/auth-method-create-aws-iam

post

https://api.akeyless.io/auth-method-create-aws-iam

Body Params

access-expires

int64

Defaults to 0

Access expiration date in Unix timestamp (select 0 for access without expiry date)

allowed-client-type

array of strings

limit the auth method usage for specific client types [cli,ui,gateway-admin,sdk,mobile,extension]

allowed-client-type

audit-logs-claims

array of strings

Subclaims to include in audit logs, e.g "--audit-logs-claims email --audit-logs-claims username"

audit-logs-claims

bound-arn

array of strings

A list of full arns that the access is restricted to

bound-arn

bound-aws-account-id

array of strings

required

A list of AWS account-IDs that the access is restricted to

bound-aws-account-id*

bound-ips

array of strings

A CIDR whitelist with the IPs that the access is restricted to

bound-ips

bound-resource-id

array of strings

A list of full resource ids that the access is restricted to

bound-resource-id

bound-role-id

array of strings

A list of full role ids that the access is restricted to

bound-role-id

bound-role-name

array of strings

A list of full role-name that the access is restricted to

bound-role-name

bound-user-id

array of strings

A list of full user ids that the access is restricted to

bound-user-id

bound-user-name

array of strings

A list of full user-name that the access is restricted to

bound-user-name

delete_protection

string

Protection from accidental deletion of this object [true/false]

description

string

Auth Method description

expiration-event-in

array of strings

How many days before the expiration of the auth method would you like to be notified.

expiration-event-in

force-sub-claims

boolean

if true: enforce role-association must include sub claims

gw-bound-ips

array of strings

A CIDR whitelist with the GW IPs that the access is restricted to

gw-bound-ips

json

boolean

Defaults to false

Set output format to JSON

jwt-ttl

int64

Defaults to 0

Jwt TTL

name

string

required

Auth Method name

product-type

array of strings

Choose the relevant product type for the auth method [sm, sra, pm, dp, ca]

product-type

sts-url

string

Defaults to https://sts.amazonaws.com

sts URL

token

string

Authentication token (see /auth and /configure)

uid-token

string

The universal identity token, Required only for universal_identity authentication

unique-identifier

string

A unique identifier (ID) value which is a "sub claim" name that contains details uniquely identifying that resource. This "sub claim" is used to distinguish between different identities.

Responses

201authMethodCreateAwsIamResponse wraps response body.

defaulterrorResponse wraps any error to return it as a JSON object with one "error" field.