Using the Falcon Container service collection
Table of Contents
| Operation ID | Description | ||||
|---|---|---|---|---|---|
| Download an export file | ||||
| Read export jobs entities | ||||
| Launch an export job of a Container Security resource. Maximum of 1 job in progress per resource | ||||
| Query export jobs entities | ||||
| Gets the registry credentials. | ||||
| Gets the registry credentials. | ||||
| Retrieve an assessment report for an image by specifying repository and tag. | ||||
| Delete image details from the CrowdStrike registry. | ||||
| Check if an image matches a policy by specifying repository and tag. | ||||
| Retrieve an assessment report for an image by specifying repository and tag. | ||||
| Retrieve registry entities associated with the client ID. | ||||
| Retrieve registry entities associated with a specific UUID. | ||||
| Delete registry entities by UUID. | ||||
| Create registry entities using the provided detail. | ||||
| Update the registry entity, as identified by the entity UUID, using the provided details. | ||||
Passing credentials
WARNING
client_idandclient_secretare keyword arguments that contain your CrowdStrike API credentials. Please note that all examples below do not hard code these values. (These values are ingested as strings.)CrowdStrike does not recommend hard coding API credentials or customer identifiers within source code.
DownloadExportFile
Download an export file
PEP8 method name
DownloadExportFile
Endpoint
| Method | Route |
|---|---|
 | /container-security/entities/exports/files/v1 |
Required Scope
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| :white_check_mark: | id | query | string | Export job ID. | |
| id |  | | query | string or list of strings | Export Job ID. |
| parameters | | | query | dictionary | Full query string parameters payload in JSON format. |
Usage
Service class example (PEP8 syntax)
from falconpy import FalconContainer
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.DownloadExportFile(id="string")
print(response)
Service class example (Operation ID syntax)
from falconpy import FalconContainer
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.DownloadExportFile(id="string")
print(response)
Uber class example
from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("DownloadExportFile", id="string")
print(response)
Back to Table of Contents
ReadExportJobs
Read export jobs entities.
PEP8 method name
read_export_jobs
Endpoint
| Method | Route |
|---|---|
| /container-security/entities/exports/v1 |
Required Scope
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| ids | | | query | string or list of strings | Export Job IDs to read. Allowed up to 100 IDs per request. |
| parameters | | | query | dictionary | Full query string parameters payload in JSON format. |
Usage
Service class example (PEP8 syntax)
from falconpy import FalconContainer
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.read_export_jobs(ids=id_list)
print(response)
Service class example (Operation ID syntax)
from falconpy import FalconContainer
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.ReadExportJobs(ids=id_list)
print(response)
Uber class example
from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.command("ReadExportJobs", ids=id_list)
print(response)
Back to Table of Contents
LaunchExportJob
Launch an export job of a Container Security resource. Maximum of 1 job in progress per resource
PEP8 method name
launch_export_job
Endpoint
| Method | Route |
|---|---|
 | /container-security/entities/exports/v1 |
Required Scope
Content-Type
- Consumes: application/json
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| body | |  | body | dictionary | Full body payload in JSON format, not required if using other keywords. |
| format | |  | body | string | Export job format. |
| fql | | | body | string | Falcon Query Language string defining the export job. |
| resource | | | body | string | Resource to run the export job against. Supported resources: assets.clusters, assets.containers, assets.deployments, assets.images, assets.namespaces, assets.nodes, assets.pods, images.images-assessment-detections-expanded, images.images-assessment-expanded, images.images-assessment-vulnerabilities-expanded, images.images-assessment, images.images-detections, images.packages, images.vulnerabilities, investigate.container-alerts, investigate.drift-indicators, investigate.kubernetes-ioms, investigate.runtime-detections, investigate.unidentified-containers, network.events, and policies.exclusions |
| sort | | | body | string | Falcon Query Language sort string defining the sort used for the export. |
Usage
Service class example (PEP8 syntax)
from falconpy import FalconContainer
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.launch_export_job(format="string",
fql="string",
resource="string",
sort="string"
)
print(response)
Service class example (Operation ID syntax)
from falconpy import FalconContainer
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.LaunchExportJob(format="string", fql="string", resource="string", sort="string")
print(response)
Uber class example
from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
body_payload = {
"format": "string",
"fql": "string",
"resource": "string",
"sort": "string"
}
response = falcon.command("LaunchExportJob", body=body_payload)
print(response)
Back to Table of Contents
QueryExportJobs
Query export jobs entities
PEP8 method name
query_export_jobs
Endpoint
| Method | Route |
|---|---|
| /container-security/queries/exports/v1 |
Required Scope
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| filter | query | string | Filter exports using a query in Falcon Query Language (FQL). Only the last 100 jobs are returned. Supported filter fields: resource and status | ||
| parameters | | | query | dictionary | Full query string parameters payload in JSON format. |
Usage
Service class example (PEP8 syntax)
from falconpy import FalconContainer
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.query_export_jobs(filter="string")
print(response)
Service class example (Operation ID syntax)
from falconpy import FalconContainer
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.QueryExportJobs(filter="string")
print(response)
Uber class example
from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("QueryExportJobs", filter="string")
print(response)
Back to Table of Contents
GetCombinedImages
Get image assessment results by providing an FQL filter and paging details.
PEP8 method name
get_combined_images
Endpoint
| Method | Route |
|---|---|
| /container-security/combined/image-assessment/images/v1 |
Required Scope
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| offset | | | query | integer | The offset to start retrieving records from |
| parameters | | | query | dictionary | Full query string parameters payload in JSON format. |
| limit | | | query | integer | The maximum records to return. [1-200] |
| sort | | | query | string | The property to sort by (e.g. status.desc or hostname.asc) |
| filter | | | query | string | Filter images using a query in Falcon Query Language (FQL). Supported filters:
|
Usage
Service class example (PEP8 syntax)
from falconpy import Hosts
# Do not hardcode API credentials!
falcon = Hosts(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.get_combined_images(offset=integer,
limit=integer,
sort="string",
filter="string"
)
print(response)
Service class example (Operation ID syntax)
from falconpy import Hosts
# Do not hardcode API credentials!
falcon = Hosts(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.GetCombinedImages(offset=integer,
limit=integer,
sort="string",
filter="string"
)
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("GetCombinedImages",
offset=integer,
limit=integer,
sort="string",
filter="string"
)
print(response)
GetCredentials
Gets the registry credentials
PEP8 method name
get_credentials
Endpoint
| Method | Route |
|---|---|
| /container-security/entities/image-registry-credentials/v1 |
Required Scope
Content-Type
- Produces: application/json
Keyword Arguments
No keywords or arguments accepted.
Usage
Service class example (PEP8 syntax)
from falconpy import FalconContainer
# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.get_credentials()
print(response)
Service class example (Operation ID syntax)
from falconpy import FalconContainer
# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.GetCredentials()
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("GetCredentials")
print(response)
Back to Table of Contents
GetImageAssessmentReport
Retrieve an assessment report for an image by specifying image ID and digest or repository and tag.
PEP8 method name
get_assessment
Endpoint
| Method | Route |
|---|---|
| /reports |
Required Scope
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| image_id | | | query | string | Image ID of the image assessed. Must be provided in conjuction with digest. |
| digest | | | query | string | Hash digest of the image assessed. Must be provided in conjuction with image_id. |
| parameters | | | query | dictionary | Full query string parameters payload in JSON format. |
| repository | | | query | string | Repository where the image resides. Must be provided in conjuction with tag. |
| tag | | | query | string | Tag used for the image assessed. Must be provided in conjuction with repository. |
If both sets of parameters are provided within the same request,
image_idanddigesttake precedence.
Usage
Service class example (PEP8 syntax)
from falconpy import FalconContainer
# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.get_assessment(repository="string", tag="string")
print(response)
Service class example (Operation ID syntax)
from falconpy import FalconContainer
# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.GetImageAssessmentReport(repository="string", tag="string")
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("GetImageAssessmentReport", repository="string", tag="string")
print(response)
Back to Table of Contents
DeleteImageDetails
Delete image details from the CrowdStrike registry.
PEP8 method name
delete_image_details
Endpoint
| Method | Route |
|---|---|
 | /images/{} |
Required Scope
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| image_id | | | path | string | ID of the image to delete details for. |
Usage
Service class example (PEP8 syntax)
from falconpy import FalconContainer
# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.delete_image_details(image_id="string")
print(response)
Service class example (Operation ID syntax)
from falconpy import FalconContainer
# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.DeleteImageDetails(image_id="string")
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("DeleteImageDetails", image_id="string")
print(response)
Back to Table of Contents
ImageMatchesPolicy
Check if an image matches a policy by specifying repository and tag.
PEP8 method name
image_matches_policy
Endpoint
| Method | Route |
|---|---|
| /policy-checks |
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| parameters | | | query | dictionary | Full query string parameters payload in JSON format. |
| repository | | | query | string | Repository where the image resides. |
| tag | | | query | string | Tag used for the image assessed. |
Usage
Service class example (PEP8 syntax)
from falconpy import FalconContainer
# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.image_matches_policy(repository="string", tag="string")
print(response)
Service class example (Operation ID syntax)
from falconpy import FalconContainer
# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.ImageMatchesPolicy(repository="string", tag="string")
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("ImageMatchesPolicy", repository="string", tag="string")
print(response)
Back to Table of Contents
ReadImageVulnerabilities
Check if an image matches a policy by specifying repository and tag.
PEP8 method name
read_image_vulnerabilities
Endpoint
| Method | Route |
|---|---|
| /image-assessment/combined/vulnerability-lookups/v1 |
Required Scope
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| applicationPackages | | | body | list of dictionaries | List of application packages for the image. |
| body | | | body | dictionary | Full body payload in JSON format, not required if using other keywords. |
| osversion | | | body | string | Operating system version for the image to be read. |
| packages | | | body | list of dictionaries | List of packages to review. |
Usage
Service class example (PEP8 syntax)
from falconpy import FalconContainer
# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
app_packages = [
{
"libraries": [
{
"Hash": "string",
"LayerHash": "string",
"LayerIndex": integer,
"License": "string",
"Name": "string",
"Path": "string",
"Version": "string"
}
],
"type": "string"
}
]
package_list = [
{
"LayerHash": "string",
"LayerIndex": integer,
"MajorVersion": "string",
"PackageHash": "string",
"PackageProvider": "string",
"PackageSource": "string",
"Product": "string",
"SoftwareArchitecture": "string",
"Status": "string",
"Vendor": "string"
}
]
response = falcon.read_image_vulnerabilities(osversion="string",
packages=package_list,
applicationPackages=app_packages
)
print(response)
Service class example (Operation ID syntax)
from falconpy import FalconContainer
# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
app_packages = [
{
"libraries": [
{
"Hash": "string",
"LayerHash": "string",
"LayerIndex": integer,
"License": "string",
"Name": "string",
"Path": "string",
"Version": "string"
}
],
"type": "string"
}
]
package_list = [
{
"LayerHash": "string",
"LayerIndex": integer,
"MajorVersion": "string",
"PackageHash": "string",
"PackageProvider": "string",
"PackageSource": "string",
"Product": "string",
"SoftwareArchitecture": "string",
"Status": "string",
"Vendor": "string"
}
]
response = falcon.ReadImageVulnerabilities(osversion="string",
packages=package_list,
applicationPackages=app_packages
)
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
BODY = {
"applicationPackages": [
{
"libraries": [
{
"Hash": "string",
"LayerHash": "string",
"LayerIndex": integer,
"License": "string",
"Name": "string",
"Path": "string",
"Version": "string"
}
],
"type": "string"
}
]
"osversion": "string",
"packages": [
{
"LayerHash": "string",
"LayerIndex": integer,
"MajorVersion": "string",
"PackageHash": "string",
"PackageProvider": "string",
"PackageSource": "string",
"Product": "string",
"SoftwareArchitecture": "string",
"Status": "string",
"Vendor": "string"
}
]
}
response = falcon.command("ReadImageVulnerabilities", body=BODY)
print(response)
Back to Table of Contents
ReadRegistryEntities
Retrieve registry entities associated with the client ID.
PEP8 method name
read_registry_entities
Endpoint
| Method | Route |
|---|---|
| /container-security/queries/registries/v1 |
Required Scope
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| limit | | | query | integer | Total number of records to return in the response. |
| offset | | | query | integer | Starting position within the overall recordset to return results. |
| parameters | | | query | dictionary | Full query string parameters payload in JSON format. |
| sort | | | query | string | FQL formatted string to use to sort returned results. |
Usage
Service class example (PEP8 syntax)
from falconpy import FalconContainer
# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.read_registry_entities(limit=integer, offset=integer, sort="string")
print(response)
Service class example (Operation ID syntax)
from falconpy import FalconContainer
# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.ReadRegistryEntities(limit=integer, offset=integer, sort="string")
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("ReadRegistryEntities", limit=integer, offset=integer, sort="string")
print(response)
Back to Table of Contents
ReadRegistryEntitiesByUUID
Retrieve registry entities associated with a specific UUID.
PEP8 method name
read_registry_entities_by_uuid
Endpoint
| Method | Route |
|---|---|
| /container-security/entities/registries/v1 |
Required Scope
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| ids | | | query | string or list of strings | Registry entity UUIDs to retrieve. |
| parameters | | | query | dictionary | Full query string parameters payload in JSON format. |
Usage
Service class example (PEP8 syntax)
from falconpy import FalconContainer
# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.read_registry_entities_by_uuid(ids=id_list)
print(response)
Service class example (Operation ID syntax)
from falconpy import FalconContainer
# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.ReadRegistryEntitiesByUUID(ids=id_list)
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.command("ReadRegistryEntitiesByUUID", ids=id_list)
print(response)
Back to Table of Contents
DeleteRegistryEntities
Delete registry entities by UUID.
PEP8 method name
delete_registry_entities
Endpoint
| Method | Route |
|---|---|
| /container-security/entities/registries/v1 |
Required Scope
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| ids | | | query | string or list of strings | Registry entity UUIDs to delete. |
| parameters | | | query | dictionary | Full query string parameters payload in JSON format. |
Usage
Service class example (PEP8 syntax)
from falconpy import FalconContainer
# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.delete_registry_entities(ids=id_list)
print(response)
Service class example (Operation ID syntax)
from falconpy import FalconContainer
# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.DeleteRegistryEntities(ids=id_list)
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.command("DeleteRegistryEntities", ids=id_list)
print(response)
Back to Table of Contents
CreateRegistryEntities
Create registry entities using the provided detail.
PEP8 method name
create_registry_entities
Endpoint
| Method | Route |
|---|---|
| /container-security/entities/registries/v1 |
Required Scope
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| aws_iam_role | | | body (credential) | string | Container registry username (AWS ECR). |
| aws_external_id | | | body (credential) | string | Container registry password (AWS ECR). |
| body | | | body | dictionary | Full body payload in JSON format, not required if using other keywords. |
| compartment_ids | | | body (credential) | list of strings | Compartment IDs (OCR (Oracle)). |
| credential_type | | | body (credential) | string | Credential type (GitHub, GitLab). |
| domain_url | | | body (credential) | string | Domain URL (GitHub, GitLab). |
| password | | | body (credential) | string | Container registry password. |
| project_id | | | body (credential) | string | Cloud Project ID (GAR, GCR (Google)). |
| scope_name | | | body (credential) | string | Scope name (GAR, GCR (Google), OCR (Oracle)). |
| service_account_json | | | body (credential) | dictionary | GAR / GCR credential dictionary. Keys:
|
| type | | | body | string | The type of registry you want to connect (such as Amazon ECR). Available values:
body payload.Review the Required Credential Values table for more detail regarding specific registry requirements. |
| url | | | body | string | The URL used to log in to the registry. Note: If your registry URL contains an alias, provide just the base URL as the value. Example: https://docker.io/ This argument is required and must be provided as a keyword or as part of the body payload. |
| url_uniqueness_key | | | body | string | The registry URL alias. Example: https://docker.io/ Available with
|
| user_defined_alias | | | body | string | A user-friendly name for the registry. This appears as the Registry name on the Registry connections page in the Falcon console. |
| username | | | body (credential) | string | Container registry username. |
Required Credential Values by Registry
| Registry | Type | Required credential values |
|---|---|---|
| Amazon Elastic Container Registry | ecr |
|
| Docker Hub | dockerhub |
|
| Docker Registry v2 | docker |
|
| GitHub | github |
|
| GitLab Cloud | gitlab |
|
| GitLab On-prem | gitlab |
|
| Google Artifact Registry | gar |
|
| Google Container Registry | gcr |
|
| IBM Cloud | icr |
|
| JFrog Artifactory | artifactory |
|
| Microsoft Azure Container Registry | acr |
|
| Oracle Container Registry | oracle |
|
| Red Hat OpenShift | openshift |
|
| Sonatype Nexus | nexus |
|
| Quay.io (Red Hat) | quay.io |
|
| VMWare Harbor | harbor |
|
Usage
Service class example (PEP8 syntax)
from falconpy import FalconContainer
# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
svc_acct = {
"type": "string",
"private_key_id": "string",
"private_key": "string",
"client_email": "string",
"client_id": "string",
"project_id": "string"
}
compartments = [
"string",
"string"
]
# Review the Required Credential Values table for more
# detail regarding which keywords to use for your registry.
response = falcon.create_registry_entities(aws_iam_role="string",
aws_external_id="string",
compartment_ids=compartments,
credential_type="string",
domain_url="string",
password="string",
project_id="string",
scope_name="string",
service_account_json=svc_acct,
type="string",
url="string",
url_uniqueness_key="string",
user_defined_alias="string",
username="string"
)
print(response)
Service class example (Operation ID syntax)
from falconpy import FalconContainer
# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
svc_acct = {
"type": "string",
"private_key_id": "string",
"private_key": "string",
"client_email": "string",
"client_id": "string",
"project_id": "string"
}
compartments = [
"string",
"string"
]
# Review the Required Credential Values table for more
# detail regarding which keywords to use for your registry.
response = falcon.CreateRegistryEntities(aws_iam_role="string",
aws_external_id="string",
compartment_ids=compartments,
credential_type="string",
domain_url="string",
password="string",
project_id="string",
scope_name="string",
service_account_json=svc_acct,
type="string",
url="string",
url_uniqueness_key="string",
user_defined_alias="string",
username="string"
)
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
svc_acct = {
"type": "string",
"private_key_id": "string",
"private_key": "string",
"client_email": "string",
"client_id": "string",
"project_id": "string"
}
compartments = [
"string",
"string"
]
# Review the Required Credential Values table for more
# detail regarding which keys to use for your registry.
body_payload = {
"type": "string",
"url": "string",
"url_uniqueness_key": "string",
"user_defined_alias": "string",
"credential": {
"aws_iam_role": "string",
"aws_external_id": "string",
"compartment_ids": compartments,
"credential_type": "string",
"domain_url": "string",
"password": "string",
"project_id": "string",
"scope_name": "string",
"service_account_json": svc_acct,
"username": "string"
}
}
response = falcon.command("CreateRegistryEntities", body=body_payload)
print(response)
Back to Table of Contents
UpdateRegistryEntities
Update the registry entity, as identified by the entity UUID, using the provided details.
PEP8 method name
update_registry_entities
Endpoint
| Method | Route |
|---|---|
| /container-security/entities/registries/v1 |
Required Scope
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| aws_iam_role | | | body (credential) | string | Container registry username (AWS ECR). |
| aws_external_id | | | body (credential) | string | Container registry password (AWS ECR). |
| body | | | body | dictionary | Full body payload in JSON format, not required if using other keywords. |
| compartment_ids | | | body (credential) | list of strings | Compartment IDs (OCR (Oracle)). |
| credential_type | | | body (credential) | string | Credential type (GitHub, GitLab). |
| domain_url | | | body (credential) | string | Domain URL (GitHub, GitLab). |
| id | | | body | string | Container registry record UUID. |
| password | | | body (credential) | string | Container registry password. |
| project_id | | | body (credential) | string | Cloud Project ID (GAR, GCR (Google)). |
| scope_name | | | body (credential) | string | Scope name (GAR, GCR (Google), OCR (Oracle)). |
| service_account_json | | | body (credential) | dictionary | GAR / GCR credential dictionary. Keys:
|
| state | | | body | string | Container registry state.
|
| type | | | body | string | The type of registry you want to connect (such as Amazon ECR). Available values:
body payload.Review the Required Credential Values table for more detail regarding specific registry requirements. |
| url | | | body | string | The URL used to log in to the registry. Note: If your registry URL contains an alias, provide just the base URL as the value. Example: https://docker.io/ This argument is required and must be provided as a keyword or as part of the body payload. |
| url_uniqueness_key | | | body | string | The registry URL alias. Example: https://docker.io/ Available with
|
| user_defined_alias | | | body | string | A user-friendly name for the registry. This appears as the Registry name on the Registry connections page in the Falcon console. |
| username | | | body (credential) | string | Container registry username. |
Required Credential Values by Registry
| Registry | Type | Required credential values |
|---|---|---|
| Amazon Elastic Container Registry | ecr |
|
| Docker Hub | dockerhub |
|
| Docker Registry v2 | docker |
|
| GitHub | github |
|
| GitLab Cloud | gitlab |
|
| GitLab On-prem | gitlab |
|
| Google Artifact Registry | gar |
|
| Google Container Registry | gcr |
|
| IBM Cloud | icr |
|
| JFrog Artifactory | artifactory |
|
| Microsoft Azure Container Registry | acr |
|
| Oracle Container Registry | oracle |
|
| Red Hat OpenShift | openshift |
|
| Sonatype Nexus | nexus |
|
| Quay.io (Red Hat) | quay.io |
|
| VMWare Harbor | harbor |
|
Usage
Service class example (PEP8 syntax)
from falconpy import FalconContainer
# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
svc_acct = {
"type": "string",
"private_key_id": "string",
"private_key": "string",
"client_email": "string",
"client_id": "string",
"project_id": "string"
}
compartments = [
"string",
"string"
]
# Review the Required Credential Values table for more
# detail regarding which keywords to use for your registry.
response = falcon.update_registry_entities(aws_iam_role="string",
aws_external_id="string",
compartment_ids=compartments,
credential_type="string",
domain_url="string",
id="string",
password="string",
project_id="string",
scope_name="string",
service_account_json=svc_acct,
state="string",
type="string",
url="string",
url_uniqueness_key="string",
user_defined_alias="string",
username="string"
)
print(response)
Service class example (Operation ID syntax)
from falconpy import FalconContainer
# Do not hardcode API credentials!
falcon = FalconContainer(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
svc_acct = {
"type": "string",
"private_key_id": "string",
"private_key": "string",
"client_email": "string",
"client_id": "string",
"project_id": "string"
}
compartments = [
"string",
"string"
]
# Review the Required Credential Values table for more
# detail regarding which keywords to use for your registry.
response = falcon.UpdateRegistryEntities(aws_iam_role="string",
aws_external_id="string",
compartment_ids=compartments,
credential_type="string",
domain_url="string",
id="string",
password="string",
project_id="string",
scope_name="string",
service_account_json=svc_acct,
state="string",
type="string",
url="string",
url_uniqueness_key="string",
user_defined_alias="string",
username="string"
)
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
svc_acct = {
"type": "string",
"private_key_id": "string",
"private_key": "string",
"client_email": "string",
"client_id": "string",
"project_id": "string"
}
compartments = [
"string",
"string"
]
# Review the Required Credential Values table for more
# detail regarding which keys to use for your registry.
body_payload = {
"id": "string",
"state": "string",
"type": "string",
"url": "string",
"url_uniqueness_key": "string",
"user_defined_alias": "string",
"credential": {
"aws_iam_role": "string",
"aws_external_id": "string",
"compartment_ids": compartments,
"credential_type": "string",
"domain_url": "string",
"password": "string",
"project_id": "string",
"scope_name": "string",
"service_account_json": svc_acct,
"username": "string"
}
}
response = falcon.command("UpdateRegistryEntities", body=body_payload)
print(response)
Back to Table of Contents