Home » iam

Tag: iam

AWS IAM CERTIFICATE_VERIFY_FAILED

Situation

When attempting to call AWS CLI commands we were receiving a CERTIFICATE_VERIFY_FAILED error message. We were using a proxy service. In this specific instance we were connecting to AWS IAM via zScaler Internet Access (ZIA)

Example

we were running a simple

aws iam get-role --role-name vmimport

 

Workaround

include–no-verifyssl to by pass the ssl verification

aws iam get-role --role-name vmimport --no-verify-ssl

Solution

Drop or whitelist the iam.amazonaws.com from SSL inspection on the proxy server