Installing AWS IAM command line tools in Ubuntu

Posted on Friday, April 5, 2013

This guide goes over setting up the amazon AWS IAM (Identity and Access Management) command line tools.

I had to recently set these up due to a tool missing from the aws web console  (well maybe it's there but I can't seem to find it)  I recently added an SSL certificate to an ELB as a test.  The SSL certificate is somehow stored within the IAM system.   The only way I can see to remove the SSL certificate is to use the IAM command line tools.

Download the tools

The command line tools for IAM can be found at

I am installing this tool on an Ubuntu server.  The direct download is at

> wget

Unzip it

> unzip

  Make a directory for the tools

> mkdir iam-api-tools
> cp -r IAMCli-1.5.0/* iam-api-tools/

Edit the bash file

> vi .bashrc

I added the following

#IAM tools
export AWS_IAM_HOME=$HOME/iam-api-tools

Source the file to get load the new information

> source .bashrc

Try to run this command

> iam-servercertlistbypath

You will get this error you need to create the credentials file.

Getting your credentials


Go to  click on the My Account/Console menu and select "Security Credentials"


Log in with your username/password


Copy your Access Key ID  (I blocked mine out)

Click on "Show"  then copy your secret Access Key.

Open the account.cred file listed in the .bashrc under the AWS_CREDENTIAL_FILE 

> vi iam-api-tools/account.cred

Paste the following into it.


Now that it's been updated try to run this command

> iam-servercertlistbypath



OK, now to delete all the certificates I have out there.

> iam-servercertdel -s ssl-test
> iam-servercertdel -s ssl-test2
> iam-servercertdel -s ssl3-test
> iam-servercertdel -s ssl4-test

Then running this command again

> iam-servercertlistbypath

Results in

Now they have all been deleted.


1 comment: