Update - Infisical

Overview

Endpoints

Identities
Token Auth
Universal Auth
GCP Auth
AWS Auth
- POST
  Login
- POST
  Attach
- GET
  Retrieve
- PATCH
  Update
- DEL
  Revoke
Azure Auth
Kubernetes Auth
OIDC Auth
JWT Auth
Groups
Organizations
Projects
Project Users
Project Groups
Project Identities
Project Roles
Project Templates
Environments
Folders
Secret Tags
Secrets
Dynamic Secrets
Secret Imports
Identity Specific Privilege
App Connections
Secret Syncs
Integrations
Service Tokens
Audit Logs

Infisical PKI

Certificate Authorities
Certificates
Certificate Templates
Certificate Collections
PKI Alerting

Infisical SSH

Certificates
Certificate Authorities
Certificate Templates

Infisical KMS

Keys

PATCH

api

auth

aws-auth

identities

{identityId}

curl --request PATCH \
  --url https://us.infisical.com/api/v1/auth/aws-auth/identities/{identityId} \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "stsEndpoint": "<string>",
  "allowedPrincipalArns": "",
  "allowedAccountIds": "",
  "accessTokenTrustedIps": [
    {
      "ipAddress": "<string>"
    }
  ],
  "accessTokenTTL": 157680000,
  "accessTokenNumUsesLimit": 1,
  "accessTokenMaxTTL": 157680000
}'

{
  "identityAwsAuth": {
    "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
    "accessTokenTTL": 7200,
    "accessTokenMaxTTL": 7200,
    "accessTokenNumUsesLimit": 0,
    "accessTokenTrustedIps": "<any>",
    "createdAt": "2023-11-07T05:31:56Z",
    "updatedAt": "2023-11-07T05:31:56Z",
    "identityId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
    "type": "<string>",
    "stsEndpoint": "<string>",
    "allowedPrincipalArns": "<string>",
    "allowedAccountIds": "<string>"
  }
}

Authorizations

Authorization

string

header

required

An access token in Infisical

Path Parameters

identityId

string

required

The ID of the identity to update the auth method for.

Body

application/json

stsEndpoint

string

The new endpoint URL for the AWS STS API.

Minimum length: 1

allowedPrincipalArns

string

default:

The new comma-separated list of trusted IAM principal ARNs that are allowed to authenticate with Infisical.

allowedAccountIds

string

default:

The new comma-separated list of trusted AWS account IDs that are allowed to authenticate with Infisical.

accessTokenTrustedIps

object[]

The new IPs or CIDR ranges that access tokens can be used from.

accessTokenTTL

integer

The new lifetime for an access token in seconds.

Required range: 0 <= x <= 315360000

accessTokenNumUsesLimit

integer

The new maximum number of times that an access token can be used.

Required range: x >= 0

accessTokenMaxTTL

integer

The new maximum lifetime for an access token in seconds.

Required range: 0 <= x <= 315360000

Response

200

application/json

Default Response

identityAwsAuth

object

required

Was this page helpful?

Suggest edits Raise issue

Retrieve Revoke

curl --request PATCH \
  --url https://us.infisical.com/api/v1/auth/aws-auth/identities/{identityId} \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "stsEndpoint": "<string>",
  "allowedPrincipalArns": "",
  "allowedAccountIds": "",
  "accessTokenTrustedIps": [
    {
      "ipAddress": "<string>"
    }
  ],
  "accessTokenTTL": 157680000,
  "accessTokenNumUsesLimit": 1,
  "accessTokenMaxTTL": 157680000
}'

{
  "identityAwsAuth": {
    "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
    "accessTokenTTL": 7200,
    "accessTokenMaxTTL": 7200,
    "accessTokenNumUsesLimit": 0,
    "accessTokenTrustedIps": "<any>",
    "createdAt": "2023-11-07T05:31:56Z",
    "updatedAt": "2023-11-07T05:31:56Z",
    "identityId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
    "type": "<string>",
    "stsEndpoint": "<string>",
    "allowedPrincipalArns": "<string>",
    "allowedAccountIds": "<string>"
  }
}