Cloud AWS Registration
The Cloud AWS Registration service collection provides operations for registering and managing AWS accounts in the CrowdStrike Falcon platform. Create, delete, update, and validate AWS account registrations for cloud security monitoring.
| Language | Last Update |
|---|---|
| Python | v1.5.5 |
| PowerShell | v2.2.9 |
| Go | v0.20.0 |
| TypeScript | v0.6.0 |
| Rust | v0.7.0 |
| Ruby | v1.2.0 |
Table of Contents
Section titled “Table of Contents”| Operation | Description |
|---|---|
cloud_registration_aws_create_accountcreate_account | Creates a new account in our system for a customer. |
cloud_registration_aws_delete_accountdelete_account | Deletes an existing AWS account or organization in our system. |
cloud_registration_aws_get_accountsget_accounts | Retrieve existing AWS accounts by account IDs. |
cloud_registration_aws_query_accountsquery_accounts | Retrieve existing AWS accounts by account IDs. |
cloud_registration_aws_trigger_health_checktrigger_health_check | Trigger health check scan for AWS accounts. |
cloud_registration_aws_update_accountupdate_account | Patches a existing account in our system for a customer. |
cloud_registration_aws_validate_accountsvalidate_accounts | Validates the AWS account registration status, and discover organization child accounts if organization is specified. |
cloud_registration_aws_get_accounts
Section titled “cloud_registration_aws_get_accounts”Retrieve existing AWS accounts by account IDs.
GET /cloud-security-registration-aws/entities/account/v1
PEP 8
get_accountsParameters
Section titled “Parameters”| Name | Type | Data type | Description |
|---|---|---|---|
| ids | query | string or list of strings | AWS account IDs to filter. |
| organization_ids | query | string or list of strings | AWS organization IDs to filter. |
| parameters | query | dictionary | Full query string parameters payload in JSON format. |
Code Examples
Section titled “Code Examples”from falconpy import CloudAWSRegistration
falcon = CloudAWSRegistration(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.get_accounts(ids=id_list, organization_ids=id_list)print(response)from falconpy import CloudAWSRegistration
falcon = CloudAWSRegistration(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.cloud_registration_aws_get_accounts(ids=id_list, organization_ids=id_list)print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.command("cloud_registration_aws_get_accounts", ids=id_list, organization_ids=id_list)print(response)Examples coming soon.
package main
import ( "context" "fmt" "os"
"github.com/crowdstrike/gofalcon/falcon" "github.com/crowdstrike/gofalcon/falcon/client/cloud_aws_registration")
func main() { client, err := falcon.NewClient(&falcon.ApiConfig{ ClientId: os.Getenv("FALCON_CLIENT_ID"), ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"), Context: context.Background(), }) if err != nil { panic(err) }
response, err := client.CloudAwsRegistration.CloudRegistrationAwsGetAccounts( &cloud_aws_registration.CloudRegistrationAwsGetAccountsParams{ Ids: []string{"ID1", "ID2", "ID3"}, OrganizationIds: []string{"ID1", "ID2", "ID3"}, Context: context.Background(), }, ) if err != nil { panic(falcon.ErrorExplain(err)) }
fmt.Printf("%+v\n", response.Payload)}import { FalconClient } from "crowdstrike-falcon";
const client = new FalconClient({ cloud: process.env.FALCON_CLOUD!, clientId: process.env.FALCON_CLIENT_ID!, clientSecret: process.env.FALCON_CLIENT_SECRET!,});
const response = await client.cloudAwsRegistration.cloudRegistrationAwsGetAccounts( ["ID1", "ID2", "ID3"], // ids ["ID1", "ID2", "ID3"] // organizationIds);
console.log(response);use rusty_falcon::apis::cloud_aws_registration_api::cloud_registration_aws_get_accounts;use rusty_falcon::easy::client::FalconHandle;
#[tokio::main]async fn main() { let falcon = FalconHandle::from_env().await.expect("Could not authenticate");
let response = cloud_registration_aws_get_accounts( &falcon.cfg, // configuration Some(vec!["string".to_string()]), // ids ).await.expect("API call failed");
println!("{:?}", response);}require "crimson-falcon"
Falcon.configure do |config| config.client_id = ENV["FALCON_CLIENT_ID"] config.client_secret = ENV["FALCON_CLIENT_SECRET"] config.cloud = ENV["FALCON_CLOUD"]end
api = Falcon::CloudAwsRegistration.new
response = api.cloud_registration_aws_get_accounts(ids: ['ID1', 'ID2', 'ID3'], organization_ids: ['ID1', 'ID2', 'ID3'])
puts responsecloud_registration_aws_create_account
Section titled “cloud_registration_aws_create_account”Creates a new account in our system for a customer.
POST /cloud-security-registration-aws/entities/account/v1
PEP 8
create_accountParameters
Section titled “Parameters”| Name | Type | Data type | Description |
|---|---|---|---|
| account_id | body | string | AWS account ID. |
| account_type | body | string | AWS account type. |
| body | body | dictionary | Full body payload in JSON format. |
| csp_events | body | boolean | Flag indicating if CSP events should be included. |
| is_master | body | boolean | Flag indicating if this is a master account. |
| organization_id | body | string | AWS organization ID. |
| products | body | list of dictionaries | List of included products and features. |
Code Examples
Section titled “Code Examples”from falconpy import CloudAWSRegistration
falcon = CloudAWSRegistration(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
response = falcon.create_account(account_id="string", account_type="string", csp_events=boolean, is_master=boolean, organization_id="string", products=[{"key": "value"}])print(response)from falconpy import CloudAWSRegistration
falcon = CloudAWSRegistration(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
response = falcon.cloud_registration_aws_create_account(account_id="string", account_type="string", csp_events=boolean, is_master=boolean, organization_id="string", products=[{"key": "value"}])print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
body_payload = { "resources": [ { "account_id": "string", "account_type": "string", "cloudformation_stack_arn": "string", "cloudtrail_region": "string", "csp_events": boolean, "deployment_method": "string", "dspm_custom_vpc_configuration": {}, "dspm_host_account_id": "string", "dspm_network_configuration_type": "string", "dspm_regions": ["string"], "dspm_role": "string", "dspm_service_permissions_override": ["string"], "falcon_client_id": "string", "iam_role_arn": "string", "ioa_regions": ["string"], "is_master": boolean, "log_ingestion_method": "string", "organization_id": "string", "products": [ { "features": ["string"], "product": "string" } ], "resource_name_prefix": "string", "resource_name_suffix": "string", "root_stack_id": "string", "s3_log_ingestion_bucket_name": "string", "s3_log_ingestion_bucket_prefix": "string", "s3_log_ingestion_kms_key_arn": "string", "s3_log_ingestion_sns_topic_arn": "string", "target_ous": ["string"], "use_existing_cloudtrail": boolean, "vulnerability_scanning_custom_vpc_configuration": {}, "vulnerability_scanning_host_account_id": "string", "vulnerability_scanning_network_configuration_type": "string", "vulnerability_scanning_regions": ["string"], "vulnerability_scanning_role": "string" } ]}
response = falcon.command("cloud_registration_aws_create_account", body=body_payload)print(response)Examples coming soon.
package main
import ( "context" "fmt" "os"
"github.com/crowdstrike/gofalcon/falcon" "github.com/crowdstrike/gofalcon/falcon/client/cloud_aws_registration" "github.com/crowdstrike/gofalcon/falcon/models")
func main() { client, err := falcon.NewClient(&falcon.ApiConfig{ ClientId: os.Getenv("FALCON_CLIENT_ID"), ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"), Context: context.Background(), }) if err != nil { panic(err) }
account_id := "string" account_type := "string" cloudformation_stack_arn := "string" cloudtrail_region := "string" csp_events := boolean deployment_method := "string" dspm_host_account_id := "string" dspm_network_configuration_type := "string" dspm_role := "string" falcon_client_id := "string" iam_role_arn := "string" is_master := boolean log_ingestion_method := "string" organization_id := "string" product := "string" resource_name_prefix := "string" resource_name_suffix := "string" root_stack_id := "string" s3_log_ingestion_bucket_name := "string" s3_log_ingestion_bucket_prefix := "string" s3_log_ingestion_kms_key_arn := "string" s3_log_ingestion_sns_topic_arn := "string" use_existing_cloudtrail := boolean vulnerability_scanning_host_account_id := "string" vulnerability_scanning_network_configuration_type := "string" vulnerability_scanning_role := "string"
response, err := client.CloudAwsRegistration.CloudRegistrationAwsCreateAccount( &cloud_aws_registration.CloudRegistrationAwsCreateAccountParams{ Body: &models.RestAWSAccountCreateRequestExtv1{ Resources: []interface{}{ { AccountID: &account_id, AccountType: &account_type, CloudformationStackArn: &cloudformation_stack_arn, CloudtrailRegion: &cloudtrail_region, CspEvents: &csp_events, DeploymentMethod: &deployment_method, DspmCustomVpcConfiguration: &struct{}{}, DspmHostAccountID: &dspm_host_account_id, DspmNetworkConfigurationType: &dspm_network_configuration_type, DspmRegions: []string{"string"}, DspmRole: &dspm_role, DspmServicePermissionsOverride: []string{"string"}, FalconClientID: &falcon_client_id, IamRoleArn: &iam_role_arn, IoaRegions: []string{"string"}, IsMaster: &is_master, LogIngestionMethod: &log_ingestion_method, OrganizationID: &organization_id, Products: []interface{}{ { Features: []string{"string"}, Product: &product, }, }, ResourceNamePrefix: &resource_name_prefix, ResourceNameSuffix: &resource_name_suffix, RootStackID: &root_stack_id, S3LogIngestionBucketName: &s3_log_ingestion_bucket_name, S3LogIngestionBucketPrefix: &s3_log_ingestion_bucket_prefix, S3LogIngestionKmsKeyArn: &s3_log_ingestion_kms_key_arn, S3LogIngestionSnsTopicArn: &s3_log_ingestion_sns_topic_arn, TargetOus: []string{"string"}, UseExistingCloudtrail: &use_existing_cloudtrail, VulnerabilityScanningCustomVpcConfiguration: &struct{}{}, VulnerabilityScanningHostAccountID: &vulnerability_scanning_host_account_id, VulnerabilityScanningNetworkConfigurationType: &vulnerability_scanning_network_configuration_type, VulnerabilityScanningRegions: []string{"string"}, VulnerabilityScanningRole: &vulnerability_scanning_role, }, }, }, Context: context.Background(), }, ) if err != nil { panic(falcon.ErrorExplain(err)) }
fmt.Printf("%+v\n", response.Payload)}import { FalconClient } from "crowdstrike-falcon";
const client = new FalconClient({ cloud: process.env.FALCON_CLOUD!, clientId: process.env.FALCON_CLIENT_ID!, clientSecret: process.env.FALCON_CLIENT_SECRET!,});
const response = await client.cloudAwsRegistration.cloudRegistrationAwsCreateAccount( { resources: [{ accountId: "string", accountType: "string", cloudformationStackArn: "string", cloudtrailRegion: "string", cspEvents: boolean, deploymentMethod: "string", dspmCustomVpcConfiguration: {}, dspmHostAccountId: "string", dspmNetworkConfigurationType: "string", dspmRegions: [], dspmRole: "string", dspmServicePermissionsOverride: [], falconClientId: "string", iamRoleArn: "string", ioaRegions: [], isMaster: boolean, logIngestionMethod: "string", organizationId: "string", products: [{ features: [], product: "string" }], resourceNamePrefix: "string", resourceNameSuffix: "string", rootStackId: "string", s3LogIngestionBucketName: "string", s3LogIngestionBucketPrefix: "string", s3LogIngestionKmsKeyArn: "string", s3LogIngestionSnsTopicArn: "string", targetOus: [], useExistingCloudtrail: boolean, vulnerabilityScanningCustomVpcConfiguration: {}, vulnerabilityScanningHostAccountId: "string", vulnerabilityScanningNetworkConfigurationType: "string", vulnerabilityScanningRegions: [], vulnerabilityScanningRole: "string" }]} // body);
console.log(response);use rusty_falcon::apis::cloud_aws_registration_api::cloud_registration_aws_create_account;use rusty_falcon::easy::client::FalconHandle;use rusty_falcon::models::RestAwsAccountCreateRequestExtv1;
#[tokio::main]async fn main() { let falcon = FalconHandle::from_env().await.expect("Could not authenticate");
let body = RestAwsAccountCreateRequestExtv1 { resources: vec![CloudAWSAccountCreateExtV1 { use_existing_cloudtrail: Some(boolean), ..Default::default() }], ..Default::default() };
let response = cloud_registration_aws_create_account( &falcon.cfg, // configuration body, // body ).await.expect("API call failed");
println!("{:?}", response);}require "crimson-falcon"
Falcon.configure do |config| config.client_id = ENV["FALCON_CLIENT_ID"] config.client_secret = ENV["FALCON_CLIENT_SECRET"] config.cloud = ENV["FALCON_CLOUD"]end
api = Falcon::CloudAwsRegistration.new
body = Falcon::RestAWSAccountCreateRequestExtv1.new( resources: [{ account_id: 'string', account_type: 'string', cloudformation_stack_arn: 'string', cloudtrail_region: 'string', csp_events: boolean, deployment_method: 'string', dspm_custom_vpc_configuration: {}, dspm_host_account_id: 'string', dspm_network_configuration_type: 'string', dspm_regions: [], dspm_role: 'string', dspm_service_permissions_override: [], falcon_client_id: 'string', iam_role_arn: 'string', ioa_regions: [], is_master: boolean, log_ingestion_method: 'string', organization_id: 'string', products: [{ features: [], product: 'string' }], resource_name_prefix: 'string', resource_name_suffix: 'string', root_stack_id: 'string', s3_log_ingestion_bucket_name: 'string', s3_log_ingestion_bucket_prefix: 'string', s3_log_ingestion_kms_key_arn: 'string', s3_log_ingestion_sns_topic_arn: 'string', target_ous: [], use_existing_cloudtrail: boolean, vulnerability_scanning_custom_vpc_configuration: {}, vulnerability_scanning_host_account_id: 'string', vulnerability_scanning_network_configuration_type: 'string', vulnerability_scanning_regions: [], vulnerability_scanning_role: 'string' }])
response = api.cloud_registration_aws_create_account(body)
puts responsecloud_registration_aws_delete_account
Section titled “cloud_registration_aws_delete_account”Deletes an existing AWS account or organization in our system.
DELETE /cloud-security-registration-aws/entities/account/v1
PEP 8
delete_accountParameters
Section titled “Parameters”| Name | Type | Data type | Description |
|---|---|---|---|
| ids | query | string or list of strings | AWS account IDs to filter. |
| organization_ids | query | string or list of strings | AWS organization IDs to remove |
| parameters | query | dictionary | Full query string parameters payload in JSON format. |
Code Examples
Section titled “Code Examples”from falconpy import CloudAWSRegistration
falcon = CloudAWSRegistration(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.delete_account(ids=id_list, organization_ids=id_list)print(response)from falconpy import CloudAWSRegistration
falcon = CloudAWSRegistration(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.cloud_registration_aws_delete_account(ids=id_list, organization_ids=id_list)print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.command("cloud_registration_aws_delete_account", ids=id_list, organization_ids=id_list)print(response)Examples coming soon.
package main
import ( "context" "fmt" "os"
"github.com/crowdstrike/gofalcon/falcon" "github.com/crowdstrike/gofalcon/falcon/client/cloud_aws_registration")
func main() { client, err := falcon.NewClient(&falcon.ApiConfig{ ClientId: os.Getenv("FALCON_CLIENT_ID"), ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"), Context: context.Background(), }) if err != nil { panic(err) }
response, err := client.CloudAwsRegistration.CloudRegistrationAwsDeleteAccount( &cloud_aws_registration.CloudRegistrationAwsDeleteAccountParams{ Ids: []string{"ID1", "ID2", "ID3"}, OrganizationIds: []string{"ID1", "ID2", "ID3"}, Context: context.Background(), }, ) if err != nil { panic(falcon.ErrorExplain(err)) }
fmt.Printf("%+v\n", response.Payload)}import { FalconClient } from "crowdstrike-falcon";
const client = new FalconClient({ cloud: process.env.FALCON_CLOUD!, clientId: process.env.FALCON_CLIENT_ID!, clientSecret: process.env.FALCON_CLIENT_SECRET!,});
const response = await client.cloudAwsRegistration.cloudRegistrationAwsDeleteAccount( ["ID1", "ID2", "ID3"], // ids ["ID1", "ID2", "ID3"] // organizationIds);
console.log(response);use rusty_falcon::apis::cloud_aws_registration_api::cloud_registration_aws_delete_account;use rusty_falcon::easy::client::FalconHandle;
#[tokio::main]async fn main() { let falcon = FalconHandle::from_env().await.expect("Could not authenticate");
let response = cloud_registration_aws_delete_account( &falcon.cfg, // configuration Some(vec!["string".to_string()]), // ids Some(vec!["string".to_string()]), // organization_ids ).await.expect("API call failed");
println!("{:?}", response);}require "crimson-falcon"
Falcon.configure do |config| config.client_id = ENV["FALCON_CLIENT_ID"] config.client_secret = ENV["FALCON_CLIENT_SECRET"] config.cloud = ENV["FALCON_CLOUD"]end
api = Falcon::CloudAwsRegistration.new
response = api.cloud_registration_aws_delete_account(ids: ['ID1', 'ID2', 'ID3'], organization_ids: ['ID1', 'ID2', 'ID3'])
puts responsecloud_registration_aws_trigger_health_check
Section titled “cloud_registration_aws_trigger_health_check”Trigger health check scan for AWS accounts.
POST /cloud-security-registration-aws/entities/account-scans/v1
PEP 8
trigger_health_checkParameters
Section titled “Parameters”| Name | Type | Data type | Description |
|---|---|---|---|
| account_ids | query | string or list of strings | AWS Account IDs. |
| organization_ids | query | string or list of strings | Organization IDs. |
| parameters | query | dictionary | Full query string parameters payload in JSON format. |
Code Examples
Section titled “Code Examples”from falconpy import CloudAWSRegistration
falcon = CloudAWSRegistration(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.trigger_health_check(account_ids=id_list, organization_ids=id_list)print(response)from falconpy import CloudAWSRegistration
falcon = CloudAWSRegistration(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.cloud_registration_aws_trigger_health_check(account_ids=id_list, organization_ids=id_list)print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.command("cloud_registration_aws_trigger_health_check", account_ids=id_list, organization_ids=id_list)print(response)Examples coming soon.
package main
import ( "context" "fmt" "os"
"github.com/crowdstrike/gofalcon/falcon" "github.com/crowdstrike/gofalcon/falcon/client/cloud_aws_registration")
func main() { client, err := falcon.NewClient(&falcon.ApiConfig{ ClientId: os.Getenv("FALCON_CLIENT_ID"), ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"), Context: context.Background(), }) if err != nil { panic(err) }
response, err := client.CloudAwsRegistration.CloudRegistrationAwsTriggerHealthCheck( &cloud_aws_registration.CloudRegistrationAwsTriggerHealthCheckParams{ AccountIds: []string{"ID1", "ID2", "ID3"}, OrganizationIds: []string{"ID1", "ID2", "ID3"}, Context: context.Background(), }, ) if err != nil { panic(falcon.ErrorExplain(err)) }
fmt.Printf("%+v\n", response.Payload)}import { FalconClient } from "crowdstrike-falcon";
const client = new FalconClient({ cloud: process.env.FALCON_CLOUD!, clientId: process.env.FALCON_CLIENT_ID!, clientSecret: process.env.FALCON_CLIENT_SECRET!,});
const response = await client.cloudAwsRegistration.cloudRegistrationAwsTriggerHealthCheck( ["ID1", "ID2", "ID3"], // accountIds ["ID1", "ID2", "ID3"] // organizationIds);
console.log(response);Examples coming soon.
require "crimson-falcon"
Falcon.configure do |config| config.client_id = ENV["FALCON_CLIENT_ID"] config.client_secret = ENV["FALCON_CLIENT_SECRET"] config.cloud = ENV["FALCON_CLOUD"]end
api = Falcon::CloudAwsRegistration.new
response = api.cloud_registration_aws_trigger_health_check(account_ids: ['ID1', 'ID2', 'ID3'], organization_ids: ['ID1', 'ID2', 'ID3'])
puts responsecloud_registration_aws_update_account
Section titled “cloud_registration_aws_update_account”Patches a existing account in our system for a customer.
PATCH /cloud-security-registration-aws/entities/account/v1
PEP 8
update_accountParameters
Section titled “Parameters”| Name | Type | Data type | Description |
|---|---|---|---|
| account_id | body | string | AWS account ID. |
| account_type | body | string | AWS account type. |
| body | body | dictionary | Full body payload in JSON format. |
| csp_events | body | boolean | Flag indicating if CSP events should be included. |
| is_master | body | boolean | Flag indicating if this is a master account. |
| organization_id | body | string | AWS organization ID. |
| products | body | list of dictionaries | List of included products and features. |
Code Examples
Section titled “Code Examples”from falconpy import CloudAWSRegistration
falcon = CloudAWSRegistration(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
response = falcon.update_account(account_id="string", account_type="string", csp_events=boolean, is_master=boolean, organization_id="string", products=[{"key": "value"}])print(response)from falconpy import CloudAWSRegistration
falcon = CloudAWSRegistration(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
response = falcon.cloud_registration_aws_update_account(account_id="string", account_type="string", csp_events=boolean, is_master=boolean, organization_id="string", products=[{"key": "value"}])print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
body_payload = { "resources": [ { "account_id": "string", "cloudtrail_region": "string", "csp_events": boolean, "disable_products": [ { "features": ["string"], "product": "string" } ], "dspm_custom_vpc_configuration": {}, "dspm_host_account_id": "string", "dspm_network_configuration_type": "string", "dspm_regions": ["string"], "dspm_role": "string", "dspm_service_permissions_override": ["string"], "falcon_client_id": "string", "ioa_regions": ["string"], "log_ingestion_method": "string", "organization_id": "string", "products": [ { "features": ["string"], "product": "string" } ], "reader_role_arn": "string", "remediation_region": "string", "remediation_tou_accepted": "string", "resource_name_prefix": "string", "resource_name_suffix": "string", "s3_log_ingestion_bucket_name": "string", "s3_log_ingestion_bucket_prefix": "string", "s3_log_ingestion_kms_key_arn": "string", "s3_log_ingestion_sns_topic_arn": "string", "use_existing_cloudtrail": boolean, "vulnerability_scanning_custom_vpc_configuration": {}, "vulnerability_scanning_host_account_id": "string", "vulnerability_scanning_network_configuration_type": "string", "vulnerability_scanning_regions": ["string"], "vulnerability_scanning_role": "string" } ]}
response = falcon.command("cloud_registration_aws_update_account", body=body_payload)print(response)Examples coming soon.
package main
import ( "context" "fmt" "os"
"github.com/crowdstrike/gofalcon/falcon" "github.com/crowdstrike/gofalcon/falcon/client/cloud_aws_registration" "github.com/crowdstrike/gofalcon/falcon/models")
func main() { client, err := falcon.NewClient(&falcon.ApiConfig{ ClientId: os.Getenv("FALCON_CLIENT_ID"), ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"), Context: context.Background(), }) if err != nil { panic(err) }
account_id := "string" cloudtrail_region := "string" csp_events := boolean product := "string" dspm_host_account_id := "string" dspm_network_configuration_type := "string" dspm_role := "string" falcon_client_id := "string" log_ingestion_method := "string" organization_id := "string" reader_role_arn := "string" remediation_region := "string" remediation_tou_accepted := "string" resource_name_prefix := "string" resource_name_suffix := "string" s3_log_ingestion_bucket_name := "string" s3_log_ingestion_bucket_prefix := "string" s3_log_ingestion_kms_key_arn := "string" s3_log_ingestion_sns_topic_arn := "string" use_existing_cloudtrail := boolean vulnerability_scanning_host_account_id := "string" vulnerability_scanning_network_configuration_type := "string" vulnerability_scanning_role := "string"
response, err := client.CloudAwsRegistration.CloudRegistrationAwsUpdateAccount( &cloud_aws_registration.CloudRegistrationAwsUpdateAccountParams{ Body: &models.RestAWSAccountPatchRequestExtV1{ Resources: []interface{}{ { AccountID: &account_id, CloudtrailRegion: &cloudtrail_region, CspEvents: &csp_events, DisableProducts: []interface{}{ { Features: []string{"string"}, Product: &product, }, }, DspmCustomVpcConfiguration: &struct{}{}, DspmHostAccountID: &dspm_host_account_id, DspmNetworkConfigurationType: &dspm_network_configuration_type, DspmRegions: []string{"string"}, DspmRole: &dspm_role, DspmServicePermissionsOverride: []string{"string"}, FalconClientID: &falcon_client_id, IoaRegions: []string{"string"}, LogIngestionMethod: &log_ingestion_method, OrganizationID: &organization_id, Products: []interface{}{ { Features: []string{"string"}, Product: &product, }, }, ReaderRoleArn: &reader_role_arn, RemediationRegion: &remediation_region, RemediationTouAccepted: &remediation_tou_accepted, ResourceNamePrefix: &resource_name_prefix, ResourceNameSuffix: &resource_name_suffix, S3LogIngestionBucketName: &s3_log_ingestion_bucket_name, S3LogIngestionBucketPrefix: &s3_log_ingestion_bucket_prefix, S3LogIngestionKmsKeyArn: &s3_log_ingestion_kms_key_arn, S3LogIngestionSnsTopicArn: &s3_log_ingestion_sns_topic_arn, UseExistingCloudtrail: &use_existing_cloudtrail, VulnerabilityScanningCustomVpcConfiguration: &struct{}{}, VulnerabilityScanningHostAccountID: &vulnerability_scanning_host_account_id, VulnerabilityScanningNetworkConfigurationType: &vulnerability_scanning_network_configuration_type, VulnerabilityScanningRegions: []string{"string"}, VulnerabilityScanningRole: &vulnerability_scanning_role, }, }, }, Context: context.Background(), }, ) if err != nil { panic(falcon.ErrorExplain(err)) }
fmt.Printf("%+v\n", response.Payload)}import { FalconClient } from "crowdstrike-falcon";
const client = new FalconClient({ cloud: process.env.FALCON_CLOUD!, clientId: process.env.FALCON_CLIENT_ID!, clientSecret: process.env.FALCON_CLIENT_SECRET!,});
const response = await client.cloudAwsRegistration.cloudRegistrationAwsUpdateAccount( { resources: [{ accountId: "string", cloudtrailRegion: "string", cspEvents: boolean, disableProducts: [{ features: [], product: "string" }], dspmCustomVpcConfiguration: {}, dspmHostAccountId: "string", dspmNetworkConfigurationType: "string", dspmRegions: [], dspmRole: "string", dspmServicePermissionsOverride: [], falconClientId: "string", ioaRegions: [], logIngestionMethod: "string", organizationId: "string", products: [{ features: [], product: "string" }], readerRoleArn: "string", remediationRegion: "string", remediationTouAccepted: "string", resourceNamePrefix: "string", resourceNameSuffix: "string", s3LogIngestionBucketName: "string", s3LogIngestionBucketPrefix: "string", s3LogIngestionKmsKeyArn: "string", s3LogIngestionSnsTopicArn: "string", useExistingCloudtrail: boolean, vulnerabilityScanningCustomVpcConfiguration: {}, vulnerabilityScanningHostAccountId: "string", vulnerabilityScanningNetworkConfigurationType: "string", vulnerabilityScanningRegions: [], vulnerabilityScanningRole: "string" }]} // body);
console.log(response);use rusty_falcon::apis::cloud_aws_registration_api::cloud_registration_aws_update_account;use rusty_falcon::easy::client::FalconHandle;use rusty_falcon::models::RestAwsAccountPatchRequestExtV1;
#[tokio::main]async fn main() { let falcon = FalconHandle::from_env().await.expect("Could not authenticate");
let body = RestAwsAccountPatchRequestExtV1 { resources: vec![AWSAccountPatchExtV1 { account_id: Some("string".to_string()), ..Default::default() }], ..Default::default() };
let response = cloud_registration_aws_update_account( &falcon.cfg, // configuration body, // body ).await.expect("API call failed");
println!("{:?}", response);}require "crimson-falcon"
Falcon.configure do |config| config.client_id = ENV["FALCON_CLIENT_ID"] config.client_secret = ENV["FALCON_CLIENT_SECRET"] config.cloud = ENV["FALCON_CLOUD"]end
api = Falcon::CloudAwsRegistration.new
body = Falcon::RestAWSAccountPatchRequestExtV1.new( resources: [{ account_id: 'string', cloudtrail_region: 'string', csp_events: boolean, disable_products: [{ features: [], product: 'string' }], dspm_custom_vpc_configuration: {}, dspm_host_account_id: 'string', dspm_network_configuration_type: 'string', dspm_regions: [], dspm_role: 'string', dspm_service_permissions_override: [], falcon_client_id: 'string', ioa_regions: [], log_ingestion_method: 'string', organization_id: 'string', products: [{ features: [], product: 'string' }], reader_role_arn: 'string', remediation_region: 'string', remediation_tou_accepted: 'string', resource_name_prefix: 'string', resource_name_suffix: 'string', s3_log_ingestion_bucket_name: 'string', s3_log_ingestion_bucket_prefix: 'string', s3_log_ingestion_kms_key_arn: 'string', s3_log_ingestion_sns_topic_arn: 'string', use_existing_cloudtrail: boolean, vulnerability_scanning_custom_vpc_configuration: {}, vulnerability_scanning_host_account_id: 'string', vulnerability_scanning_network_configuration_type: 'string', vulnerability_scanning_regions: [], vulnerability_scanning_role: 'string' }])
response = api.cloud_registration_aws_update_account(body)
puts responsecloud_registration_aws_validate_accounts
Section titled “cloud_registration_aws_validate_accounts”Validates the AWS account registration status, and discover organization child accounts if organization is specified.
POST /cloud-security-registration-aws/entities/account/validate/v1
PEP 8
validate_accountsParameters
Section titled “Parameters”| Name | Type | Data type | Description |
|---|---|---|---|
| account_id | query | string | AWS Account ID. organization-id shouldn’t be specified if this is specified. |
| iam_role_arn | query | string | IAM Role ARN. |
| organization_id | query | string | AWS organization ID to validate master account. account-id shouldn’t be specified if this is specified. |
| parameters | query | dictionary | Full query string parameters payload in JSON format. |
Code Examples
Section titled “Code Examples”from falconpy import CloudAWSRegistration
falcon = CloudAWSRegistration(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
response = falcon.validate_accounts(account_id="string", iam_role_arn="string", organization_id="string")print(response)from falconpy import CloudAWSRegistration
falcon = CloudAWSRegistration(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
response = falcon.cloud_registration_aws_validate_accounts(account_id="string", iam_role_arn="string", organization_id="string")print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
response = falcon.command("cloud_registration_aws_validate_accounts", account_id="string", iam_role_arn="string", organization_id="string")print(response)Examples coming soon.
package main
import ( "context" "fmt" "os"
"github.com/crowdstrike/gofalcon/falcon" "github.com/crowdstrike/gofalcon/falcon/client/cloud_aws_registration")
func main() { client, err := falcon.NewClient(&falcon.ApiConfig{ ClientId: os.Getenv("FALCON_CLIENT_ID"), ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"), Context: context.Background(), }) if err != nil { panic(err) }
response, err := client.CloudAwsRegistration.CloudRegistrationAwsValidateAccounts( &cloud_aws_registration.CloudRegistrationAwsValidateAccountsParams{ AccountID: "string", IamRoleArn: "string", OrganizationID: "string", Context: context.Background(), }, ) if err != nil { panic(falcon.ErrorExplain(err)) }
fmt.Printf("%+v\n", response.Payload)}import { FalconClient } from "crowdstrike-falcon";
const client = new FalconClient({ cloud: process.env.FALCON_CLOUD!, clientId: process.env.FALCON_CLIENT_ID!, clientSecret: process.env.FALCON_CLIENT_SECRET!,});
const response = await client.cloudAwsRegistration.cloudRegistrationAwsValidateAccounts( "string", // accountId "string", // iamRoleArn "string" // organizationId);
console.log(response);Examples coming soon.
require "crimson-falcon"
Falcon.configure do |config| config.client_id = ENV["FALCON_CLIENT_ID"] config.client_secret = ENV["FALCON_CLIENT_SECRET"] config.cloud = ENV["FALCON_CLOUD"]end
api = Falcon::CloudAwsRegistration.new
response = api.cloud_registration_aws_validate_accounts(account_id: 'string', iam_role_arn: 'string', organization_id: 'string')
puts responsecloud_registration_aws_query_accounts
Section titled “cloud_registration_aws_query_accounts”Retrieve existing AWS accounts by account IDs
GET /cloud-security-registration-aws/queries/account/v1
PEP 8
query_accountsParameters
Section titled “Parameters”| Name | Type | Data type | Description |
|---|---|---|---|
| organization_ids | query | list of strings | Organization IDs used to filter accounts. |
| products | query | list of strings | Products registered for an account. |
| features | query | list of strings | Features registered for an account. |
| account_status | query | string | Account status to filter results by. |
| limit | query | integer | The maximum number of items to return. When not specified or 0, 100 is used. When larger than 500, 500 is used. |
| offset | query | integer | The offset to start retrieving records from. |
| group_by | query | string | Field to group by. |
| parameters | query | dictionary | Full query string parameters payload in JSON format. |
Code Examples
Section titled “Code Examples”from falconpy import CloudAWSRegistration
falcon = CloudAWSRegistration(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.query_accounts(organization_ids=id_list, products=id_list, features=id_list, account_status="string", limit="string", offset=integer, group_by="string")print(response)from falconpy import CloudAWSRegistration
falcon = CloudAWSRegistration(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.cloud_registration_aws_query_accounts(organization_ids=id_list, products=id_list, features=id_list, account_status="string", limit="string", offset=integer, group_by="string")print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.command("cloud_registration_aws_query_accounts", organization_ids=id_list, products=id_list, features=id_list, account_status="string", limit=integer, offset=integer, group_by="string")print(response)Examples coming soon.
package main
import ( "context" "fmt" "os"
"github.com/crowdstrike/gofalcon/falcon" "github.com/crowdstrike/gofalcon/falcon/client/cloud_aws_registration")
func main() { client, err := falcon.NewClient(&falcon.ApiConfig{ ClientId: os.Getenv("FALCON_CLIENT_ID"), ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"), Context: context.Background(), }) if err != nil { panic(err) }
limit := int64(0) offset := int64(0) groupBy := "string"
response, err := client.CloudAwsRegistration.CloudRegistrationAwsQueryAccounts( &cloud_aws_registration.CloudRegistrationAwsQueryAccountsParams{ OrganizationIds: []string{"ID1", "ID2", "ID3"}, Products: []string{"ID1", "ID2", "ID3"}, Features: []string{"ID1", "ID2", "ID3"}, AccountStatus: "string", Limit: &limit, Offset: &offset, GroupBy: &groupBy, Context: context.Background(), }, ) if err != nil { panic(falcon.ErrorExplain(err)) }
fmt.Printf("%+v\n", response.Payload)}import { FalconClient } from "crowdstrike-falcon";
const client = new FalconClient({ cloud: process.env.FALCON_CLOUD!, clientId: process.env.FALCON_CLIENT_ID!, clientSecret: process.env.FALCON_CLIENT_SECRET!,});
const response = await client.cloudAwsRegistration.cloudRegistrationAwsQueryAccounts( ["ID1", "ID2", "ID3"], // products ["ID1", "ID2", "ID3"], // features ["ID1", "ID2", "ID3"], // organizationIds "string", // accountStatus integer, // limit integer, // offset "string" // groupBy);
console.log(response);use rusty_falcon::apis::cloud_aws_registration_api::cloud_registration_aws_query_accounts;use rusty_falcon::easy::client::FalconHandle;
#[tokio::main]async fn main() { let falcon = FalconHandle::from_env().await.expect("Could not authenticate");
let response = cloud_registration_aws_query_accounts( &falcon.cfg, // configuration vec!["string".to_string()], // products vec!["string".to_string()], // features Some(vec!["string".to_string()]), // organization_ids Some("string"), // account_status Some(integer), // limit Some(integer), // offset Some("string"), // group_by ).await.expect("API call failed");
println!("{:?}", response);}require "crimson-falcon"
Falcon.configure do |config| config.client_id = ENV["FALCON_CLIENT_ID"] config.client_secret = ENV["FALCON_CLIENT_SECRET"] config.cloud = ENV["FALCON_CLOUD"]end
api = Falcon::CloudAwsRegistration.new
response = api.cloud_registration_aws_query_accounts(['ID1', 'ID2', 'ID3'], ['ID1', 'ID2', 'ID3'])
puts response