Cloud Account Management

Panther API cloud account management operations
The Panther API supports the following cloud account operations:
Listing your cloud account integrations
Fetching the details of a particular cloud account integration
Creating a new cloud account integration
Updating an existing cloud account integration
Deleting a cloud account integration
You can invoke Panther's API by using your Console's API Playground, or the GraphQL-over-HTTP API. Learn more about these methods on Panther API.
See Cloud Security Scanning to learn more about how to monitor cloud resource configurations with Panther.
Common cloud account operations
Below are some of the most common GraphQL cloud account operations in Panther. These examples demonstrate the documents you have to send using a GraphQL client (or curl) to make a call to Panther's GraphQL API. 
Listing cloud accounts
query cloudAccounts {
  cloudAccounts {
    edges {
      node {
        awsAccountId
        awsRegionIgnoreList
        awsScanConfig {
          auditRole
        }
        awsStackName
        createdAt
        createdBy {
          ... on User {
            id
          }
          ... on APIToken {
            id
          }
        }
        id
        isEditable
        isRealtimeScanningEnabled
        label
        lastModifiedAt
        resourceRegexIgnoreList
        resourceTypeIgnoreList
      }
    }
  }
}
​
Retrieving a cloud account
query cloudAccount {
  cloudAccount(id:"CLOUD_ACCOUNT_ID") {
    awsAccountId
    awsRegionIgnoreList
    awsScanConfig {
      auditRole
    }
    awsStackName
    createdAt
    createdBy {
      ... on User {
        id
      }
      ... on APIToken {
        id
      }
    }
    id
    isEditable
    isRealtimeScanningEnabled
    label
    lastModifiedAt
    resourceRegexIgnoreList
    resourceTypeIgnoreList
  }
}
​
Creating a cloud account
Panther's Cloud Security Scanning is automatically enabled when you onboard a cloud account using CreateCloudAccount. Note, however, that you'll still need to create an IAM role for Panther in your AWS account.
mutation CreateCloudAccount {
  createCloudAccount(input: {
    awsAccountId: "AWS_ACCOUNT_ID"
    awsScanConfig: {
      auditRole: "AUDIT_ROLE"
    }
    label: "new cloud account source"
  }) {
    cloudAccount {
      id
    }
  }
}
​
Updating a cloud account
mutation UpdateCloudAccount {
  updateCloudAccount(
    input: {
      awsRegionIgnoreList: [
        "us-west-1"
      ]
      awsScanConfig: {
        auditRole: "ROLE_ARN"
      }
      id:"CLOUD_ACCOUNT_INTEGRATION_ID"
      label: "some updated label"
      resourceRegexIgnoreList: ["*west-1*"]
      resourceTypeIgnoreList: ["AWS.KMS.Key"]
  }) {
    cloudAccount {
      id
    }
  }
}
​
Deleting a cloud account
mutation DeleteCloudAccount {
  deleteCloudAccount(input: {id: "CLOUD_ACCOUNT_ID"}) {
    id
  }
}
​
Alerts & Errors
Data Lake Queries
Last modified 10d ago