Create profile

Prev Next

Available in Classic and VPC

Create a profile. By mapping the role to which the external access service is applied to the profile, you can control the permissions so that the external workload targets whose identities have been verified can access the resources of the NAVER Cloud Platform.

Request

This section describes the request format. The method and URI are as follows:

Method URI
POST /api/v1/profiles

Request headers

For information about the headers common to all Sub Account APIs, see Sub Account request headers.

Request body

You can include the following data in the body of your request:

Field Type Required Description
name String Required Profile name
  • 3-30 characters using Korean, English uppercase and lowercase letters, Japanese, and special characters . _ -
  • First letter must be Korean, English uppercase and lowercase letter, or Japanese
description String Optional Description of the profile (byte)
  • 0-300
durationSeconds Integer Optional Session expiration time
  • Temporary credential duration (second)
  • 600-43,200 (default: 3600)
enabled Boolean Optional Status
  • true | false (default)
    • true: enabled
    • false: disabled
roleIdList Array Optional Role ID list
  • See Get role list
  • If null or[] is entered, it is created without a connected role
  • Used for temporary credentials
  • Only service roles with external access assigned can be used
  • Roles mapped to other profiles cannot be entered

Request example

The request example is as follows:

curl --location --request POST 'https://externalaccess.apigw.ntruss.com/api/v1/profiles' \
--header 'x-ncp-apigw-timestamp: {Timestamp}' \
--header 'x-ncp-iam-access-key: {Access Key}' \
--header 'x-ncp-apigw-signature-v2: {API Gateway Signature}' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '{
    "name": "profile000",
    "description": "profile",
    "durationSeconds": 600,
    "enabled": true,
    "roleIdList": []
}'

Response

This section describes the response format.

Response body

The response body includes the following data:

Field Type Required Description
profileId String - Profile ID
profileNrn String - NAVER Cloud Platform resource identification value for profile
name String - Profile name
description String - Profile description
enabled Boolean - Status
  • true | false
    • true: enabled
    • false: disabled
durationSeconds Integer - Session expiration time
  • Temporary credential duration (second)
roleNrnList Array - List of roles mapped to profile
createTime String - Creation date and time
  • ISO 8601 format
updateTime String - Last modification date and time
  • ISO 8601 format

Response status codes

For information about the HTTP status codes common to all Sub Account APIs, see Sub Account status codes.

Response example

The response example is as follows:

{
    "profileId": "76da1a8c-****-****-****-cf13dfc49aa6",
    "profileNrn": "nrn:PUB:ExternalAccess::*******:Profile/76da1a8c-****-****-****-cf13dfc49aa6",
    "name": "profile000",
    "description": "profile",
    "enabled": true,
    "durationSeconds": 600,
    "roleNrnList": [],
    "createTime": "2024-12-13T14:24:45.128386464+09:00",
    "updateTime": "2024-12-13T14:24:45.128386464+09:00"
}