CrowdStrike Falcon CrowdStrike Subreddit

Using the D4C Registration service collection

Uber class support Service class support Documentation Version Page Updated

DEPRECATED

This service collection has been superseded by the CSPMRegistration service collection and is now deprecated. Developers should move code over to use the new operations available within the updated collection.

Table of Contents

Operation IDDescription
GetD4CAwsAccount
PEP8get_aws_account
DEPRECATED
Returns information about the current status of an AWS account.
CreateD4CAwsAccount
PEP8create_aws_account
DEPRECATED
Creates a new account in our system for a customer and generates a script for them to run in their AWS cloud environment to grant us access.
DeleteD4CAwsAccount
PEP8delete_aws_account
DEPRECATED
Deletes an existing AWS account or organization in our system.
GetD4CAwsConsoleSetupURLs
PEP8get_aws_console_setup
DEPRECATED
Return a URL for customer to visit in their cloud environment to grant us access to their AWS environment.
GetD4CAWSAccountScriptsAttachment
PEP8get_aws_account_scripts
DEPRECATED
Return a script for customer to run in their cloud environment to grant us access to their AWS environment as a downloadable attachment.
GetDiscoverCloudAzureAccount
PEP 8get_azure_account
DEPRECATED
Return information about Azure account registration
CreateDiscoverCloudAzureAccount
PEP 8create_azure_account
DEPRECATED
Creates a new account in our system for a customer and generates a script for them to run in their cloud environment to grant us access.
UpdateDiscoverCloudAzureAccountClientID
PEP 8update_azure_account_client_id
DEPRECATED
Update an Azure service account in our system by with the user-created client_id created with the public key we've provided
GetDiscoverCloudAzureUserScriptsAttachment
PEP 8get_azure_user_scripts_attachment
DEPRECATED
Return a script for customer to run in their cloud environment to grant us access to their Azure environment as a downloadable attachment
GetDiscoverCloudAzureUserScripts
PEP 8get_azure_user_scripts
Return a script for customer to run in their cloud environment to grant us access to their Azure environment
GetDiscoverCloudCGPAccount
PEP 8get_gcp_account
DEPRECATED
Returns information about the current status of an GCP account.
CreateDiscoverCloudGCPAccount
PEP 8create_gcp_account
DEPRECATED
Creates a new account in our system for a customer and generates a new service account for them to add access to in their GCP environment to grant us access.
DiscoverCloudAzureDownloadCertificate
PEP 8azure_download_certificate
DEPRECATED
Returns JSON object(s) that contain the base64 encoded certificate for a service principal.
GetDiscoverCloudAzureTenantIDs
PEP 8get_azure_tenant_ids
DEPRECATED
Return all available Azure tenant IDs.
GetDiscoverCloudGCPUserScriptsAttachment
PEP 8get_gcp_user_scripts_attachment
Return a script for customer to run in their cloud environment to grant us access to their GCP environment as a downloadable attachment
GetDiscoverCloudGCPUserScripts
PEP 8get_gcp_user_scripts
DEPRECATED
Return a script for customer to run in their cloud environment to grant us access to their GCP environment
GetHorizonD4CScripts
PEP8get_aws_horizon_scripts
DEPRECATED
Returns static install scripts for Horizon.
DeleteD4CGCPAccount
PEP8delete_gcp_account
DEPRECATED
Deletes a GCP account from the system.
ConnectD4CGCPAccount
PEP8connect_gcp_account
DEPRECATED
Creates a new GCP account with newly-uploaded service account or connects with existing service account with only the following fields: parent_id, parent_type and service_account_id
GetD4CGCPServiceAccountsExt
PEP8get_gcp_service_account
DEPRECATED
Returns the service account id and client email for external clients.
UpdateD4CGCPServiceAccountsExt
PEP8update_gcp_service_account
Updates an existing GCP service account.
GetD4CGCPUserScriptsAttachment
PEP8get_gcp_user_scripts_attachment
DEPRECATED
Return a script for customer to run in their cloud environment to grant us access to their GCP environment as a downloadable attachment

Passing credentials

WARNING

client_id and client_secret are keyword arguments that contain your CrowdStrike API credentials. Please note that all examples below do not hard code these values. (These values are ingested as strings.)

CrowdStrike does not recommend hard coding API credentials or customer identifiers within source code.

GetD4CAwsAccount

Returns information about the current status of an AWS account.

Deprecated operation

This operation has been superseded by the GetCSPMAwsAccount operation and is now deprecated. Developers should move code over to this new operation as soon as time permits.

PEP8 method name

get_aws_account

Endpoint

MethodRoute
GET/cloud-connect-aws/entities/account/v2

Required Scope

d4c-registration:read

Content-Type

  • Consumes: application/json
  • Produces: application/json

Parameters

NameServiceUberTypeData typeDescription
ids
Service Class Support

Uber Class Support
querystring or list of stringsAWS account ID(s). When empty, all accounts are returned.
organization_ids
Service Class Support

Uber Class Support
querystring or list of stringsAWS organization ID(s).
parameters
Service Class Support

Uber Class Support
querydictionaryFull query string parameters payload in JSON format.
scan_type
Service Class Support

Uber Class Support
querystringType of scan to perform, dry or full.
status
Service Class Support

Uber Class Support
querystringAccount status to filter results by.
limit
Service Class Support

Uber Class Support
queryintegerThe maximum number of records to return. Defaults to 100.
offset
Service Class Support

Uber Class Support
queryintegerThe offset to start retrieving records from.
migrated
Service Class Support

Uber Class Support
querybooleanOnly return migrated accounts.

Usage

Service class example (PEP8 syntax)
from falconpy.d4c_registration import D4CRegistration

falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.get_aws_account(scan_type="string",
                                  organization_ids=["string", "string"],
                                  status="string",
                                  limit=integer,
                                  offset=integer,
                                  migrated="string",
                                  ids=id_list
                                  )

print(response)
Service class example (Operation ID syntax)
from falconpy import D4CRegistration

falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.GetD4CAwsAccount(scan_type="string",
                                   organization_ids=["string", "string"],
                                   status="string",
                                   limit=integer,
                                   offset=integer,
                                   migrated="string",
                                   ids=id_list
                                   )

print(response)
Uber class example
from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.command("GetD4CAwsAccount",
                          scan_type="string",
                          organization_ids=["string", "string"],
                          status="string",
                          limit=integer,
                          offset=integer,
                          migrated=boolean,
                          ids=id_list
                          )

print(response)

Back to Table of Contents

CreateD4CAwsAccount

Creates a new account in our system for a customer and generates a script for them to run in their AWS cloud environment to grant us access.

Deprecated operation

This operation has been superseded by the CreateCSPMAwsAccount operation and is now deprecated. Developers should move code over to this new operation as soon as time permits.

PEP8 method name

create_aws_account

Endpoint

MethodRoute
POST/cloud-connect-aws/entities/account/v2

Required Scope

d4c-registration:write

Content-Type

  • Consumes: application/json
  • Produces: application/json

Parameters

NameServiceUberTypeData typeDescription
account_id
Service Class Support

Uber Class Support
bodystringAWS account ID.
account_type
Service Class Support

Uber Class Support
bodystringAWS account type.
body
Service Class Support

Uber Class Support
bodydictionaryFull body payload in JSON format.
cloudtrail_region
Service Class Support

Uber Class Support
bodystringAWS region for CloudTrail access.
iam_role_arn
Service Class Support

Uber Class Support
bodystringAWS IAM Role ARN.
is_master
Service Class Support

Uber Class Support
bodybooleanFlag indicating if this is the master account.
organization_id
Service Class Support

Uber Class Support
bodystringAWS organization ID.

Usage

Service class example (PEP8 syntax)
from falconpy.d4c_registration import D4CRegistration

falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.create_aws_account(account_id="string",
                                     account_type="string",
                                     cloudtrail_region="string",
                                     iam_role_arn="string",
                                     is_master=boolean,
                                     organization_id="string"
                                     )

print(response)
Service class example (Operation ID syntax)
from falconpy import D4CRegistration

falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.CreateD4CAwsAccount(account_id="string",
                                      account_type="string",
                                      cloudtrail_region="string",
                                      iam_role_arn="string",
                                      is_master=boolean,
                                      organization_id="string"
                                      )

print(response)
Uber class example
from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

BODY = {
    "resources": [
        {
            "account_id": "string",
            "account_type": "string",
            "cloudtrail_region": "string",
            "iam_role_arn": "string",
            "is_master": boolean,
            "organization_id": "string"
        }
    ]
}

response = falcon.command("CreateD4CAwsAccount", body=BODY)

print(response)

Back to Table of Contents

DeleteD4CAwsAccount

Deletes an existing AWS account or organization in our system.

Deprecated operation

This operation has been superseded by the DeleteCSPMAwsAccount operation and is now deprecated. Developers should move code over to this new operation as soon as time permits.

PEP8 method name

delete_aws_account

Endpoint

MethodRoute
DELETE/cloud-connect-aws/entities/account/v2

Required Scope

d4c-registration:write

Content-Type

  • Consumes: application/json
  • Produces: application/json

Parameters

NameServiceUberTypeData typeDescription
ids
Service Class Support

Uber Class Support
querystring or list of stringsAWS account ID(s).
organization_ids
Service Class Support

Uber Class Support
querystring or list of stringsAWS organization ID(s).
parameters
Service Class Support

Uber Class Support
querydictionaryFull query string parameters payload in JSON format, not required when using other keywords.

Usage

Service class example (PEP8 syntax)
from falconpy.d4c_registration import D4CRegistration

falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.delete_aws_account(organization_ids=["string", "string"], ids=id_list)

print(response)
Service class example (Operation ID syntax)
from falconpy import D4CRegistration

falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.DeleteD4CAwsAccount(organization_ids=["string", "string"], ids=id_list)

print(response)
Uber class example
from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

PARAMS = {
    "organization-ids": [
       "string",
       "string"
    ]
}

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.command("DeleteD4CAwsAccount",
                          organization_ids=["string", "string"],
                          ids=id_list
                          )

print(response)

Back to Table of Contents

GetD4CAwsConsoleSetupURLs

Return a URL for customer to visit in their cloud environment to grant us access to their AWS environment.

Deprecated operation

This operation has been superseded by the GetCSPMAwsConsoleSetupURLs operation and is now deprecated. Developers should move code over to this new operation as soon as time permits.

PEP8 method name

get_aws_console_setup

Endpoint

MethodRoute
GET/cloud-connect-aws/entities/console-setup-urls/v1

Required Scope

d4c-registration:read

Content-Type

  • Consumes: application/json
  • Produces: application/json

Parameters

NameServiceUberTypeData typeDescription
region
Service Class Support

Uber Class Support
querystringAWS region to generate URL for.
parameters
Service Class Support

Uber Class Support
querydictionaryFull query string parameters payload in JSON format, not required when using other keywords.

Usage

Service class example (PEP8 syntax)
from falconpy.d4c_registration import D4CRegistration

falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.get_aws_console_setup(region="string")

print(response)
Service class example (Operation ID syntax)
from falconpy import D4CRegistration

falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.GetD4CAwsConsoleSetupURLs(region="string")

print(response)
Uber class example
from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("GetD4CAwsConsoleSetupURLs", region="string")

print(response)

Back to Table of Contents

GetD4CAWSAccountScriptsAttachment

Return a script for customer to run in their cloud environment to grant us access to their AWS environment as a downloadable attachment.

Deprecated operation

This operation has been superseded by the GetCSPMAwsAccountScriptsAttachment operation and is now deprecated. Developers should move code over to this new operation as soon as time permits.

PEP8 method name

get_aws_account_scripts

Endpoint

MethodRoute
GET/cloud-connect-aws/entities/user-scripts-download/v1

Required Scope

d4c-registration:read

Content-Type

  • Produces: application/json

Parameters

NameServiceUberTypeData typeDescription
accounts
Service Class Support

Uber Class Support
querystring or list of stringsList of accounts to register.
aws_profile
Service Class Support

Uber Class Support
querystringThe AWS profile to be used during registration.
behavior_assessment_enabled
Service Class Support

Uber Class Support
querystringEnable behavior assessment. Allowed values: true or false
custom_role_name
Service Class Support

Uber Class Support
querystringThe custom IAM role to be used during registration.
dspm_enabled
Service Class Support

Uber Class Support
querystringEnable DSPM. Allowed values: true or false
dspm_regions
Service Class Support

Uber Class Support
querystring or list of stringsDSPM regions.
dspm_role
Service Class Support

Uber Class Support
querystringDSPM role.
ids
Service Class Support

Uber Class Support
querystring or list of stringsThe AWS account ID(s) to retrieve script attachments.
organization_id
Service Class Support

Uber Class Support
querystring or list of stringsThe AWS organization ID to be registered.
parameters
Service Class Support

Uber Class Support
querydictionaryFull query string parameters payload as a dictionary.
sensor_management_enabled
Service Class Support

Uber Class Support
querystringEnable sensor management. Allowed values: true or false
template
Service Class Support

Uber Class Support
querystringTemplate to be rendered. Allowed values: aws-bash or aws-terraform
use_existing_cloudtrail
Service Class Support

Uber Class Support
querystringUse the existing cloudtrail log. Allowed values: true or false

Usage

Service class example (PEP8 syntax)
from falconpy.d4c_registration import D4CRegistration

falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

account_list = "AC1,AC2,AC3"  # Can also pass a list here: ["AC1", "AC2", "AC3"]
id_list = "ID1,ID2,ID3"  # Can also pass a list here: ["ID1", "ID2", "ID3"]
org_id_list = "ORG1" # Can also pass a list or comma delimited string here.
dspm_region_list = "REGION1" # Can also pass a list or comma delimited string here.

response = falcon.get_aws_account_scripts(accounts=account_list,
                                          aws_profile="string",
                                          behavior_assessment_enabled="string",
                                          custom_role_name="string",
                                          dspm_enabled="string",
                                          dspm_regions=dspm_region_list,
                                          dspm_role="string",
                                          ids=id_list,
                                          organization_id=org_id_list,
                                          sensor_management_enabled="string",
                                          template="string",
                                          use_existing_cloudtrail="string"
                                          )
print(response)
Service class example (Operation ID syntax)
from falconpy import D4CRegistration

falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

account_list = "AC1,AC2,AC3"  # Can also pass a list here: ["AC1", "AC2", "AC3"]
id_list = "ID1,ID2,ID3"  # Can also pass a list here: ["ID1", "ID2", "ID3"]
org_id_list = "ORG1" # Can also pass a list or comma delimited string here.
dspm_region_list = "REGION1" # Can also pass a list or comma delimited string here.

response = falcon.GetD4CAWSAccountScriptsAttachment(accounts=account_list,
                                                    aws_profile="string",
                                                    behavior_assessment_enabled="string",
                                                    custom_role_name="string",
                                                    dspm_enabled="string",
                                                    dspm_regions=dspm_region_list,
                                                    dspm_role="string",
                                                    ids=id_list,
                                                    organization_id=org_id_list,
                                                    sensor_management_enabled="string",
                                                    template="string",
                                                    use_existing_cloudtrail="string"
                                                    )

print(response)
Uber class example
from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

account_list = "AC1,AC2,AC3"  # Can also pass a list here: ["AC1", "AC2", "AC3"]
id_list = "ID1,ID2,ID3"  # Can also pass a list here: ["ID1", "ID2", "ID3"]
org_id_list = "ORG1" # Can also pass a list or comma delimited string here.
dspm_region_list = "REGION1" # Can also pass a list or comma delimited string here.

response = falcon.command("GetD4CAWSAccountScriptsAttachment",
                          accounts=account_list,
                          aws_profile="string",
                          behavior_assessment_enabled="string",
                          custom_role_name="string",
                          dspm_enabled="string",
                          dspm_regions=dspm_region_list,
                          dspm_role="string",
                          ids=id_list,
                          organization_id=org_id_list,
                          sensor_management_enabled="string",
                          template="string",
                          use_existing_cloudtrail="string"
                          )
print(response)

Back to Table of Contents

GetDiscoverCloudAzureAccount

Return information about Azure account registration

Deprecated operation

This operation has been superseded by the GetCSPMAzureAccount operation and is now deprecated. Developers should move code over to this new operation as soon as time permits.

PEP8 method name

get_azure_account

Deprecated ID

This operation ID has recently been changed. The PEP8 method name remains unaffected by this update.

FalconPy supports deprecated IDs and method names via aliases. Developers should consider moving code to leverage the updated ID for this operation whenever possible.

  • Legacy Operation ID: GetCSPMAzureAccount

Endpoint

MethodRoute
GET/cloud-connect-azure/entities/account/v1

Required Scope

d4c-registration:read

Content-Type

  • Consumes: application/json
  • Produces: application/json

Keyword Arguments

NameServiceUberTypeData typeDescription
ids
Service Class Support

Uber Class Support
querystring or list of stringsSubscription ID(s). When empty, all accounts are returned.
tenant_ids
Service Class Support

Uber Class Support
querystring or list of stringsTenant IDs to use to filter Azure accounts returned.
parameters
Service Class Support

Uber Class Support
querydictionaryFull query string parameters payload in JSON format.
scan_type
Service Class Support

Uber Class Support
querystringType of scan to perform, dry or full.
status
Service Class Support

Uber Class Support
querystringAccount status to filter results by.
limit
Service Class Support

Uber Class Support
queryintegerThe maximum number of records to return. Defaults to 100.
offset
Service Class Support

Uber Class Support
queryintegerThe offset to start retrieving records from.

Usage

Service class example (PEP8 syntax)
from falconpy import D4CRegistration

# Do not hardcode API credentials!
falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

tenants = 'TENANT1,TENANT2,TENANT3'  # Can also pass a list here: ['TENANT1', 'TENANT2', 'TENANT3']

response = falcon.get_azure_account(scan_type="string",
                                    ids=id_list,
                                    tenant_ids=tenants,
                                    status="string",
                                    limit=integer,
                                    offset=integer
                                    )

print(response)
Service class example (Operation ID syntax)
from falconpy import D4CRegistration

# Do not hardcode API credentials!
falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

tenants = 'TENANT1,TENANT2,TENANT3'  # Can also pass a list here: ['TENANT1', 'TENANT2', 'TENANT3']

response = falcon.GetDiscoverCloudAzureAccount(scan_type="string",
                                               ids=id_list,
                                               tenant_ids=tenants,
                                               status="string",
                                               limit=integer,
                                               offset=integer
                                               )

print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

tenants = 'TENANT1,TENANT2,TENANT3'  # Can also pass a list here: ['TENANT1', 'TENANT2', 'TENANT3']

response = falcon.command("GetDiscoverCloudAzureAccount",
                          scan_type="string",
                          ids=id_list,
                          tenant_ids=tenants,
                          status="string",
                          limit=integer,
                          offset=integer
                          )

print(response)

Back to Table of Contents

CreateDiscoverCloudAzureAccount

Creates a new account in our system for a customer and generates a script for them to run in their cloud environment to grant us access.

Deprecated operation

This operation has been superseded by the CreateCSPMAzureAccount operation and is now deprecated. Developers should move code over to this new operation as soon as time permits.

PEP8 method name

create_azure_account

Deprecated ID

This operation ID has recently been changed. The PEP8 method name remains unaffected by this update.

FalconPy supports deprecated IDs and method names via aliases. Developers should consider moving code to leverage the updated ID for this operation whenever possible.

  • Legacy Operation ID: CreateCSPMAzureAccount

Endpoint

MethodRoute
POST/cloud-connect-azure/entities/account/v1

Required Scope

d4c-registration:write

Content-Type

  • Consumes: application/json
  • Produces: application/json

Keyword Arguments

NameServiceUberTypeData typeDescription
account_type
Service Class Support

Uber Class Support
bodystringAzure account type.
body
Service Class Support

Uber Class Support
bodydictionaryFull body payload in JSON format.
client_id
Service Class Support

Uber Class Support
bodystringClient ID.
default_subscription
Service Class Support

Uber Class Support
bodybooleanFlag indicating if this is the default Azure subscription.
subscription_id
Service Class Support

Uber Class Support
bodystringAzure Subscription ID.
tenant_id
Service Class Support

Uber Class Support
bodystringAzure tenant ID.
years_valid
Service Class Support

Uber Class Support
bodyintegerYears valid.

Usage

Service class example (PEP8 syntax)
from falconpy import D4CRegistration

# Do not hardcode API credentials!
falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.create_azure_account(account_type="string",
                                       client_id="string",
                                       default_subscription=boolean,
                                       subscription_id="string",
                                       tenant_id="string",
                                       years_valid=integer
                                       )

print(response)
Service class example (Operation ID syntax)
from falconpy import D4CRegistration

# Do not hardcode API credentials!
falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.CreateDiscoverCloudAzureAccount(account_type="string",
                                                  client_id="string",
                                                  default_subscription=boolean,
                                                  subscription_id="string",
                                                  tenant_id="string",
                                                  years_valid=integer
                                                  )

print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

BODY = {
    "resources": [
        {
            "account_type": "string",
            "client_id": "string",
            "default_subscription": boolean,
            "subscription_id": "string",
            "tenant_id": "string",
            "years_valid": integer
        }
    ]
}

response = falcon.command("CreateDiscoverCloudAzureAccount", body=BODY)

print(response)

Back to Table of Contents

UpdateDiscoverCloudAzureAccountClientID

Update an Azure service account in our system by with the user-created client_id created with the public key we've provided

Deprecated operation

This operation has been superseded by the UpdateCSPMAzureAccountClientID operation and is now deprecated. Developers should move code over to this new operation as soon as time permits.

PEP8 method name

update_azure_account_client_id

Deprecated ID

This operation ID has recently been changed. The PEP8 method name remains unaffected by this update.

FalconPy supports deprecated IDs and method names via aliases. Developers should consider moving code to leverage the updated ID for this operation whenever possible.

  • Legacy Operation ID: UpdateCSPMAzureAccountClientID

Endpoint

MethodRoute
PATCH/cloud-connect-azure/entities/client-id/v1

Required Scope

d4c-registration:write

Content-Type

  • Consumes: application/json
  • Produces: application/json

Keyword Arguments

NameServiceUberTypeData typeDescription
id
Service Class Support

Uber Class Support
querystringClient ID to use for the Service Principal associated with the registered Azure account.
object_id
Service Class Support

Uber Class Support
querystringObject ID to use for the Service Principal associated with the registered Azure account.
tenant_id
Service Class Support

Uber Class Support
querystringTenant ID to update Client ID for. Required if multiple tenants are registered.
parameters
Service Class Support

Uber Class Support
querydictionaryFull query string parameters payload in JSON format.

Usage

Service class example (PEP8 syntax)
from falconpy import D4CRegistration

# Do not hardcode API credentials!
falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.update_azure_account_client_id(id="string",
                                                 object_id="string",
                                                 tenant_id="string"
                                                 )

print(response)
Service class example (Operation ID syntax)
from falconpy import D4CRegistration

# Do not hardcode API credentials!
falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.UpdateDiscoverCloudAzureAccountClientID(id="string",
                                                          object_id="string",
                                                          tenant_id="string"
                                                          )

print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("UpdateDiscoverCloudAzureAccountClientID",
                          id="string",
                          object_id="string",
                          tenant_id="string"
                          )

print(response)

Back to Table of Contents

GetDiscoverCloudAzureUserScriptsAttachment

Return a script for customer to run in their cloud environment to grant us access to their Azure environment as a downloadable attachment

Deprecated operation

This operation has been superseded by the GetCSPMAzureUserScriptsAttachment operation and is now deprecated. Developers should move code over to this new operation as soon as time permits.

PEP8 method name

get_azure_user_scripts_attachment

Deprecated ID

This operation ID has recently been changed. The PEP8 method name remains unaffected by this update.

FalconPy supports deprecated IDs and method names via aliases. Developers should consider moving code to leverage the updated ID for this operation whenever possible.

  • Legacy Operation ID: GetCSPMAzureUserScriptsAttachment

Endpoint

MethodRoute
GET/cloud-connect-azure/entities/user-scripts-download/v1

Required Scope

d4c-registration:read

Content-Type

  • Produces: application/json

Keyword Arguments

NameServiceUberTypeData typeDescription
parameters
Service Class Support

Uber Class Support
querydictionaryFull query string parameters payload in JSON format.
azure_management_group
Service Class Support

Uber Class Support
querybooleanUse Azure Management Group.
subscription_ids
Service Class Support

Uber Class Support
querystring or list of stringsAzure Subscription IDs.
template
Service Class Support

Uber Class Support
querystring or list of stringsTemplate to be rendered.
tenant_id
Service Class Support

Uber Class Support
querystringAzure Tenant IDs.

Usage

Service class example (PEP8 syntax)
from falconpy import D4CRegistration

# Do not hardcode API credentials!
falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

subscriptions = 'SUB1,SUB2,SUB3'  # Can also pass a list here: ['SUB1', 'SUB2', 'SUB3']

tenants = 'TENANT1,TENANT2,TENANT3'  # Can also pass a list here: ['TENANT1', 'TENANT2', 'TENANT3']

response = falcon.get_azure_user_scripts_attachment(subscription_ids=subscriptions,
                                                    azure_management_group=True,
                                                    tenant_id=tenants,
                                                    template="string"
                                                    )

print(response)
Service class example (Operation ID syntax)
from falconpy import D4CRegistration

# Do not hardcode API credentials!
falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

subscriptions = 'SUB1,SUB2,SUB3'  # Can also pass a list here: ['SUB1', 'SUB2', 'SUB3']

tenants = 'TENANT1,TENANT2,TENANT3'  # Can also pass a list here: ['TENANT1', 'TENANT2', 'TENANT3']

response = falcon.GetDiscoverCloudAzureUserScriptsAttachment(subscription_ids=subscriptions,
                                                             azure_management_group=True,
                                                             tenant_id=tenants,
                                                             template="string"
                                                             )

print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

subscriptions = 'SUB1,SUB2,SUB3'  # Can also pass a list here: ['SUB1', 'SUB2', 'SUB3']

tenants = 'TENANT1,TENANT2,TENANT3'  # Can also pass a list here: ['TENANT1', 'TENANT2', 'TENANT3']

response = falcon.command("GetDiscoverCloudAzureUserScriptsAttachment",
                          subscription_ids=subscriptions,
                          azure_management_group=True,
                          tenant_id=tenants,
                          template="string"
                          )

print(response)

Back to Table of Contents

GetDiscoverCloudAzureUserScripts

Return a script for customer to run in their cloud environment to grant us access to their Azure environment

PEP8 method name

get_azure_user_scripts

Deprecated ID

This operation ID has recently been changed. The PEP8 method name remains unaffected by this update.

FalconPy supports deprecated IDs and method names via aliases. Developers should consider moving code to leverage the updated ID for this operation whenever possible.

  • Legacy Operation ID: GetCSPMAzureUserScripts

Endpoint

MethodRoute
GET/cloud-connect-azure/entities/user-scripts/v1

Required Scope

d4c-registration:read

Content-Type

  • Consumes: application/json
  • Produces: application/json

Keyword Arguments

No keywords or arguments accepted.

Usage

Service class example (PEP8 syntax)
from falconpy import D4CRegistration

# Do not hardcode API credentials!
falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.get_azure_user_scripts()

print(response)
Service class example (Operation ID syntax)
from falconpy import D4CRegistration

# Do not hardcode API credentials!
falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.GetDiscoverCloudAzureUserScripts()

print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("GetDiscoverCloudAzureUserScripts")

print(response)

Back to Table of Contents

GetDiscoverCloudCGPAccount

Returns information about the current status of an GCP account.

PEP8 method name

get_gcp_account

Deprecated ID

This operation ID has recently been changed. The PEP8 method name remains unaffected by this update.

FalconPy supports deprecated IDs and method names via aliases. Developers should consider moving code to leverage the updated ID for this operation whenever possible.

  • Legacy Operation ID: GetCSPMCGPAccount

Endpoint

MethodRoute
GET/cloud-connect-gcp/entities/account/v1

Required Scope

d4c-registration:read

Content-Type

  • Consumes: application/json
  • Produces: application/json

Keyword Arguments

NameServiceUberTypeData typeDescription
ids
Service Class Support

Uber Class Support
querystring or list of stringsParent ID(s). When empty, all accounts are returned.
limit
Service Class Support

Uber Class Support
queryintegerThe maximum number of records to return. Defaults to 100.
offset
Service Class Support

Uber Class Support
queryintegerThe offset to start retrieving records from.
parameters
Service Class Support

Uber Class Support
querydictionaryFull query string parameters payload in JSON format.
parent_type
Service Class Support

Uber Class Support
querystringGCP Hierarchy Parent Type. (Folder, Organization or Project).
scan_type
Service Class Support

Uber Class Support
querystringType of scan to perform, dry or full.
sort
Service Class Support

Uber Class Support
querystringFQL formatted string that sets the sort order. Example: parent_type|asc.
status
Service Class Support

Uber Class Support
querystringAccount status to filter results by. operational or provisioned.

Usage

Service class example (PEP8 syntax)
from falconpy import D4CRegistration

# Do not hardcode API credentials!
falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.get_gcp_account(ids=id_list,
                                  limit=integer,
                                  scan_type="string",
                                  offset=integer,
                                  parent_type="string",
                                  sort="string",
                                  status="string"
                                  )

print(response)
Service class example (Operation ID syntax)
from falconpy import D4CRegistration

# Do not hardcode API credentials!
falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.GetDiscoverCloudCGPAccount(ids=id_list,
                                             limit=integer,
                                             scan_type="string",
                                             offset=integer,
                                             parent_type="string",
                                             sort="string",
                                             status="string"
                                             )

print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.command("GetDiscoverCloudCGPAccount",
                          ids=id_list,
                          limit=integer,
                          scan_type="string",
                          offset=integer,
                          parent_type="string",
                          sort="string",
                          status="string"
                          )

print(response)

Back to Table of Contents

CreateDiscoverCloudGCPAccount

Creates a new account in our system for a customer and generates a new service account for them to add access to in their GCP environment to grant us access.

PEP8 method name

create_gcp_account

Deprecated ID

This operation ID has recently been changed. The PEP8 method name remains unaffected by this update.

FalconPy supports deprecated IDs and method names via aliases. Developers should consider moving code to leverage the updated ID for this operation whenever possible.

  • Legacy Operation ID: CreateCSPMGCPAccount

Endpoint

MethodRoute
POST/cloud-connect-gcp/entities/account/v1

Required Scope

d4c-registration:write

Content-Type

  • Consumes: application/json
  • Produces: application/json

Keyword Arguments

NameServiceUberTypeData typeDescription
body
Service Class Support

Uber Class Support
bodydictionaryFull body payload in JSON format.
parent_id
Service Class Support

Uber Class Support
bodystringGCP Parent ID.
parent_type
Service Class Support

Uber Class Support
querystringGCP Hierarchy Parent Type. (Folder, Organization or Project).

Usage

Service class example (PEP8 syntax)
from falconpy import D4CRegistration

# Do not hardcode API credentials!
falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.create_gcp_account(parent_id="string", parent_type="string")

print(response)
Service class example (Operation ID syntax)
from falconpy import D4CRegistration

# Do not hardcode API credentials!
falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.CreateDiscoverCloudGCPAccount(parent_id="string", parent_type="string")

print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

BODY = {
    "resources": [
        {
            "parent_id": "string",
            "parent_type": "string"
        }
    ]
}

response = falcon.command("CreateDiscoverCloudGCPAccount", body=BODY)

print(response)

Back to Table of Contents

DiscoverCloudAzureDownloadCertificate

Returns JSON object(s) that contain the base64 encoded certificate for a service principal.

Deprecated operation

This operation has been superseded by the AzureDownloadCertificate operation and is now deprecated. Developers should move code over to this new operation as soon as time permits.

PEP8 method name

azure_download_certificate

Endpoint

MethodRoute
GET/cloud-connect-azure/entities/download-certificate/v1

Required Scope

d4c-registration:read

Content-Type

  • Consumes: application/json
  • Produces: application/json

Keyword Arguments

NameServiceUberTypeData typeDescription
parameters
Service Class Support

Uber Class Support
querydictionaryFull query string parameters payload in JSON format.
refresh
Service Class Support

Uber Class Support
querybooleanForce a refresh of the certificate. Defaults to False.
tenant_id
Service Class Support

Uber Class Support
querystring or list of stringsThe Azure Client ID to generate script for. Defaults to the most recently registered tenant.
years_valid
Service Class Support

Uber Class Support
bodyintegerYears the certificate should be valid. Only used when refresh is set to True.

Usage

Service class example (PEP8 syntax)
from falconpy import D4CRegistration

# Do not hardcode API credentials!
falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.azure_download_certificate(refresh=boolean,
                                             tenant_id="string",
                                             years_valid=integer
                                             )

print(response)
Service class example (Operation ID syntax)
from falconpy import D4CRegistration

# Do not hardcode API credentials!
falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.DiscoverCloudAzureDownloadCertificate(refresh=boolean,
                                                        tenant_id="string",
                                                        years_valid=integer
                                                        )

print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("DiscoverCloudAzureDownloadCertificate",
                          refresh=boolean,
                          tenant_id="string",
                          years_valid=integer
                          )

print(response)

Back to Table of Contents

GetDiscoverCloudAzureTenantIDs

Return available tenant ids for discover for cloud

Deprecated operation

This operation has been deprecated and will be removed from the SDK when this endpoint is decommissioned.

PEP8 method name

get_azure_tenant_ids

Endpoint

MethodRoute
GET/cloud-connect-azure/entities/tenant-id/v1

Required Scope

d4c-registration:read

Content-Type

  • Produces: application/json

Keyword Arguments

No keywords or arguments accepted.

Usage

Service class example (PEP8 syntax)
from falconpy import D4CRegistration

# Do not hardcode API credentials!
falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.get_azure_tenant_ids()

print(response)
Service class example (Operation ID syntax)
from falconpy import D4CRegistration

# Do not hardcode API credentials!
falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.GetDiscoverCloudAzureTenantIDs()

print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("GetDiscoverCloudAzureTenantIDs")

print(response)

Back to Table of Contents

GetDiscoverCloudGCPUserScriptsAttachment

Return a script for customer to run in their cloud environment to grant us access to their GCP environment as a downloadable attachment

PEP8 method name

get_gcp_user_scripts_attachment

Deprecated ID

This operation ID has recently been changed. The PEP8 method name remains unaffected by this update.

FalconPy supports deprecated IDs and method names via aliases. Developers should consider moving code to leverage the updated ID for this operation whenever possible.

  • Legacy Operation ID: GetCSPMGCPUserScriptsAttachment

Endpoint

MethodRoute
GET/cloud-connect-gcp/entities/user-scripts-download/v1

Required Scope

d4c-registration:read

Content-Type

  • Produces: application/json

Keyword Arguments

No keywords or arguments are accepted.

Usage

Service class example (PEP8 syntax)
from falconpy import D4CRegistration

# Do not hardcode API credentials!
falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.get_gcp_user_scripts_attachment()

print(response)
Service class example (Operation ID syntax)
from falconpy import D4CRegistration

# Do not hardcode API credentials!
falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.GetDiscoverCloudGCPUserScriptsAttachment()

print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("GetDiscoverCloudCPUserScriptsAttachment")

print(response)

Back to Table of Contents

GetDiscoverCloudGCPUserScripts

Return a script for customer to run in their cloud environment to grant us access to their GCP environment.

PEP8 method name

get_gcp_user_scripts

Deprecated ID

This operation ID has recently been changed. The PEP8 method name remains unaffected by this update.

FalconPy supports deprecated IDs and method names via aliases. Developers should consider moving code to leverage the updated ID for this operation whenever possible.

  • Legacy Operation ID: GetCSPMGCPUserScripts

Endpoint

MethodRoute
GET/cloud-connect-gcp/entities/user-scripts/v1

Required Scope

d4c-registration:read

Content-Type

  • Consumes: application/json
  • Produces: application/json

Keyword Arguments

NameServiceUberTypeData typeDescription
parent_type
Service Class Support

Uber Class Support
querystringGCP Hierarchy Parent Type. (Folder, Organization or Project).

Usage

Service class example (PEP8 syntax)
from falconpy import D4CRegistration

# Do not hardcode API credentials!
falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.get_gcp_user_scripts(parent_type="string")

print(response)
Service class example (Operation ID syntax)
from falconpy import D4CRegistration

# Do not hardcode API credentials!
falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.GetDiscoverCloudGCPUserScripts(parent_type="string")

print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("GetDiscoverCloudGCPUserScripts", parent_type="string")

print(response)

Back to Table of Contents

GetHorizonD4CScripts

Returns static install scripts for Horizon.

Deprecated operation

This operation has been deprecated and will be removed from the SDK when this endpoint is decommissioned.

PEP8 method name

get_aws_horizon_scripts

Endpoint

MethodRoute
GET/settings-discover/entities/gen/scripts/v1

Required Scope

d4c-registration:read

Content-Type

  • Produces: application/json

Parameters

NameServiceUberTypeData typeDescription
account_type
Service Class Support

Uber Class Support
querystringAccount type (commercial, gov). Only applicable when registering AWS commercial accounts in a GovCloud environment.
delete
Service Class Support

Uber Class Support
querybooleanGenerate a delete script.
organization_ids
Service Class Support

Uber Class Support
querystring or list of stringsAWS organization ID(s).
parameters
Service Class Support

Uber Class Support
querydictionaryFull query string parameters payload in JSON format, not required when using other keywords.
single_account
Service Class Support

Uber Class Support
querybooleanGenerate a static script for a single account.

Usage

Service class example (PEP8 syntax)
from falconpy.d4c_registration import D4CRegistration

falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.get_aws_horizon_scripts(single_account="string",
                                          organization_id="string",
                                          delete="string",
                                          account_type="string"
                                          )

print(response)
Service class example (Operation ID syntax)
from falconpy import D4CRegistration

falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.GetHorizonD4CScripts(single_account="string",
                                       organization_id="string",
                                       delete="string",
                                       account_type="string"
                                       )

print(response)
Uber class example
from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("GetHorizonD4CScripts", 
                          single_account="string",
                          organization_id="string",
                          delete="string",
                          account_type="string"
                          )

print(response)

Back to Table of Contents

DeleteD4CGCPAccount

Deletes a GCP account from the system.

PEP8 method name

delete_gcp_account

Endpoint

MethodRoute
DELETE/cloud-connect-gcp/entities/account/v1

Required Scope

d4c-registration:write

Content-Type

  • Consumes: application/json
  • Produces: application/json

Keyword Arguments

NameServiceUberTypeData typeDescription
ids
Service Class Support

Uber Class Support
querystring or list of stringsHierarchical Resource IDs of accounts to delete.
parameters
Service Class Support

Uber Class Support
querydictionaryFull query string parameters payload in JSON format.

Usage

Service class example (PEP8 syntax)
from falconpy import D4CRegistration

falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.delete_gcp_account(ids=id_list)

print(response)
Service class example (Operation ID syntax)
from falconpy import D4CRegistration

falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.DeleteD4CGCPAccount(ids=id_list)

print(response)
Uber class example
from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.command("DeleteD4CGCPAccount", ids=id_list)

print(response)

ConnectD4CGCPAccount

Creates a new GCP account with newly-uploaded service account or connects with existing service account with only the following fields: parent_id, parent_type and service_account_id.

PEP8 method name

connect_gcp_account

Endpoint

MethodRoute
POST/cloud-connect-gcp/entities/account/v2

Required Scope

d4c-registration:write

Content-Type

  • Consumes: application/json
  • Produces: application/json

Keyword Arguments

NameServiceUberTypeData typeDescription
body
Service Class Support

Uber Class Support
bodydictionaryFull body payload in JSON format.
client_email
Service Class Support

Uber Class Support
bodystringGCP client email.
client_id
Service Class Support

Uber Class Support
bodystringGCP client ID.
parent_id
Service Class Support

Uber Class Support
bodystringParent ID.
parent_type
Service Class Support

Uber Class Support
bodystringParent type.
private_key
Service Class Support

Uber Class Support
bodystringGCP private key.
private_key_id
Service Class Support

Uber Class Support
bodystringGCP private key ID.
project_id
Service Class Support

Uber Class Support
bodystringGCP project ID.
service_account_id
Service Class Support

Uber Class Support
bodyintegerGCP service account ID.

Usage

Service class example (PEP8 syntax)
from falconpy import D4CRegistration

falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.connect_gcp_account(client_email="string",
                                      client_id="string",
                                      parent_id="string",
                                      parent_type="string",
                                      private_key="string",
                                      private_key_id="string",
                                      project_id="string",
                                      service_account_id=integer
                                      )
print(response)
Service class example (Operation ID syntax)
from falconpy import D4CRegistration

falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.ConnectD4CGCPAccount(client_email="string",
                                        client_id="string",
                                        parent_id="string",
                                        parent_type="string",
                                        private_key="string",
                                        private_key_id="string",
                                        project_id="string",
                                        service_account_id=integer
                                        )
print(response)
Uber class example
from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

body_payload = {
    "resources": [
        {
            "client_email": "string",
            "client_id": "string",
            "parent_id": "string",
            "parent_type": "string",
            "private_key": "string",
            "private_key_id": "string",
            "project_id": "string",
            "service_account_id": integer
        }
    ]
}

response = falcon.command("ConnectD4CGCPAccount", body=body_payload)

print(response)

GetD4CGCPServiceAccountsExt

Returns the service account id and client email for external clients.

PEP8 method name

get_gcp_service_account

Endpoint

MethodRoute
GET/cloud-connect-gcp/entities/service-accounts/v1

Required Scope

d4c-registration:read

Content-Type

  • Consumes: application/json
  • Produces: application/json

Keyword Arguments

NameServiceUberTypeData typeDescription
id
Service Class Support

Uber Class Support
querystringService account ID to retrieve.
parameters
Service Class Support

Uber Class Support
querydictionaryFull query string parameters payload in JSON format.

Usage

Service class example (PEP8 syntax)
from falconpy import D4CRegistration

falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.get_gcp_service_account(id="string")

print(response)
Service class example (Operation ID syntax)
from falconpy import D4CRegistration

falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

response = falcon.GetD4CGCPServiceAccountsExt(id="string")

print(response)
Uber class example
from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("GetD4CGCPServiceAccountsExt", id="string")

print(response)

UpdateD4CGCPServiceAccountsExt

Updates an existing GCP service account.

PEP8 method name

update_gcp_service_account

Endpoint

MethodRoute
PATCH/cloud-connect-gcp/entities/service-accounts/v1

Required Scope

d4c-registration:write

Content-Type

  • Consumes: application/json
  • Produces: application/json

Keyword Arguments

NameServiceUberTypeData typeDescription
body
Service Class Support

Uber Class Support
bodydictionaryFull body payload in JSON format.
client_email
Service Class Support

Uber Class Support
bodystringClient email associated with the account.
client_id
Service Class Support

Uber Class Support
bodystringGCP Client ID.
private_key
Service Class Support

Uber Class Support
bodystringGCP private key.
private_key_id
Service Class Support

Uber Class Support
bodystringGCP private key ID.
project_id
Service Class Support

Uber Class Support
bodystringGCP project ID.
service_account_conditions
Service Class Support

Uber Class Support
bodylist of dictionariesGCP service account conditions.
service_account_id
Service Class Support

Uber Class Support
bodyintegerGCP service account ID.

Usage

Service class example (PEP8 syntax)
from falconpy import CSPMRegistration

# Do not hardcode API credentials!
falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

conditions = [
    {
        "feature": "string",
        "is_visible": boolean,
        "last_transition": "UTC date string",
        "message": "string",
        "reason": "string",
        "status": "string",
        "type": "string"
    }
]

response = falcon.update_gcp_service_account(client_email="string",
                                             client_id="string",
                                             private_key="string",
                                             private_key_id="string",
                                             project_id="string",
                                             service_account_conditions=conditions,
                                             service_account_id=integer
                                             )
print(response)
Service class example (Operation ID syntax)
from falconpy import CSPMRegistration

# Do not hardcode API credentials!
falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

conditions = [
    {
        "feature": "string",
        "is_visible": boolean,
        "last_transition": "UTC date string",
        "message": "string",
        "reason": "string",
        "status": "string",
        "type": "string"
    }
]

response = falcon.UpdateD4CGCPServiceAccountsExt(client_email="string",
                                                 client_id="string",
                                                 private_key="string",
                                                 private_key_id="string",
                                                 project_id="string",
                                                 service_account_conditions=conditions,
                                                 service_account_id=integer
                                                 )
print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

body_payload = {
    "resources": [
        {
            "client_email": "string",
            "client_id": "string",
            "private_key": "string",
            "private_key_id": "string",
            "project_id": "string",
            "service_account_conditions": [
                {
                    "feature": "string",
                    "is_visible": boolean,
                    "last_transition": "UTC date string",
                    "message": "string",
                    "reason": "string",
                    "status": "string",
                    "type": "string"
                }
            ],
            "service_account_id": integer
        }
    ]
}

response = falcon.command("UpdateD4CGCPServiceAccountsExt", body=body_payload)

print(response)

GetD4CGCPUserScriptsAttachment

Return a script for customer to run in their cloud environment to grant us access to their GCP environment as a downloadable attachment

PEP8 method name

get_gcp_user_scripts_attachment

Endpoint

MethodRoute
GET/cloud-connect-gcp/entities/user-scripts-download/v1

Required Scope

d4c-registration:read

Content-Type

  • Produces: application/json

Keyword Arguments

NameServiceUberTypeData typeDescription
ids
Service Class Support

Uber Class Support
querystring or list of stringsHierarchical Resource IDs of accounts.
parameters
Service Class Support

Uber Class Support
querydictionaryFull query string parameters payload in JSON format.
parent_type
Service Class Support

Uber Class Support
querystringGCP Hierarchy Parent Type. Allowed values: organization, folder or project
status
Service Class Support

Uber Class Support
querystringAccount status to filter results by.

Usage

Service class example (PEP8 syntax)
from falconpy import D4CRegistration

falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.get_gcp_user_scripts_attachment(parent_type="string", ids=id_list, status="string")

print(response)
Service class example (Operation ID syntax)
from falconpy import D4CRegistration

falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.GetD4CGCPUserScriptsAttachment(parent_type="string",
                                                 ids=id_list,
                                                 status="string"
                                                 )

print(response)
Uber class example
from falconpy import APIHarness

falcon = APIHarness(client_id=CLIENT_ID,
                    client_secret=CLIENT_SECRET
                    )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.command("GetD4CGCPUserScriptsAttachment",
                          parent_type="string",
                          ids=id_list,
                          status="string"
                          )

print(response)