View a markdown version of this page

UpdateApiKeyCredentialProvider - Amazon Bedrock AgentCore Control Plane
Request SyntaxURI Request ParametersRequest BodyResponse SyntaxResponse ElementsErrorsSee Also

UpdateApiKeyCredentialProvider

Updates an existing API key credential provider.

Request Syntax

POST /identities/UpdateApiKeyCredentialProvider HTTP/1.1
Content-type: application/json

{
   "apiKey": "string",
   "apiKeySecretConfig": { 
      "jsonKey": "string",
      "secretId": "string"
   },
   "apiKeySecretSource": "string",
   "name": "string"
}

URI Request Parameters

The request does not use any URI parameters.

Request Body

The request accepts the following data in JSON format.

apiKey

The new API key to use for authentication. This value replaces the existing API key and is encrypted and stored securely.

Type: String

Length Constraints: Minimum length of 0. Maximum length of 65536.

Required: No

apiKeySecretConfig

A reference to the AWS Secrets Manager secret that stores the API key. This includes the secret ID and the JSON key used to extract the API key value from the secret. Required when apiKeySecretSource is set to EXTERNAL.

Type: SecretReference object

Required: No

apiKeySecretSource

The source type of the API key secret. Use MANAGED if the secret is managed by the service, or EXTERNAL if you manage the secret yourself in AWS Secrets Manager.

Type: String

Valid Values: MANAGED | EXTERNAL

Required: No

name

The name of the API key credential provider to update.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Pattern: [a-zA-Z0-9\-_]+

Required: Yes

Response Syntax

HTTP/1.1 200
Content-type: application/json

{
   "apiKeySecretArn": { 
      "secretArn": "string"
   },
   "apiKeySecretJsonKey": "string",
   "apiKeySecretSource": "string",
   "createdTime": number,
   "credentialProviderArn": "string",
   "lastUpdatedTime": number,
   "name": "string"
}

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

apiKeySecretArn

The Amazon Resource Name (ARN) of the API key secret in AWS Secrets Manager.

Type: Secret object

apiKeySecretJsonKey

The JSON key used to extract the API key value from the AWS Secrets Manager secret.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

apiKeySecretSource

The source type of the API key secret. Either MANAGED if the secret is managed by the service, or EXTERNAL if managed by the user in AWS Secrets Manager.

Type: String

Valid Values: MANAGED | EXTERNAL

createdTime

The timestamp when the API key credential provider was created.

Type: Timestamp

credentialProviderArn

The Amazon Resource Name (ARN) of the API key credential provider.

Type: String

Pattern: arn:(aws|aws-us-gov):acps:[A-Za-z0-9-]{1,64}:[0-9]{12}:token-vault/[a-zA-Z0-9-.]+/apikeycredentialprovider/[a-zA-Z0-9-.]+

lastUpdatedTime

The timestamp when the API key credential provider was last updated.

Type: Timestamp

name

The name of the API key credential provider.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Pattern: [a-zA-Z0-9\-_]+

Errors

For information about the errors that are common to all actions, see Common Error Types.

AccessDeniedException

This exception is thrown when a request is denied per access permissions

HTTP Status Code: 403

ConflictException

This exception is thrown when there is a conflict performing an operation

HTTP Status Code: 409

DecryptionFailure

Exception thrown when decryption of a secret fails.

HTTP Status Code: 400

EncryptionFailure

Exception thrown when encryption of a secret fails.

HTTP Status Code: 400

InternalServerException

This exception is thrown if there was an unexpected error during processing of request

HTTP Status Code: 500

ResourceNotFoundException

This exception is thrown when a resource referenced by the operation does not exist

HTTP Status Code: 404

ServiceQuotaExceededException

This exception is thrown when a request is made beyond the service quota

HTTP Status Code: 402

ThrottlingException

This exception is thrown when the number of requests exceeds the limit

HTTP Status Code: 429

UnauthorizedException

This exception is thrown when the JWT bearer token is invalid or not found for OAuth bearer token based access

HTTP Status Code: 401

ValidationException

The input fails to satisfy the constraints specified by the service.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: