-
Notifications
You must be signed in to change notification settings - Fork 122
D4C Registration
API Function | Description |
---|---|
GetCSPMAzureAccount | Return information about Azure account registration |
CreateCSPMAzureAccount | Creates a new account in our system for a customer and generates a script for them to run in their cloud environment to grant us access. |
UpdateCSPMAzureAccountClientID | Update an Azure service account in our system by with the user-created client_id created with the public key we've provided |
GetCSPMAzureUserScriptsAttachment | Return a script for customer to run in their cloud environment to grant us access to their Azure environment as a downloadable attachment |
GetCSPMAzureUserScripts | Return a script for customer to run in their cloud environment to grant us access to their Azure environment |
GetCSPMCGPAccount | Returns information about the current status of an GCP account. |
CreateCSPMGCPAccount | Creates a new account in our system for a customer and generates a new service account for them to add access to in their GCP environment to grant us access. |
GetCSPMGCPUserScriptsAttachment | Return a script for customer to run in their cloud environment to grant us access to their GCP environment as a downloadable attachment |
GetCSPMGCPUserScripts | Return a script for customer to run in their cloud environment to grant us access to their GCP environment |
Return information about Azure account registration
- Consumes: application/json
- Produces: application/json
Required | Name | Type | Datatype | Description |
---|---|---|---|---|
ids | query | array (string) | SubscriptionIDs of accounts to select for this status operation. If this is empty then all accounts are returned. | |
scan-type | query | string | Type of scan, dry or full, to perform on selected accounts |
from falconpy import api_complete as FalconSDK
falcon = FalconSDK.APIHarness(creds={
'client_id': falcon_client_id,
'client_secret': falcon_client_secret
}
)
PARAMS = {
'scan-type': 'string'
}
IDS = 'ID1,ID2,ID3'
response = falcon.command('GetCSPMAzureAccount', parameters=PARAMS, ids=IDS)
print(response)
falcon.deauthenticate()
Creates a new account in our system for a customer and generates a script for them to run in their cloud environment to grant us access.
- Consumes: application/json
- Produces: application/json
Required | Name | Type | Datatype | Description |
---|---|---|---|---|
✅ | body | body | string |
from falconpy import api_complete as FalconSDK
falcon = FalconSDK.APIHarness(creds={
'client_id': falcon_client_id,
'client_secret': falcon_client_secret
}
)
BODY = {
'Body Payload': 'See body description above'
}
response = falcon.command('CreateCSPMAzureAccount', body=BODY)
print(response)
falcon.deauthenticate()
Update an Azure service account in our system by with the user-created client_id created with the public key we've provided
- Consumes: application/json
- Produces: application/json
Required | Name | Type | Datatype | Description |
---|---|---|---|---|
✅ | id | query | string | ClientID to use for the Service Principal associated with the customer's Azure account |
from falconpy import api_complete as FalconSDK
falcon = FalconSDK.APIHarness(creds={
'client_id': falcon_client_id,
'client_secret': falcon_client_secret
}
)
PARAMS = {
'id': 'string'
}
response = falcon.command('UpdateCSPMAzureAccountClientID', parameters=PARAMS)
print(response)
falcon.deauthenticate()
Return a script for customer to run in their cloud environment to grant us access to their Azure environment as a downloadable attachment
- Produces: application/json
No parameters
from falconpy import api_complete as FalconSDK
falcon = FalconSDK.APIHarness(creds={
'client_id': falcon_client_id,
'client_secret': falcon_client_secret
}
)
response = falcon.command('GetCSPMAzureUserScriptsAttachment')
print(response)
falcon.deauthenticate()
Return a script for customer to run in their cloud environment to grant us access to their Azure environment
- Consumes: application/json
- Produces: application/json
No parameters
from falconpy import api_complete as FalconSDK
falcon = FalconSDK.APIHarness(creds={
'client_id': falcon_client_id,
'client_secret': falcon_client_secret
}
)
response = falcon.command('GetCSPMAzureUserScripts')
print(response)
falcon.deauthenticate()
Returns information about the current status of an GCP account.
- Consumes: application/json
- Produces: application/json
Required | Name | Type | Datatype | Description |
---|---|---|---|---|
scan-type | query | string | Type of scan, dry or full, to perform on selected accounts | |
ids | query | array (string) | Parent IDs of accounts |
from falconpy import api_complete as FalconSDK
falcon = FalconSDK.APIHarness(creds={
'client_id': falcon_client_id,
'client_secret': falcon_client_secret
}
)
PARAMS = {
'scan-type': 'string'
}
IDS = 'ID1,ID2,ID3'
response = falcon.command('GetCSPMCGPAccount', parameters=PARAMS, ids=IDS)
print(response)
falcon.deauthenticate()
Creates a new account in our system for a customer and generates a new service account for them to add access to in their GCP environment to grant us access.
- Consumes: application/json
- Produces: application/json
Required | Name | Type | Datatype | Description |
---|---|---|---|---|
✅ | body | body | string |
from falconpy import api_complete as FalconSDK
falcon = FalconSDK.APIHarness(creds={
'client_id': falcon_client_id,
'client_secret': falcon_client_secret
}
)
BODY = {
'Body Payload': 'See body description above'
}
response = falcon.command('CreateCSPMGCPAccount', body=BODY)
print(response)
falcon.deauthenticate()
Return a script for customer to run in their cloud environment to grant us access to their GCP environment as a downloadable attachment
- Produces: application/json
No parameters
from falconpy import api_complete as FalconSDK
falcon = FalconSDK.APIHarness(creds={
'client_id': falcon_client_id,
'client_secret': falcon_client_secret
}
)
response = falcon.command('GetCSPMGCPUserScriptsAttachment')
print(response)
falcon.deauthenticate()
Return a script for customer to run in their cloud environment to grant us access to their GCP environment
- Consumes: application/json
- Produces: application/json
No parameters
from falconpy import api_complete as FalconSDK
falcon = FalconSDK.APIHarness(creds={
'client_id': falcon_client_id,
'client_secret': falcon_client_secret
}
)
response = falcon.command('GetCSPMGCPUserScripts')
print(response)
falcon.deauthenticate()
- Home
- Discussions Board
- Glossary of Terms
- Installation, Upgrades and Removal
- Samples Collection
- Using FalconPy
- API Operations
-
Service Collections
- Alerts
- API Integrations
- ASPM
- Certificate Based Exclusions
- Cloud Connect AWS (deprecated)
- Cloud Snapshots
- Compliance Assessments
- Configuration Assessment
- Configuration Assessment Evaluation Logic
- Container Alerts
- Container Detections
- Container Images
- Container Packages
- Container Vulnerabilities
- CSPM Registration
- Custom IOAs
- Custom Storage
- D4C Registration (deprecated)
- DataScanner
- Delivery Settings
- Detects
- Device Control Policies
- Discover
- Downloads
- Drift Indicators
- Event Streams
- Exposure Management
- Falcon Complete Dashboard
- Falcon Container
- Falcon Intelligence Sandbox
- FDR
- FileVantage
- Firewall Management
- Firewall Policies
- Foundry LogScale
- Host Group
- Host Migration
- Hosts
- Identity Protection
- Image Assessment Policies
- Incidents
- Installation Tokens
- Intel
- IOA Exclusions
- IOC
- IOCs (deprecated)
- Kubernetes Protection
- MalQuery
- Message Center
- ML Exclusions
- Mobile Enrollment
- MSSP (Flight Control)
- OAuth2
- ODS (On Demand Scan)
- Overwatch Dashboard
- Prevention Policy
- Quarantine
- Quick Scan
- Quick Scan Pro
- Real Time Response
- Real Time Response Admin
- Real Time Response Audit
- Recon
- Report Executions
- Response Policies
- Sample Uploads
- Scheduled Reports
- Sensor Download
- Sensor Update Policy
- Sensor Usage
- Sensor Visibility Exclusions
- Spotlight Evaluation Logic
- Spotlight Vulnerabilities
- Tailored Intelligence
- ThreatGraph
- Unidentified Containers
- User Management
- Workflows
- Zero Trust Assessment
- Documentation Support
-
CrowdStrike SDKs
- Crimson Falcon - Ruby
- FalconPy - Python 3
- FalconJS - Javascript
- goFalcon - Go
- PSFalcon - Powershell
- Rusty Falcon - Rust