# AWS Identity and Access Management examples using the AWS SDK for PHP Version 3 AWS Identity and Access Management (IAM) is a web service that enables Amazon Web Services customers to manage users and user permissions in AWS. The service is targeted at organizations with multiple users or systems in the cloud that use AWS products. With IAM, you can centrally manage users, security credentials such as access keys, and permissions that control which AWS resources users can access. All the example code for the AWS SDK for PHP is available [here on GitHub](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/php/example_code). ## Credentials Before running the example code, configure your AWS credentials, as described in [Authenticating with AWS using AWS SDK for PHP Version 3](credentials.md). Then import the AWS SDK for PHP, as described in [Installing the AWS SDK for PHP Version 3](getting-started_installation.md). **Topics** + [Credentials](#examplecredentials) + [Managing IAM access keys](iam-examples-managing-access-keys.md) + [Managing IAM users](iam-examples-managing-users.md) + [Using IAM account aliases](iam-examples-using-account-aliases.md) + [Working with IAM policies](iam-examples-working-with-policies.md) + [Working with IAM server certificates](iam-examples-working-with-certs.md) # Managing IAM access keys with AWS SDK for PHP Version 3 Users need their own access keys to make programmatic calls to AWS. To fill this need, you can create, modify, view, or rotate access keys (access key IDs and secret access keys) for IAM users. By default, when you create an access key, its status is Active. This means the user can use the access key for API calls. The following examples show how to: + Create a secret access key and corresponding access key ID using [CreateAccessKey](https://docs.aws.amazon.com/aws-sdk-php/v3/api/api-iam-2010-05-08.html#createaccesskey). + Return information about the access key IDs associated with an IAM user using [ListAccessKeys](https://docs.aws.amazon.com/aws-sdk-php/v3/api/api-iam-2010-05-08.html#listaccesskeys). + Retrieve information about when an access key was last used using [GetAccessKeyLastUsed](https://docs.aws.amazon.com/aws-sdk-php/v3/api/api-iam-2010-05-08.html#getaccesskeylastused). + Change the status of an access key from Active to Inactive, or vice versa, using [UpdateAccessKey](https://docs.aws.amazon.com/aws-sdk-php/v3/api/api-iam-2010-05-08.html#updateaccesskey). + Delete an access key pair associated with an IAM user using [DeleteAccessKey](https://docs.aws.amazon.com/aws-sdk-php/v3/api/api-iam-2010-05-08.html#deleteaccesskey). All the example code for the AWS SDK for PHP is available [here on GitHub](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/php/example_code). ## Credentials Before running the example code, configure your AWS credentials, as described in [Authenticating with AWS using AWS SDK for PHP Version 3](credentials.md). Then import the AWS SDK for PHP, as described in [Installing the AWS SDK for PHP Version 3](getting-started_installation.md). ## Create an access key **Imports** ``` require 'vendor/autoload.php'; use Aws\Exception\AwsException; use Aws\Iam\IamClient; ``` **Sample Code** ``` $client = new IamClient([ 'profile' => 'default', 'region' => 'us-west-2', 'version' => '2010-05-08' ]); try { $result = $client->createAccessKey([ 'UserName' => 'IAM_USER_NAME', ]); $keyID = $result['AccessKey']['AccessKeyId']; $createDate = $result['AccessKey']['CreateDate']; $userName = $result['AccessKey']['UserName']; $status = $result['AccessKey']['Status']; // $secretKey = $result['AccessKey']['SecretAccessKey'] echo "

AccessKey " . $keyID . " created on " . $createDate . "

"; echo "

Username: " . $userName . "

"; echo "

Status: " . $status . "

"; } catch (AwsException $e) { // output error message if fails error_log($e->getMessage()); } ``` ## List access keys **Imports** ``` require 'vendor/autoload.php'; use Aws\Exception\AwsException; use Aws\Iam\IamClient; ``` **Sample Code** ``` $client = new IamClient([ 'profile' => 'default', 'region' => 'us-west-2', 'version' => '2010-05-08' ]); try { $result = $client->listAccessKeys(); var_dump($result); } catch (AwsException $e) { // output error message if fails error_log($e->getMessage()); } ``` ## Get information about an access key’s last use **Imports** ``` require 'vendor/autoload.php'; use Aws\Exception\AwsException; use Aws\Iam\IamClient; ``` **Sample Code** ``` $client = new IamClient([ 'profile' => 'default', 'region' => 'us-west-2', 'version' => '2010-05-08' ]); try { $result = $client->getAccessKeyLastUsed([ 'AccessKeyId' => 'ACCESS_KEY_ID', // REQUIRED ]); var_dump($result); } catch (AwsException $e) { // output error message if fails error_log($e->getMessage()); } ``` ## Update an access key **Imports** ``` require 'vendor/autoload.php'; use Aws\Exception\AwsException; use Aws\Iam\IamClient; ``` **Sample Code** ``` $client = new IamClient([ 'profile' => 'default', 'region' => 'us-west-2', 'version' => '2010-05-08' ]); try { $result = $client->updateAccessKey([ 'AccessKeyId' => 'ACCESS_KEY_ID', // REQUIRED 'Status' => 'Inactive', // REQUIRED 'UserName' => 'IAM_USER_NAME', ]); var_dump($result); } catch (AwsException $e) { // output error message if fails error_log($e->getMessage()); } ``` ## Delete an access key **Imports** ``` require 'vendor/autoload.php'; use Aws\Exception\AwsException; use Aws\Iam\IamClient; ``` **Sample Code** ``` $client = new IamClient([ 'profile' => 'default', 'region' => 'us-west-2', 'version' => '2010-05-08' ]); try { $result = $client->deleteAccessKey([ 'AccessKeyId' => 'ACCESS_KEY_ID', // REQUIRED 'UserName' => 'IAM_USER_NAME', ]); var_dump($result); } catch (AwsException $e) { // output error message if fails error_log($e->getMessage()); } ``` # Managing IAM users with AWS SDK for PHP Version 3 An IAM user is an entity that you create in AWS to represent the person or service that uses it to interact with AWS. A user in AWS consists of a name and credentials. The following examples show how to: + Create a new IAM user using [CreateUser](https://docs.aws.amazon.com/aws-sdk-php/v3/api/api-iam-2010-05-08.html#createuser). + List IAM users using [ListUsers](https://docs.aws.amazon.com/aws-sdk-php/v3/api/api-iam-2010-05-08.html#listusers). + Update an IAM user using [UpdateUser](https://docs.aws.amazon.com/aws-sdk-php/v3/api/api-iam-2010-05-08.html#updateuser). + Retrieve information about an IAM user using [GetUser](https://docs.aws.amazon.com/aws-sdk-php/v3/api/api-iam-2010-05-08.html#getuser). + Delete an IAM user using [DeleteUser](https://docs.aws.amazon.com/aws-sdk-php/v3/api/api-iam-2010-05-08.html#deleteuser). All the example code for the AWS SDK for PHP is available [here on GitHub](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/php/example_code). ## Credentials Before running the example code, configure your AWS credentials, as described in [Authenticating with AWS using AWS SDK for PHP Version 3](credentials.md). Then import the AWS SDK for PHP, as described in [Installing the AWS SDK for PHP Version 3](getting-started_installation.md). ## Create an IAM user **Imports** ``` require 'vendor/autoload.php'; use Aws\Exception\AwsException; use Aws\Iam\IamClient; ``` **Sample Code** ``` $client = new IamClient([ 'profile' => 'default', 'region' => 'us-west-2', 'version' => '2010-05-08' ]); try { $result = $client->createUser(array( // UserName is required 'UserName' => 'string', )); var_dump($result); } catch (AwsException $e) { // output error message if fails error_log($e->getMessage()); } ``` ## List IAM users **Imports** ``` require 'vendor/autoload.php'; use Aws\Exception\AwsException; use Aws\Iam\IamClient; ``` **Sample Code** ``` $client = new IamClient([ 'profile' => 'default', 'region' => 'us-west-2', 'version' => '2010-05-08' ]); try { $result = $client->listUsers(); var_dump($result); } catch (AwsException $e) { // output error message if fails error_log($e->getMessage()); } ``` ## Update an IAM user **Imports** ``` require 'vendor/autoload.php'; use Aws\Exception\AwsException; use Aws\Iam\IamClient; ``` **Sample Code** ``` $client = new IamClient([ 'profile' => 'default', 'region' => 'us-west-2', 'version' => '2010-05-08' ]); try { $result = $client->updateUser([ // UserName is required 'UserName' => 'string1', 'NewUserName' => 'string' ]); var_dump($result); } catch (AwsException $e) { // output error message if fails error_log($e->getMessage()); } ``` ## Get information about an IAM user **Imports** ``` require 'vendor/autoload.php'; use Aws\Exception\AwsException; use Aws\Iam\IamClient; ``` **Sample Code** ``` $client = new IamClient([ 'profile' => 'default', 'region' => 'us-west-2', 'version' => '2010-05-08' ]); try { $result = $client->getUser([ 'UserName' => 'string', ]); var_dump($result); } catch (AwsException $e) { // output error message if fails error_log($e->getMessage()); } ``` ## Delete an IAM user **Imports** ``` require 'vendor/autoload.php'; use Aws\Exception\AwsException; use Aws\Iam\IamClient; ``` **Sample Code** ``` $client = new IamClient([ 'profile' => 'default', 'region' => 'us-west-2', 'version' => '2010-05-08' ]); try { $result = $client->deleteUser([ // UserName is required 'UserName' => 'string' ]); var_dump($result); } catch (AwsException $e) { // output error message if fails error_log($e->getMessage()); } ``` # Using IAM account aliases with AWS SDK for PHP Version 3 If you want the URL for your sign-in page to contain your company name or other friendly identifier instead of your AWS account ID, you can create an alias for your AWS account ID. If you create an AWS account alias, your sign-in page URL changes to incorporate the alias. The following examples show how to: + Create an alias using [CreateAccountAlias](https://docs.aws.amazon.com/aws-sdk-php/v3/api/api-iam-2010-05-08.html#createaccountalias). + List the alias associated with the AWS account using [ListAccountAliases](https://docs.aws.amazon.com/aws-sdk-php/v3/api/api-iam-2010-05-08.html#listaccountaliases). + Delete an alias using [DeleteAccountAlias](https://docs.aws.amazon.com/aws-sdk-php/v3/api/api-iam-2010-05-08.html#deleteaccountalias). All the example code for the AWS SDK for PHP is available [here on GitHub](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/php/example_code). ## Credentials Before running the example code, configure your AWS credentials, as described in [Authenticating with AWS using AWS SDK for PHP Version 3](credentials.md). Then import the AWS SDK for PHP, as described in [Installing the AWS SDK for PHP Version 3](getting-started_installation.md). ## Create an alias **Imports** ``` require 'vendor/autoload.php'; use Aws\Exception\AwsException; use Aws\Iam\IamClient; ``` **Sample Code** ``` $client = new IamClient([ 'profile' => 'default', 'region' => 'us-west-2', 'version' => '2010-05-08' ]); try { $result = $client->createAccountAlias(array( // AccountAlias is required 'AccountAlias' => 'string', )); var_dump($result); } catch (AwsException $e) { // output error message if fails error_log($e->getMessage()); } ``` ## List account aliases **Imports** ``` require 'vendor/autoload.php'; use Aws\Exception\AwsException; use Aws\Iam\IamClient; ``` **Sample Code** ``` $client = new IamClient([ 'profile' => 'default', 'region' => 'us-west-2', 'version' => '2010-05-08' ]); try { $result = $client->listAccountAliases(); var_dump($result); } catch (AwsException $e) { // output error message if fails error_log($e->getMessage()); } ``` ## Delete an alias **Imports** ``` require 'vendor/autoload.php'; use Aws\Exception\AwsException; use Aws\Iam\IamClient; ``` **Sample Code** ``` $client = new IamClient([ 'profile' => 'default', 'region' => 'us-west-2', 'version' => '2010-05-08' ]); try { $result = $client->deleteAccountAlias([ // AccountAlias is required 'AccountAlias' => 'string', ]); var_dump($result); } catch (AwsException $e) { // output error message if fails error_log($e->getMessage()); } ``` # Working with IAM policies with AWS SDK for PHP Version 3 You grant permissions to a user by creating a policy. A policy is a document that lists the actions that a user can perform and the resources those actions can affect. By default, any actions or resources that are not explicitly allowed are denied. Policies can be created and attached to users, groups of users, roles assumed by users, and resources. The following examples show how to: + Create a managed policy using [CreatePolicy](https://docs.aws.amazon.com/aws-sdk-php/v3/api/api-iam-2010-05-08.html#createpolicy). + Attach a policy to a role using [AttachRolePolicy](https://docs.aws.amazon.com/aws-sdk-php/v3/api/api-iam-2010-05-08.html#attachrolepolicy). + Attach a policy to a user using [AttachUserPolicy](https://docs.aws.amazon.com/aws-sdk-php/v3/api/api-iam-2010-05-08.html#attachuserpolicy). + Attach a policy to a group using [AttachGroupPolicy](https://docs.aws.amazon.com/aws-sdk-php/v3/api/api-iam-2010-05-08.html#attachgrouppolicy). + Remove a role policy using [DetachRolePolicy](https://docs.aws.amazon.com/aws-sdk-php/v3/api/api-iam-2010-05-08.html#detachrolepolicy). + Remove a user policy using [DetachUserPolicy](https://docs.aws.amazon.com/aws-sdk-php/v3/api/api-iam-2010-05-08.html#detachuserpolicy). + Remove a group policy using [DetachGroupPolicy](https://docs.aws.amazon.com/aws-sdk-php/v3/api/api-iam-2010-05-08.html#detachgrouppolicy). + Delete a managed policy using [DeletePolicy](https://docs.aws.amazon.com/aws-sdk-php/v3/api/api-iam-2010-05-08.html#deletepolicy). + Delete a role policy using [DeleteRolePolicy](https://docs.aws.amazon.com/aws-sdk-php/v3/api/api-iam-2010-05-08.html#deleterolepolicy). + Delete a user policy using [DeleteUserPolicy](https://docs.aws.amazon.com/aws-sdk-php/v3/api/api-iam-2010-05-08.html#deleteuserpolicy). + Delete a group policy using [DeleteGroupPolicy](https://docs.aws.amazon.com/aws-sdk-php/v3/api/api-iam-2010-05-08.html#deletegrouppolicy). All the example code for the AWS SDK for PHP is available [here on GitHub](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/php/example_code). ## Credentials Before running the example code, configure your AWS credentials, as described in [Authenticating with AWS using AWS SDK for PHP Version 3](credentials.md). Then import the AWS SDK for PHP, as described in [Installing the AWS SDK for PHP Version 3](getting-started_installation.md). ## Create a policy **Imports** ``` require 'vendor/autoload.php'; use Aws\Exception\AwsException; use Aws\Iam\IamClient; ``` **Sample Code** ``` $client = new IamClient([ 'profile' => 'default', 'region' => 'us-west-2', 'version' => '2010-05-08' ]); $myManagedPolicy = '{ "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "logs:CreateLogGroup", "Resource": "RESOURCE_ARN" }, { "Effect": "Allow", "Action": [ "dynamodb:DeleteItem", "dynamodb:GetItem", "dynamodb:PutItem", "dynamodb:Scan", "dynamodb:UpdateItem" ], "Resource": "RESOURCE_ARN" } ] }'; try { $result = $client->createPolicy(array( // PolicyName is required 'PolicyName' => 'myDynamoDBPolicy', // PolicyDocument is required 'PolicyDocument' => $myManagedPolicy )); var_dump($result); } catch (AwsException $e) { // output error message if fails error_log($e->getMessage()); } ``` ## Attach a policy to a role **Imports** ``` require 'vendor/autoload.php'; use Aws\Exception\AwsException; use Aws\Iam\IamClient; ``` **Sample Code** ``` $client = new IamClient([ 'profile' => 'default', 'region' => 'us-west-2', 'version' => '2010-05-08' ]); $roleName = 'ROLE_NAME'; $policyName = 'AmazonDynamoDBFullAccess'; $policyArn = 'arn:aws:iam::aws:policy/AmazonDynamoDBFullAccess'; try { $attachedRolePolicies = $client->getIterator('ListAttachedRolePolicies', ([ 'RoleName' => $roleName, ])); if (count($attachedRolePolicies) > 0) { foreach ($attachedRolePolicies as $attachedRolePolicy) { if ($attachedRolePolicy['PolicyName'] == $policyName) { echo $policyName . " is already attached to this role. \n"; exit(); } } } $result = $client->attachRolePolicy(array( // RoleName is required 'RoleName' => $roleName, // PolicyArn is required 'PolicyArn' => $policyArn )); var_dump($result); } catch (AwsException $e) { // output error message if fails error_log($e->getMessage()); } ``` ## Attach a policy to a user **Imports** ``` require 'vendor/autoload.php'; use Aws\Exception\AwsException; use Aws\Iam\IamClient; ``` **Sample Code** ``` $client = new IamClient([ 'profile' => 'default', 'region' => 'us-west-2', 'version' => '2010-05-08' ]); $userName = 'USER_NAME'; $policyName = 'AmazonDynamoDBFullAccess'; $policyArn = 'arn:aws:iam::aws:policy/AmazonDynamoDBFullAccess'; try { $attachedUserPolicies = $client->getIterator('ListAttachedUserPolicies', ([ 'UserName' => $userName, ])); if (count($attachedUserPolicies) > 0) { foreach ($attachedUserPolicies as $attachedUserPolicy) { if ($attachedUserPolicy['PolicyName'] == $policyName) { echo $policyName . " is already attached to this role. \n"; exit(); } } } $result = $client->attachUserPolicy(array( // UserName is required 'UserName' => $userName, // PolicyArn is required 'PolicyArn' => $policyArn, )); var_dump($result); } catch (AwsException $e) { // output error message if fails error_log($e->getMessage()); } ``` ## Attach a policy to a group **Imports** ``` require 'vendor/autoload.php'; use Aws\Exception\AwsException; use Aws\Iam\IamClient; ``` **Sample Code** ``` $client = new IamClient([ 'profile' => 'default', 'region' => 'us-west-2', 'version' => '2010-05-08' ]); try { $result = $client->attachGroupPolicy(array( // GroupName is required 'GroupName' => 'string', // PolicyArn is required 'PolicyArn' => 'string', )); var_dump($result); } catch (AwsException $e) { // output error message if fails error_log($e->getMessage()); } ``` ## Detach a user policy **Imports** ``` require 'vendor/autoload.php'; use Aws\Exception\AwsException; use Aws\Iam\IamClient; ``` **Sample Code** ``` $client = new IamClient([ 'profile' => 'default', 'region' => 'us-west-2', 'version' => '2010-05-08' ]); try { $result = $client->detachUserPolicy([ // UserName is required 'UserName' => 'string', // PolicyArn is required 'PolicyArn' => 'string', ]); var_dump($result); } catch (AwsException $e) { // output error message if fails error_log($e->getMessage()); } ``` ## Detach a group policy **Imports** ``` require 'vendor/autoload.php'; use Aws\Exception\AwsException; use Aws\Iam\IamClient; ``` **Sample Code** ``` $client = new IamClient([ 'profile' => 'default', 'region' => 'us-west-2', 'version' => '2010-05-08' ]); try { $result = $client->detachGroupPolicy([ // GroupName is required 'GroupName' => 'string', // PolicyArn is required 'PolicyArn' => 'string', ]); var_dump($result); } catch (AwsException $e) { // output error message if fails error_log($e->getMessage()); } ``` ## Delete a policy **Imports** ``` require 'vendor/autoload.php'; use Aws\Exception\AwsException; use Aws\Iam\IamClient; ``` **Sample Code** ``` $client = new IamClient([ 'profile' => 'default', 'region' => 'us-west-2', 'version' => '2010-05-08' ]); try { $result = $client->deletePolicy(array( // PolicyArn is required 'PolicyArn' => 'string' )); var_dump($result); } catch (AwsException $e) { // output error message if fails error_log($e->getMessage()); } ``` ## Delete a role policy **Imports** ``` require 'vendor/autoload.php'; use Aws\Exception\AwsException; use Aws\Iam\IamClient; ``` **Sample Code** ``` $client = new IamClient([ 'profile' => 'default', 'region' => 'us-west-2', 'version' => '2010-05-08' ]); try { $result = $client->deleteRolePolicy([ // RoleName is required 'RoleName' => 'string', // PolicyName is required 'PolicyName' => 'string' ]); var_dump($result); } catch (AwsException $e) { // output error message if fails error_log($e->getMessage()); } ``` ## Delete a user policy **Imports** ``` require 'vendor/autoload.php'; use Aws\Exception\AwsException; use Aws\Iam\IamClient; ``` **Sample Code** ``` $client = new IamClient([ 'profile' => 'default', 'region' => 'us-west-2', 'version' => '2010-05-08' ]); try { $result = $client->deleteUserPolicy([ // UserName is required 'UserName' => 'string', // PolicyName is required 'PolicyName' => 'string', ]); var_dump($result); } catch (AwsException $e) { // output error message if fails error_log($e->getMessage()); } ``` ## Delete a group policy **Imports** ``` require 'vendor/autoload.php'; use Aws\Exception\AwsException; use Aws\Iam\IamClient; ``` **Sample Code** ``` $client = new IamClient([ 'profile' => 'default', 'region' => 'us-west-2', 'version' => '2010-05-08' ]); try { $result = $client->deleteGroupPolicy(array( // GroupName is required 'GroupName' => 'string', // PolicyName is required 'PolicyName' => 'string', )); var_dump($result); } catch (AwsException $e) { // output error message if fails error_log($e->getMessage()); } ``` # Working with IAM server certificates with AWS SDK for PHP Version 3 To enable HTTPS connections to your website or application on AWS, you need an SSL/TLS server certificate. To use a certificate that you obtained from an external provider with your website or application on AWS, you must upload the certificate to IAM or import it into AWS Certificate Manager. The following examples show how to: + List the certificates stored in IAM using [ListServerCertificates](https://docs.aws.amazon.com/aws-sdk-php/v3/api/api-iam-2010-05-08.html#listservercertificates). + Retrieve information about a certificate using [GetServerCertificate](https://docs.aws.amazon.com/aws-sdk-php/v3/api/api-iam-2010-05-08.html#getservercertificate). + Update a certificate using [UpdateServerCertificate](https://docs.aws.amazon.com/aws-sdk-php/v3/api/api-iam-2010-05-08.html#updateservercertificate). + Delete a certificate using [DeleteServerCertificate](https://docs.aws.amazon.com/aws-sdk-php/v3/api/api-iam-2010-05-08.html#deleteservercertificate). All the example code for the AWS SDK for PHP is available [here on GitHub](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/php/example_code). ## Credentials Before running the example code, configure your AWS credentials, as described in [Authenticating with AWS using AWS SDK for PHP Version 3](credentials.md). Then import the AWS SDK for PHP, as described in [Installing the AWS SDK for PHP Version 3](getting-started_installation.md). ## List server certificates **Imports** ``` require 'vendor/autoload.php'; use Aws\Exception\AwsException; use Aws\Iam\IamClient; ``` **Sample Code** ``` $client = new IamClient([ 'profile' => 'default', 'region' => 'us-west-2', 'version' => '2010-05-08' ]); try { $result = $client->listServerCertificates(); var_dump($result); } catch (AwsException $e) { // output error message if fails error_log($e->getMessage()); } ``` ## Retrieve a server certificate **Imports** ``` require 'vendor/autoload.php'; use Aws\Exception\AwsException; use Aws\Iam\IamClient; ``` **Sample Code** ``` $client = new IamClient([ 'profile' => 'default', 'region' => 'us-west-2', 'version' => '2010-05-08' ]); try { $result = $client->getServerCertificate([ // ServerCertificateName is required 'ServerCertificateName' => 'string', ]); var_dump($result); } catch (AwsException $e) { // output error message if fails error_log($e->getMessage()); } ``` ## Update a server certificate **Imports** ``` require 'vendor/autoload.php'; use Aws\Exception\AwsException; use Aws\Iam\IamClient; ``` **Sample Code** ``` $client = new IamClient([ 'profile' => 'default', 'region' => 'us-west-2', 'version' => '2010-05-08' ]); try { $result = $client->updateServerCertificate([ // ServerCertificateName is required 'ServerCertificateName' => 'string', 'NewServerCertificateName' => 'string', ]); var_dump($result); } catch (AwsException $e) { // output error message if fails error_log($e->getMessage()); } ``` ## Delete a server certificate **Imports** ``` require 'vendor/autoload.php'; use Aws\Exception\AwsException; use Aws\Iam\IamClient; ``` **Sample Code** ``` $client = new IamClient([ 'profile' => 'default', 'region' => 'us-west-2', 'version' => '2010-05-08' ]); try { $result = $client->deleteServerCertificate([ // ServerCertificateName is required 'ServerCertificateName' => 'string', ]); var_dump($result); } catch (AwsException $e) { // output error message if fails error_log($e->getMessage()); } ```