Skip to content

Falcon Container

Joshua Hiller edited this page Dec 19, 2024 · 17 revisions

CrowdStrike Falcon CrowdStrike Subreddit

Using the Falcon Container service collection

Uber class support Service class support Documentation Version Page Updated

Table of Contents

Operation ID Description
GetCombinedImages
PEP 8 get_combined_images
Gets the registry credentials.
GetCredentials
PEP 8 get_credentials
Gets the registry credentials.
GetImageAssessmentReport
PEP 8 get_assessment
Retrieve an assessment report for an image by specifying repository and tag.
DeleteImageDetails
PEP 8 delete_image_details
Delete image details from the CrowdStrike registry.
ImageMatchesPolicy
PEP 8 image_matches_policy
Check if an image matches a policy by specifying repository and tag.
ReadImageVulnerabilities
PEP 8 read_image_vulnerabilities
Retrieve an assessment report for an image by specifying repository and tag.
ReadRegistryEntities
PEP 8 read_registry_entities
Retrieve registry entities associated with the client ID.
ReadRegistryEntitiesByUUID
PEP 8 read_registry_entities_by_uuid
Retrieve registry entities associated with a specific UUID.
DeleteRegistryEntities
PEP 8 delete_registry_entities
Delete registry entities by UUID.
CreateRegistryEntities
PEP 8 create_registry_entities
Create registry entities using the provided detail.
UpdateRegistryEntities
PEP 8 update_registry_entities
Update the registry entity, as identified by the entity UUID, using the provided details.

Passing credentials

WARNING

client_id and client_secret are keyword arguments that contain your CrowdStrike API credentials. Please note that all examples below do not hard code these values. (These values are ingested as strings.)

CrowdStrike does not recommend hard coding API credentials or customer identifiers within source code.

GetCombinedImages

Get image assessment results by providing an FQL filter and paging details.

PEP8 method name

get_combined_images

Endpoint

Method Route
GET /container-security/combined/image-assessment/images/v1

Required Scope

falcon-container-image:read

Content-Type

  • Produces: application/json

Keyword Arguments

Name Service Uber Type Data type Description
offset
Service Class Support

Uber Class Support
query integer The offset to start retrieving records from
parameters
Service Class Support

Uber Class Support
query dictionary Full query string parameters payload in JSON format.
limit
Service Class Support

Uber Class Support
query integer The maximum records to return. [1-200]
sort
Service Class Support

Uber Class Support
query string The property to sort by (e.g. status.desc or hostname.asc)
filter
Service Class Support

Uber Class Support
query string Filter images using a query in Falcon Query Language (FQL).

Supported filters:
  • container_running_status
  • cve_id
  • first_seen
  • image_digest
  • image_id
  • registry
  • repository
  • tag
  • vulnerability_severity

Usage

Service class example (PEP8 syntax)
from falconpy import Hosts

# Do not hardcode API credentials!
falcon = Hosts(client_id=CLIENT_ID,
               client_secret=CLIENT_SECRET
               )

response = falcon.get_combined_images(offset=integer,
                                      limit=integer,
                                      sort="string",
                                      filter="string"
                                      )

print(response)
Service class example (Operation ID syntax)
from falconpy import Hosts

# Do not hardcode API credentials!
falcon = Hosts(client_id=CLIENT_ID,
               client_secret=CLIENT_SECRET
               )

response = falcon.GetCombinedImages(offset=integer,
                                    limit=integer,
                                    sort="string",
                                    filter="string"
                                    )

print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("GetCombinedImages",
                          offset=integer,
                          limit=integer,
                          sort="string",
                          filter="string"
                          )

print(response)

GetCredentials

Gets the registry credentials

PEP8 method name

get_credentials

Endpoint

Method Route
GET /container-security/entities/image-registry-credentials/v1

Required Scope

falcon-container-image:read

Content-Type

  • Produces: application/json

Keyword Arguments

No keywords or arguments accepted.

Usage

Service class example (PEP8 syntax)
from falconpy import FalconContainer

# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.get_credentials()
print(response)
Service class example (Operation ID syntax)
from falconpy import FalconContainer

# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.GetCredentials()
print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("GetCredentials")
print(response)

Back to Table of Contents

GetImageAssessmentReport

Retrieve an assessment report for an image by specifying image ID and digest or repository and tag.

PEP8 method name

get_assessment

Endpoint

Method Route
GET /reports

Required Scope

falcon-container-image:read

Content-Type

  • Produces: application/json

Keyword Arguments

Name Service Uber Type Data type Description
image_id
Service Class Support

Uber Class Support
query string Image ID of the image assessed. Must be provided in conjuction with digest.
digest
Service Class Support

Uber Class Support
query string Hash digest of the image assessed. Must be provided in conjuction with image_id.
parameters
Service Class Support

Uber Class Support
query dictionary Full query string parameters payload in JSON format.
repository
Service Class Support

Uber Class Support
query string Repository where the image resides. Must be provided in conjuction with tag.
tag
Service Class Support

Uber Class Support
query string Tag used for the image assessed. Must be provided in conjuction with repository.

If both sets of parameters are provided within the same request, image_id and digest take precedence.

Usage

Service class example (PEP8 syntax)
from falconpy import FalconContainer

# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.get_assessment(repository="string", tag="string")
print(response)
Service class example (Operation ID syntax)
from falconpy import FalconContainer

# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.GetImageAssessmentReport(repository="string", tag="string")
print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("GetImageAssessmentReport", repository="string", tag="string")
print(response)

Back to Table of Contents

DeleteImageDetails

Delete image details from the CrowdStrike registry.

PEP8 method name

delete_image_details

Endpoint

Method Route
DELETE /images/{}

Required Scope

falcon-container-image:write

Content-Type

  • Produces: application/json

Keyword Arguments

Name Service Uber Type Data type Description
image_id
Service Class Support

Uber Class Support
path string ID of the image to delete details for.

Usage

Service class example (PEP8 syntax)
from falconpy import FalconContainer

# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.delete_image_details(image_id="string")
print(response)
Service class example (Operation ID syntax)
from falconpy import FalconContainer

# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.DeleteImageDetails(image_id="string")
print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("DeleteImageDetails", image_id="string")
print(response)

Back to Table of Contents

ImageMatchesPolicy

Check if an image matches a policy by specifying repository and tag.

PEP8 method name

image_matches_policy

Endpoint

Method Route
GET /policy-checks

Content-Type

  • Produces: application/json

Keyword Arguments

Name Service Uber Type Data type Description
parameters
Service Class Support

Uber Class Support
query dictionary Full query string parameters payload in JSON format.
repository
Service Class Support

Uber Class Support
query string Repository where the image resides.
tag
Service Class Support

Uber Class Support
query string Tag used for the image assessed.

Usage

Service class example (PEP8 syntax)
from falconpy import FalconContainer

# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.image_matches_policy(repository="string", tag="string")
print(response)
Service class example (Operation ID syntax)
from falconpy import FalconContainer

# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.ImageMatchesPolicy(repository="string", tag="string")
print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("ImageMatchesPolicy", repository="string", tag="string")
print(response)

Back to Table of Contents

ReadImageVulnerabilities

Check if an image matches a policy by specifying repository and tag.

PEP8 method name

read_image_vulnerabilities

Endpoint

Method Route
POST /image-assessment/combined/vulnerability-lookups/v1

Required Scope

falcon-container-image:read

Content-Type

  • Produces: application/json

Keyword Arguments

Name Service Uber Type Data type Description
applicationPackages
Service Class Support

Uber Class Support
body list of dictionaries List of application packages for the image.
body
Service Class Support

Uber Class Support
body dictionary Full body payload in JSON format, not required if using other keywords.
osversion
Service Class Support

Uber Class Support
body string Operating system version for the image to be read.
packages
Service Class Support

Uber Class Support
body list of dictionaries List of packages to review.

Usage

Service class example (PEP8 syntax)
from falconpy import FalconContainer

# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

app_packages = [
    {
      "libraries": [
        {
          "Hash": "string",
          "LayerHash": "string",
          "LayerIndex": integer,
          "License": "string",
          "Name": "string",
          "Path": "string",
          "Version": "string"
        }
      ],
      "type": "string"
    }
]

package_list = [
    {
        "LayerHash": "string",
        "LayerIndex": integer,
        "MajorVersion": "string",
        "PackageHash": "string",
        "PackageProvider": "string",
        "PackageSource": "string",
        "Product": "string",
        "SoftwareArchitecture": "string",
        "Status": "string",
        "Vendor": "string"
    }
]

response = falcon.read_image_vulnerabilities(osversion="string",
                                             packages=package_list,
                                             applicationPackages=app_packages
                                             )

print(response)
Service class example (Operation ID syntax)
from falconpy import FalconContainer

# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )
app_packages = [
    {
      "libraries": [
        {
          "Hash": "string",
          "LayerHash": "string",
          "LayerIndex": integer,
          "License": "string",
          "Name": "string",
          "Path": "string",
          "Version": "string"
        }
      ],
      "type": "string"
    }
]

package_list = [
    {
        "LayerHash": "string",
        "LayerIndex": integer,
        "MajorVersion": "string",
        "PackageHash": "string",
        "PackageProvider": "string",
        "PackageSource": "string",
        "Product": "string",
        "SoftwareArchitecture": "string",
        "Status": "string",
        "Vendor": "string"
    }
]

response = falcon.ReadImageVulnerabilities(osversion="string",
                                           packages=package_list,
                                           applicationPackages=app_packages
                                           )

print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

BODY = {
    "applicationPackages": [
        {
        "libraries": [
            {
            "Hash": "string",
            "LayerHash": "string",
            "LayerIndex": integer,
            "License": "string",
            "Name": "string",
            "Path": "string",
            "Version": "string"
            }
        ],
        "type": "string"
        }
    ]
    "osversion": "string",
    "packages": [
        {
            "LayerHash": "string",
            "LayerIndex": integer,
            "MajorVersion": "string",
            "PackageHash": "string",
            "PackageProvider": "string",
            "PackageSource": "string",
            "Product": "string",
            "SoftwareArchitecture": "string",
            "Status": "string",
            "Vendor": "string"
        }
    ]
}

response = falcon.command("ReadImageVulnerabilities", body=BODY)

print(response)

Back to Table of Contents

ReadRegistryEntities

Retrieve registry entities associated with the client ID.

PEP8 method name

read_registry_entities

Endpoint

Method Route
GET /container-security/queries/registries/v1

Required Scope

falcon-container-image:read

Content-Type

  • Produces: application/json

Keyword Arguments

Name Service Uber Type Data type Description
limit
Service Class Support

Uber Class Support
query integer Total number of records to return in the response.
offset
Service Class Support

Uber Class Support
query integer Starting position within the overall recordset to return results.
parameters
Service Class Support

Uber Class Support
query dictionary Full query string parameters payload in JSON format.
sort
Service Class Support

Uber Class Support
query string FQL formatted string to use to sort returned results.

Usage

Service class example (PEP8 syntax)
from falconpy import FalconContainer

# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.read_registry_entities(limit=integer, offset=integer, sort="string")

print(response)
Service class example (Operation ID syntax)
from falconpy import FalconContainer

# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.ReadRegistryEntities(limit=integer, offset=integer, sort="string")

print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("ReadRegistryEntities", limit=integer, offset=integer, sort="string")

print(response)

Back to Table of Contents

ReadRegistryEntitiesByUUID

Retrieve registry entities associated with a specific UUID.

PEP8 method name

read_registry_entities_by_uuid

Endpoint

Method Route
GET /container-security/entities/registries/v1

Required Scope

falcon-container-image:read

Content-Type

  • Produces: application/json

Keyword Arguments

Name Service Uber Type Data type Description
ids
Service Class Support

Uber Class Support
query string or list of strings Registry entity UUIDs to retrieve.
parameters
Service Class Support

Uber Class Support
query dictionary Full query string parameters payload in JSON format.

Usage

Service class example (PEP8 syntax)
from falconpy import FalconContainer

# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.read_registry_entities_by_uuid(ids=id_list)

print(response)
Service class example (Operation ID syntax)
from falconpy import FalconContainer

# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.ReadRegistryEntitiesByUUID(ids=id_list)

print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.command("ReadRegistryEntitiesByUUID", ids=id_list)

print(response)

Back to Table of Contents

DeleteRegistryEntities

Delete registry entities by UUID.

PEP8 method name

delete_registry_entities

Endpoint

Method Route
DELETE /container-security/entities/registries/v1

Required Scope

falcon-container-image:write

Content-Type

  • Produces: application/json

Keyword Arguments

Name Service Uber Type Data type Description
ids
Service Class Support

Uber Class Support
query string or list of strings Registry entity UUIDs to delete.
parameters
Service Class Support

Uber Class Support
query dictionary Full query string parameters payload in JSON format.

Usage

Service class example (PEP8 syntax)
from falconpy import FalconContainer

# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.delete_registry_entities(ids=id_list)

print(response)
Service class example (Operation ID syntax)
from falconpy import FalconContainer

# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.DeleteRegistryEntities(ids=id_list)

print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.command("DeleteRegistryEntities", ids=id_list)

print(response)

Back to Table of Contents

CreateRegistryEntities

Create registry entities using the provided detail.

PEP8 method name

create_registry_entities

Endpoint

Method Route
POST /container-security/entities/registries/v1

Required Scope

falcon-container-image:write

Content-Type

  • Produces: application/json

Keyword Arguments

Name Service Uber Type Data type Description
aws_iam_role
Service Class Support

Uber Class Support
body (credential) string Container registry username (AWS ECR).
aws_external_id
Service Class Support

Uber Class Support
body (credential) string Container registry password (AWS ECR).
body
Service Class Support

Uber Class Support
body dictionary Full body payload in JSON format, not required if using other keywords.
compartment_ids
Service Class Support

Uber Class Support
body (credential) list of strings Compartment IDs (OCR (Oracle)).
credential_type
Service Class Support

Uber Class Support
body (credential) string Credential type (GitHub, GitLab).
domain_url
Service Class Support

Uber Class Support
body (credential) string Domain URL (GitHub, GitLab).
password
Service Class Support

Uber Class Support
body (credential) string Container registry password.
project_id
Service Class Support

Uber Class Support
body (credential) string Cloud Project ID (GAR, GCR (Google)).
scope_name
Service Class Support

Uber Class Support
body (credential) string Scope name (GAR, GCR (Google), OCR (Oracle)).
service_account_json
Service Class Support

Uber Class Support
body (credential) dictionary GAR / GCR credential dictionary.

Keys:
  • client_email
  • client_id
  • private_key
  • private_key_id
  • project_id
  • type
type
Service Class Support

Uber Class Support
body string The type of registry you want to connect (such as Amazon ECR).

Available values:
  • acr
  • artifactory
  • docker
  • dockerhub
  • ecr
  • gar
  • gcr
  • github
  • gitlab
  • harbor
  • icr
  • nexus
  • openshift
  • oracle
  • quay.io
This argument is required and must be provided as a keyword or as part of the body payload.

Review the Required Credential Values table for more detail regarding specific registry requirements.
url
Service Class Support

Uber Class Support
body string The URL used to log in to the registry. Note: If your registry URL contains an alias, provide just the base URL as the value.

Example: https://docker.io/

This argument is required and must be provided as a keyword or as part of the body payload.
url_uniqueness_key
Service Class Support

Uber Class Support
body string The registry URL alias.

Example: https://docker.io/

Available with
  • Docker Hub
  • Google Artifact Registry
  • Google Container Registry
  • IBM Cloud
  • Oracle
user_defined_alias
Service Class Support

Uber Class Support
body string A user-friendly name for the registry. This appears as the Registry name on the Registry connections page in the Falcon console.
username
Service Class Support

Uber Class Support
body (credential) string Container registry username.
Required Credential Values by Registry
Registry Type Required credential values
Amazon Elastic Container Registry ecr
  • aws_iam_role
  • aws_external_id
Docker Hub dockerhub
  • password (access token)
  • username
Docker Registry v2 docker
  • password (API Key)
  • username (account ID)
GitHub github
  • credential_type
  • domain_url
  • password (personal access token)
  • username
Note: Only classic tokens are supported
GitLab Cloud gitlab
  • credential_type
  • domain_url
  • password (personal access token)
  • username
GitLab On-prem gitlab
  • credential_type (set to PAT)
  • domain_url
  • password (personal access token)
  • username
Google Artifact Registry gar
  • project_id
  • scope_name
  • service_account_json
Google Container Registry gcr
  • project_id
  • service_account_json
IBM Cloud icr
  • password
  • username
JFrog Artifactory artifactory
  • password (API Key)
  • username (account ID)
Microsoft Azure Container Registry acr
  • password (API Key)
  • username (account ID)
Oracle Container Registry oracle
  • compartment_ids
  • password
  • scope_name
  • username (tenancy email)
Red Hat OpenShift openshift
  • password (API Key)
  • username (account ID)
Sonatype Nexus nexus
  • password (API Key)
  • username (account ID)
Quay.io (Red Hat) quay.io
  • password (API Key)
  • username (account ID)
VMWare Harbor harbor
  • password
  • username

Usage

Service class example (PEP8 syntax)
from falconpy import FalconContainer

# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

svc_acct = {
    "type": "string",
    "private_key_id": "string",
    "private_key": "string",
    "client_email": "string",
    "client_id": "string",
    "project_id": "string"
}

compartments = [
    "string",
    "string"
]

# Review the Required Credential Values table for more
# detail regarding which keywords to use for your registry.
response = falcon.create_registry_entities(aws_iam_role="string",
                                           aws_external_id="string",
                                           compartment_ids=compartments,
                                           credential_type="string",
                                           domain_url="string",
                                           password="string",
                                           project_id="string",
                                           scope_name="string",
                                           service_account_json=svc_acct,
                                           type="string",
                                           url="string",
                                           url_uniqueness_key="string",
                                           user_defined_alias="string",
                                           username="string"
                                           )

print(response)
Service class example (Operation ID syntax)
from falconpy import FalconContainer

# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

svc_acct = {
    "type": "string",
    "private_key_id": "string",
    "private_key": "string",
    "client_email": "string",
    "client_id": "string",
    "project_id": "string"
}

compartments = [
    "string",
    "string"
]

# Review the Required Credential Values table for more
# detail regarding which keywords to use for your registry.
response = falcon.CreateRegistryEntities(aws_iam_role="string",
                                         aws_external_id="string",
                                         compartment_ids=compartments,
                                         credential_type="string",
                                         domain_url="string",
                                         password="string",
                                         project_id="string",
                                         scope_name="string",
                                         service_account_json=svc_acct,
                                         type="string",
                                         url="string",
                                         url_uniqueness_key="string",
                                         user_defined_alias="string",
                                         username="string"
                                         )

print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

svc_acct = {
    "type": "string",
    "private_key_id": "string",
    "private_key": "string",
    "client_email": "string",
    "client_id": "string",
    "project_id": "string"
}

compartments = [
    "string",
    "string"
]

# Review the Required Credential Values table for more
# detail regarding which keys to use for your registry.
body_payload = {
    "type": "string",
    "url": "string",
    "url_uniqueness_key": "string",
    "user_defined_alias": "string",
    "credential": {
        "aws_iam_role": "string",
        "aws_external_id": "string",
        "compartment_ids": compartments,
        "credential_type": "string",
        "domain_url": "string",
        "password": "string",
        "project_id": "string",
        "scope_name": "string",
        "service_account_json": svc_acct,
        "username": "string"
    }
}

response = falcon.command("CreateRegistryEntities", body=body_payload)

print(response)

Back to Table of Contents

UpdateRegistryEntities

Update the registry entity, as identified by the entity UUID, using the provided details.

PEP8 method name

update_registry_entities

Endpoint

Method Route
POST /container-security/entities/registries/v1

Required Scope

falcon-container-image:write

Content-Type

  • Produces: application/json

Keyword Arguments

Name Service Uber Type Data type Description
aws_iam_role
Service Class Support

Uber Class Support
body (credential) string Container registry username (AWS ECR).
aws_external_id
Service Class Support

Uber Class Support
body (credential) string Container registry password (AWS ECR).
body
Service Class Support

Uber Class Support
body dictionary Full body payload in JSON format, not required if using other keywords.
compartment_ids
Service Class Support

Uber Class Support
body (credential) list of strings Compartment IDs (OCR (Oracle)).
credential_type
Service Class Support

Uber Class Support
body (credential) string Credential type (GitHub, GitLab).
domain_url
Service Class Support

Uber Class Support
body (credential) string Domain URL (GitHub, GitLab).
id
Service Class Support

Uber Class Support
body string Container registry record UUID.
password
Service Class Support

Uber Class Support
body (credential) string Container registry password.
project_id
Service Class Support

Uber Class Support
body (credential) string Cloud Project ID (GAR, GCR (Google)).
scope_name
Service Class Support

Uber Class Support
body (credential) string Scope name (GAR, GCR (Google), OCR (Oracle)).
service_account_json
Service Class Support

Uber Class Support
body (credential) dictionary GAR / GCR credential dictionary.

Keys:
  • client_email
  • client_id
  • private_key
  • private_key_id
  • project_id
  • type
state
Service Class Support

Uber Class Support
body string Container registry state.
  • pause
  • resume
type
Service Class Support

Uber Class Support
body string The type of registry you want to connect (such as Amazon ECR).

Available values:
  • acr
  • artifactory
  • docker
  • dockerhub
  • ecr
  • gar
  • gcr
  • github
  • gitlab
  • harbor
  • icr
  • nexus
  • openshift
  • oracle
  • quay.io
This argument is required and must be provided as a keyword or as part of the body payload.

Review the Required Credential Values table for more detail regarding specific registry requirements.
url
Service Class Support

Uber Class Support
body string The URL used to log in to the registry. Note: If your registry URL contains an alias, provide just the base URL as the value.

Example: https://docker.io/

This argument is required and must be provided as a keyword or as part of the body payload.
url_uniqueness_key
Service Class Support

Uber Class Support
body string The registry URL alias.

Example: https://docker.io/

Available with
  • Docker Hub
  • Google Artifact Registry
  • Google Container Registry
  • IBM Cloud
  • Oracle
user_defined_alias
Service Class Support

Uber Class Support
body string A user-friendly name for the registry. This appears as the Registry name on the Registry connections page in the Falcon console.
username
Service Class Support

Uber Class Support
body (credential) string Container registry username.
Required Credential Values by Registry
Registry Type Required credential values
Amazon Elastic Container Registry ecr
  • aws_iam_role
  • aws_external_id
Docker Hub dockerhub
  • password (access token)
  • username
Docker Registry v2 docker
  • password (API Key)
  • username (account ID)
GitHub github
  • credential_type
  • domain_url
  • password (personal access token)
  • username
Note: Only classic tokens are supported
GitLab Cloud gitlab
  • credential_type
  • domain_url
  • password (personal access token)
  • username
GitLab On-prem gitlab
  • credential_type (set to PAT)
  • domain_url
  • password (personal access token)
  • username
Google Artifact Registry gar
  • project_id
  • scope_name
  • service_account_json
Google Container Registry gcr
  • project_id
  • service_account_json
IBM Cloud icr
  • password
  • username
JFrog Artifactory artifactory
  • password (API Key)
  • username (account ID)
Microsoft Azure Container Registry acr
  • password (API Key)
  • username (account ID)
Oracle Container Registry oracle
  • compartment_ids
  • password
  • scope_name
  • username (tenancy email)
Red Hat OpenShift openshift
  • password (API Key)
  • username (account ID)
Sonatype Nexus nexus
  • password (API Key)
  • username (account ID)
Quay.io (Red Hat) quay.io
  • password (API Key)
  • username (account ID)
VMWare Harbor harbor
  • password
  • username

Usage

Service class example (PEP8 syntax)
from falconpy import FalconContainer

# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

svc_acct = {
    "type": "string",
    "private_key_id": "string",
    "private_key": "string",
    "client_email": "string",
    "client_id": "string",
    "project_id": "string"
}

compartments = [
    "string",
    "string"
]

# Review the Required Credential Values table for more
# detail regarding which keywords to use for your registry.
response = falcon.update_registry_entities(aws_iam_role="string",
                                           aws_external_id="string",
                                           compartment_ids=compartments,
                                           credential_type="string",
                                           domain_url="string",
                                           id="string",
                                           password="string",
                                           project_id="string",
                                           scope_name="string",
                                           service_account_json=svc_acct,
                                           state="string",
                                           type="string",
                                           url="string",
                                           url_uniqueness_key="string",
                                           user_defined_alias="string",
                                           username="string"
                                           )

print(response)
Service class example (Operation ID syntax)
from falconpy import FalconContainer

# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

svc_acct = {
    "type": "string",
    "private_key_id": "string",
    "private_key": "string",
    "client_email": "string",
    "client_id": "string",
    "project_id": "string"
}

compartments = [
    "string",
    "string"
]

# Review the Required Credential Values table for more
# detail regarding which keywords to use for your registry.
response = falcon.UpdateRegistryEntities(aws_iam_role="string",
                                         aws_external_id="string",
                                         compartment_ids=compartments,
                                         credential_type="string",
                                         domain_url="string",
                                         id="string",
                                         password="string",
                                         project_id="string",
                                         scope_name="string",
                                         service_account_json=svc_acct,
                                         state="string",
                                         type="string",
                                         url="string",
                                         url_uniqueness_key="string",
                                         user_defined_alias="string",
                                         username="string"
                                         )

print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

svc_acct = {
    "type": "string",
    "private_key_id": "string",
    "private_key": "string",
    "client_email": "string",
    "client_id": "string",
    "project_id": "string"
}

compartments = [
    "string",
    "string"
]

# Review the Required Credential Values table for more
# detail regarding which keys to use for your registry.
body_payload = {
    "id": "string",
    "state": "string",
    "type": "string",
    "url": "string",
    "url_uniqueness_key": "string",
    "user_defined_alias": "string",
    "credential": {
        "aws_iam_role": "string",
        "aws_external_id": "string",
        "compartment_ids": compartments,
        "credential_type": "string",
        "domain_url": "string",
        "password": "string",
        "project_id": "string",
        "scope_name": "string",
        "service_account_json": svc_acct,
        "username": "string"
    }
}

response = falcon.command("UpdateRegistryEntities", body=body_payload)

print(response)

Back to Table of Contents

CrowdStrike Falcon

Clone this wiki locally