Skip to content

ECS Server REST API

If you have defined a bearer token then all REST calls must define the necesary HTTP Authentication header.

If you have enabled SSL then all REST calls must be over SSL/TLS.

Default slot AWS IAM Role credentials

GET /

Fetch the default IAM credentials.

Reply:

{
    "AccessKeyId": "ASI....",
    "SecretAccessKeyId": "<Secret Access Key ID>",
    "Token": "<Temprorary security token>",
    "Expiration": "<Date in RFC3339 / ISO8601 format>",
    "RoleArn": "<ARN of the role>",
}

GET /profile

Fetch the profile name of the default credentials.

Reply:

{
    "ProfileName": "<aws-sso profile name>",
    "AccountId": "<AWS Account ID>",
    "RoleName": "<IAM Role name>",
    "Expiration": <Unix epoch seconds>,
    "Expires": "<how long until expires string>"
}

PUT /

Upload default credentials.

Request:

{
    "ProfileName": "<aws-sso profile name",
    "Creds": {
        "accountId": "<AWS AccountID of the role>",
        "roleName": "<Name of the role>",
        "accessKeyId": "ASI....",
        "secretAccessKey": "<secret access key id value>",
        "sessionToken": "<temprorary security token>",
        "expiration": "expiration Epoch in milliseconds"
    }
}

Reply:

{
    "code": "<HTTP error code>",
    "message": "<message>"
}

DELETE /

Delete default credentials.

{
    "code": "<HTTP error code>",
    "message": "<message>"
}

Slotted credentials

GET /slot

Fetch list of default credentials.

[
    {
        "ProfileName": "<profile name>",
        "AccountId": "<AWS Account ID>",
        "RoleName": "<IAM Role Name>",
        "Expiration": <Unix Epoch Seconds>,
        "Expires": "<how long until expires string>"
    },
    <more entries...>
]

GET /slot/<profile>

Fetch credentials of the named profile.

{
    "AccessKeyId": "ASI....",
    "SecretAccessKeyId": "<secret access key id value>",
    "Token": "<temprorary security token>",
    "Expiration": "<date in RFC3339 / ISO8601 format>",
    "RoleArn": "<ARN of the role>",
}

PUT /slot/<profile>

Upload credentials of the named profile.

Request:

{
    "ProfileName": "<aws-sso profile name",
    "Creds": {
        "accountId": "<AWS AccountID of the role>",
        "roleName": "<Name of the role>",
        "accessKeyId": "ASI....",
        "secretAccessKey": "<secret access key id value>",
        "sessionToken": "<temprorary security token>",
        "expiration": "expiration Epoch in milliseconds"
    }
}

Reply:

{
    "code": "<HTTP error code>",
    "message": "<message>"
}

DELETE /slot/<profile>

Delete credentials of the named profile.

{
    "code": "<HTTP error code>",
    "message": "<message>"
}

DELETE /slot

Delete all named credentials.

{
    "code": "<HTTP error code>",
    "message": "<message>"
}