AWS credentials API - PUT credentials

Updates an existing AWS credentials configuration. Check the connection status for these credentials after 10 minutes with the GET credentials request.

If a credentials configuration with the specified ID doesn’t exist, a new configuration is created.

The request consumes and produces an application/json payload.

PUT	Managed https://{your-domain}/e/{your-environment-id}/api/config/v1/aws/credentials/{id} SaaS https://{your-environment-id}.live.dynatrace.com/api/config/v1/aws/credentials/{id}

Authentication

To execute this request, you need the Write configuration permission assigned to your API token. To learn how to obtain and use it, see the Authentication page.

Parameters

Parameter	Type	Description	In	Required
id	string	The ID of the AWS credentials configuration to be updated.	path	required
body	AwsCredentialsConfig	The JSON body of the request. Contains updated parameters of the AWS credentials configuration.	body	optional

Request parameters JSON model

The AwsCredentialsConfig object

Configuration of an AWS credentials.

Element	Type	Description	Required
metadata	ConfigurationMetadata		optional
id	string	The unique ID of the credentials.	optional
connectionStatus	string	The status of the connection to the AWS environment. `CONNECTED`: There was a connection within last 10 minutes. `DISCONNECTED`: A problem occurred with establishing connection using these credentials. Check whether the data is correct. `UNINITIALIZED`: The successful connection has never been established for these credentials. The connectionStatus element can hold these values.	optional
label	string	The name of the credentials.	required
partitionType	string	The type of the AWS partition. The partitionType element can hold these values.	required
authenticationData	AwsAuthenticationData		required
taggedOnly	boolean	Monitor only resources which have specified AWS tags (`true`) or all resources (`false`).	required
tagsToMonitor	AwsConfigTag[]	A list of AWS tags to be monitored. You can specify up to 10 tags. Only applicable when the taggedOnly parameter is set to `true`.	required
supportingServicesToMonitor	AwsSupportingServiceConfig[]	A list of supporting services to be monitored.	optional

The AwsSupportingServiceConfig object

A supporting service to be monitored.

Element	Type	Description	Required
name	string	The name of the supporting service.	required
monitoredMetrics	AwsSupportingServiceMetric[]	A list of metrics to be monitored for this service.	required

The AwsSupportingServiceMetric object

A metric of supporting service to be monitored.

Element	Type	Description	Required
name	string	The name of the metric of the supporting service.	required
statistic	string	The statistic (aggregation) to be used for the metric. AVG_MIN_MAX value is 3 statistics at once: AVERAGE, MINIMUM and MAXIMUM The statistic element can hold these values.	required
dimensions	string[]	A list of metric's dimensions names.	required

The AwsConfigTag object

An AWS tag of the resource to be monitored.

Element	Type	Description	Required
name	string	The key of the AWS tag.	required
value	string	The value of the AWS tag.	required

The AwsAuthenticationData object

A credentials for the AWS authentication.

Element	Type	Description	Required
type	string	The type of the authentication: role-based or key-based. The type element can hold these values.	required
keyBasedAuthentication	KeyBasedAuthentication		optional
roleBasedAuthentication	RoleBasedAuthentication		optional

The RoleBasedAuthentication object

The credentials for the role-based authentication.

Element Type Description Required

iamRole

string

Element	Type	Description	Required
iamRole	string	The IAM role to be used by Dynatrace to get monitoring data.	required
accountId	string	The ID of the Amazon account.	required
externalId	string	The external ID token for setting an IAM role. You can obtain it with the `GET /aws/iamExternalId` request.	optional

The IAM role to be used by Dynatrace to get monitoring data.

required

accountId

string

The ID of the Amazon account.

required

externalId

string

The external ID token for setting an IAM role.

You can obtain it with the GET /aws/iamExternalId request.

optional

The KeyBasedAuthentication object

The credentials for the key-based authentication.

Element	Type	Description	Required
accessKey	string	The ID of the access key.	required
secretKey	string	The secret access key.	required

The ConfigurationMetadata object

Metadata useful for debugging

Element	Type	Description	Required
configurationVersions	integer[]	A Sorted list of the version numbers of the configuration.	optional
clusterVersion	string	Dynatrace server version.	optional

This is a model of the request body, showing the possible elements. It has to be adjusted for usage in an actual request. See the Example expandable section for working sample request.

      
  {
  "metadata": {
    "configurationVersions": [
      "integer"
    ],
    "clusterVersion": "1.192.1"
  },
  "id": "string",
  "connectionStatus": "CONNECTED",
  "label": "string",
  "partitionType": "AWS_CN",
  "authenticationData": {
    "type": "KEYS",
    "keyBasedAuthentication": {
      "accessKey": "string",
      "secretKey": "string"
    },
    "roleBasedAuthentication": {
      "iamRole": "string",
      "accountId": "string",
      "externalId": "string"
    }
  },
  "taggedOnly": true,
  "tagsToMonitor": [
    {
      "name": "string",
      "value": "string"
    }
  ],
  "supportingServicesToMonitor": [
    {
      "name": "string",
      "monitoredMetrics": [
        {
          "name": "string",
          "statistic": "AVERAGE",
          "dimensions": [
            "string"
          ]
        }
      ]
    }
  ]
}

Possible values

Possible values for the statistic element in the AwsSupportingServiceMetric object:

AVERAGE
AVG_MIN_MAX
MAXIMUM
MINIMUM
SAMPLE_COUNT
SUM

Possible values for the type element in the AwsAuthenticationData object:

KEYS
ROLE

Possible values for the partitionType element in the AwsCredentialsConfig object:

AWS_CN
AWS_DEFAULT
AWS_US_GOV

Possible values for the connectionStatus element in the AwsCredentialsConfig object:

CONNECTED
DISCONNECTED
UNINITIALIZED

Response codes

Code	Description
201	Success. The new AWS credentials configuration has been created. The response body contains the ID of the configuration. Check the connection status for these credentials after 10 minutes with the `GET /aws/credentials/{id}` request.
204	Success. The AWS credentials configuration has been updated. Response doesn't have a body. Check the connection status for these credentials after 10 minutes with the `GET /aws/credentials/{id}` request.
400	Failed. The input is invalid.

Response format

Response parameters JSON model

The EntityShortRepresentation object

The short representation of a Dynatrace entity.

Element	Type	Description
id	string	The ID of the Dynatrace entity.
name	string	The name of the Dynatrace entity.
description	string	A short description of the Dynatrace entity.

{}

GET the external ID token

Gets the external ID token for setting an IAM role.

The request produces an application/json payload.

GET	Managed https://{your-domain}/e/{your-environment-id}/api/config/v1/aws/iamExternalId SaaS https://{your-environment-id}.live.dynatrace.com/api/config/v1/aws/iamExternalId

Authentication

To execute this request, you need the Read configuration permission assigned to your API token. To learn how to obtain and use it, see the Authentication page.

Response format

Response parameters JSON model

The AwsIamToken object

The external ID token for setting IAM Role in AWS.

Element	Type	Description
token	string	The external ID token for setting IAM Role in AWS.

    
{
  "token": "string"
}

Validate payload

We recommend that you validate the payload before submitting it with an actual request. A response code of 204 indicates a valid payload.

The request consumes an application/json payload.

POST	Managed https://{your-domain}/e/{your-environment-id}/api/config/v1/aws/credentials/{id}/validator SaaS https://{your-environment-id}.live.dynatrace.com/api/config/v1/aws/credentials/{id}/validator

Authentication

To execute this request, you need the Write configuration permission assigned to your API token. To learn how to obtain and use it, see the Authentication page.

Response codes

Code	Description
204	Validated. The submitted configuration is valid. Response doesn't have a body.
400	Failed. The input is invalid.