AWS Integrations

Threat Stack integrates with both Amazon Web Service (AWS) Elastic Compute Cloud (EC2) and CloudTrail functionality.

Get All AWS Integrations

Overview

This method enables you to list all of the AWS integrations tied to your Threat Stack organization.

Sample Queries

https://api.threatstack.com/v2/integrations/aws
Responses
200
400

Bad parameters

401
403

The user is not allowed to perform this action.

429

Rate limit hit.

500

An internal error has occurred.

get/integrations/aws
Response samples
application/json
[
  • {
    }
]

Create AWS Integration

Overview

This method enables you to create a new AWS Integration for your organization.

Sample Queries

Add a new AWS Integration to your organization:

https://api.threatstack.com/v2/integrations/aws
Request
Request Body schema: application/json
arn
required
string

A validly formatted AWS ARN value

description
string
Responses
200

Created

400

Bad Request

429

Rate limit hit.

500

An internal error has occurred.

post/integrations/aws
Request samples
application/json
{
  • "arn": "string",
  • "description": "string"
}
Response samples
application/json
{
  • "id": "string",
  • "active": true,
  • "arn": "string",
  • "createdBy": "string",
  • "description": "string",
  • "errors": [
    ],
  • "externalId": "string",
  • "ec2": {
    },
  • "cloudTrail": {
    },
  • "sessionName": "string",
  • "updatedAt": "2019-08-24T14:15:22Z"
}

Get a specific AWS Integration

Overview

This method enables you to get a specific AWS integration.

Sample Queries

https://api.threatstack.com/v2/integrations/aws/5e94b8cdc79248506ddc5daa

Error Handling Tips

The 404 error code means that the AWS integration doesn't exist.

Request
path Parameters
id
required
string

The unique identifier of the AWS integration to retrieve.

Responses
200

OK

400

Bad parameters

401
403

The user is not allowed to perform this action.

404

The Resource was not found.

get/integrations/aws/{id}
Response samples
application/json
{
  • "id": "string",
  • "active": true,
  • "arn": "string",
  • "createdBy": "string",
  • "description": "string",
  • "errors": [
    ],
  • "externalId": "string",
  • "ec2": {
    },
  • "cloudTrail": {
    },
  • "sessionName": "string",
  • "updatedAt": "2019-08-24T14:15:22Z"
}

Update AWS Integration

Overview

This method enables you to update an AWS Integration for your organization.

Sample Queries

Add an AWS Integration to your organization:

https://api.threatstack.com/v2/integrations/aws/{id}
Request
path Parameters
id
required
string

The unique identifier of the AWS integration to retrieve.

Request Body schema: application/json
description
string
Responses
200

Ok

400

Bad Request

429

Rate limit hit.

500

An internal error has occurred.

patch/integrations/aws/{id}
Request samples
application/json
{
  • "description": "string"
}
Response samples
application/json
{
  • "id": "string",
  • "active": true,
  • "arn": "string",
  • "createdBy": "string",
  • "description": "string",
  • "errors": [
    ],
  • "externalId": "string",
  • "ec2": {
    },
  • "cloudTrail": {
    },
  • "sessionName": "string",
  • "updatedAt": "2019-08-24T14:15:22Z"
}

Delete AWS Integration

Overview

This method enables you to delete an AWS integration.

Sample Queries

https://api.threatstack.com/v2/integrations/aws/5e94b8cdc79248506ddc5daa

Error Handling Tips

The 404 error code means the AWS integration doesn't exist.

Request
path Parameters
id
required
string

The unique identifier of the AWS integration to retrieve.

Responses
204

No Content

400

Bad parameters

401
403

The user is not allowed to perform this action.

404

The Resource was not found.

delete/integrations/aws/{id}
Response samples
application/json
{
  • "message": "string"
}

Get AWS Integration EC2 Correlation

Overview

This method enables you to get the EC2 Correlation configuration, if it exists, for a specific AWS integration.

Sample Queries

https://api.threatstack.com/v2/integrations/aws/5e94b8cdc79248506ddc5daa/ec2

Error Handling Tips

The 404 error code means that either the AWS integration or the EC2 Correlation doesn't exist.

Request
path Parameters
id
required
string

The unique identifier of the AWS integration to retrieve.

Responses
200

OK

400

Bad parameters

401
403

The user is not allowed to perform this action.

404

The Resource was not found.

get/integrations/aws/{id}/ec2
Response samples
application/json
{
  • "regions": [
    ]
}

Replace AWS Integration EC2 Correlation

Overview

This method enables you to set/replace the EC2 Correlation configuration for a specific AWS integration.

Sample Queries

https://api.threatstack.com/v2/integrations/aws/5e94b8cdc79248506ddc5daa/ec2

Error Handling Tips

The 404 error code means that the AWS integration doesn't exist.

Request
path Parameters
id
required
string

The unique identifier of the AWS integration to retrieve.

Request Body schema: application/json
regions
required
Array of strings
Items Enum: "af-south-1" "ap-east-1" "ap-northeast-1" "ap-northeast-2" "ap-northeast-3" "ap-south-1" "ap-southeast-1" "ap-southeast-2" "ca-central-1" "eu-central-1" "eu-north-1" "eu-south-1" "eu-west-1" "eu-west-2" "eu-west-3" "me-south-1" "sa-east-1" "us-east-1" "us-east-2" "us-west-1" "us-west-2"
Responses
204

No Content

400

Bad parameters

401
403

The user is not allowed to perform this action.

404

The Resource was not found.

put/integrations/aws/{id}/ec2
Request samples
application/json
{
  • "regions": [
    ]
}
Response samples
application/json
{
  • "message": "string"
}

Delete AWS Integration EC2 Correlation

Overview

This method enables you to delete the EC2 Correlation configuration for a specific AWS integration.

Sample Queries

https://api.threatstack.com/v2/integrations/aws/5e94b8cdc79248506ddc5daa/ec2

Error Handling Tips

The 404 error code means that either the AWS integration or the EC2 Correlation doesn't exist.

Request
path Parameters
id
required
string

The unique identifier of the AWS integration to retrieve.

Responses
204

No Content

400

Bad parameters

401
403

The user is not allowed to perform this action.

404

The Resource was not found.

delete/integrations/aws/{id}/ec2
Response samples
application/json
{
  • "message": "string"
}

Get AWS Integration CloudTrail Aggregation

Overview

This method enables you to get the CloudTrail Aggregation configuration, if it exists, for a specific AWS integration.

Sample Queries

https://api.threatstack.com/v2/integrations/aws/5e94b8cdc79248506ddc5daa/cloudtrail

Error Handling Tips

The 404 error code means that either the AWS integration or the CloudTrail Aggregation doesn't exist.

Request
path Parameters
id
required
string

The unique identifier of the AWS integration to retrieve.

Responses
200

OK

400

Bad parameters

401
403

The user is not allowed to perform this action.

404

The Resource was not found.

get/integrations/aws/{id}/cloudtrail
Response samples
application/json
{
  • "source": "string",
  • "region": "af-south-1",
  • "s3Bucket": "string"
}

Replace AWS Integration CloudTrail Aggregation

Overview

This method enables you to set/replace the CloudTrail Aggregation configuration for a specific AWS integration.

Sample Queries

https://api.threatstack.com/v2/integrations/aws/5e94b8cdc79248506ddc5daa/cloudtrail

Error Handling Tips

The 404 error code means that either the AWS integration or the CloudTrail Aggregation doesn't exist.

Request
path Parameters
id
required
string

The unique identifier of the AWS integration to retrieve.

Request Body schema: application/json
source
required
string

Log source, such as an SQS name

region
required
string

Region name

Enum: "af-south-1" "ap-east-1" "ap-northeast-1" "ap-northeast-2" "ap-northeast-3" "ap-south-1" "ap-southeast-1" "ap-southeast-2" "ca-central-1" "eu-central-1" "eu-north-1" "eu-south-1" "eu-west-1" "eu-west-2" "eu-west-3" "me-south-1" "sa-east-1" "us-east-1" "us-east-2" "us-west-1" "us-west-2"
s3Bucket
string

S3 bucket associated with this aggregation

Responses
204

No Content

400

Bad parameters

401
403

The user is not allowed to perform this action.

404

The Resource was not found.

put/integrations/aws/{id}/cloudtrail
Request samples
application/json
{
  • "source": "string",
  • "region": "af-south-1",
  • "s3Bucket": "string"
}
Response samples
application/json
{
  • "message": "string"
}

Delete AWS Integration CloudTrail Aggregation

Overview

This method enables you to delete the CloudTrail Aggregation configuration for a specific AWS integration.

Sample Queries

https://api.threatstack.com/v2/integrations/aws/5e94b8cdc79248506ddc5daa/cloudtrail

Error Handling Tips

The 404 error code means that either the AWS integration or the CloudTrail Aggregation doesn't exist.

Request
path Parameters
id
required
string

The unique identifier of the AWS integration to retrieve.

Responses
204

No Content

400

Bad parameters

401
403

The user is not allowed to perform this action.

404

The Resource was not found.

delete/integrations/aws/{id}/cloudtrail
Response samples
application/json
{
  • "message": "string"
}