Validate Account Roles
POST {{cb_url}}/public-cloud/account-management/v1/orgs/{{cb_org_key}}/accounts/validate_role
Validate Account Roles
Permissions Required
Permission (.notation name) | Operation(s) |
---|---|
public.cloud.accounts | EXECUTE |
Request Schema
[
{
"cloud_provider_account_id": "<string>",
"cloud_provider": "<string>",
"saved_credentials": <boolean>,
"role_arn": "<string>",
"external_id": "<string>"
}
]
Request Body
[{"cloud_provider_account_id"=>"1234567890", "cloud_provider"=>"AWS", "saved_credentials"=>false, "role_arn"=>"arn:aws:iam::1234567890:role/aws-service-role/spot.amazonaws.com/AWSServiceRoleForEC2Spot", "external_id"=>"afd5813b-e3c6-471a-b30e-3a8577f81111"}]
RESPONSES
status: OK
[{"validation_status":false,"validation_code":"AWS_CREDENTIAL_ERROR","validation_message":"User: arn:aws:sts::11111111:assumed-role/mcs-psc-dev-cwp-pc-aws-collector-us-east-1-pod/694be2a6-mcs-psc-dev-cwp-pc-aws-collector-us-east-1-pod is not authorized to perform: sts:AssumeRole on resource: arn:aws:iam::1234567890:role/aws-service-role/spot.amazonaws.com/AWSServiceRoleForEC2Spot (Service: Sts, Status Code: 403, Request ID: 3b87032c-dc51-4cfc-a861-4f3419eb1593, Extended Request ID: null)","cloud_provider_account_id":"1234567890","cloud_provider":"AWS"}]