Skip to content
CrowdStrike Developer Center

D4C Registration

The D4C Registration service collection provides operations for registering AWS, Azure, and GCP cloud accounts. This service collection has been superseded by the CSPM Registration service collection and is now deprecated. Developers should move code over to use the new operations available within the updated collection.

LanguageLast Update
Pythonv1.5.0
PowerShellv2.2.9
Gov0.20.0
TypeScriptv0.6.0
Rustv0.7.0
Rubyv1.2.0
deprecated

This service collection has been superseded by the CSPMRegistration service collection and is now deprecated. Developers should move code over to use the new operations available within the updated collection.

Table of Contents

Section titled “Table of Contents”
OperationDescription
GetD4CAwsAccount
get_aws_account		Returns information about the current status of an AWS account.
deprecated
CreateD4CAwsAccount
create_aws_account		Creates a new account in our system for a customer and generates a script for them to run in their AWS cloud environment to grant us access.
deprecated
DeleteD4CAwsAccount
delete_aws_account		Deletes an existing AWS account or organization in our system.
deprecated
GetD4CAwsConsoleSetupURLs
get_aws_console_setup		Return a URL for customer to visit in their cloud environment to grant us access to their AWS environment.
deprecated
GetD4CAWSAccountScriptsAttachment
get_aws_account_scripts		Return a script for customer to run in their cloud environment to grant us access to their AWS environment as a downloadable attachment.
deprecated
GetDiscoverCloudAzureAccount
get_azure_account		Return information about Azure account registration.
deprecated
CreateDiscoverCloudAzureAccount
create_azure_account		Creates a new account in our system for a customer and generates a script for them to run in their cloud environment to grant us access.
deprecated
UpdateDiscoverCloudAzureAccountClientID
update_azure_account_client_id		Update an Azure service account in our system by with the user-created client_id created with the public key we’ve provided.
deprecated
GetDiscoverCloudAzureUserScriptsAttachment
get_azure_user_scripts_attachment		Return a script for customer to run in their cloud environment to grant us access to their Azure environment as a downloadable attachment.
deprecated
GetDiscoverCloudAzureUserScripts
get_azure_user_scripts		Return a script for customer to run in their cloud environment to grant us access to their Azure environment.
DiscoverCloudAzureDownloadCertificate
azure_download_certificate		Returns JSON object(s) that contain the base64 encoded certificate for a service principal.
deprecated
GetDiscoverCloudAzureTenantIDs
get_azure_tenant_ids		Return all available Azure tenant IDs.
deprecated
GetHorizonD4CScripts
get_aws_horizon_scripts		Returns static install scripts for Horizon.
deprecated
DeleteD4CGCPAccount
delete_gcp_account		Deletes a GCP account from the system.
deprecated
ConnectD4CGCPAccount
connect_gcp_account		Creates a new GCP account with newly-uploaded service account or connects with existing service account.
deprecated
GetD4CGCPServiceAccountsExt
get_gcp_service_account		Returns the service account id and client email for external clients.
deprecated
UpdateD4CGCPServiceAccountsExt
update_gcp_service_account		Updates an existing GCP service account.
GetD4CGCPUserScriptsAttachment
get_gcp_user_scripts_attachment		Return a script for customer to run in their cloud environment to grant us access to their GCP environment as a downloadable attachment.
deprecated
CreateD4CGCPAccount
create_gcp_account		Creates a new account in our system for a customer and generates a new service account for them to add access to in their GCP environment to grant us access.
GetCSPMGCPUserScriptsAttachment
get_gcp_user_scripts_attachment		Return a script for customer to run in their cloud environment to grant us access to their GCP environment as a downloadable attachment.
GetD4CCGPAccount
get_gcp_account		Returns information about the current status of an GCP account.
GetD4CGCPUserScripts
get_gcp_user_scripts		Return a script for customer to run in their cloud environment to grant us access to their GCP environment.

GetD4CAwsAccount

Section titled “GetD4CAwsAccount”

Returns information about the current status of an AWS account.

This operation has been superseded by the GetCSPMAwsAccount operation and is now deprecated.

GET /cloud-connect-aws/entities/account/v2
Scope D4C Registration: READ Consumes · Produces application/json
PEP 8 get_aws_account

Parameters

Section titled “Parameters”
NameTypeData typeDescription
idsquerystring or list of stringsAWS account ID(s). When empty, all accounts are returned.
organization_idsquerystring or list of stringsAWS organization ID(s).
parametersquerydictionaryFull query string parameters payload in JSON format.
scan_typequerystringType of scan to perform, dry or full.
statusquerystringAccount status to filter results by.
limitqueryintegerThe maximum number of records to return. Defaults to 100.
offsetqueryintegerThe offset to start retrieving records from.
migratedquerybooleanOnly return migrated accounts.

Code Examples

Section titled “Code Examples”
from falconpy import D4CRegistration


falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']


response = falcon.get_aws_account(ids=id_list,
                                  limit=integer,
                                  migrated=boolean,
                                  offset=integer,
                                  organization_ids=id_list,
                                  scan_type="string",
                                  status="string")
print(response)

CreateD4CAwsAccount

Section titled “CreateD4CAwsAccount”

Creates a new account in our system for a customer and generates a script for them to run in their AWS cloud environment to grant us access.

This operation has been superseded by the CreateCSPMAwsAccount operation and is now deprecated.

POST /cloud-connect-aws/entities/account/v2
Scope D4C Registration: WRITE Consumes · Produces application/json
PEP 8 create_aws_account

Parameters

Section titled “Parameters”
NameTypeData typeDescription
account_idbodystringAWS account ID.
account_typebodystringAWS account type.
bodybodydictionaryFull body payload in JSON format.
cloudtrail_regionbodystringAWS region for CloudTrail access.
iam_role_arnbodystringAWS IAM Role ARN.
is_masterbodybooleanFlag indicating if this is the master account.
organization_idbodystringAWS organization ID.

Code Examples

Section titled “Code Examples”
from falconpy import D4CRegistration


falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


response = falcon.create_aws_account(account_id="string",
                                     account_type="string",
                                     cloudtrail_region="string",
                                     iam_role_arn="string",
                                     is_master=boolean,
                                     organization_id="string")
print(response)

DeleteD4CAwsAccount

Section titled “DeleteD4CAwsAccount”

Deletes an existing AWS account or organization in our system.

This operation has been superseded by the DeleteCSPMAwsAccount operation and is now deprecated.

DELETE /cloud-connect-aws/entities/account/v2
Scope D4C Registration: WRITE Consumes · Produces application/json
PEP 8 delete_aws_account

Parameters

Section titled “Parameters”
NameTypeData typeDescription
idsquerystring or list of stringsAWS account ID(s).
organization_idsquerystring or list of stringsAWS organization ID(s).
parametersquerydictionaryFull query string parameters payload in JSON format, not required when using other keywords.

Code Examples

Section titled “Code Examples”
from falconpy import D4CRegistration


falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']


response = falcon.delete_aws_account(ids=id_list, organization_ids=id_list)
print(response)

GetD4CAwsConsoleSetupURLs

Section titled “GetD4CAwsConsoleSetupURLs”

Return a URL for customer to visit in their cloud environment to grant us access to their AWS environment.

This operation has been superseded by the GetCSPMAwsConsoleSetupURLs operation and is now deprecated.

GET /cloud-connect-aws/entities/console-setup-urls/v1
Scope D4C Registration: READ Consumes · Produces application/json
PEP 8 get_aws_console_setup

Parameters

Section titled “Parameters”
NameTypeData typeDescription
regionquerystringAWS region to generate URL for.
parametersquerydictionaryFull query string parameters payload in JSON format, not required when using other keywords.

Code Examples

Section titled “Code Examples”
from falconpy import D4CRegistration


falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


response = falcon.get_aws_console_setup(region="string")
print(response)

GetD4CAWSAccountScriptsAttachment

Section titled “GetD4CAWSAccountScriptsAttachment”

Return a script for customer to run in their cloud environment to grant us access to their AWS environment as a downloadable attachment.

This operation has been superseded by the GetCSPMAwsAccountScriptsAttachment operation and is now deprecated.

GET /cloud-connect-aws/entities/user-scripts-download/v1
Scope D4C Registration: READ Consumes · Produces application/json
PEP 8 get_aws_account_scripts

Parameters

Section titled “Parameters”
NameTypeData typeDescription
accountsquerystring or list of stringsList of accounts to register.
aws_profilequerystringThe AWS profile to be used during registration.
aws_regionquerystringThe AWS region to be used during registration.
behavior_assessment_enabledquerystringEnable behavior assessment. Allowed values: true or false.
dspm_enabledquerystringEnable DSPM. Allowed values: true or false.
dspm_host_account_idquerystringDSPM host account ID.
dspm_host_integration_role_namequerystringDSPM host integration role name.
dspm_host_scanner_role_namequerystringDSPM host scanner role name.
dspm_regionsquerystring or list of stringsDSPM regions.
dspm_rolequerystringDSPM role.
falcon_client_idquerystringThe Falcon client ID used during registration.
iam_role_arnquerystringThe custom IAM role to be used during registration.
idsquerystring or list of stringsThe AWS account ID(s) to retrieve script attachments.
organization_idquerystring or list of stringsThe AWS organization ID to be registered.
organization_unit_idsquerystring or list of stringsThe AWS organization ID to be registered.
parametersquerydictionaryFull query string parameters payload as a dictionary.
sensor_management_enabledquerystringEnable sensor management. Allowed values: true or false.
tagsquerystringBase64 encoded JSON string to be used as AWS tags.
templatequerystringTemplate to be rendered. Allowed values: aws-bash or aws-terraform.
use_existing_cloudtrailquerystringUse the existing cloudtrail log. Allowed values: true or false.

Code Examples

Section titled “Code Examples”
from falconpy import D4CRegistration


falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']


with open("output_file", "wb") as save_file:
    response = falcon.get_aws_account_scripts(ids=id_list,
                                              template="string",
                                              accounts=id_list,
                                              behavior_assessment_enabled=boolean,
                                              sensor_management_enabled=boolean,
                                              dspm_enabled=boolean,
                                              dspm_regions="string",
                                              dspm_host_account_id="string",
                                              dspm_host_integration_role_name="string",
                                              dspm_host_scanner_role_name="string",
                                              dspm_role="string",
                                              vulnerability_scanning_enabled=boolean,
                                              vulnerability_scanning_regions=id_list,
                                              vulnerability_scanning_host_account_id="string",
                                              vulnerability_scanning_host_integration_role_name="string",
                                              vulnerability_scanning_host_scanner_role_name="string",
                                              vulnerability_scanning_role="string",
                                              use_existing_cloudtrail=boolean,
                                              organization_id="string",
                                              organizational_unit_ids=id_list,
                                              aws_profile="string",
                                              aws_region="string",
                                              iam_role_arn="string",
                                              falcon_client_id="string",
                                              idp_enabled="string",
                                              tags="string",
                                              stream=boolean)
    save_file.write(response)

GetDiscoverCloudAzureAccount

Section titled “GetDiscoverCloudAzureAccount”

Return information about Azure account registration.

This operation has been superseded by the GetCSPMAzureAccount operation and is now deprecated. Legacy Operation ID: GetCSPMAzureAccount.

GET /cloud-connect-azure/entities/account/v1
Scope D4C Registration: READ Consumes · Produces application/json
PEP 8 get_azure_account

Parameters

Section titled “Parameters”
NameTypeData typeDescription
idsquerystring or list of stringsSubscription ID(s). When empty, all accounts are returned.
tenant_idsquerystring or list of stringsTenant IDs to use to filter Azure accounts returned.
parametersquerydictionaryFull query string parameters payload in JSON format.
scan_typequerystringType of scan to perform, dry or full.
statusquerystringAccount status to filter results by.
limitqueryintegerThe maximum number of records to return. Defaults to 100.
offsetqueryintegerThe offset to start retrieving records from.

Code Examples

Section titled “Code Examples”
from falconpy import D4CRegistration


falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']


response = falcon.get_azure_account(ids=id_list,
                                    limit=integer,
                                    offset=integer,
                                    scan_type="string",
                                    status="string",
                                    tenant_ids=id_list)
print(response)

CreateDiscoverCloudAzureAccount

Section titled “CreateDiscoverCloudAzureAccount”

Creates a new account in our system for a customer and generates a script for them to run in their cloud environment to grant us access.

This operation has been superseded by the CreateCSPMAzureAccount operation and is now deprecated. Legacy Operation ID: CreateCSPMAzureAccount.

POST /cloud-connect-azure/entities/account/v1
Scope D4C Registration: WRITE Consumes · Produces application/json
PEP 8 create_azure_account

Parameters

Section titled “Parameters”
NameTypeData typeDescription
account_typebodystringAzure account type.
bodybodydictionaryFull body payload in JSON format.
client_idbodystringClient ID.
default_subscriptionbodybooleanFlag indicating if this is the default Azure subscription.
subscription_idbodystringAzure Subscription ID.
tenant_idbodystringAzure tenant ID.
years_validbodyintegerYears valid.

Code Examples

Section titled “Code Examples”
from falconpy import D4CRegistration


falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


response = falcon.create_azure_account(account_type="string",
                                       client_id="string",
                                       default_subscription=boolean,
                                       subscription_id="string",
                                       tenant_id="string",
                                       years_valid=integer)
print(response)

UpdateDiscoverCloudAzureAccountClientID

Section titled “UpdateDiscoverCloudAzureAccountClientID”

Update an Azure service account in our system by with the user-created client_id created with the public key we’ve provided.

This operation has been superseded by the UpdateCSPMAzureAccountClientID operation and is now deprecated. Legacy Operation ID: UpdateCSPMAzureAccountClientID.

PATCH /cloud-connect-azure/entities/client-id/v1
Scope D4C Registration: WRITE Consumes · Produces application/json
PEP 8 update_azure_account_client_id

Parameters

Section titled “Parameters”
NameTypeData typeDescription
idquerystringClient ID to use for the Service Principal associated with the registered Azure account.
object_idquerystringObject ID to use for the Service Principal associated with the registered Azure account.
tenant_idquerystringTenant ID to update Client ID for. Required if multiple tenants are registered.
parametersquerydictionaryFull query string parameters payload in JSON format.

Code Examples

Section titled “Code Examples”
from falconpy import D4CRegistration


falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


response = falcon.update_azure_account_client_id(id="string",
                                                 object_id="string",
                                                 tenant_id="string")
print(response)

GetDiscoverCloudAzureUserScriptsAttachment

Section titled “GetDiscoverCloudAzureUserScriptsAttachment”

Return a script for customer to run in their cloud environment to grant us access to their Azure environment as a downloadable attachment.

This operation has been superseded by the GetCSPMAzureUserScriptsAttachment operation and is now deprecated. Legacy Operation ID: GetCSPMAzureUserScriptsAttachment.

GET /cloud-connect-azure/entities/user-scripts-download/v1
Scope D4C Registration: READ Consumes · Produces application/json
PEP 8 get_azure_user_scripts_attachment

Parameters

Section titled “Parameters”
NameTypeData typeDescription
parametersquerydictionaryFull query string parameters payload in JSON format.
azure_management_groupquerybooleanUse Azure Management Group.
subscription_idsquerystring or list of stringsAzure Subscription IDs.
templatequerystring or list of stringsTemplate to be rendered.
tenant_idquerystringAzure Tenant IDs.

Code Examples

Section titled “Code Examples”
from falconpy import D4CRegistration


falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']


with open("output_file", "wb") as save_file:
    response = falcon.get_azure_user_scripts_attachment(subscription_ids=id_list,
                                                        template="string",
                                                        tenant_id="string",
                                                        stream=boolean)
    save_file.write(response)

GetDiscoverCloudAzureUserScripts

Section titled “GetDiscoverCloudAzureUserScripts”

Return a script for customer to run in their cloud environment to grant us access to their Azure environment.

Legacy Operation ID: GetCSPMAzureUserScripts.

GET /cloud-connect-azure/entities/user-scripts/v1
Scope D4C Registration: READ Consumes · Produces application/json
PEP 8 get_azure_user_scripts

No keywords or arguments accepted.

Code Examples

Section titled “Code Examples”
from falconpy import D4CRegistration


falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


response = falcon.get_azure_user_scripts()
print(response)

DiscoverCloudAzureDownloadCertificate

Section titled “DiscoverCloudAzureDownloadCertificate”

Returns JSON object(s) that contain the base64 encoded certificate for a service principal.

This operation has been superseded by the AzureDownloadCertificate operation and is now deprecated.

GET /cloud-connect-azure/entities/download-certificate/v1
Scope D4C Registration: READ Consumes · Produces application/json
PEP 8 azure_download_certificate

Parameters

Section titled “Parameters”
NameTypeData typeDescription
parametersquerydictionaryFull query string parameters payload in JSON format.
refreshquerybooleanForce a refresh of the certificate. Defaults to False.
tenant_idquerystring or list of stringsThe Azure Client ID to generate script for. Defaults to the most recently registered tenant.
years_validbodyintegerYears the certificate should be valid. Only used when refresh is set to True.

Code Examples

Section titled “Code Examples”

Examples coming soon.

GetDiscoverCloudAzureTenantIDs

Section titled “GetDiscoverCloudAzureTenantIDs”

Return available tenant ids for discover for cloud. This operation has been deprecated and will be removed from the SDK when this endpoint is decommissioned.

GET /cloud-connect-azure/entities/tenant-id/v1
Scope D4C Registration: READ Consumes · Produces application/json
PEP 8 get_azure_tenant_ids

No keywords or arguments accepted.

Code Examples

Section titled “Code Examples”
from falconpy import D4CRegistration


falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


response = falcon.get_azure_tenant_ids()
print(response)

GetHorizonD4CScripts

Section titled “GetHorizonD4CScripts”

Returns static install scripts for Horizon. This operation has been deprecated and will be removed from the SDK when this endpoint is decommissioned.

GET /settings-discover/entities/gen/scripts/v1
Scope D4C Registration: READ Consumes · Produces application/json
PEP 8 get_aws_horizon_scripts

Parameters

Section titled “Parameters”
NameTypeData typeDescription
account_typequerystringAccount type (commercial, gov). Only applicable when registering AWS commercial accounts in a GovCloud environment.
deletequerybooleanGenerate a delete script.
organization_idsquerystring or list of stringsAWS organization ID(s).
parametersquerydictionaryFull query string parameters payload in JSON format, not required when using other keywords.
single_accountquerybooleanGenerate a static script for a single account.

Code Examples

Section titled “Code Examples”
from falconpy import D4CRegistration


falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


response = falcon.get_aws_horizon_scripts(account_type="string",
                                          delete=boolean,
                                          organization_id="string",
                                          single_account=boolean)
print(response)

DeleteD4CGCPAccount

Section titled “DeleteD4CGCPAccount”

Deletes a GCP account from the system. This operation has been deprecated.

DELETE /cloud-connect-gcp/entities/account/v1
Scope D4C Registration: WRITE Consumes · Produces application/json
PEP 8 delete_gcp_account

Parameters

Section titled “Parameters”
NameTypeData typeDescription
idsquerystring or list of stringsHierarchical Resource IDs of accounts to delete.
parametersquerydictionaryFull query string parameters payload in JSON format.

Code Examples

Section titled “Code Examples”
from falconpy import D4CRegistration


falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']


response = falcon.delete_gcp_account(ids=id_list)
print(response)

ConnectD4CGCPAccount

Section titled “ConnectD4CGCPAccount”

Creates a new GCP account with newly-uploaded service account or connects with existing service account with only the following fields: parent_id, parent_type and service_account_id. This operation has been deprecated.

POST /cloud-connect-gcp/entities/account/v2
Scope D4C Registration: WRITE Consumes · Produces application/json
PEP 8 connect_gcp_account

Parameters

Section titled “Parameters”
NameTypeData typeDescription
bodybodydictionaryFull body payload in JSON format.
client_emailbodystringGCP client email.
client_idbodystringGCP client ID.
parent_idbodystringParent ID.
parent_typebodystringParent type.
private_keybodystringGCP private key.
private_key_idbodystringGCP private key ID.
project_idbodystringGCP project ID.
service_account_idbodyintegerGCP service account ID.

Code Examples

Section titled “Code Examples”
from falconpy import D4CRegistration


falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


response = falcon.connect_gcp_account(client_email="string",
                                      client_id="string",
                                      parent_id="string",
                                      parent_type="string",
                                      private_key="string",
                                      private_key_id="string",
                                      project_id="string",
                                      service_account_id=integer)
print(response)

GetD4CGCPServiceAccountsExt

Section titled “GetD4CGCPServiceAccountsExt”

Returns the service account id and client email for external clients. This operation has been deprecated.

GET /cloud-connect-gcp/entities/service-accounts/v1
Scope D4C Registration: READ Consumes · Produces application/json
PEP 8 get_gcp_service_account

Parameters

Section titled “Parameters”
NameTypeData typeDescription
idquerystringService account ID to retrieve.
parametersquerydictionaryFull query string parameters payload in JSON format.

Code Examples

Section titled “Code Examples”
from falconpy import D4CRegistration


falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


response = falcon.get_gcp_service_account(id="string")
print(response)

UpdateD4CGCPServiceAccountsExt

Section titled “UpdateD4CGCPServiceAccountsExt”

Updates an existing GCP service account.

PATCH /cloud-connect-gcp/entities/service-accounts/v1
Scope D4C Registration: WRITE Consumes · Produces application/json
PEP 8 update_gcp_service_account

Parameters

Section titled “Parameters”
NameTypeData typeDescription
bodybodydictionaryFull body payload in JSON format.
client_emailbodystringClient email associated with the account.
client_idbodystringGCP Client ID.
private_keybodystringGCP private key.
private_key_idbodystringGCP private key ID.
project_idbodystringGCP project ID.
service_account_conditionsbodylist of dictionariesGCP service account conditions.
service_account_idbodyintegerGCP service account ID.

Code Examples

Section titled “Code Examples”
from falconpy import D4CRegistration


falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


response = falcon.update_gcp_service_account(client_email="string",
                                             client_id="string",
                                             private_key="string",
                                             private_key_id="string",
                                             project_id="string",
                                             resources=[{"key": "value"}],
                                             service_account_conditions=[{"key": "value"}],
                                             service_account_id=integer)
print(response)

GetD4CGCPUserScriptsAttachment

Section titled “GetD4CGCPUserScriptsAttachment”

Return a script for customer to run in their cloud environment to grant us access to their GCP environment as a downloadable attachment. This operation has been deprecated.

GET /cloud-connect-gcp/entities/user-scripts-download/v1
Scope D4C Registration: READ Consumes · Produces application/json
PEP 8 get_gcp_user_scripts_attachment

Parameters

Section titled “Parameters”
NameTypeData typeDescription
idsquerystring or list of stringsHierarchical Resource IDs of accounts.
parametersquerydictionaryFull query string parameters payload in JSON format.
parent_typequerystringGCP Hierarchy Parent Type. Allowed values: organization, folder or project.
statusquerystringAccount status to filter results by.

Code Examples

Section titled “Code Examples”
from falconpy import D4CRegistration


falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']


with open("output_file", "wb") as save_file:
    response = falcon.get_gcp_user_scripts_attachment_v2(ids=id_list,
                                                         parent_type="string",
                                                         status="string",
                                                         stream=boolean)
    save_file.write(response)

CreateD4CGCPAccount

Section titled “CreateD4CGCPAccount”

Creates a new account in our system for a customer and generates a new service account for them to add access to in their GCP environment to grant us access.

POST /cloud-connect-gcp/entities/account/v1
Scope D4C Registration: WRITE Consumes · Produces application/json
PEP 8 create_gcp_account

Parameters

Section titled “Parameters”
NameTypeData typeDescription
bodybodydictionaryFull body payload as a JSON formatted dictionary.
parametersquerydictionaryFull query string parameters payload in JSON format.

Code Examples

Section titled “Code Examples”
from falconpy import D4CRegistration


falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


response = falcon.create_gcp_account(parent_id="string", parent_type="string")
print(response)

GetCSPMGCPUserScriptsAttachment

Section titled “GetCSPMGCPUserScriptsAttachment”

Return a script for customer to run in their cloud environment to grant us access to their GCP environment as a downloadable attachment.

GET /cloud-connect-gcp/entities/user-scripts-download/v1
Scope CSPM Registration: READ Consumes · Produces application/json
PEP 8 get_gcp_user_scripts_attachment

Parameters

Section titled “Parameters”
NameTypeData typeDescription
parametersquerydictionaryFull query string parameters payload in JSON format.

Code Examples

Section titled “Code Examples”
from falconpy import CSPMRegistration


falcon = CSPMRegistration(client_id=CLIENT_ID,
                          client_secret=CLIENT_SECRET
                          )


id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']


with open("output_file", "wb") as save_file:
    response = falcon.get_gcp_user_scripts_attachment(ids=id_list,
                                                      parent_type="string",
                                                      stream=boolean)
    save_file.write(response)

GetD4CCGPAccount

Section titled “GetD4CCGPAccount”

Returns information about the current status of an GCP account.

GET /cloud-connect-gcp/entities/account/v1
Scope D4C Registration: READ Consumes · Produces application/json
PEP 8 get_gcp_account

Parameters

Section titled “Parameters”
NameTypeData typeDescription
parent_typequerystringGCP Hierarchy Parent Type, organization/folder/project.
idsquerylistHierarchical Resource IDs of accounts.
scan_typequerystringType of scan, dry or full, to perform on selected accounts.
statusquerystringAccount status to filter results by.
limitqueryintegerThe maximum records to return. Defaults to 100.
offsetqueryintegerThe offset to start retrieving records from.
sortquerystringOrder fields in ascending or descending order. Ex: parent_type|asc.
parametersquerydictionaryFull query string parameters payload in JSON format.

Code Examples

Section titled “Code Examples”
from falconpy import D4CRegistration


falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']


response = falcon.get_gcp_account(ids=id_list,
                                  limit=integer,
                                  offset=integer,
                                  parent_type="string",
                                  scan_type="string",
                                  sort="string",
                                  status="string")
print(response)

GetD4CGCPUserScripts

Section titled “GetD4CGCPUserScripts”

Return a script for customer to run in their cloud environment to grant us access to their GCP environment.

GET /cloud-connect-gcp/entities/user-scripts/v1
Scope D4C Registration: READ Consumes · Produces application/json
PEP 8 get_gcp_user_scripts

Parameters

Section titled “Parameters”
NameTypeData typeDescription
parent_typequerystringGCP Hierarchy Parent Type, organization/folder/project.
parametersquerydictionaryFull query string parameters payload in JSON format.

Code Examples

Section titled “Code Examples”
from falconpy import D4CRegistration


falcon = D4CRegistration(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


response = falcon.get_gcp_user_scripts(parent_type="string")
print(response)
© 2026 CrowdStrike, Inc. All rights reserved. Privacy Notice Cookie Notice Terms of Use