Skip to main content

CreateCredential

Create a new credential so ApertureDB can access specified cloud resource(s).

Parameters

  • name: unique name to refer to this credential.
  • service: which service can the credential be used for
  • key
  • resources: Array of resources accessible using the credential.

Details

The given credential information is stored and used any time the resources specified in the list are accessed.

If a credential with the same name already exist, an error is returned.

The services currently supported include "aws".

At the moment, resources are expected to be AWS S3 buckets.

Examples

Add a new AWS credential using the CreateCredential command:


[{
"CreateCredential": {
"name": "training_bucket_credential",
"service": "aws",
"key": {
"access_key": "AKIAZ6XBPW6OZOCEQZWS",
"secret_access_key": "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",
"region": "us-west-2"
},
"resources": ["s3://bucket1", "s3://bucket2"]
}
}]

Response for a successful creation:


[{
"CreateCredential": {
"status": 0
}
}]


Add a new GCP credential using the CreateCredential command:


[{
"CreateCredential": {
"name": "training_bucket_credential",
"service": "gcp",
"key": {
"type": "service_account",
"project_id": "aperturedb",
"private_key_id": "0123456789012345678901234567890123456789",
"private_key": "-----BEGIN PRIVATE KEY-----\nmy/private/key\n-----END PRIVATE KEY-----\n",
"client_email": "tester@aperturedb.iam.gserviceaccount.com",
"client_id": "012345678901234567890",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://oauth2.googleapis.com/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/tester%40aperturedb.iam.gserviceaccount.com",
"universe_domain": "googleapis.com"
},
"resources": ["gs://bucket1", "gs://bucket2"]
}
}]

Response for a successful creation:


[{
"CreateCredential": {
"status": 0
}
}]