AWS credentials API - POST new credentials
Creates a new AWS credentials configuration. Check the connection status for these credentials after 10 minutes with the GET credentials request.
The body must not provide an ID. The Dynatrace server automatically assigns an ID.
The request consumes and produces an application/json payload.
| POST | SaaS | https://{your-environment-id}.live.dynatrace.com/api/config/v1/aws/credentials |
| Environment ActiveGate | https://{your-activegate-domain}:9999/e/{your-environment-id}/api/config/v1/aws/credentials |
Authentication
To execute this request, you need an access token with WriteConfig scope.
To learn how to obtain and use it, see Tokens and authentication.
Parameters
The JSON body of the request. Contains parameters of the new AWS credentials configuration.
Request body objects
The AwsCredentialsConfig object
Configuration of an AWS credentials.
The status of the connection to the AWS environment.
CONNECTED: There was a connection within last 10 minutes.DISCONNECTED: A problem occurred with establishing connection using these credentials. Check whether the data is correct.UNINITIALIZED: The successful connection has never been established for these credentials.
CONNECTEDDISCONNECTEDUNINITIALIZED
Enable monitoring of credentials.
The unique ID of the credentials.
The name of the credentials.
The type of the AWS partition.
AWS_CNAWS_DEFAULTAWS_US_GOV
Deprecated. To manage services use /aws/credentials/{id}/services operation. Built-in services are not supported here.
A list of AWS services to be monitored. Available services are listed by /aws/supportedServices operation.
For each service, a list of metrics and dimensions can be specified. A list of supported metrics and dimensions for a given service can be checked in documentation.
List of metrics can be skipped (set to null), resulting in recommended (default) set of metrics and dimensions being chosen for monitoring.
Monitor only resources which have specified AWS tags (true) or all resources (false).
A list of AWS tags to be monitored.
You can specify up to 10 tags.
Only applicable when the taggedOnly parameter is set to true.
The AwsAuthenticationData object
A credentials for the AWS authentication.
Deprecated. The credentials for the key-based authentication.
The credentials for the role-based authentication.
The type of the authentication: role-based or key-based.
KEYSROLE
The KeyBasedAuthentication object
Deprecated. The credentials for the key-based authentication.
The ID of the access key.
The secret access key.
The RoleBasedAuthentication object
The credentials for the role-based authentication.
The ID of the Amazon account.
The external ID token for setting an IAM role.
You can obtain it with the GET /aws/iamExternalId request.
The IAM role to be used by Dynatrace to get monitoring data.
The ConfigurationMetadata object
Metadata useful for debugging
Dynatrace version.
A sorted list of the version numbers of the configuration.
A sorted list of version numbers of the configuration.
The AwsSupportingServiceConfig object
A service to be monitored.
A list of metrics to be monitored for this service. If the list is null then recommended list of metrics for this service will be monitored.
The name of the service. Valid supported service names can be discovered using /aws/supportedServices restAPI
The AwsSupportingServiceMetric object
A metric of service to be monitored.
A list of metric's dimensions names.
The name of the metric of the service.
The statistic (aggregation) to be used for the metric. AVG_MIN_MAX value is 3 statistics at once: AVERAGE, MINIMUM and MAXIMUM
AVERAGEAVG_MIN_MAXMAXIMUMMINIMUMSAMPLE_COUNTSUM
The AwsConfigTag object
An AWS tag of the resource to be monitored.
The key of the AWS tag.
The value of the AWS tag.
Request body JSON model
This is a model of the request body, showing the possible elements. It has to be adjusted for usage in an actual request.
{"authenticationData": {"keyBasedAuthentication": {"accessKey": "string","secretKey": "string"},"roleBasedAuthentication": {"accountId": "string","externalId": "string","iamRole": "string"},"type": "KEYS"},"connectionStatus": "CONNECTED","credentialsEnabled": true,"id": "string","label": "string","metadata": {"clusterVersion": "1.192.1","configurationVersions": [4,2],"currentConfigurationVersions": ["1.0.4","1.23"]},"partitionType": "AWS_CN","supportingServicesToMonitor": [{"monitoredMetrics": [{"dimensions": ["string"],"name": "string","statistic": "AVERAGE"}],"name": "string"}],"taggedOnly": false,"tagsToMonitor": [{"name": "string","value": "string"}]}
Response
Response codes
Success. The new AWS credentials configuration has been created. The response body contains the ID of the configuration.
Check the connection status for these credentials after 10 minutes with the GET /aws/credentials/{id} request.
Response body objects
The EntityShortRepresentation object
The short representation of a Dynatrace entity.
A short description of the Dynatrace entity.
The ID of the Dynatrace entity.
The name of the Dynatrace entity.
Response body JSON model
{"description": "Dynatrace entity for the REST API example","id": "6a98d7bc-abb9-44f8-ae6a-73e68e71812a","name": "Dynatrace entity"}
GET the external ID token
Gets the external ID token for setting an IAM role.
The request produces an application/json payload.
| GET | SaaS | https://{your-environment-id}.live.dynatrace.com/api/config/v1/aws/iamExternalId |
| Environment ActiveGate | https://{your-activegate-domain}:9999/e/{your-environment-id}/api/config/v1/aws/iamExternalId |
Authentication
To execute this request, you need an access token with ReadConfig scope.
To learn how to obtain and use it, see Tokens and authentication.
Response
Response codes
Response body objects
The AwsIamToken object
The external ID token for setting IAM Role in AWS.
The external ID token for setting IAM Role in AWS.
Response body JSON model
{"token": "string"}
Validate payload
We recommend that you validate the payload before submitting it with an actual request. A response code of 204 indicates a valid payload.
The request consumes an application/json payload.
The request consumes an application/json payload.
| POST | SaaS | https://{your-environment-id}.live.dynatrace.com/api/config/v1/aws/credentials/validator |
| Environment ActiveGate | https://{your-activegate-domain}:9999/e/{your-environment-id}/api/config/v1/aws/credentials/validator |
Authentication
To execute this request, you need an access token with WriteConfig scope.
To learn how to obtain and use it, see Tokens and authentication.
Response
Response codes
Validated. The submitted configuration is valid. Response doesn't have a body.