Example 3: AWS credential from an EC2 assigned role

This example shows you how to call POST Credentials/Create. The EC2 instance must be running Trust Protection Platform. In Amazon EC2, a role must be assigned to the Trust Protection Platform instance. For more information, see the Administration Guide.

The Values array needs these elements:

  • Name: Source, Type:string and Value of EC2AssignedRole. List the Source of the credential first in the Values array. This clears other attributes to avoid non-applicable data from being retained. 
  • (Optional) Name: Role, Type:string and Value that is the existing EC2Role.

Example: Create an AWS credential that uses an EC2 role

Request

POST https://tpp.venafi.example/vedsdk/Credentials/Create
Authorization:Bearer 4MyGeneratedBearerTknz==
{
    "CredentialPath": "\\VED\\Policy\\Credentials\\EC2Credential",
    "FriendlyName": "Amazon",
    "Expiration": "/Date(1893456000000)/",
    "Values": [
     {
         "Name":"Source",
         "Type":"string",
         "Value":"EC2AssignedRole"
      }
}

Response

HTTP/1.1 200 OK
{
   "Result":1
}