CrowdStrike Falcon CrowdStrike Subreddit

Using the Image Assessment Policies service collection

Uber class support Service class support Documentation Version Page Updated

Table of Contents

Operation IDDescription
ReadPolicies
PEP8read_policies
Get all Image Assessment policies
CreatePolicies
PEP8create_policies
Create Image Assessment policies
DeletePolicy
PEP8delete_policy
Delete Image Assessment Policy by policy UUID
UpdatePolicies
PEP8update_policies
Update Image Assessment Policy entities
ReadPolicyExclusions
PEP8read_policy_exclusions
Retrieve Image Assessment Policy Exclusion entities
UpdatePolicyExclusions
PEP8update_policy_exclusions
Update Image Assessment Policy Exclusion entities
ReadPolicyGroups
PEP8read_policy_groups
Retrieve Image Assessment Policy Group entities
CreatePolicyGroups
PEP8create_policy_groups
Create Image Assessment Policy Group entities
DeletePolicyGroup
PEP8delete_policy_group
Delete Image Assessment Policy Group entities
UpdatePolicyGroups
PEP8update_policy_groups
Update Image Assessment Policy Group entities
UpdatePolicyPrecedence
PEP8update_policy_precedence
Update Image Assessment Policy precedence

Passing credentials

WARNING

client_id and client_secret are keyword arguments that contain your CrowdStrike API credentials. Please note that all examples below do not hard code these values. (These values are ingested as strings.)

CrowdStrike does not recommend hard coding API credentials or customer identifiers within source code.

ReadPolicies

Get all Image Assessment policies.

PEP8 method name

read_policies

Endpoint

MethodRoute
GET/container-security/entities/image-assessment-policies/v1

Required Scope

falcon-container-image:read

Content-Type

  • Produces: application/json

Keyword Arguments

No keywords or arguments accepted.

Usage

Service class example (PEP8 syntax)
from falconpy import ImageAssessmentPolicies

# Do not hardcode API credentials!
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
                                 client_secret=CLIENT_SECRET
                                 )

response = falcon.read_policies()

print(response)
Service class example (Operation ID syntax)
from falconpy import ImageAssessmentPolicies

# Do not hardcode API credentials!
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
                                 client_secret=CLIENT_SECRET
                                 )

response = falcon.ReadPolicies()

print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("ReadPolicies")

print(response)

CreatePolicies

Create Image Assessment policies.

PEP8 method name

create_policies

Endpoint

MethodRoute
POST/container-security/entities/image-assessment-policies/v1

Required Scope

falcon-container-image:write

Content-Type

  • Produces: application/json

Keyword Arguments

NameServiceUberTypeData typeDescription
bodyService Class Support
Uber Class SupportbodydictionaryFull body payload in JSON format.
descriptionService Class Support
Uber Class SupportbodystringPolicy description.
nameService Class Support
Uber Class SupportbodystringPolicy name.

Usage

Service class example (PEP8 syntax)
from falconpy import ImageAssessmentPolicies

# Do not hardcode API credentials!
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
                                 client_secret=CLIENT_SECRET
                                 )

response = falcon.create_policies(description="string", name="string")

print(response)
Service class example (Operation ID syntax)
from falconpy import ImageAssessmentPolicies

# Do not hardcode API credentials!
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
                                 client_secret=CLIENT_SECRET
                                 )

response = falcon.CreatePolicies(description="string", name="string")

print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

body_payload = {
  "description": "string",
  "name": "string"
}

response = falcon.command("CreatePolicies", body=body_payload)

print(response)

DeletePolicy

Delete Image Assessment Policy by policy UUID.

PEP8 method name

delete_policy

Endpoint

MethodRoute
DELETE/container-security/entities/image-assessment-policies/v1

Required Scope

falcon-container-image:write

Content-Type

  • Produces: application/json

Keyword Arguments

NameServiceUberTypeData typeDescription
id
Service Class Support

Uber Class Support
querystringImage Assessment Policy entity UUID.
parameters
Service Class Support

Uber Class Support
querydictionaryFull query string parameters payload in JSON format.

Usage

Service class example (PEP8 syntax)
from falconpy import ImageAssessmentPolicies

# Do not hardcode API credentials!
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
                                 client_secret=CLIENT_SECRET
                                 )

response = falcon.delete_policy(id="string")

print(response)
Service class example (Operation ID syntax)
from falconpy import ImageAssessmentPolicies

# Do not hardcode API credentials!
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
                                 client_secret=CLIENT_SECRET
                                 )

response = falcon.DeletePolicy(id="string")

print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("DeletePolicy", id="string")

print(response)

UpdatePolicies

Update Image Assessment Policy entities.

PEP8 method name

update_policies

Endpoint

MethodRoute
PATCH/container-security/entities/image-assessment-policies/v1

Required Scope

falcon-container-image:write

Content-Type

  • Produces: application/json

Keyword Arguments

NameServiceUberTypeData typeDescription
bodyService Class SupportUber Class SupportbodydictionaryFull body payload in JSON format.
descriptionService Class SupportUber Class SupportbodystringPolicy description.
idService Class SupportUber Class SupportquerystringImage Assessment Policy entity UUID.
is_enabledService Class SupportUber Class SupportquerybooleanFlag indicating if the policy is currently enabled.
nameService Class SupportUber Class SupportbodystringPolicy name.
parametersService Class SupportUber Class SupportquerydictionaryFull query string parameters payload in JSON format.
policy_dataService Class SupportUber Class SupportbodydictionaryImage Assessment Policy rules in JSON format.

Usage

Service class example (PEP8 syntax)
from falconpy import ImageAssessmentPolicies

# Do not hardcode API credentials!
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
                                 client_secret=CLIENT_SECRET
                                 )
policy_data = {
    "rules": [
        {
        "action": "string",
        "policy_rules_data": {
            "conditions": [
                {}
            ]
        }
        }
    ]
}

response = falcon.update_policies(description="string",
                                  id="string",
                                  is_enabled=boolean,
                                  name="string",
                                  policy_data=policy_data
                                  )
print(response)
Service class example (Operation ID syntax)
from falconpy import ImageAssessmentPolicies

# Do not hardcode API credentials!
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
                                 client_secret=CLIENT_SECRET
                                 )
policy_data = {
    "rules": [
        {
        "action": "string",
        "policy_rules_data": {
            "conditions": [
                {}
            ]
        }
        }
    ]
}

response = falcon.UpdatePolicies(description="string",
                                 id="string",
                                 is_enabled=boolean,
                                 name="string",
                                 policy_data=policy_data
                                 )
print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )
body_payload = {
  "description": "string",
  "is_enabled": boolean,
  "name": "string",
  "policy_data": {
    "rules": [
      {
        "action": "string",
        "policy_rules_data": {
          "conditions": [
            {}
          ]
        }
      }
    ]
  }
}

response = falcon.command("UpdatePolicies",
                          id="string",
                          body=body_payload
                          )
print(response)

ReadPolicyExclusions

Retrieve Image Assessment Policy Exclusion entities.

PEP8 method name

read_policy_exclusions

Endpoint

MethodRoute
GET/container-security/entities/image-assessment-policy-exclusions/v1

Required Scope

falcon-container-image:read

Content-Type

  • Produces: application/json

Keyword Arguments

No keywords or arguments accepted.

Usage

Service class example (PEP8 syntax)
from falconpy import ImageAssessmentPolicies

# Do not hardcode API credentials!
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
                                 client_secret=CLIENT_SECRET
                                 )

response = falcon.read_policy_exclusions()

print(response)
Service class example (Operation ID syntax)
from falconpy import ImageAssessmentPolicies

# Do not hardcode API credentials!
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
                                 client_secret=CLIENT_SECRET
                                 )

response = falcon.ReadPolicyExclusions()

print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("ReadPolicyExclusions")

print(response)

UpdatePolicyExclusions

Update Image Assessment Policy Exclusion entities.

PEP8 method name

update_policy_exclusions

Endpoint

MethodRoute
POST/container-security/entities/image-assessment-policy-exclusions/v1

Required Scope

falcon-container-image:write

Content-Type

  • Produces: application/json

Keyword Arguments

NameServiceUberTypeData typeDescription
bodyService Class SupportUber Class SupportbodydictionaryFull body payload in JSON format.
conditionsService Class SupportUber Class Supportbodylist of dictionariesList of conditions to apply. Overrides other keywords if provided.
descriptionService Class SupportUber Class SupportbodystringCondition description. Ignored if conditions keyword is used.
propService Class SupportUber Class SupportbodystringCondition property. Ignored if conditions keyword is used.
ttlService Class SupportUber Class SupportbodyintegerCondition time to live. Ignored if conditions keyword is used.
valueService Class SupportUber Class Supportbodylist of stringsCondition values. Ignored if conditions keyword is used.

Usage

Service class example (PEP8 syntax)
from falconpy import ImageAssessmentPolicies

# Do not hardcode API credentials!
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
                                 client_secret=CLIENT_SECRET
                                 )

value_list = ["VALUE1", "VALUE2", "VALUE3"]

response = falcon.update_policy_exclusions(description="string",
                                           prop="string",
                                           ttl=integer,
                                           value=value_list
                                           )
print(response)
Service class example (Operation ID syntax)
from falconpy import ImageAssessmentPolicies

# Do not hardcode API credentials!
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
                                 client_secret=CLIENT_SECRET
                                 )

value_list = ["VALUE1", "VALUE2", "VALUE3"]

response = falcon.UpdatePolicyExclusions(description="string",
                                         prop="string",
                                         ttl=integer,
                                         value=value_list
                                         )
print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

# The following structure can be used in the examples
# above (i.e. Service Class usage) by leveraging the
# conditions keyword. This will override the other
# keywords listed in the examples above.
conditions_list = [
    {
      "description": "string",
      "prop": "string",
      "ttl": integer,
      "value": [
        "string"
      ]
    },
    {
      "description": "string",
      "prop": "string",
      "ttl": integer,
      "value": [
        "string"
      ]
    }    
]


body_payload = {
  "conditions": conditions_list
}

response = falcon.command("UpdatePolicyExclusions", body=body_payload)

print(response)

ReadPolicyGroups

Retrieve Image Assessment Policy Group entities.

PEP8 method name

read_policy_groups

Endpoint

MethodRoute
GET/container-security/entities/image-assessment-policy-groups/v1

Required Scope

falcon-container-image:read

Content-Type

  • Produces: application/json

Keyword Arguments

No keywords or arguments accepted.

Usage

Service class example (PEP8 syntax)
from falconpy import ImageAssessmentPolicies

# Do not hardcode API credentials!
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
                                 client_secret=CLIENT_SECRET
                                 )

response = falcon.read_policy_groups()

print(response)
Service class example (Operation ID syntax)
from falconpy import ImageAssessmentPolicies

# Do not hardcode API credentials!
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
                                 client_secret=CLIENT_SECRET
                                 )

response = falcon.ReadPolicyGroups()

print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("ReadPolicyGroups")

print(response)

CreatePolicyGroups

Create Image Assessment Policy Group entities.

PEP8 method name

create_policy_groups

Endpoint

MethodRoute
POST/container-security/entities/image-assessment-policy-groups/v1

Required Scope

falcon-container-image:write

Content-Type

  • Produces: application/json

Keyword Arguments

NameServiceUberTypeData typeDescription
bodyService Class SupportUber Class SupportbodydictionaryFull body payload in JSON format.
conditionsService Class SupportUber Class Supportbodylist of dictionariesList of policy conditions to apply. Overriden if policy_group_data keyword is used.
descriptionService Class SupportUber Class SupportbodystringPolicy group description.
nameService Class SupportUber Class SupportbodystringPolicy group name.
policy_group_dataService Class SupportUber Class SupportbodydictionaryPolicy group data in JSON format. Overrides conditions keyword if provided.
policy_idService Class SupportUber Class SupportbodystringPolicy ID.

Usage

Service class example (PEP8 syntax)
from falconpy import ImageAssessmentPolicies

# Do not hardcode API credentials!
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
                                 client_secret=CLIENT_SECRET
                                 )
conditions_list = [
    {},
    {}
]
response = falcon.create_policy_groups(conditions=conditions_list,
                                       description="string",
                                       name="string",
                                       policy_id="string"
                                       )
print(response)
Service class example (Operation ID syntax)
from falconpy import ImageAssessmentPolicies

# Do not hardcode API credentials!
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
                                 client_secret=CLIENT_SECRET
                                 )
conditions_list = [
    {},
    {}
]
response = falcon.CreatePolicyGroups(conditions=conditions_list,
                                     description="string",
                                     name="string",
                                     policy_id="string"
                                     )
print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

conditions_list = [
    {},
    {}
]
body_payload = {
  "description": "string",
  "name": "string",
  "policy_group_data": {
    "conditions": condtions_list
  },
  "policy_id": "string"
}

response = falcon.command("CreatePolicyGroups", body=body_payload)

print(response)

DeletePolicyGroup

Delete Image Assessment Policy Group entities

PEP8 method name

delete_policy_group

Endpoint

MethodRoute
DELETE/container-security/entities/image-assessment-policy-groups/v1

Required Scope

falcon-container-image:write

Content-Type

  • Produces: application/json

Keyword Arguments

NameServiceUberTypeData typeDescription
id
Service Class Support

Uber Class Support
querystringPolicy Image group entity UUID.
parameters
Service Class Support

Uber Class Support
querydictionaryFull query string parameters payload in JSON format.

Usage

Service class example (PEP8 syntax)
from falconpy import ImageAssessmentPolicies

# Do not hardcode API credentials!
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
                                 client_secret=CLIENT_SECRET
                                 )

response = falcon.delete_policy_group(id="string")

print(response)
Service class example (Operation ID syntax)
from falconpy import ImageAssessmentPolicies

# Do not hardcode API credentials!
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
                                 client_secret=CLIENT_SECRET
                                 )

response = falcon.DeletePolicyGroup(id="string")

print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("DeletePolicyGroup", id="string")

print(response)

UpdatePolicyGroups

Update Image Assessment Policy Group entities

PEP8 method name

update_policy_groups

Endpoint

MethodRoute
PATCH/container-security/entities/image-assessment-policy-groups/v1

Required Scope

falcon-container-image:write

Content-Type

  • Produces: application/json

Keyword Arguments

NameServiceUberTypeData typeDescription
bodyService Class SupportUber Class SupportbodydictionaryFull body payload in JSON format.
conditionsService Class SupportUber Class Supportbodylist of dictionariesList of policy conditions to apply. Overriden if policy_group_data keyword is used.
descriptionService Class SupportUber Class SupportbodystringPolicy group description.
id
Service Class Support

Uber Class Support
querystringPolicy Image group entity UUID.
nameService Class SupportUber Class SupportbodystringPolicy group name.
parameters
Service Class Support

Uber Class Support
querydictionaryFull query string parameters payload in JSON format.
policy_group_dataService Class SupportUber Class SupportbodydictionaryPolicy group data in JSON format. Overrides conditions keyword if provided.

Usage

Service class example (PEP8 syntax)
from falconpy import ImageAssessmentPolicies

# Do not hardcode API credentials!
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
                                 client_secret=CLIENT_SECRET
                                 )

conditions_list = [
    {},
    {}
]
response = falcon.update_policy_groups(id="string",
                                       conditions=conditions_list,
                                       description="string",
                                       name="string"
                                       )
print(response)
Service class example (Operation ID syntax)
from falconpy import ImageAssessmentPolicies

# Do not hardcode API credentials!
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
                                 client_secret=CLIENT_SECRET
                                 )

conditions_list = [
    {},
    {}
]
response = falcon.UpdatePolicyGroups(id="string",
                                     conditions=conditions_list,
                                     description="string",
                                     name="string"
                                     )
print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                    client_secret=CLIENT_SECRET
                    )

conditions_list = [
    {},
    {}
]
body_payload = {
  "description": "string",
  "name": "string",
  "policy_group_data": {
    "conditions": conditions_list
  }
}

response = falcon.command("UpdatePolicyGroups", id="string", body=body_payload)

print(response)

UpdatePolicyPrecedence

Update Image Assessment Policy precedence

PEP8 method name

update_policy_precedence

Endpoint

MethodRoute
POST/container-security/entities/image-assessment-policy-precedence/v1

Required Scope

falcon-container-image:write

Content-Type

  • Produces: application/json

Keyword Arguments

NameServiceUberTypeData typeDescription
bodyService Class SupportUber Class SupportbodydictionaryFull body payload in JSON format.
precedenceService Class SupportUber Class Supportbodystring or list of stringsList of policy conditions to apply.

Usage

Service class example (PEP8 syntax)
from falconpy import ImageAssessmentPolicies

# Do not hardcode API credentials!
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
                                 client_secret=CLIENT_SECRET
                                 )

# Precedence will be applied in the order provided.
ordered_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.update_policy_precedence(precedence=ordered_list)

print(response)
Service class example (Operation ID syntax)
from falconpy import ImageAssessmentPolicies

# Do not hardcode API credentials!
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
                                 client_secret=CLIENT_SECRET
                                 )

# Precedence will be applied in the order provided.
ordered_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.UpdatePolicyPrecedence(precedence=ordered_list)

print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

# Precedence will be applied in the order provided.
ordered_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

body_payload = {
  "precedence": ordered_list
}

response = falcon.command("UpdatePolicyPrecedence", body=body_payload)

print(response)