Prepare an IAM-role-based ECR integration

curl --request POST \
  --url https://api-eu.cybedefend.com/integrations/ecr/container-registry/organization/{organizationId}/credentials/prepare-iam-role \
  --header 'Content-Type: application/json' \
  --data '
{
  "awsRegion": "us-east-1",
  "projectId": "097bbbf4-d1eb-4512-9950-684445279808"
}
'

{
  "externalId": "<string>",
  "trustedPrincipalArn": "<string>",
  "trustPolicyJson": "<string>",
  "permissionPolicyJson": "<string>"
}

POST

integrations

ecr

container-registry

organization

{organizationId}

credentials

prepare-iam-role

Prepare an IAM-role-based ECR integration

curl --request POST \
  --url https://api-eu.cybedefend.com/integrations/ecr/container-registry/organization/{organizationId}/credentials/prepare-iam-role \
  --header 'Content-Type: application/json' \
  --data '
{
  "awsRegion": "us-east-1",
  "projectId": "097bbbf4-d1eb-4512-9950-684445279808"
}
'

{
  "externalId": "<string>",
  "trustedPrincipalArn": "<string>",
  "trustPolicyJson": "<string>",
  "permissionPolicyJson": "<string>"
}

Path Parameters

organizationId

string<uuid>

required

CybeDefend organization ID

Example:

"550e8400-e29b-41d4-a716-446655440000"

Body

application/json

Project + region the IAM-role integration targets

awsRegion

string

required

AWS Region of the target ECR registry

Example:

"us-east-1"

projectId

string

CybeDefend project ID this integration will belong to

Example:

"097bbbf4-d1eb-4512-9950-684445279808"

Response

Setup instructions generated

externalId

string

required

Unique external ID to enforce in the role trust policy

trustedPrincipalArn

string

required

CybeDefend AWS principal the role must trust

trustPolicyJson

string

required

Ready-to-paste role trust policy (JSON)

permissionPolicyJson

string

required

Ready-to-paste ECR pull permission policy (JSON)

List organization ECR credentials List ECR credentials