メインコンテンツへスキップ

terraform-create-account-role 

dci terraform-create-account-role

Creates or updates a CloudConnect document for an AWS account connected via Terraform. Unlike the CloudFormation variant, this endpoint does not update Firestore channel documents or require a CloudFormation stack ID.

Request

Content-Type: application/json

Schema

{
  "type": "object",
  "required": [
    "accountID",
    "roleArn"
  ],
  "properties": {
    "accountID": {
      "type": "string",
      "description": "The AWS account ID.",
      "example": "123456789012"
    },
    "roleArn": {
      "type": "string",
      "description": "The ARN of the IAM role created for DoiT access.",
      "example": "arn:aws:iam::123456789012:role/DoiTRole"
    },
    "s3Bucket": {
      "type": "string",
      "description": "S3 bucket name for CloudTrail real-time anomaly detection. Required together with s3BucketRegion."
    },
    "s3BucketRegion": {
      "type": "string",
      "description": "AWS region of the S3 bucket. Required together with s3Bucket.",
      "example": "us-east-1"
    }
  }
}

Responses

200 (application/json)

OK - Role created/updated successfully.

{
  "type": "object",
  "properties": {
    "accountID": {
      "type": "string",
      "description": "The AWS account ID.",
      "example": "123456789012"
    },
    "roleArn": {
      "type": "string",
      "description": "The ARN of the IAM role.",
      "example": "arn:aws:iam::123456789012:role/DoiTRole"
    },
    "s3Bucket": {
      "type": "string",
      "description": "S3 bucket name for real-time anomaly detection. Present only if real-time is enabled."
    },
    "s3BucketRegion": {
      "type": "string",
      "description": "AWS region of the S3 bucket. Present only if s3Bucket exists.",
      "example": "us-east-1"
    },
    "supportedFeatures": {
      "type": "array",
      "items": {
        "type": "object",
        "properties": {
          "name": {
            "type": "string",
            "description": "Feature name.",
            "example": "spot-scaling"
          },
          "hasRequiredPermissions": {
            "type": "boolean",
            "description": "Whether the role has the required permissions for this feature."
          }
        }
      },
      "description": "List of supported features and their permission status."
    },
    "timeLinked": {
      "type": "string",
      "description": "ISO 8601 timestamp of when the role was linked.",
      "example": "2024-01-15T10:30:00Z"
    }
  }
}

400 (application/json)

Bad Request - The server cannot process the request, often due to a malformed request.

{
  "type": "object",
  "description": "Standard error response structure.",
  "properties": {
    "error": {
      "type": "string",
      "description": "Detailed error message."
    }
  }
}

401 (application/json)

Unauthorized - Invalid API key.

{
  "type": "object",
  "description": "Standard error response structure.",
  "properties": {
    "error": {
      "type": "string",
      "description": "Detailed error message."
    }
  }
}

403 (application/json)

Forbidden - The client is not authorized to perform the request.

{
  "type": "object",
  "description": "Standard error response structure.",
  "properties": {
    "error": {
      "type": "string",
      "description": "Detailed error message."
    }
  }
}

409 (application/json)

Conflict - Account already exists.

{
  "type": "object",
  "description": "Standard error response structure.",
  "properties": {
    "error": {
      "type": "string",
      "description": "Detailed error message."
    }
  }
}

500 (application/json)

Internal Server Error - Something went wrong with the DoiT API server.

{
  "type": "object",
  "description": "Standard error response structure.",
  "properties": {
    "error": {
      "type": "string",
      "description": "Detailed error message."
    }
  }
}

Aliases: terraform-create-account-role, terraformcreateaccountrole