Amazon EC2 reference

Each account in the amazon has a limitation to hold 10 SSL certs and if you exceed this value, you wont be able to upload/attach any more SSL certificates to the load balancers (ELB’S). It will throw an quota exceed error.

You cannot delete amazon SSL certificates through GUI. Amazon API tools is required for this task.

Download the IAMCli utilities from amazon and untar it in /root

export AWS_IAM_HOME=/root/IAMCli-1.2.0/

List the available SSL certificates in the account

# /root/IAMCli-1.2.0/bin/iam-servercertlistbypath  –aws-credential-file  /root/my-account-creds.txt

Delete the unwanted certificate using the following command

/root/IAMCli-1.2.0/bin/iam-servercertdel –aws-credential-file my-account-creds.txt  -s dsp-olokiran-com-cert


# cat /root/my-account-creds.txt

Using the same tools you can even attach SSL certificates to the ELB’s.


Download amazon Elastic load balancer API tools

export the home:-

export AWS_ELB_HOME=/root/ElasticLoadBalancing-

Add your credentials in /root/my-account-creds.txt

# cat /root/my-account-creds.txt

Suppose is the name of loadbalancer you have created.  In this way you can share a set of EC2 instances across different load balancers.

# /root/ElasticLoadBalancing- kiranchand-com –instances i-e4515989,i-fedad293,i-4974fc27,i-70c6ed10  –aws-credential-file /root/my-account-creds.txt
INSTANCE_ID  i-e4515989
INSTANCE_ID  i-fedad293
INSTANCE_ID  i-4974fc27
INSTANCE_ID  i-70c6ed10

Login to the server which has to backed up.

Create the bundle of the Operating system. You should avoid big disks like EBS while creating the bundle

ec2-bundle-vol –cert /root/key/cert-XXXXXX.pem –privatekey /root/key/pk-XXXXXX.pem -d /mnt -e /ebs –user 4091-5433-5954 -r x86_64 –debug

-e = exclude

-d=destination where file has to be created.

Upload the bundlie:-

ec2-upload-bundle -b Server-backup-$MONTH –manifest /mnt/image.manifest.xml  –access-key XXXXXXX –secret-key bKxxxxxxxxxxxxxx

Register the bundle:-

ec2-register “Server-backup-$MONTH/image.manifest.xml” -C /root/key/cert-XXXXXXXX.pem -K  pk-xxxxxxxxx.pem      Server

Thats it !!… You can find the AMI in amazon aws console. If you want to create a new instance out of it, right click AMI -> create new instance and follow the instructions.