Menu
AWS SDK for Go
Developer Guide

Working with IAM Server Certificates

This Go example shows you how to carry out basic tasks for managing server certificate HTTPS connections with the AWS SDK for Go.

You can download complete versions of these example files from the aws-doc-sdk-examples repository on GitHub.

Scenario

To enable HTTPS connections to your website or application on AWS, you need an SSL/TLS server certificate. To use a certificate that you obtained from an external provider with your website or application on AWS, you must upload the certificate to IAM or import it into AWS Certificate Manager.

In this example, you use a series of Go routines to manage policies in IAM. The routines use the AWS SDK for GoIAM client methods that follow:

Prerequisites

List Your Server Certificates

This code lists your certificates.

Create a new Go file named iam_listservercerts.go. You must import the relevant Go and AWS SDK for Go packages by adding the following lines.

Copy
func main() { sess, err := session.NewSession(&aws.Config{ Region: aws.String("us-west-2")}, ) // Create a IAM service client. svc := iam.New(sess)

Call ListServerCertificates and print the details.

Copy
result, err := svc.ListServerCertificates(nil) if err != nil { fmt.Println("Error", err) return } for i, metadata := range result.ServerCertificateMetadataList { if metadata == nil { continue } fmt.Printf("Metadata %d: %v\n", i, metadata) } }

Get a Server Certificate

In this example, you retrieve an existing server certificate.

Create a new Go file named iam_getservercert.go. You must import the relevant Go and AWS SDK for Go packages by adding the following lines.

Copy
package main import ( "fmt" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/iam" )

Set up a new IAM client.

Copy
func main() { sess, err := session.NewSession(&aws.Config{ Region: aws.String("us-west-2")}, ) // Create a IAM service client. svc := iam.New(sess)

Call GetServerCertificate, passing the name of the certificate, and print the results.

Copy
result, err := svc.GetServerCertificate(&iam.GetServerCertificateInput{ ServerCertificateName: aws.String("CERTIFICATE_NAME"), }) if err != nil { fmt.Println("Error", err) return } fmt.Println("ServerCertificate:", result) }

Update a Server Certificate

In this example, you update an existing server certificate.

Create a new Go file named iam_updateservercert.go. You call the UpdateServerCertificate method of the IAM service object to change the name of the certificate.

You must import the relevant Go and AWS SDK for Go packages by adding the following lines.

Copy
package main import ( "fmt" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/iam" )

Set up a new IAM client.

Copy
func main() { sess, err := session.NewSession(&aws.Config{ Region: aws.String("us-west-2")}, ) // Create a IAM service client. svc := iam.New(sess)

Update the certificate name.

Copy
_, err := svc.UpdateServerCertificate(&iam.UpdateServerCertificateInput{ ServerCertificateName: aws.String("CERTIFICATE_NAME"), NewServerCertificateName: aws.String("NEW_CERTIFICATE_NAME"), }) if err != nil { fmt.Println("Error", err) return } fmt.Println("Server certificate updated") }

Delete a Server Certificate

In this example, you delete an existing server certificate.

Create a new Go file named iam_deleteservercert.go. You call the DeleteServerCertificate method of the IAM service object to change the name of the certificate.

You must import the relevant Go and AWS SDK for Go packages by adding the following lines.

Copy
package main import ( "fmt" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/iam" )

Set up a new IAM client.

Copy
func main() { sess, err := session.NewSession(&aws.Config{ Region: aws.String("us-west-2")}, ) // Create a IAM service client. svc := iam.New(sess)

Call the method to delete the certificate, specifying the name of certificate.

Copy
_, err := svc.DeleteServerCertificate(&iam.DeleteServerCertificateInput{ ServerCertificateName: aws.String("CERTIFICATE_NAME"), }) if err != nil { fmt.Println("Error", err) return } fmt.Println("Server certificate deleted") }