Installing AWS IAM command line tools in Ubuntu

Posted on Friday, April 5, 2013


This guide goes over setting up the amazon AWS IAM (Identity and Access Management) command line tools.

I had to recently set these up due to a tool missing from the aws web console  (well maybe it's there but I can't seem to find it)  I recently added an SSL certificate to an ELB as a test.  The SSL certificate is somehow stored within the IAM system.   The only way I can see to remove the SSL certificate is to use the IAM command line tools.




Download the tools


The command line tools for IAM can be found at http://aws.amazon.com/developertools/AWS-Identity-and-Access-Management/

I am installing this tool on an Ubuntu server.  The direct download is at http://awsiammedia.s3.amazonaws.com/public/tools/cli/latest/IAMCli.zip


> wget http://awsiammedia.s3.amazonaws.com/public/tools/cli/latest/IAMCli.zip



Unzip it


> unzip IAMCli.zip

  Make a directory for the tools


> mkdir iam-api-tools
> cp -r IAMCli-1.5.0/* iam-api-tools/


Edit the bash file


> vi .bashrc

I added the following



#IAM tools
export AWS_IAM_HOME=$HOME/iam-api-tools
export AWS_CREDENTIAL_FILE=$AWS_IAM_HOME/account.cred
export PATH=$PATH:$AWS_IAM_HOME/bin

Source the file to get load the new information


> source .bashrc



Try to run this command


> iam-servercertlistbypath





You will get this error you need to create the credentials file.

Getting your credentials




 


Go to http://aws.amazon.com/  click on the My Account/Console menu and select "Security Credentials"



 

Log in with your username/password





 

Copy your Access Key ID  (I blocked mine out)







Click on "Show"  then copy your secret Access Key.

Open the account.cred file listed in the .bashrc under the AWS_CREDENTIAL_FILE 


> vi iam-api-tools/account.cred


Paste the following into it.



AWSAccessKeyId=YOURACCESSKEY
AWSSecretKey=YOURSECRETKEY


Now that it's been updated try to run this command


> iam-servercertlistbypath


 


Success!!
OK, now to delete all the certificates I have out there.


> iam-servercertdel -s ssl-test
> iam-servercertdel -s ssl-test2
> iam-servercertdel -s ssl3-test
> iam-servercertdel -s ssl4-test

Then running this command again


> iam-servercertlistbypath


Results in



Now they have all been deleted.


References


Category:

1 comment: