Description
Use a HTTP POST request to create a AWS credential.
Request
HTTP Method: POST
| Parameter | Description |
|---|---|
| name | Name of the credential. |
| mode | Describes the type of credential (AWS) |
| team_id | ID of Tines Team where the credential will be located. |
| folder_id | Optional ID of folder to which the credential will be located |
| read_access | Optional Control where this credential can be used (TEAM, GLOBAL, SPECIFIC_TEAMS). default: TEAM. (SPECIFIC_TEAMS is a premium feature. Reach out to find out more.) |
| shared_team_slugs | Optional List of teams' slugs where this credential can be used. Required to set read_access to SPECIFIC_TEAMS. default: [] (empty array). |
| description | Optional Description of the credential. default: "" (empty string) |
| aws_authentication_type | The authentication method with AWS, key-based-access or role-based-access(KEY, ROLE, INSTANCE_PROFILE) |
| aws_access_key | The access key from your AWS Security Credentials |
| aws_secret_key | The access secret from your AWS Security Credentials |
| aws_assumed_role_arn | Required for role-based-access The ARN of the role you wish to assume, e.g.: arn:aws:iam::123456789012:role/write-access-role |
| aws_assumed_role_external_id | Deprecated The external ID to be used when making the request. This field is deprecated for reasons of AWS FTR (Foundational Technical Review) compliance. It is recommended to no longer use this parameter in your requests. |
Sample request
curl -X POST \
https://<<META.tenant.domain>>/api/v1/user_credentials \
-H 'content-type: application/json' \
-H 'x-user-token: <api-token>' \
-d '{
"name": "foo",
"value": "bar",
"mode": "AWS",
"team_id": 2,
"aws_authentication_type": "KEY",
"aws_access_key": "v_access_key",
"aws_secret_key": "v_secret_key"
}'
Response
A successful request will return a JSON object describing the created credential.
Field description
| Parameter | Description |
|---|---|
| id | credential ID. |
| name | Name of the credential. |
| mode | Describes the type of credential (TEXT, JWT, OAUTH, AWS, MTLS, HTTP_REQUEST_AGENT). |
| team_id | ID of team to which the credential belongs. |
| folder_id | ID of folder to which the credential belongs. |
| read_access | Control where this credential can be used (TEAM, GLOBAL, SPECIFIC_TEAMS). |
| shared_team_slugs | List of teams' slugs where this credential can be used when read_access is SPECIFIC_TEAMS, otherwise empty. |
| description | Description of the credential. |
| slug | An underscored representation of the credential name |
| created_at | ISO 8601 Timestamp representing date and time the credential was created. |
| updated_at | ISO 8601 Timestamp representing date and time the credential was last updated. |
Sample response
{
"id": 1,
"name": "tines_api_credential",
"mode": "AWS",
"team_id": 2,
"folder_id": 1,
"read_access": "TEAM",
"shared_team_slugs": [],
"slug": "tines_api_credential",
"created_at": "2021-03-26T12:34:16.540Z",
"updated_at": "2021-03-26T12:34:16.540Z",
"description": ""
}