • The Slack node pauses execution until a button is clicked—perfect for change control.
  • Time conversions above assume NotAfter/IssuedAt are Unix seconds ('s'). Adjust if your data differs.

AWS Certificate Renewal with Slack Approval Workflow

This n8n workflow automates the process of checking AWS certificates and sending renewal notifications to Slack for approval. It's designed to ensure that your AWS certificates are renewed in a timely manner, preventing service disruptions, while providing a human-in-the-loop approval mechanism.

What it does

This workflow simplifies certificate management by:

  1. Scheduling Checks: Periodically triggers to check the status of your AWS certificates.
  2. Listing Certificates: Retrieves a list of all certificates managed by AWS Certificate Manager (ACM).
  3. Filtering for Expiry: Filters the certificates to identify those that are nearing their expiration date.
  4. Sending Slack Notifications: For each expiring certificate, it sends a detailed notification to a designated Slack channel, requesting approval for renewal.

Prerequisites/Requirements

To use this workflow, you will need:

  • n8n Instance: A running instance of n8n.
  • AWS Account: An AWS account with permissions to list certificates in AWS Certificate Manager (ACM).
  • Slack Account: A Slack workspace and a channel where renewal notifications will be posted.
  • AWS Credentials: Configured AWS credentials in n8n with access to ACM.
  • Slack Credentials: Configured Slack credentials in n8n.

Setup/Usage

  1. Import the Workflow:
    • Download the provided JSON content.
    • In your n8n instance, go to "Workflows" and click "New".
    • Click the "Import from JSON" button and paste the workflow JSON.
  2. Configure Credentials:
    • AWS Certificate Manager Node: Update the "Credentials" field with your AWS credentials. Ensure these credentials have the necessary permissions to interact with AWS Certificate Manager (e.g., acm:ListCertificates).
    • Slack Node: Update the "Credentials" field with your Slack API token. You will also need to specify the Slack channel where the approval messages should be sent.
  3. Configure Schedule Trigger:
    • The "Schedule Trigger" node is currently set to a default schedule. Adjust the "Interval" or "CRON Expression" to your desired frequency for checking certificate expiry (e.g., once a day, once a week).
  4. Configure Filter Node:
    • The "Filter" node will need to be configured with the logic to identify certificates nearing expiry. You will likely need to add an expression that compares the certificate's NotAfter date with the current date, allowing for a buffer (e.g., 30 days before expiry).
  5. Activate the Workflow:
    • Once configured, activate the workflow by toggling the "Active" switch in the top right corner of the workflow editor.

This setup will enable the workflow to automatically monitor your AWS certificates and prompt for renewal approval via Slack, streamlining your certificate management process.

Related Templates

Auto-create TikTok videos with VEED.io AI avatars, ElevenLabs & GPT-4

💥 Viral TikTok Video Machine: Auto-Create Videos with Your AI Avatar --- 🎯 Who is this for? This workflow is for content creators, marketers, and agencies who want to use Veed.io’s AI avatar technology to produce short, engaging TikTok videos automatically. It’s ideal for creators who want to appear on camera without recording themselves, and for teams managing multiple brands who need to generate videos at scale. --- ⚙️ What problem this workflow solves Manually creating videos for TikTok can take hours — finding trends, writing scripts, recording, and editing. By combining Veed.io, ElevenLabs, and GPT-4, this workflow transforms a simple Telegram input into a ready-to-post TikTok video featuring your AI avatar powered by Veed.io — speaking naturally with your cloned voice. --- 🚀 What this workflow does This automation links Veed.io’s video-generation API with multiple AI tools: Analyzes TikTok trends via Perplexity AI Writes a 10-second viral script using GPT-4 Generates your voiceover via ElevenLabs Uses Veed.io (Fabric 1.0 via FAL.ai) to animate your avatar and sync the lips to the voice Creates an engaging caption + hashtags for TikTok virality Publishes the video automatically via Blotato TikTok API Logs all results to Google Sheets for tracking --- 🧩 Setup Telegram Bot Create your bot via @BotFather Configure it as the trigger for sending your photo and theme Connect Veed.io Create an account on Veed.io Get your FAL.ai API key (Veed Fabric 1.0 model) Use HTTPS image/audio URLs compatible with Veed Fabric Other APIs Add Perplexity, ElevenLabs, and Blotato TikTok keys Connect your Google Sheet for logging results --- 🛠️ How to customize this workflow Change your Avatar: Upload a new image through Telegram, and Veed.io will generate a new talking version automatically. Modify the Script Style: Adjust the GPT prompt for tone (educational, funny, storytelling). Adjust Voice Tone: Tweak ElevenLabs stability and similarity settings. Expand Platforms: Add Instagram, YouTube Shorts, or X (Twitter) posting nodes. Track Performance: Customize your Google Sheet to measure your most successful Veed.io-based videos. --- 🧠 Expected Outcome In just a few seconds after sending your photo and theme, this workflow — powered by Veed.io — creates a fully automated TikTok video featuring your AI avatar with natural lip-sync and voice. The result is a continuous stream of viral short videos, made without cameras, editing, or effort. --- ✅ Import the JSON file in n8n, add your API keys (including Veed.io via FAL.ai), and start generating viral TikTok videos starring your AI avatar today! 🎥 Watch This Tutorial --- 📄 Documentation: Notion Guide Need help customizing? Contact me for consulting and support : Linkedin / Youtube

Dr. FirasBy Dr. Firas
39510

Track competitor SEO keywords with Decodo + GPT-4.1-mini + Google Sheets

This workflow automates competitor keyword research using OpenAI LLM and Decodo for intelligent web scraping. Who this is for SEO specialists, content strategists, and growth marketers who want to automate keyword research and competitive intelligence. Marketing analysts managing multiple clients or websites who need consistent SEO tracking without manual data pulls. Agencies or automation engineers using Google Sheets as an SEO data dashboard for keyword monitoring and reporting. What problem this workflow solves Tracking competitor keywords manually is slow and inconsistent. Most SEO tools provide limited API access or lack contextual keyword analysis. This workflow solves that by: Automatically scraping any competitor’s webpage with Decodo. Using OpenAI GPT-4.1-mini to interpret keyword intent, density, and semantic focus. Storing structured keyword insights directly in Google Sheets for ongoing tracking and trend analysis. What this workflow does Trigger — Manually start the workflow or schedule it to run periodically. Input Setup — Define the website URL and target country (e.g., https://dev.to, france). Data Scraping (Decodo) — Fetch competitor web content and metadata. Keyword Analysis (OpenAI GPT-4.1-mini) Extract primary and secondary keywords. Identify focus topics and semantic entities. Generate a keyword density summary and SEO strength score. Recommend optimization and internal linking opportunities. Data Structuring — Clean and convert GPT output into JSON format. Data Storage (Google Sheets) — Append structured keyword data to a Google Sheet for long-term tracking. Setup Prerequisites If you are new to Decode, please signup on this link visit.decodo.com n8n account with workflow editor access Decodo API credentials OpenAI API key Google Sheets account connected via OAuth2 Make sure to install the Decodo Community node. Create a Google Sheet Add columns for: primarykeywords, seostrengthscore, keyworddensity_summary, etc. Share with your n8n Google account. Connect Credentials Add credentials for: Decodo API credentials - You need to register, login and obtain the Basic Authentication Token via Decodo Dashboard OpenAI API (for GPT-4o-mini) Google Sheets OAuth2 Configure Input Fields Edit the “Set Input Fields” node to set your target site and region. Run the Workflow Click Execute Workflow in n8n. View structured results in your connected Google Sheet. How to customize this workflow Track Multiple Competitors → Use a Google Sheet or CSV list of URLs; loop through them using the Split In Batches node. Add Language Detection → Add a Gemini or GPT node before keyword analysis to detect content language and adjust prompts. Enhance the SEO Report → Expand the GPT prompt to include backlink insights, metadata optimization, or readability checks. Integrate Visualization → Connect your Google Sheet to Looker Studio for SEO performance dashboards. Schedule Auto-Runs → Use the Cron Node to run weekly or monthly for competitor keyword refreshes. Summary This workflow automates competitor keyword research using: Decodo for intelligent web scraping OpenAI GPT-4.1-mini for keyword and SEO analysis Google Sheets for live tracking and reporting It’s a complete AI-powered SEO intelligence pipeline ideal for teams that want actionable insights on keyword gaps, optimization opportunities, and content focus trends, without relying on expensive SEO SaaS tools.

Ranjan DailataBy Ranjan Dailata
161

Automate invoice processing with OCR, GPT-4 & Salesforce opportunity creation

PDF Invoice Extractor (AI) End-to-end pipeline: Watch Drive ➜ Download PDF ➜ OCR text ➜ AI normalize to JSON ➜ Upsert Buyer (Account) ➜ Create Opportunity ➜ Map Products ➜ Create OLI via Composite API ➜ Archive to OneDrive. --- Node by node (what it does & key setup) 1) Google Drive Trigger Purpose: Fire when a new file appears in a specific Google Drive folder. Key settings: Event: fileCreated Folder ID: google drive folder id Polling: everyMinute Creds: googleDriveOAuth2Api Output: Metadata { id, name, ... } for the new file. --- 2) Download File From Google Purpose: Get the file binary for processing and archiving. Key settings: Operation: download File ID: ={{ $json.id }} Creds: googleDriveOAuth2Api Output: Binary (default key: data) and original metadata. --- 3) Extract from File Purpose: Extract text from PDF (OCR as needed) for AI parsing. Key settings: Operation: pdf OCR: enable for scanned PDFs (in options) Output: JSON with OCR text at {{ $json.text }}. --- 4) Message a model (AI JSON Extractor) Purpose: Convert OCR text into strict normalized JSON array (invoice schema). Key settings: Node: @n8n/n8n-nodes-langchain.openAi Model: gpt-4.1 (or gpt-4.1-mini) Message role: system (the strict prompt; references {{ $json.text }}) jsonOutput: true Creds: openAiApi Output (per item): $.message.content → the parsed JSON (ensure it’s an array). --- 5) Create or update an account (Salesforce) Purpose: Upsert Buyer as Account using an external ID. Key settings: Resource: account Operation: upsert External Id Field: taxid_c External Id Value: ={{ $json.message.content.buyer.tax_id }} Name: ={{ $json.message.content.buyer.name }} Creds: salesforceOAuth2Api Output: Account record (captures Id) for downstream Opportunity. --- 6) Create an opportunity (Salesforce) Purpose: Create Opportunity linked to the Buyer (Account). Key settings: Resource: opportunity Name: ={{ $('Message a model').item.json.message.content.invoice.code }} Close Date: ={{ $('Message a model').item.json.message.content.invoice.issue_date }} Stage: Closed Won Amount: ={{ $('Message a model').item.json.message.content.summary.grand_total }} AccountId: ={{ $json.id }} (from Upsert Account output) Creds: salesforceOAuth2Api Output: Opportunity Id for OLI creation. --- 7) Build SOQL (Code / JS) Purpose: Collect unique product codes from AI JSON and build a SOQL query for PricebookEntry by Pricebook2Id. Key settings: pricebook2Id (hardcoded in script): e.g., 01sxxxxxxxxxxxxxxx Source lines: $('Message a model').first().json.message.content.products Output: { soql, codes } --- 8) Query PricebookEntries (Salesforce) Purpose: Fetch PricebookEntry.Id for each Product2.ProductCode. Key settings: Resource: search Query: ={{ $json.soql }} Creds: salesforceOAuth2Api Output: Items with Id, Product2.ProductCode (used for mapping). --- 9) Code in JavaScript (Build OLI payloads) Purpose: Join lines with PBE results and Opportunity Id ➜ build OpportunityLineItem payloads. Inputs: OpportunityId: ={{ $('Create an opportunity').first().json.id }} Lines: ={{ $('Message a model').first().json.message.content.products }} PBE rows: from previous node items Output: { body: { allOrNone:false, records:[{ OpportunityLineItem... }] } } Notes: Converts discount_total ➜ per-unit if needed (currently commented for standard pricing). Throws on missing PBE mapping or empty lines. --- 10) Create Opportunity Line Items (HTTP Request) Purpose: Bulk create OLIs via Salesforce Composite API. Key settings: Method: POST URL: https://<your-instance>.my.salesforce.com/services/data/v65.0/composite/sobjects Auth: salesforceOAuth2Api (predefined credential) Body (JSON): ={{ $json.body }} Output: Composite API results (per-record statuses). --- 11) Update File to One Drive Purpose: Archive the original PDF in OneDrive. Key settings: Operation: upload File Name: ={{ $json.name }} Parent Folder ID: onedrive folder id Binary Data: true (from the Download node) Creds: microsoftOneDriveOAuth2Api Output: Uploaded file metadata. --- Data flow (wiring) Google Drive Trigger → Download File From Google Download File From Google → Extract from File → Update File to One Drive Extract from File → Message a model Message a model → Create or update an account Create or update an account → Create an opportunity Create an opportunity → Build SOQL Build SOQL → Query PricebookEntries Query PricebookEntries → Code in JavaScript Code in JavaScript → Create Opportunity Line Items --- Quick setup checklist 🔐 Credentials: Connect Google Drive, OneDrive, Salesforce, OpenAI. 📂 IDs: Drive Folder ID (watch) OneDrive Parent Folder ID (archive) Salesforce Pricebook2Id (in the JS SOQL builder) 🧠 AI Prompt: Use the strict system prompt; jsonOutput = true. 🧾 Field mappings: Buyer tax id/name → Account upsert fields Invoice code/date/amount → Opportunity fields Product name must equal your Product2.ProductCode in SF. ✅ Test: Drop a sample PDF → verify: AI returns array JSON only Account/Opportunity created OLI records created PDF archived to OneDrive --- Notes & best practices If PDFs are scans, enable OCR in Extract from File. If AI returns non-JSON, keep “Return only a JSON array” as the last line of the prompt and keep jsonOutput enabled. Consider adding validation on parsing.warnings to gate Salesforce writes. For discounts/taxes in OLI: Standard OLI fields don’t support per-line discount amounts directly; model them in UnitPrice or custom fields. Replace the Composite API URL with your org’s domain or use the Salesforce node’s Bulk Upsert for simplicity.

Le NguyenBy Le Nguyen
942