AWS Integrations

AIP integrates with both Amazon Web Service (AWS) Elastic Compute Cloud (EC2) and CloudTrail functionality.

Get All AWS Integrations

Overview

This method enables you to list all of the AWS integrations tied to your AIP organization.

Sample Query

https://api.threatstack.com/v2/integrations/aws
Responses
200

OK

400

Bad parameters

401

Unauthorized response

403

The user is not allowed to perform this action

404

The resource was not found

500

An internal error has occurred

get/integrations/aws
Response samples
application/json
[
  • {
    }
]

Create AWS Integration

Overview

This method enables you to create a new AWS integration for your organization.

Sample Query

Add a new AWS integration to your organization:

https://api.threatstack.com/v2/integrations/aws
Request
Request Body schema: application/json
arn
required
string

A validly formatted AWS ARN value

description
string
Responses
201

Created

400

Bad Request

409

Resource already exists

429

Rate limit hit

500

An internal error has occurred

post/integrations/aws
Request samples
application/json
{
  • "arn": "string",
  • "description": "string"
}
Response samples
application/json
{
  • "id": "string",
  • "active": true,
  • "arn": "string",
  • "createdBy": "string",
  • "description": "string",
  • "errors": [
    ],
  • "externalId": "string",
  • "ec2": {
    },
  • "cloudTrail": {
    },
  • "sessionName": "string",
  • "updatedAt": "2019-08-24T14:15:22Z"
}

Get a specific AWS Integration

Overview

This method enables you to get a specific AWS integration.

Sample Query

https://api.threatstack.com/v2/integrations/aws/5e94b8cdc79248506ddc5daa

Error Handling Tips

The 404 error code means that the AWS integration does not exist.

Request
path Parameters
id
required
string

The unique identifier of the AWS integration to retrieve

Responses
200

OK

400

Bad parameters

401

Unauthorized response

403

The user is not allowed to perform this action

404

The resource was not found

get/integrations/aws/{id}
Response samples
application/json
{
  • "id": "string",
  • "active": true,
  • "arn": "string",
  • "createdBy": "string",
  • "description": "string",
  • "errors": [
    ],
  • "externalId": "string",
  • "ec2": {
    },
  • "cloudTrail": {
    },
  • "sessionName": "string",
  • "updatedAt": "2019-08-24T14:15:22Z"
}

Update AWS Integration

Overview

This method enables you to update an AWS integration for your organization.

Sample Query

https://api.threatstack.com/v2/integrations/aws/{id}
Request
path Parameters
id
required
string

The unique identifier of the AWS integration to retrieve

Request Body schema: application/json
description
string
Responses
200

OK

400

Bad Request

429

Rate limit hit

500

An internal error has occurred

patch/integrations/aws/{id}
Request samples
application/json
{
  • "description": "string"
}
Response samples
application/json
{
  • "id": "string",
  • "active": true,
  • "arn": "string",
  • "createdBy": "string",
  • "description": "string",
  • "errors": [
    ],
  • "externalId": "string",
  • "ec2": {
    },
  • "cloudTrail": {
    },
  • "sessionName": "string",
  • "updatedAt": "2019-08-24T14:15:22Z"
}

Delete AWS Integration

Overview

This method enables you to delete an AWS integration.

Sample Queries

https://api.threatstack.com/v2/integrations/aws/5e94b8cdc79248506ddc5daa

Error Handling Tips

The 404 error code means the AWS integration does not exist.

Request
path Parameters
id
required
string

The unique identifier of the AWS integration to retrieve

Responses
204

No content

400

Bad parameters

401

Unauthorized response

403

The user is not allowed to perform this action

404

The resource was not found

delete/integrations/aws/{id}
Response samples
application/json
{
  • "message": "string"
}

Get AWS Integration EC2 Correlation

Overview

This method enables you to get the EC2 Correlation configuration, if it exists, for a specific AWS integration.

Sample Queries

https://api.threatstack.com/v2/integrations/aws/5e94b8cdc79248506ddc5daa/ec2

Error Handling Tips

The 404 error code means that either the AWS integration or the EC2 Correlation does not exist.

Request
path Parameters
id
required
string

The unique identifier of the AWS integration to retrieve

Responses
200

OK

400

Bad parameters

401

Unauthorized response

403

The user is not allowed to perform this action

404

The resource was not found

get/integrations/aws/{id}/ec2
Response samples
application/json
{
  • "regions": [
    ]
}

Replace AWS Integration EC2 Correlation

Overview

This method enables you to set or replace the EC2 Correlation configuration for a specific AWS integration.

Sample Queries

https://api.threatstack.com/v2/integrations/aws/5e94b8cdc79248506ddc5daa/ec2

Error Handling Tips

The 404 error code means that the AWS integration does not exist.

Request
path Parameters
id
required
string

The unique identifier of the AWS integration to retrieve

Request Body schema: application/json
regions
required
Array of strings
Items Enum: "af-south-1" "ap-east-1" "ap-northeast-1" "ap-northeast-2" "ap-northeast-3" "ap-south-1" "ap-southeast-1" "ap-southeast-2" "ca-central-1" "eu-central-1" "eu-north-1" "eu-south-1" "eu-west-1" "eu-west-2" "eu-west-3" "me-south-1" "sa-east-1" "us-east-1" "us-east-2" "us-west-1" "us-west-2"
Responses
204

No content

400

Bad parameters

401

Unauthorized response

403

The user is not allowed to perform this action

404

The resource was not found

put/integrations/aws/{id}/ec2
Request samples
application/json
{
  • "regions": [
    ]
}
Response samples
application/json
{
  • "message": "string"
}

Delete AWS Integration EC2 Correlation

Overview

This method enables you to delete the EC2 Correlation configuration for a specific AWS integration.

Sample Queries

https://api.threatstack.com/v2/integrations/aws/5e94b8cdc79248506ddc5daa/ec2

Error Handling Tips

The 404 error code means that either the AWS integration or the EC2 Correlation does not exist.

Request
path Parameters
id
required
string

The unique identifier of the AWS integration to retrieve

Responses
204

No content

400

Bad parameters

401

Unauthorized response

403

The user is not allowed to perform this action

404

The resource was not found

delete/integrations/aws/{id}/ec2
Response samples
application/json
{
  • "message": "string"
}

Get AWS Integration CloudTrail Aggregation

Overview

This method enables you to get the CloudTrail Aggregation configuration, if it exists, for a specific AWS integration.

Sample Queries

https://api.threatstack.com/v2/integrations/aws/5e94b8cdc79248506ddc5daa/cloudtrail

Error Handling Tips

The 404 error code means that either the AWS integration or the CloudTrail Aggregation does not exist.

Request
path Parameters
id
required
string

The unique identifier of the AWS integration to retrieve

Responses
200

OK

400

Bad parameters

401

Unauthorized response

403

The user is not allowed to perform this action

404

The resource was not found

get/integrations/aws/{id}/cloudtrail
Response samples
application/json
{
  • "source": "string",
  • "region": "af-south-1",
  • "s3Bucket": "string"
}

Replace AWS Integration CloudTrail Aggregation

Overview

This method enables you to set/replace the CloudTrail Aggregation configuration for a specific AWS integration.

Sample Queries

https://api.threatstack.com/v2/integrations/aws/5e94b8cdc79248506ddc5daa/cloudtrail

Error Handling Tips

The 404 error code means that either the AWS integration or the CloudTrail Aggregation does not exist.

Request
path Parameters
id
required
string

The unique identifier of the AWS integration to retrieve

Request Body schema: application/json
source
required
string

Log source, such as an SQS name

region
required
string

Region name

Enum: "af-south-1" "ap-east-1" "ap-northeast-1" "ap-northeast-2" "ap-northeast-3" "ap-south-1" "ap-southeast-1" "ap-southeast-2" "ca-central-1" "eu-central-1" "eu-north-1" "eu-south-1" "eu-west-1" "eu-west-2" "eu-west-3" "me-south-1" "sa-east-1" "us-east-1" "us-east-2" "us-west-1" "us-west-2"
s3Bucket
string

S3 bucket associated with this aggregation

Responses
204

No content

400

Bad parameters

401

Unauthorized response

403

The user is not allowed to perform this action

404

The resource was not found

put/integrations/aws/{id}/cloudtrail
Request samples
application/json
{
  • "source": "string",
  • "region": "af-south-1",
  • "s3Bucket": "string"
}
Response samples
application/json
{
  • "message": "string"
}

Delete AWS Integration CloudTrail Aggregation

Overview

This method enables you to delete the CloudTrail Aggregation configuration for a specific AWS integration.

Sample Queries

https://api.threatstack.com/v2/integrations/aws/5e94b8cdc79248506ddc5daa/cloudtrail

Error Handling Tips

The 404 error code means that either the AWS integration or the CloudTrail Aggregation does not exist.

Request
path Parameters
id
required
string

The unique identifier of the AWS integration to retrieve

Responses
204

No content

400

Bad parameters

401

Unauthorized response

403

The user is not allowed to perform this action

404

The resource was not found

delete/integrations/aws/{id}/cloudtrail
Response samples
application/json
{
  • "message": "string"
}