Skip to main content
logoTetrate Service BridgeVersion: 1.11.x

AWS EC2 Credential

EC2Credential represents credential of an AWS EC2 instance.

EC2Credential

EC2Credential represents credential of an AWS EC2 instance.

FieldDescriptionValidation Rule

instanceIdentityDocument

tetrateio.api.onboarding.private.types.credential.aws.v1alpha1.EC2InstanceIdentityDocument
REQUIRED
AWS EC2 instance identity document with a verifiable signature. See https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-identity-documents.html

message = {
  required: true
}

instanceCredential

tetrateio.api.onboarding.private.types.credential.aws.v1alpha1.CredentialInfo
Information about the EC2 Instance Credential associated with the EC2 instance verifiable through AWS STS GetCallerIdentity API. See https://docs.aws.amazon.com/STS/latest/APIReference/API_GetCallerIdentity.html

Since AWS classifies EC2 Instance Credential as an API `"for Internal use only"``, this field remains optional, although highly favourable.

iamRoleCredential

tetrateio.api.onboarding.private.types.credential.aws.v1alpha1.CredentialInfo
Information about the IAM Role Credential associated with the EC2 instance verifiable through AWS STS GetCallerIdentity API. See https://docs.aws.amazon.com/STS/latest/APIReference/API_GetCallerIdentity.html

Since EC2 instance might not have an IAM Role Credential associated with it, this field remains optional.

EC2InstanceIdentityDocument

EC2InstanceIdentityDocument represents AWS EC2 instance identity document. See https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-identity-documents.html

FieldDescriptionValidation Rule

pkcs7SignatureRsa2048

string oneof _kind
PKCS#7 signature of the EC2 instance identity document verifiable by an AWS RSA-2048 public certificate. See https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/verify-rsa2048.html

string = {
  min_len: 1
}