Canary API Docs

# AWS S3 Bucket Canarytoken ARN ignore list

An AWS S3 Bucket Canarytoken monitors an S3 bucket of your choosing and generates an alert when that bucket is accessed.

The Amazon Resource Names (ARNs) of AWS resources that legitimately need access to the bucket can be added to the ARN ignore list of the Canarytoken, preventing alerts from being generated when they access the bucket.

AWS S3 Bucket ARN Ignore

Endpoints
POST /api/v1/canarytokens/s3bucket/ignorelist/disable
POST /api/v1/canarytokens/s3bucket/ignorelist/enable
GET /api/v1/canarytokens/s3bucket/ignorelist/fetch
POST /api/v1/canarytokens/s3bucket/ignorelist/save

# Disable the ARN ignore list for a specific AWS S3 Bucket Canarytoken

POST /api/v1/canarytokens/s3bucket/ignorelist/disable

Disable the ARN ignore list for a specific AWS S3 Bucket Canarytoken.

Required Parameters

auth_token string
A valid auth token
flock_id string
A valid flock_id
canarytoken string
A valid AWS S3 Bucket Canarytoken

Response

A JSON structure with result indicator.

Example

    Response
    {
  "result": "success"
}
    1
    2
    3

    # Enable the ARN ignore list for a specific AWS S3 Bucket Canarytoken

    POST /api/v1/canarytokens/s3bucket/ignorelist/enable

    Enable the ARN ignore list for a specific AWS S3 Bucket Canarytoken.

    Required Parameters

    auth_token string
    A valid auth token
    flock_id string
    A valid flock_id
    canarytoken string
    A valid AWS S3 Bucket Canarytoken

    Response

    A JSON structure with result indicator.

    Example

      Response
      {
  "result": "success"
}
      1
      2
      3

      # Fetch an AWS S3 Bucket Canarytoken ARN Ignore List

      GET /api/v1/canarytokens/s3bucket/ignorelist/fetch

      Fetch the ARN ignore list for a specific AWS S3 Bucket Canarytoken.

      Required Parameters

      auth_token string
      A valid auth token
      flock_id string
      A valid flock_id
      canarytoken string
      A valid AWS S3 Bucket Canarytoken

      Response

      A JSON structure containing the ARN ignore list for the specified AWS S3 Bucket Canarytoken.

      Example

        Response
        {
  "ignore_lists": {
    "enabled": "true",
    "ignores": "arn:aws:sts:us-east-1:*:role/*"
  },
  "result": "success"
}
        1
        2
        3
        4
        5
        6
        7

        # Save an AWS S3 Bucket Canarytoken ARN Ignore List

        POST /api/v1/canarytokens/s3bucket/ignorelist/save

        Save a new ARN ignore list for a specific AWS S3 Bucket Canarytoken.

        Required Parameters

        auth_token string
        A valid auth token
        flock_id string
        A valid flock_id
        canarytoken string
        A valid AWS S3 Bucket Canarytoken

        Optional Parameters

        ignores string
        A space separated list of ARNs or ARN patterns.

        WARNING

        Sending through a save without ignores, will assume you want to blank previously set values.

        Response

        A JSON structure with result indicator.

        Example

          Response
          {
  "result": "success"
}
          1
          2
          3

          Factory