AWS credentials API - PUT credentials

Reference
Published Jun 27, 2019

Updates an existing AWS credentials configuration. Check the connection status for these credentials after 10 minutes with the GET credentials request.

If a credentials configuration with the specified ID doesn’t exist, a new configuration is created.

The request consumes and produces an application/json payload.

PUT	SaaS	`https://{your-environment-id}.live.dynatrace.com/api/config/v1/aws/credentials/{id}`
PUT	Environment ActiveGate	`https://{your-activegate-domain}:9999/e/{your-environment-id}/api/config/v1/aws/credentials/{id}`

Authentication

To execute this request, you need an access token with WriteConfig scope.

To learn how to obtain and use it, see Tokens and authentication.

Parameters

Parameter	Type	Description	In	Required
id	string	The ID of the AWS credentials configuration to be updated.	path	required
body	AwsCredentialsConfig	The JSON body of the request. Contains updated parameters of the AWS credentials configuration.	body	optional

Request body objects

The `AwsCredentialsConfig` object

Configuration of an AWS credentials.

Element	Type	Description	Required
authenticationData	AwsAuthenticationData	A credentials for the AWS authentication.	required
connectionStatus	string	The status of the connection to the AWS environment. `CONNECTED`: There was a connection within last 10 minutes. `DISCONNECTED`: A problem occurred with establishing connection using these credentials. Check whether the data is correct. `UNINITIALIZED`: The successful connection has never been established for these credentials. `CONNECTED` `DISCONNECTED` `UNINITIALIZED`	optional
credentialsEnabled	boolean	Enable monitoring of credentials.	optional
id	string	The unique ID of the credentials.	optional
label	string	The name of the credentials.	required
metadata	ConfigurationMetadata	Metadata useful for debugging	optional
partitionType	string	The type of the AWS partition. `AWS_CN` `AWS_DEFAULT` `AWS_US_GOV`	required
supportingServicesToMonitor	AwsSupportingServiceConfig[]	Deprecated. To manage services use /aws/credentials/{id}/services operation. Built-in services are not supported here. A list of AWS services to be monitored. Available services are listed by /aws/supportedServices operation. For each service, a list of metrics and dimensions can be specified. A list of supported metrics and dimensions for a given service can be checked in documentation. List of metrics can be skipped (set to null), resulting in recommended (default) set of metrics and dimensions being chosen for monitoring.	optional
taggedOnly	boolean	Monitor only resources which have specified AWS tags (`true`) or all resources (`false`).	optional
tagsToMonitor	AwsConfigTag[]	A list of AWS tags to be monitored. You can specify up to 10 tags. Only applicable when the taggedOnly parameter is set to `true`.	optional

The `AwsAuthenticationData` object

A credentials for the AWS authentication.

Element	Type	Description	Required
keyBasedAuthentication	KeyBasedAuthentication	Deprecated. The credentials for the key-based authentication.	optional
roleBasedAuthentication	RoleBasedAuthentication	The credentials for the role-based authentication.	optional
type	string	The type of the authentication: role-based or key-based. `KEYS` `ROLE`	required

The `KeyBasedAuthentication` object

Deprecated. The credentials for the key-based authentication.

Element	Type	Description	Required
accessKey	string	The ID of the access key.	required
secretKey	string	The secret access key.	required

The `RoleBasedAuthentication` object

The credentials for the role-based authentication.

Element Type Description Required

accountId

string

Element	Type	Description	Required
accountId	string	The ID of the Amazon account.	required
externalId	string	The external ID token for setting an IAM role. You can obtain it with the `GET /aws/iamExternalId` request.	optional
iamRole	string	The IAM role to be used by Dynatrace to get monitoring data.	required

The ID of the Amazon account.

required

externalId

string

The external ID token for setting an IAM role.

You can obtain it with the GET /aws/iamExternalId request.

optional

iamRole

string

The IAM role to be used by Dynatrace to get monitoring data.

required

The `ConfigurationMetadata` object

Metadata useful for debugging

Element	Type	Description	Required
clusterVersion	string	Dynatrace version.	optional
configurationVersions	integer[]	A sorted list of the version numbers of the configuration.	optional
currentConfigurationVersions	string[]	A sorted list of version numbers of the configuration.	optional

The `AwsSupportingServiceConfig` object

A service to be monitored.

Element	Type	Description	Required
monitoredMetrics	AwsSupportingServiceMetric[]	A list of metrics to be monitored for this service. If the list is null then recommended list of metrics for this service will be monitored.	optional
name	string	The name of the service. Valid supported service names can be discovered using /aws/supportedServices restAPI	required

The `AwsSupportingServiceMetric` object

A metric of service to be monitored.

Element	Type	Description	Required
dimensions	string[]	A list of metric's dimensions names.	required
name	string	The name of the metric of the service.	required
statistic	string	The statistic (aggregation) to be used for the metric. AVG_MIN_MAX value is 3 statistics at once: AVERAGE, MINIMUM and MAXIMUM `AVERAGE` `AVG_MIN_MAX` `MAXIMUM` `MINIMUM` `SAMPLE_COUNT` `SUM`	required

The `AwsConfigTag` object

An AWS tag of the resource to be monitored.

Element	Type	Description	Required
name	string	The key of the AWS tag.	required
value	string	The value of the AWS tag.	required

Request body JSON model

This is a model of the request body, showing the possible elements. It has to be adjusted for usage in an actual request.

{
  "authenticationData": {
    "keyBasedAuthentication": {
      "accessKey": "string",
      "secretKey": "string"
    },
    "roleBasedAuthentication": {
      "accountId": "string",
      "externalId": "string",
      "iamRole": "string"
    },
    "type": "KEYS"
  },
  "connectionStatus": "CONNECTED",
  "credentialsEnabled": true,
  "id": "string",
  "label": "string",
  "metadata": {
    "clusterVersion": "1.192.1",
    "configurationVersions": [
      4,
      2
    ],
    "currentConfigurationVersions": [
      "1.0.4",
      "1.23"
    ]
  },
  "partitionType": "AWS_CN",
  "supportingServicesToMonitor": [
    {
      "monitoredMetrics": [
        {
          "dimensions": [
            "string"
          ],
          "name": "string",
          "statistic": "AVERAGE"
        }
      ],
      "name": "string"
    }
  ],
  "taggedOnly": false,
  "tagsToMonitor": [
    {
      "name": "string",
      "value": "string"
    }
  ]
}

Response

Response codes

Code Type Description

Code	Type	Description
201	EntityShortRepresentation	Success. The new AWS credentials configuration has been created. The response body contains the ID of the configuration. Check the connection status for these credentials after 10 minutes with the `GET /aws/credentials/{id}` request.
204	-	Success. The AWS credentials configuration has been updated. Response doesn't have a body. Check the connection status for these credentials after 10 minutes with the `GET /aws/credentials/{id}` request.
400	ErrorEnvelope	Failed. The input is invalid.

201

EntityShortRepresentation

Success. The new AWS credentials configuration has been created. The response body contains the ID of the configuration.

Check the connection status for these credentials after 10 minutes with the GET /aws/credentials/{id} request.

204

Success. The AWS credentials configuration has been updated. Response doesn't have a body.

Check the connection status for these credentials after 10 minutes with the GET /aws/credentials/{id} request.

400

ErrorEnvelope

Failed. The input is invalid.

Response body objects

The `EntityShortRepresentation` object

The short representation of a Dynatrace entity.

Element	Type	Description
description	string	A short description of the Dynatrace entity.
id	string	The ID of the Dynatrace entity.
name	string	The name of the Dynatrace entity.

Response body JSON model

{
  "description": "Dynatrace entity for the REST API example",
  "id": "6a98d7bc-abb9-44f8-ae6a-73e68e71812a",
  "name": "Dynatrace entity"
}

GET the external ID token

Gets the external ID token for setting an IAM role.

The request produces an application/json payload.

GET	SaaS	`https://{your-environment-id}.live.dynatrace.com/api/config/v1/aws/iamExternalId`
GET	Environment ActiveGate	`https://{your-activegate-domain}:9999/e/{your-environment-id}/api/config/v1/aws/iamExternalId`

Authentication

To execute this request, you need an access token with ReadConfig scope.

To learn how to obtain and use it, see Tokens and authentication.

Response

Response codes

Code	Type	Description
200	AwsIamToken	Success

Response body objects

The `AwsIamToken` object

The external ID token for setting IAM Role in AWS.

Element	Type	Description
token	string	The external ID token for setting IAM Role in AWS.

Response body JSON model

{
  "token": "string"
}

Validate payload

We recommend that you validate the payload before submitting it with an actual request. A response code of 204 indicates a valid payload.

The request consumes an application/json payload.

POST	SaaS	`https://{your-environment-id}.live.dynatrace.com/api/config/v1/aws/credentials/{id}/validator`
POST	Environment ActiveGate	`https://{your-activegate-domain}:9999/e/{your-environment-id}/api/config/v1/aws/credentials/{id}/validator`

Authentication

To execute this request, you need an access token with WriteConfig scope.

To learn how to obtain and use it, see Tokens and authentication.

Response

Response codes

Code	Type	Description
204	-	Validated. The submitted configuration is valid. Response doesn't have a body.
400	ErrorEnvelope	Failed. The input is invalid.

Set up Dynatrace on Amazon Web Services

AWS credentials API - PUT credentials

Authentication

Parameters

Request body objects

The AwsCredentialsConfig object

The AwsAuthenticationData object

The KeyBasedAuthentication object

The RoleBasedAuthentication object

The ConfigurationMetadata object

The AwsSupportingServiceConfig object

The AwsSupportingServiceMetric object

The AwsConfigTag object

Request body JSON model

Response

Response codes

Response body objects

The EntityShortRepresentation object

Response body JSON model

GET the external ID token

Authentication

Response

Response codes

Response body objects

The AwsIamToken object

Response body JSON model

Validate payload

Authentication

Response

Response codes

Related topics

The `AwsCredentialsConfig` object

The `AwsAuthenticationData` object

The `KeyBasedAuthentication` object

The `RoleBasedAuthentication` object

The `ConfigurationMetadata` object

The `AwsSupportingServiceConfig` object

The `AwsSupportingServiceMetric` object

The `AwsConfigTag` object

The `EntityShortRepresentation` object

The `AwsIamToken` object