Cloud Account Management
Panther API cloud account management operations
The Panther API supports the following cloud account operations:
- Listing your cloud account integrations
- Fetching the details of a particular cloud account integration
- Creating a new cloud account integration
- Updating an existing cloud account integration
- Deleting a cloud account integration
You can invoke Panther's API by using your Console's API Playground, or the GraphQL-over-HTTP API. Learn more about these methods on Panther API.
See Cloud Security Scanning to learn more about how to monitor cloud resource configurations with Panther.
Below are some of the most common GraphQL cloud account operations in Panther. These examples demonstrate the documents you have to send using a GraphQL client (or
curl
) to make a call to Panther's GraphQL API. query cloudAccounts {
cloudAccounts {
edges {
node {
awsAccountId
awsRegionIgnoreList
awsScanConfig {
auditRole
}
awsStackName
createdAt
createdBy {
... on User {
id
}
... on APIToken {
id
}
}
id
isEditable
isRealtimeScanningEnabled
label
lastModifiedAt
resourceRegexIgnoreList
resourceTypeIgnoreList
}
}
}
}
query cloudAccount {
cloudAccount(id:"CLOUD_ACCOUNT_ID") {
awsAccountId
awsRegionIgnoreList
awsScanConfig {
auditRole
}
awsStackName
createdAt
createdBy {
... on User {
id
}
... on APIToken {
id
}
}
id
isEditable
isRealtimeScanningEnabled
label
lastModifiedAt
resourceRegexIgnoreList
resourceTypeIgnoreList
}
}
Panther's Cloud Security Scanning is automatically enabled when you onboard a cloud account using
CreateCloudAccount
. Note, however, that you'll still need to create an IAM role for Panther in your AWS account.mutation CreateCloudAccount {
createCloudAccount(input: {
awsAccountId: "AWS_ACCOUNT_ID"
awsScanConfig: {
auditRole: "AUDIT_ROLE"
}
label: "new cloud account source"
}) {
cloudAccount {
id
}
}
}
mutation UpdateCloudAccount {
updateCloudAccount(
input: {
awsRegionIgnoreList: [
"us-west-1"
]
awsScanConfig: {
auditRole: "ROLE_ARN"
}
id:"CLOUD_ACCOUNT_INTEGRATION_ID"
label: "some updated label"
resourceRegexIgnoreList: ["*west-1*"]
resourceTypeIgnoreList: ["AWS.KMS.Key"]
}) {
cloudAccount {
id
}
}
}
mutation DeleteCloudAccount {
deleteCloudAccount(input: {id: "CLOUD_ACCOUNT_ID"}) {
id
}
}
Last modified 3mo ago