Validate Account Roles

POST {{cb_url}}/public-cloud/account-management/v1/orgs/{{cb_org_key}}/accounts/validate_role

Validate Account Roles

Permissions Required

Permission (.notation name)Operation(s)
public.cloud.accountsEXECUTE

Request Schema

[
  {
    "cloud_provider_account_id": "<string>",
    "cloud_provider": "<string>",
    "saved_credentials": <boolean>,
    "role_arn": "<string>",
    "external_id": "<string>"
  }
]

See Documentation

Request Body

[{"cloud_provider_account_id"=>"1234567890", "cloud_provider"=>"AWS", "saved_credentials"=>false, "role_arn"=>"arn:aws:iam::1234567890:role/aws-service-role/spot.amazonaws.com/AWSServiceRoleForEC2Spot", "external_id"=>"afd5813b-e3c6-471a-b30e-3a8577f81111"}]

RESPONSES

status: OK

[{&quot;validation_status&quot;:false,&quot;validation_code&quot;:&quot;AWS_CREDENTIAL_ERROR&quot;,&quot;validation_message&quot;:&quot;User: arn:aws:sts::11111111:assumed-role/mcs-psc-dev-cwp-pc-aws-collector-us-east-1-pod/694be2a6-mcs-psc-dev-cwp-pc-aws-collector-us-east-1-pod is not authorized to perform: sts:AssumeRole on resource: arn:aws:iam::1234567890:role/aws-service-role/spot.amazonaws.com/AWSServiceRoleForEC2Spot (Service: Sts, Status Code: 403, Request ID: 3b87032c-dc51-4cfc-a861-4f3419eb1593, Extended Request ID: null)&quot;,&quot;cloud_provider_account_id&quot;:&quot;1234567890&quot;,&quot;cloud_provider&quot;:&quot;AWS&quot;}]