CreateCredential
Create a new credential so ApertureDB can access specified cloud resource(s).
Parameters
- name: unique name to refer to this credential.
- service: which service can the credential be used for
- key
- resources: Array of resources accessible using the credential.
Details
The given credential information is stored and used any time the resources specified in the list are accessed.
If a credential with the same name already exist, an error is returned.
The services currently supported include "aws".
At the moment, resources are expected to be AWS S3 buckets.
Examples
Add a new AWS credential using the CreateCredential command:
[{
"CreateCredential": {
"name": "training_bucket_credential",
"service": "aws",
"key": {
"access_key": "AKIAZ6XBPW6OZOCEQZWS",
"secret_access_key": "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"
},
"resources": ["s3://bucket1", "s3://bucket2"]
}
}]
Response for a successful creation:
[{
"CreateCredential": {
"status": 0
}
}]
Add a new GCP credential using the CreateCredential command:
[{
"CreateCredential": {
"name": "training_bucket_credential",
"service": "gcp",
"key": {
"type": "service_account",
"project_id": "aperturedb",
"private_key_id": "0123456789012345678901234567890123456789",
"private_key": "-----BEGIN PRIVATE KEY-----\nmy/private/key\n-----END PRIVATE KEY-----\n",
"client_email": "tester@aperturedb.iam.gserviceaccount.com",
"client_id": "012345678901234567890",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://oauth2.googleapis.com/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/tester%40aperturedb.iam.gserviceaccount.com",
"universe_domain": "googleapis.com"
},
"resources": ["gs://bucket1", "gs://bucket2"]
}
}]
Response for a successful creation:
[{
"CreateCredential": {
"status": 0
}
}]