Cloud Azure Registration
The Cloud Azure Registration service collection provides operations for managing Azure cloud registrations. Create, update, delete, and validate Azure tenant registrations, download deployment scripts, manage legacy subscriptions, and trigger health checks.
| Language | Last Update |
|---|---|
| Python | v1.5.5 |
| PowerShell | v2.2.9 |
| Go | v0.20.0 |
| TypeScript | v0.6.0 |
| Rust | v0.7.0 |
| Ruby | v1.2.0 |
Table of Contents
Section titled “Table of Contents”| Operation | Description |
|---|---|
cloud_registration_azure_create_registrationcreate_registration | Create an Azure registration for a tenant. |
cloud_registration_azure_delete_legacy_subscriptiondelete_legacy_subscription | Delete existing legacy Azure subscriptions. |
cloud_registration_azure_delete_registrationdelete_registration | Deletes existing Azure registrations. |
cloud_registration_azure_download_scriptdownload_script | Retrieve script to create resources. |
cloud_registration_azure_get_registrationget_registration | Retrieve existing Azure registration for a tenant. |
cloud_registration_azure_trigger_health_checkhealth_check | Trigger health check scan for Azure registrations. |
cloud_registration_azure_update_registrationupdate_registration | Update an existing Azure registration for a tenant. |
cloud_registration_azure_validate_registrationvalidate_registration | Validate an Azure registration by checking service principal, role assignments and deployment stack (if the deployment method is Bicep) |
download_azure_scriptdeployment_script | Download Azure deployment script (Terraform or Bicep). |
cloud_registration_azure_get_registration
Section titled “cloud_registration_azure_get_registration”Retrieve existing Azure registration for a tenant.
GET /cloud-security-registration-azure/entities/registrations/v1
PEP 8
get_registrationParameters
Section titled “Parameters”| Name | Type | Data type | Description |
|---|---|---|---|
| tenant_id | query | string | Tenant ID. |
| parameters | query | dictionary | Full query string parameters payload in JSON format. |
Code Examples
Section titled “Code Examples”from falconpy import CloudAzureRegistration
falcon = CloudAzureRegistration(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
response = falcon.get_registration(tenant_id="string")print(response)from falconpy import CloudAzureRegistration
falcon = CloudAzureRegistration(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
response = falcon.cloud_registration_azure_get_registration(tenant_id="string")print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
response = falcon.command("cloud_registration_azure_get_registration", tenant_id="string")print(response)Examples coming soon.
package main
import ( "context" "fmt" "os"
"github.com/crowdstrike/gofalcon/falcon" "github.com/crowdstrike/gofalcon/falcon/client/cloud_azure_registration")
func main() { client, err := falcon.NewClient(&falcon.ApiConfig{ ClientId: os.Getenv("FALCON_CLIENT_ID"), ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"), Context: context.Background(), }) if err != nil { panic(err) }
response, err := client.CloudAzureRegistration.CloudRegistrationAzureGetRegistration( &cloud_azure_registration.CloudRegistrationAzureGetRegistrationParams{ TenantID: "string", Context: context.Background(), }, ) if err != nil { panic(falcon.ErrorExplain(err)) }
fmt.Printf("%+v\n", response.Payload)}import { FalconClient } from "crowdstrike-falcon";
const client = new FalconClient({ cloud: process.env.FALCON_CLOUD!, clientId: process.env.FALCON_CLIENT_ID!, clientSecret: process.env.FALCON_CLIENT_SECRET!,});
const response = await client.cloudAzureRegistration.cloudRegistrationAzureGetRegistration("string"); // tenantId
console.log(response);use rusty_falcon::apis::cloud_azure_registration_api::cloud_registration_azure_get_registration;use rusty_falcon::easy::client::FalconHandle;
#[tokio::main]async fn main() { let falcon = FalconHandle::from_env().await.expect("Could not authenticate");
let response = cloud_registration_azure_get_registration( &falcon.cfg, // configuration "string", // tenant_id ).await.expect("API call failed");
println!("{:?}", response);}require "crimson-falcon"
Falcon.configure do |config| config.client_id = ENV["FALCON_CLIENT_ID"] config.client_secret = ENV["FALCON_CLIENT_SECRET"] config.cloud = ENV["FALCON_CLOUD"]end
api = Falcon::CloudAzureRegistration.new
response = api.cloud_registration_azure_get_registration('string')
puts responsecloud_registration_azure_create_registration
Section titled “cloud_registration_azure_create_registration”Create an Azure registration for a tenant.
POST /cloud-security-registration-azure/entities/registrations/v1
PEP 8
create_registrationParameters
Section titled “Parameters”| Name | Type | Data type | Description |
|---|---|---|---|
| body | body | dictionary | Full body payload in JSON format. |
| account_type | body | string | Azure account type. |
| tenant_id | body | string | Azure tenant ID. |
| subscription_ids | body | string or list of strings | Azure subscription IDs. |
Code Examples
Section titled “Code Examples”from falconpy import CloudAzureRegistration
falcon = CloudAzureRegistration(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
resource = { "account_type": "string", "additional_features": [ { "feature": "string", "product": "string", "subscription_ids": ["string"] } ], "additional_properties": {}, "api_client_key_id": "string", "api_client_key_type": "string", "cs_infra_region": "string", "cs_infra_subscription_id": "string", "cs_infra_subscription_name": "string", "deployment_method": "string", "deployment_stack_host_id": "string", "deployment_stack_host_region": "string", "deployment_stack_name": "string", "dspm_custom_vnet_configuration": {}, "dspm_host_subscription_id": "string", "dspm_network_configuration_type": "string", "dspm_regions": ["string"], "environment": "string", "event_hub_settings": [ { "cid": "string", "consumer_group": "string", "event_hub_id": "string", "purpose": "string", "tenant_id": "string" } ], "management_group_ids": ["string"], "microsoft_graph_permission_ids": ["string"], "microsoft_graph_permission_ids_readonly": boolean, "primary_domain": "string", "products": [ { "features": ["string"], "product": "string" } ], "registration_description": "string", "registration_name": "string", "resource_name_prefix": "string", "resource_name_suffix": "string", "status": "string", "subscription_ids": ["string"], "tags": {}, "template_version": "string", "tenant_id": "string", "tenant_name": "string"}
response = falcon.create_registration(resource=resource)print(response)from falconpy import CloudAzureRegistration
falcon = CloudAzureRegistration(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
resource = { "account_type": "string", "additional_features": [ { "feature": "string", "product": "string", "subscription_ids": ["string"] } ], "additional_properties": {}, "api_client_key_id": "string", "api_client_key_type": "string", "cs_infra_region": "string", "cs_infra_subscription_id": "string", "cs_infra_subscription_name": "string", "deployment_method": "string", "deployment_stack_host_id": "string", "deployment_stack_host_region": "string", "deployment_stack_name": "string", "dspm_custom_vnet_configuration": {}, "dspm_host_subscription_id": "string", "dspm_network_configuration_type": "string", "dspm_regions": ["string"], "environment": "string", "event_hub_settings": [ { "cid": "string", "consumer_group": "string", "event_hub_id": "string", "purpose": "string", "tenant_id": "string" } ], "management_group_ids": ["string"], "microsoft_graph_permission_ids": ["string"], "microsoft_graph_permission_ids_readonly": boolean, "primary_domain": "string", "products": [ { "features": ["string"], "product": "string" } ], "registration_description": "string", "registration_name": "string", "resource_name_prefix": "string", "resource_name_suffix": "string", "status": "string", "subscription_ids": ["string"], "tags": {}, "template_version": "string", "tenant_id": "string", "tenant_name": "string"}
response = falcon.cloud_registration_azure_create_registration(resource=resource)print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
body_payload = { "resource": { "account_type": "string", "additional_features": [ { "feature": "string", "product": "string", "subscription_ids": ["string"] } ], "additional_properties": {}, "api_client_key_id": "string", "api_client_key_type": "string", "cs_infra_region": "string", "cs_infra_subscription_id": "string", "cs_infra_subscription_name": "string", "deployment_method": "string", "deployment_stack_host_id": "string", "deployment_stack_host_region": "string", "deployment_stack_name": "string", "dspm_custom_vnet_configuration": {}, "dspm_host_subscription_id": "string", "dspm_network_configuration_type": "string", "dspm_regions": ["string"], "environment": "string", "event_hub_settings": [ { "cid": "string", "consumer_group": "string", "event_hub_id": "string", "purpose": "string", "tenant_id": "string" } ], "management_group_ids": ["string"], "microsoft_graph_permission_ids": ["string"], "microsoft_graph_permission_ids_readonly": boolean, "primary_domain": "string", "products": [ { "features": ["string"], "product": "string" } ], "registration_description": "string", "registration_name": "string", "resource_name_prefix": "string", "resource_name_suffix": "string", "status": "string", "subscription_ids": ["string"], "tags": {}, "template_version": "string", "tenant_id": "string", "tenant_name": "string" }}
response = falcon.command("cloud_registration_azure_create_registration", body=body_payload)print(response)Examples coming soon.
package main
import ( "context" "fmt" "os"
"github.com/crowdstrike/gofalcon/falcon" "github.com/crowdstrike/gofalcon/falcon/client/cloud_azure_registration" "github.com/crowdstrike/gofalcon/falcon/models")
func main() { client, err := falcon.NewClient(&falcon.ApiConfig{ ClientId: os.Getenv("FALCON_CLIENT_ID"), ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"), Context: context.Background(), }) if err != nil { panic(err) }
response, err := client.CloudAzureRegistration.CloudRegistrationAzureCreateRegistration( &cloud_azure_registration.CloudRegistrationAzureCreateRegistrationParams{ Body: &models.AzureAzureRegistrationCreateRequestExtV1{ Resource: &struct{}{}, }, Context: context.Background(), }, ) if err != nil { panic(falcon.ErrorExplain(err)) }
fmt.Printf("%+v\n", response.Payload)}import { FalconClient } from "crowdstrike-falcon";
const client = new FalconClient({ cloud: process.env.FALCON_CLOUD!, clientId: process.env.FALCON_CLIENT_ID!, clientSecret: process.env.FALCON_CLIENT_SECRET!,});
const response = await client.cloudAzureRegistration.cloudRegistrationAzureCreateRegistration( { resource: { accountType: "string", additionalFeatures: [{ feature: "string", product: "string", subscriptionIds: [] }], additionalProperties: {}, apiClientKeyId: "string", apiClientKeyType: "string", csInfraRegion: "string", csInfraSubscriptionId: "string", csInfraSubscriptionName: "string", deploymentMethod: "string", deploymentStackHostId: "string", deploymentStackHostRegion: "string", deploymentStackName: "string", dspmCustomVnetConfiguration: {}, dspmHostSubscriptionId: "string", dspmNetworkConfigurationType: "string", dspmRegions: [], environment: "string", eventHubSettings: [{ cid: "string", consumerGroup: "string", eventHubId: "string", purpose: "string", tenantId: "string" }], managementGroupIds: [], microsoftGraphPermissionIds: [], microsoftGraphPermissionIdsReadonly: boolean, primaryDomain: "string", products: [{ features: [], product: "string" }], registrationDescription: "string", registrationName: "string", resourceNamePrefix: "string", resourceNameSuffix: "string", status: "string", subscriptionIds: [], tags: {}, templateVersion: "string", tenantId: "string", tenantName: "string" }} // body);
console.log(response);use rusty_falcon::apis::cloud_azure_registration_api::cloud_registration_azure_create_registration;use rusty_falcon::easy::client::FalconHandle;use rusty_falcon::models::AzureAzureRegistrationCreateRequestExtV1;
#[tokio::main]async fn main() { let falcon = FalconHandle::from_env().await.expect("Could not authenticate");
let body = AzureAzureRegistrationCreateRequestExtV1 { resource: Default::default(), ..Default::default() };
let response = cloud_registration_azure_create_registration( &falcon.cfg, // configuration body, // body ).await.expect("API call failed");
println!("{:?}", response);}require "crimson-falcon"
Falcon.configure do |config| config.client_id = ENV["FALCON_CLIENT_ID"] config.client_secret = ENV["FALCON_CLIENT_SECRET"] config.cloud = ENV["FALCON_CLOUD"]end
api = Falcon::CloudAzureRegistration.new
body = Falcon::AzureAzureRegistrationCreateRequestExtV1.new( resource: { account_type: 'string', additional_features: [{ feature: 'string', product: 'string', subscription_ids: [] }], additional_properties: {}, api_client_key_id: 'string', api_client_key_type: 'string', cs_infra_region: 'string', cs_infra_subscription_id: 'string', cs_infra_subscription_name: 'string', deployment_method: 'string', deployment_stack_host_id: 'string', deployment_stack_host_region: 'string', deployment_stack_name: 'string', dspm_custom_vnet_configuration: {}, dspm_host_subscription_id: 'string', dspm_network_configuration_type: 'string', dspm_regions: [], environment: 'string', event_hub_settings: [{ cid: 'string', consumer_group: 'string', event_hub_id: 'string', purpose: 'string', tenant_id: 'string' }], management_group_ids: [], microsoft_graph_permission_ids: [], microsoft_graph_permission_ids_readonly: boolean, primary_domain: 'string', products: [{ features: [], product: 'string' }], registration_description: 'string', registration_name: 'string', resource_name_prefix: 'string', resource_name_suffix: 'string', status: 'string', subscription_ids: [], tags: {}, template_version: 'string', tenant_id: 'string', tenant_name: 'string' })
response = api.cloud_registration_azure_create_registration(body)
puts responsecloud_registration_azure_update_registration
Section titled “cloud_registration_azure_update_registration”Update an existing Azure registration for a tenant.
PATCH /cloud-security-registration-azure/entities/registrations/v1
PEP 8
update_registrationParameters
Section titled “Parameters”| Name | Type | Data type | Description |
|---|---|---|---|
| body | body | dictionary | Full body payload in JSON format. |
| account_type | body | string | Azure account type. |
| tenant_id | body | string | Azure tenant ID. |
| subscription_ids | body | string or list of strings | Azure subscription IDs. |
Code Examples
Section titled “Code Examples”from falconpy import CloudAzureRegistration
falcon = CloudAzureRegistration(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
resource = { "account_type": "string", "additional_features": [ { "feature": "string", "product": "string", "subscription_ids": ["string"] } ], "additional_properties": {}, "api_client_key_id": "string", "api_client_key_type": "string", "cs_infra_region": "string", "cs_infra_subscription_id": "string", "cs_infra_subscription_name": "string", "deployment_method": "string", "deployment_stack_host_id": "string", "deployment_stack_host_region": "string", "deployment_stack_name": "string", "dspm_custom_vnet_configuration": {}, "dspm_host_subscription_id": "string", "dspm_network_configuration_type": "string", "dspm_regions": ["string"], "environment": "string", "event_hub_settings": [ { "cid": "string", "consumer_group": "string", "event_hub_id": "string", "purpose": "string", "tenant_id": "string" } ], "management_group_ids": ["string"], "microsoft_graph_permission_ids": ["string"], "microsoft_graph_permission_ids_readonly": boolean, "primary_domain": "string", "products": [ { "features": ["string"], "product": "string" } ], "registration_description": "string", "registration_id": "string", "registration_name": "string", "resource_name_prefix": "string", "resource_name_suffix": "string", "status": "string", "subscription_ids": ["string"], "tags": {}, "template_version": "string", "tenant_id": "string", "tenant_name": "string"}
response = falcon.update_registration(resource=resource)print(response)from falconpy import CloudAzureRegistration
falcon = CloudAzureRegistration(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
resource = { "account_type": "string", "additional_features": [ { "feature": "string", "product": "string", "subscription_ids": ["string"] } ], "additional_properties": {}, "api_client_key_id": "string", "api_client_key_type": "string", "cs_infra_region": "string", "cs_infra_subscription_id": "string", "cs_infra_subscription_name": "string", "deployment_method": "string", "deployment_stack_host_id": "string", "deployment_stack_host_region": "string", "deployment_stack_name": "string", "dspm_custom_vnet_configuration": {}, "dspm_host_subscription_id": "string", "dspm_network_configuration_type": "string", "dspm_regions": ["string"], "environment": "string", "event_hub_settings": [ { "cid": "string", "consumer_group": "string", "event_hub_id": "string", "purpose": "string", "tenant_id": "string" } ], "management_group_ids": ["string"], "microsoft_graph_permission_ids": ["string"], "microsoft_graph_permission_ids_readonly": boolean, "primary_domain": "string", "products": [ { "features": ["string"], "product": "string" } ], "registration_description": "string", "registration_id": "string", "registration_name": "string", "resource_name_prefix": "string", "resource_name_suffix": "string", "status": "string", "subscription_ids": ["string"], "tags": {}, "template_version": "string", "tenant_id": "string", "tenant_name": "string"}
response = falcon.cloud_registration_azure_update_registration(resource=resource)print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
body_payload = { "resource": { "account_type": "string", "additional_features": [ { "feature": "string", "product": "string", "subscription_ids": ["string"] } ], "additional_properties": {}, "api_client_key_id": "string", "api_client_key_type": "string", "cs_infra_region": "string", "cs_infra_subscription_id": "string", "cs_infra_subscription_name": "string", "deployment_method": "string", "deployment_stack_host_id": "string", "deployment_stack_host_region": "string", "deployment_stack_name": "string", "dspm_custom_vnet_configuration": {}, "dspm_host_subscription_id": "string", "dspm_network_configuration_type": "string", "dspm_regions": ["string"], "environment": "string", "event_hub_settings": [ { "cid": "string", "consumer_group": "string", "event_hub_id": "string", "purpose": "string", "tenant_id": "string" } ], "management_group_ids": ["string"], "microsoft_graph_permission_ids": ["string"], "microsoft_graph_permission_ids_readonly": boolean, "primary_domain": "string", "products": [ { "features": ["string"], "product": "string" } ], "registration_description": "string", "registration_id": "string", "registration_name": "string", "resource_name_prefix": "string", "resource_name_suffix": "string", "status": "string", "subscription_ids": ["string"], "tags": {}, "template_version": "string", "tenant_id": "string", "tenant_name": "string" }}
response = falcon.command("cloud_registration_azure_update_registration", body=body_payload)print(response)Examples coming soon.
package main
import ( "context" "fmt" "os"
"github.com/crowdstrike/gofalcon/falcon" "github.com/crowdstrike/gofalcon/falcon/client/cloud_azure_registration" "github.com/crowdstrike/gofalcon/falcon/models")
func main() { client, err := falcon.NewClient(&falcon.ApiConfig{ ClientId: os.Getenv("FALCON_CLIENT_ID"), ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"), Context: context.Background(), }) if err != nil { panic(err) }
response, err := client.CloudAzureRegistration.CloudRegistrationAzureUpdateRegistration( &cloud_azure_registration.CloudRegistrationAzureUpdateRegistrationParams{ Body: &models.AzureAzureRegistrationUpdateRequestExtV1{ Resource: &struct{}{}, }, Context: context.Background(), }, ) if err != nil { panic(falcon.ErrorExplain(err)) }
fmt.Printf("%+v\n", response.Payload)}import { FalconClient } from "crowdstrike-falcon";
const client = new FalconClient({ cloud: process.env.FALCON_CLOUD!, clientId: process.env.FALCON_CLIENT_ID!, clientSecret: process.env.FALCON_CLIENT_SECRET!,});
const response = await client.cloudAzureRegistration.cloudRegistrationAzureUpdateRegistration( { resource: { accountType: "string", additionalFeatures: [{ feature: "string", product: "string", subscriptionIds: [] }], additionalProperties: {}, apiClientKeyId: "string", apiClientKeyType: "string", csInfraRegion: "string", csInfraSubscriptionId: "string", csInfraSubscriptionName: "string", deploymentMethod: "string", deploymentStackHostId: "string", deploymentStackHostRegion: "string", deploymentStackName: "string", dspmCustomVnetConfiguration: {}, dspmHostSubscriptionId: "string", dspmNetworkConfigurationType: "string", dspmRegions: [], environment: "string", eventHubSettings: [{ cid: "string", consumerGroup: "string", eventHubId: "string", purpose: "string", tenantId: "string" }], managementGroupIds: [], microsoftGraphPermissionIds: [], microsoftGraphPermissionIdsReadonly: boolean, primaryDomain: "string", products: [{ features: [], product: "string" }], registrationDescription: "string", registrationId: "string", registrationName: "string", resourceNamePrefix: "string", resourceNameSuffix: "string", status: "string", subscriptionIds: [], tags: {}, templateVersion: "string", tenantId: "string", tenantName: "string" }} // body);
console.log(response);use rusty_falcon::apis::cloud_azure_registration_api::cloud_registration_azure_update_registration;use rusty_falcon::easy::client::FalconHandle;use rusty_falcon::models::AzureAzureRegistrationUpdateRequestExtV1;
#[tokio::main]async fn main() { let falcon = FalconHandle::from_env().await.expect("Could not authenticate");
let body = AzureAzureRegistrationUpdateRequestExtV1 { resource: Default::default(), ..Default::default() };
let response = cloud_registration_azure_update_registration( &falcon.cfg, // configuration body, // body ).await.expect("API call failed");
println!("{:?}", response);}require "crimson-falcon"
Falcon.configure do |config| config.client_id = ENV["FALCON_CLIENT_ID"] config.client_secret = ENV["FALCON_CLIENT_SECRET"] config.cloud = ENV["FALCON_CLOUD"]end
api = Falcon::CloudAzureRegistration.new
body = Falcon::AzureAzureRegistrationUpdateRequestExtV1.new( resource: { account_type: 'string', additional_features: [{ feature: 'string', product: 'string', subscription_ids: [] }], additional_properties: {}, api_client_key_id: 'string', api_client_key_type: 'string', cs_infra_region: 'string', cs_infra_subscription_id: 'string', cs_infra_subscription_name: 'string', deployment_method: 'string', deployment_stack_host_id: 'string', deployment_stack_host_region: 'string', deployment_stack_name: 'string', dspm_custom_vnet_configuration: {}, dspm_host_subscription_id: 'string', dspm_network_configuration_type: 'string', dspm_regions: [], environment: 'string', event_hub_settings: [{ cid: 'string', consumer_group: 'string', event_hub_id: 'string', purpose: 'string', tenant_id: 'string' }], management_group_ids: [], microsoft_graph_permission_ids: [], microsoft_graph_permission_ids_readonly: boolean, primary_domain: 'string', products: [{ features: [], product: 'string' }], registration_description: 'string', registration_id: 'string', registration_name: 'string', resource_name_prefix: 'string', resource_name_suffix: 'string', status: 'string', subscription_ids: [], tags: {}, template_version: 'string', tenant_id: 'string', tenant_name: 'string' })
response = api.cloud_registration_azure_update_registration(body)
puts responsecloud_registration_azure_delete_registration
Section titled “cloud_registration_azure_delete_registration”Deletes existing Azure registrations.
DELETE /cloud-security-registration-azure/entities/registrations/v1
PEP 8
delete_registrationParameters
Section titled “Parameters”| Name | Type | Data type | Description |
|---|---|---|---|
| tenant_ids | query | string or list of strings | Azure tenant IDs. |
| parameters | query | dictionary | Full query string parameters payload in JSON format. |
Code Examples
Section titled “Code Examples”from falconpy import CloudAzureRegistration
falcon = CloudAzureRegistration(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.delete_registration(tenant_ids=id_list)print(response)from falconpy import CloudAzureRegistration
falcon = CloudAzureRegistration(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.cloud_registration_azure_delete_registration(tenant_ids=id_list)print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.command("cloud_registration_azure_delete_registration", tenant_ids=id_list)print(response)Examples coming soon.
package main
import ( "context" "fmt" "os"
"github.com/crowdstrike/gofalcon/falcon" "github.com/crowdstrike/gofalcon/falcon/client/cloud_azure_registration")
func main() { client, err := falcon.NewClient(&falcon.ApiConfig{ ClientId: os.Getenv("FALCON_CLIENT_ID"), ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"), Context: context.Background(), }) if err != nil { panic(err) }
response, err := client.CloudAzureRegistration.CloudRegistrationAzureDeleteRegistration( &cloud_azure_registration.CloudRegistrationAzureDeleteRegistrationParams{ TenantIds: []string{"ID1", "ID2", "ID3"}, Context: context.Background(), }, ) if err != nil { panic(falcon.ErrorExplain(err)) }
fmt.Printf("%+v\n", response.Payload)}import { FalconClient } from "crowdstrike-falcon";
const client = new FalconClient({ cloud: process.env.FALCON_CLOUD!, clientId: process.env.FALCON_CLIENT_ID!, clientSecret: process.env.FALCON_CLIENT_SECRET!,});
const response = await client.cloudAzureRegistration.cloudRegistrationAzureDeleteRegistration(["ID1", "ID2", "ID3"]); // tenantIds
console.log(response);use rusty_falcon::apis::cloud_azure_registration_api::cloud_registration_azure_delete_registration;use rusty_falcon::easy::client::FalconHandle;
#[tokio::main]async fn main() { let falcon = FalconHandle::from_env().await.expect("Could not authenticate");
let response = cloud_registration_azure_delete_registration( &falcon.cfg, // configuration vec!["string".to_string()], // tenant_ids ).await.expect("API call failed");
println!("{:?}", response);}require "crimson-falcon"
Falcon.configure do |config| config.client_id = ENV["FALCON_CLIENT_ID"] config.client_secret = ENV["FALCON_CLIENT_SECRET"] config.cloud = ENV["FALCON_CLOUD"]end
api = Falcon::CloudAzureRegistration.new
response = api.cloud_registration_azure_delete_registration(['ID1', 'ID2', 'ID3'])
puts responsedownload_azure_script
Section titled “download_azure_script”Download Azure deployment script (Terraform or Bicep).
GET /cloud-security-registration-azure/entities/scripts/v1
PEP 8
deployment_scriptParameters
Section titled “Parameters”| Name | Type | Data type | Description |
|---|---|---|---|
| tenant_id | query | string | Azure tenant ID. |
| parameters | query | dictionary | Full query string parameters payload in JSON format. |
Code Examples
Section titled “Code Examples”Examples coming soon.
Examples coming soon.
Examples coming soon.
Examples coming soon.
Examples coming soon.
Examples coming soon.
cloud_registration_azure_delete_legacy_subscription
Section titled “cloud_registration_azure_delete_legacy_subscription”Delete existing legacy Azure subscriptions.
DELETE /cloud-security-registration-azure/entities/accounts/legacy/v1
PEP 8
delete_legacy_subscriptionParameters
Section titled “Parameters”| Name | Type | Data type | Description |
|---|---|---|---|
| body | body | string | |
| parameters | query | dictionary | Full query string parameters payload in JSON format. |
Code Examples
Section titled “Code Examples”from falconpy import CloudAzureRegistration
falcon = CloudAzureRegistration(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
response = falcon.delete_legacy_subscription(retain_client=boolean, subscription_id="string", tenant_id="string")print(response)from falconpy import CloudAzureRegistration
falcon = CloudAzureRegistration(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
response = falcon.cloud_registration_azure_delete_legacy_subscription(retain_client=boolean, subscription_id="string", tenant_id="string")print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
body_payload = { "resources": [ { "retain_client": boolean, "subscription_id": "string", "tenant_id": "string" } ]}
response = falcon.command("cloud_registration_azure_delete_legacy_subscription", body=body_payload)print(response)Examples coming soon.
package main
import ( "context" "fmt" "os"
"github.com/crowdstrike/gofalcon/falcon" "github.com/crowdstrike/gofalcon/falcon/client/cloud_azure_registration" "github.com/crowdstrike/gofalcon/falcon/models")
func main() { client, err := falcon.NewClient(&falcon.ApiConfig{ ClientId: os.Getenv("FALCON_CLIENT_ID"), ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"), Context: context.Background(), }) if err != nil { panic(err) }
retain_client := boolean subscription_id := "string" tenant_id := "string"
response, err := client.CloudAzureRegistration.CloudRegistrationAzureDeleteLegacySubscription( &cloud_azure_registration.CloudRegistrationAzureDeleteLegacySubscriptionParams{ Body: &models.AzureLegacySubscriptionDeleteRequestExtV1{ Resources: []interface{}{ { RetainClient: &retain_client, SubscriptionID: &subscription_id, TenantID: &tenant_id, }, }, }, Context: context.Background(), }, ) if err != nil { panic(falcon.ErrorExplain(err)) }
fmt.Printf("%+v\n", response.Payload)}import { FalconClient } from "crowdstrike-falcon";
const client = new FalconClient({ cloud: process.env.FALCON_CLOUD!, clientId: process.env.FALCON_CLIENT_ID!, clientSecret: process.env.FALCON_CLIENT_SECRET!,});
const response = await client.cloudAzureRegistration.cloudRegistrationAzureDeleteLegacySubscription( { resources: [{ retainClient: boolean, subscriptionId: "string", tenantId: "string" }]} // body);
console.log(response);Examples coming soon.
require "crimson-falcon"
Falcon.configure do |config| config.client_id = ENV["FALCON_CLIENT_ID"] config.client_secret = ENV["FALCON_CLIENT_SECRET"] config.cloud = ENV["FALCON_CLOUD"]end
api = Falcon::CloudAzureRegistration.new
body = Falcon::AzureLegacySubscriptionDeleteRequestExtV1.new( resources: [{ retain_client: boolean, subscription_id: 'string', tenant_id: 'string' }])
response = api.cloud_registration_azure_delete_legacy_subscription(body)
puts responsecloud_registration_azure_trigger_health_check
Section titled “cloud_registration_azure_trigger_health_check”Trigger health check scan for Azure registrations.
POST /cloud-security-registration-azure/entities/registrations/healthcheck/v1
PEP 8
health_checkParameters
Section titled “Parameters”| Name | Type | Data type | Description |
|---|---|---|---|
| tenant_ids | query | list | Azure tenant IDs. |
| parameters | query | dictionary | Full query string parameters payload in JSON format. |
Code Examples
Section titled “Code Examples”from falconpy import CloudAzureRegistration
falcon = CloudAzureRegistration(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.health_check(tenant_ids=id_list)print(response)from falconpy import CloudAzureRegistration
falcon = CloudAzureRegistration(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.cloud_registration_azure_trigger_health_check(tenant_ids=id_list)print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.command("cloud_registration_azure_trigger_health_check", tenant_ids=id_list)print(response)Examples coming soon.
package main
import ( "context" "fmt" "os"
"github.com/crowdstrike/gofalcon/falcon" "github.com/crowdstrike/gofalcon/falcon/client/cloud_azure_registration")
func main() { client, err := falcon.NewClient(&falcon.ApiConfig{ ClientId: os.Getenv("FALCON_CLIENT_ID"), ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"), Context: context.Background(), }) if err != nil { panic(err) }
response, err := client.CloudAzureRegistration.CloudRegistrationAzureTriggerHealthCheck( &cloud_azure_registration.CloudRegistrationAzureTriggerHealthCheckParams{ TenantIds: []string{"ID1", "ID2", "ID3"}, Context: context.Background(), }, ) if err != nil { panic(falcon.ErrorExplain(err)) }
fmt.Printf("%+v\n", response.Payload)}import { FalconClient } from "crowdstrike-falcon";
const client = new FalconClient({ cloud: process.env.FALCON_CLOUD!, clientId: process.env.FALCON_CLIENT_ID!, clientSecret: process.env.FALCON_CLIENT_SECRET!,});
const response = await client.cloudAzureRegistration.cloudRegistrationAzureTriggerHealthCheck(["ID1", "ID2", "ID3"]); // tenantIds
console.log(response);Examples coming soon.
require "crimson-falcon"
Falcon.configure do |config| config.client_id = ENV["FALCON_CLIENT_ID"] config.client_secret = ENV["FALCON_CLIENT_SECRET"] config.cloud = ENV["FALCON_CLOUD"]end
api = Falcon::CloudAzureRegistration.new
response = api.cloud_registration_azure_trigger_health_check(tenant_ids: ['ID1', 'ID2', 'ID3'])
puts responsecloud_registration_azure_validate_registration
Section titled “cloud_registration_azure_validate_registration”Validate an Azure registration by checking service principal, role assignments and deployment stack (if the deployment method is Bicep).
POST /cloud-security-registration-azure/entities/registrations/validate/v1
PEP 8
validate_registrationParameters
Section titled “Parameters”| Name | Type | Data type | Description |
|---|---|---|---|
| tenant_id | query | string | Azure tenant ID to be validated. |
| stack_name | query | string | Azure deployment stack name to be validated. |
| parameters | query | dictionary | Full query string parameters payload in JSON format. |
Code Examples
Section titled “Code Examples”from falconpy import CloudAzureRegistration
falcon = CloudAzureRegistration(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
response = falcon.validate_registration(tenant_id="string", stack_name="string")print(response)from falconpy import CloudAzureRegistration
falcon = CloudAzureRegistration(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
response = falcon.cloud_registration_azure_validate_registration(tenant_id="string", stack_name="string")print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
response = falcon.command("cloud_registration_azure_validate_registration", tenant_id="string", stack_name="string")print(response)Examples coming soon.
package main
import ( "context" "fmt" "os"
"github.com/crowdstrike/gofalcon/falcon" "github.com/crowdstrike/gofalcon/falcon/client/cloud_azure_registration")
func main() { client, err := falcon.NewClient(&falcon.ApiConfig{ ClientId: os.Getenv("FALCON_CLIENT_ID"), ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"), Context: context.Background(), }) if err != nil { panic(err) }
stackName := "string"
response, err := client.CloudAzureRegistration.CloudRegistrationAzureValidateRegistration( &cloud_azure_registration.CloudRegistrationAzureValidateRegistrationParams{ TenantID: "string", StackName: &stackName, Context: context.Background(), }, ) if err != nil { panic(falcon.ErrorExplain(err)) }
fmt.Printf("%+v\n", response.Payload)}import { FalconClient } from "crowdstrike-falcon";
const client = new FalconClient({ cloud: process.env.FALCON_CLOUD!, clientId: process.env.FALCON_CLIENT_ID!, clientSecret: process.env.FALCON_CLIENT_SECRET!,});
const response = await client.cloudAzureRegistration.cloudRegistrationAzureValidateRegistration( "string", // tenantId "string" // stackName);
console.log(response);Examples coming soon.
require "crimson-falcon"
Falcon.configure do |config| config.client_id = ENV["FALCON_CLIENT_ID"] config.client_secret = ENV["FALCON_CLIENT_SECRET"] config.cloud = ENV["FALCON_CLOUD"]end
api = Falcon::CloudAzureRegistration.new
response = api.cloud_registration_azure_validate_registration('string')
puts responsecloud_registration_azure_download_script
Section titled “cloud_registration_azure_download_script”Retrieve script to create resources.
POST /cloud-security-registration-azure/entities/scripts/v1
PEP 8
download_scriptParameters
Section titled “Parameters”| Name | Type | Data type | Description |
|---|---|---|---|
| body | body | dictionary | Full body payload in JSON format. |
| tenant_id | body | string | Azure tenant ID. |
Code Examples
Section titled “Code Examples”from falconpy import CloudAzureRegistration
falcon = CloudAzureRegistration(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
response = falcon.download_script(tenant_id="string")print(response)from falconpy import CloudAzureRegistration
falcon = CloudAzureRegistration(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
response = falcon.cloud_registration_azure_download_script(tenant_id="string")print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID, client_secret=CLIENT_SECRET )
body_payload = { "resources": [ { "tenant_id": "string" } ]}
response = falcon.command("cloud_registration_azure_download_script", body=body_payload)print(response)Examples coming soon.
package main
import ( "context" "fmt" "os"
"github.com/crowdstrike/gofalcon/falcon" "github.com/crowdstrike/gofalcon/falcon/client/cloud_azure_registration" "github.com/crowdstrike/gofalcon/falcon/models")
func main() { client, err := falcon.NewClient(&falcon.ApiConfig{ ClientId: os.Getenv("FALCON_CLIENT_ID"), ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"), Context: context.Background(), }) if err != nil { panic(err) }
tenantId := "string"
response, err := client.CloudAzureRegistration.CloudRegistrationAzureDownloadScript( &cloud_azure_registration.CloudRegistrationAzureDownloadScriptParams{ Body: &models.AzureAzureDownloadScriptRequestV1{ Resources: []interface{}{ { Tenantid: &tenantId, }, }, }, Context: context.Background(), }, ) if err != nil { panic(falcon.ErrorExplain(err)) }
fmt.Printf("%+v\n", response.Payload)}import { FalconClient } from "crowdstrike-falcon";
const client = new FalconClient({ cloud: process.env.FALCON_CLOUD!, clientId: process.env.FALCON_CLIENT_ID!, clientSecret: process.env.FALCON_CLIENT_SECRET!,});
const response = await client.cloudAzureRegistration.cloudRegistrationAzureDownloadScript( { resources: [{ tenantId: "string" }]} // body);
console.log(response);use rusty_falcon::apis::cloud_azure_registration_api::cloud_registration_azure_download_script;use rusty_falcon::easy::client::FalconHandle;use rusty_falcon::models::AzureAzureDownloadScriptRequestV1;
#[tokio::main]async fn main() { let falcon = FalconHandle::from_env().await.expect("Could not authenticate");
let body = AzureAzureDownloadScriptRequestV1 { resources: vec![AzureDownloadScriptRequestData { tenant_id: Some("string".to_string()), ..Default::default() }], ..Default::default() };
let response = cloud_registration_azure_download_script( &falcon.cfg, // configuration body, // body ).await.expect("API call failed");
println!("{:?}", response);}require "crimson-falcon"
Falcon.configure do |config| config.client_id = ENV["FALCON_CLIENT_ID"] config.client_secret = ENV["FALCON_CLIENT_SECRET"] config.cloud = ENV["FALCON_CLOUD"]end
api = Falcon::CloudAzureRegistration.new
body = Falcon::AzureAzureDownloadScriptRequestV1.new( resources: [{ tenantId: 'string' }])
response = api.cloud_registration_azure_download_script(body)
puts response