This API creates or defines a cloud service account.

Use create_cloudTitle to create or define a cloud database service account from the command line or by using a REST API. For more information, see Cloud database service protection.

This API is available in Guardium V11.0 and later.

REST API syntax

This API is available as a REST service with the POST method. Call this API as follows:
POST https://[Guardium hostname or IP address]:8443/restAPI/cloud_datasource

GuardAPI syntax

create_cloudTitle parameter=value


Parameter Value type Description
access_key_id String The access key ID supplied by your cloud service provider.
audit_type String Valid values:
  • dataStream
  • native
Defines the audit type:
  • To use data streams, specify dataStream.
  • To use native audit, specify native.
auth_type String Required for Amazon only. Valid values:
  • Security-Credentials
  • IAM-Role
  • IAM-Instance-Profile
classification_process String For native audit only, optionally specify a classification process.
name String Required. An account name that is unique to your site.
object_limit Integer For native audit only, specify the maximum number of objects that are found in the classification process that are added automatically to the list of audited objects.
provider String Valid values:
  • Amazon
  • Azure
role_arn String For Amazon only, the Amazon resource name (ARN) for this role.
secret_access_key String The secret access key ID supplied by your cloud service provider.
api_target_host String

Specifies the target hosts where the API executes. Valid values:
  • all_managed: execute on all managed units but not the central manager
  • all: execute on all managed units and the central manager
  • group:<group name>: execute on all managed units identified by <group name>
  • host name or IP address of a managed unit: specified from the central manager to execute on a managed unit.  For example, api_target_host=
  • host name or IP address of the central manager: specified from a managed unit to execute on the central manager. For example, api_target_host=

IP addresses must conform to the IP mode of your network. For dual IP mode, use the same IP protocol with which the managed unit is registered with the central manager. For example, if the registration uses IPv6, specify an IPv6 address. The hostname is independent of IP mode and can be used with any mode.