Using the Falcon Container service collection
Table of Contents
| Operation ID | Description | ||||
|---|---|---|---|---|---|
| Gets the registry credentials. | ||||
| Retrieve an assessment report for an image by specifying repository and tag. | ||||
| Delete image details from the CrowdStrike registry. | ||||
| Check if an image matches a policy by specifying repository and tag. | ||||
Passing credentials
WARNING
client_idandclient_secretare keyword arguments that contain your CrowdStrike API credentials. Please note that all examples below do not hard code these values. (These values are ingested as strings.)CrowdStrike does not recommend hard coding API credentials or customer identifiers within source code.
GetCredentials
Gets the registry credentials
PEP8 method name
get_credentials
Endpoint
| Method | Route |
|---|---|
 | /container-security/entities/image-registry-credentials/v1 |
Content-Type
- Produces: application/json
Keyword Arguments
No keywords or arguments accepted.
Usage
Service class example (PEP8 syntax)
from falconpy import FalconContainer
# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.get_credentials()
print(response)
Service class example (Operation ID syntax)
from falconpy import FalconContainer
# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.GetCredentials()
print(response)
Uber class example
from falconpy import APIHarness
# Do not hardcode API credentials!
falcon = APIHarness(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("GetCredentials")
print(response)
Back to Table of Contents
GetImageAssessmentReport
Retrieve an assessment report for an image by specifying repository and tag.
PEP8 method name
get_assessment
Endpoint
| Method | Route |
|---|---|
| /reports |
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| parameters |  | | query | dictionary | Full query string parameters payload in JSON format. |
| repository | | | query | string | Repository where the image resides. |
| tag | | | query | string | Tag used for the image assessed. |
Usage
Service class example (PEP8 syntax)
from falconpy import FalconContainer
# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.get_assessment(repository="string", tag="string")
print(response)
Service class example (Operation ID syntax)
from falconpy import FalconContainer
# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.GetImageAssessmentReport(repository="string", tag="string")
print(response)
Uber class example
from falconpy import APIHarness
# Do not hardcode API credentials!
falcon = APIHarness(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("GetImageAssessmentReport", repository="string", tag="string")
print(response)
Back to Table of Contents
DeleteImageDetails
Delete image details from the CrowdStrike registry.
PEP8 method name
delete_image_details
Endpoint
| Method | Route |
|---|---|
 | /images/{} |
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| image_id | | | path | string | ID of the image to delete details for. |
Usage
Service class example (PEP8 syntax)
from falconpy import FalconContainer
# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.delete_image_details(image_id="string")
print(response)
Service class example (Operation ID syntax)
from falconpy import FalconContainer
# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.DeleteImageDetails(image_id="string")
print(response)
Uber class example
from falconpy import APIHarness
# Do not hardcode API credentials!
falcon = APIHarness(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("DeleteImageDetails", image_id="string")
print(response)
Back to Table of Contents
ImageMatchesPolicy
Check if an image matches a policy by specifying repository and tag.
PEP8 method name
image_matches_policy
Endpoint
| Method | Route |
|---|---|
| /policy-checks |
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| parameters | | | query | dictionary | Full query string parameters payload in JSON format. |
| repository | | | query | string | Repository where the image resides. |
| tag | | | query | string | Tag used for the image assessed. |
Usage
Service class example (PEP8 syntax)
from falconpy import FalconContainer
# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.image_matches_policy(repository="string", tag="string")
print(response)
Service class example (Operation ID syntax)
from falconpy import FalconContainer
# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.ImageMatchesPolicy(repository="string", tag="string")
print(response)
Uber class example
from falconpy import APIHarness
# Do not hardcode API credentials!
falcon = APIHarness(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("ImageMatchesPolicy", repository="string", tag="string")
print(response)
Back to Table of Contents
ReadImageVulnerabilities
Check if an image matches a policy by specifying repository and tag.
PEP8 method name
read_image_vulnerabilities
Endpoint
| Method | Route |
|---|---|
 | /image-assessment/combined/vulnerability-lookups/v1 |
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| body | | | body | dictionary | Full body payload in JSON format, not required if using other keywords. |
| osversion | |  | body | string | Operating system version for the image to be read. |
| packages | | | body | list of dictionaries | List of packages to review. |
Usage
Service class example (PEP8 syntax)
from falconpy import FalconContainer
# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
package_list = [
{
"LayerHash": "string",
"LayerIndex": integer,
"MajorVersion": "string",
"PackageHash": "string",
"PackageProvider": "string",
"PackageSource": "string",
"Product": "string",
"SoftwareArchitecture": "string",
"Status": "string",
"Vendor": "string"
}
]
response = falcon.read_image_vulnerabilities(osversion="string", packages=package_list)
print(response)
Service class example (Operation ID syntax)
from falconpy import FalconContainer
# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
package_list = [
{
"LayerHash": "string",
"LayerIndex": integer,
"MajorVersion": "string",
"PackageHash": "string",
"PackageProvider": "string",
"PackageSource": "string",
"Product": "string",
"SoftwareArchitecture": "string",
"Status": "string",
"Vendor": "string"
}
]
response = falcon.ReadImageVulnerabilities(osversion="string", packages=package_list)
print(response)
Uber class example
from falconpy import APIHarness
# Do not hardcode API credentials!
falcon = APIHarness(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
BODY = {
"osversion": "string",
"packages": [
{
"LayerHash": "string",
"LayerIndex": integer,
"MajorVersion": "string",
"PackageHash": "string",
"PackageProvider": "string",
"PackageSource": "string",
"Product": "string",
"SoftwareArchitecture": "string",
"Status": "string",
"Vendor": "string"
}
]
}
response = falcon.command("ReadImageVulnerabilities", body=BODY)
print(response)
Back to Table of Contents