Cloud AWS Registration

Using the Cloud AWS Registration service collection

Uber class support Service class support Documentation Version Page Updated

WARNING

client_id and client_secret are keyword arguments that contain your CrowdStrike API credentials. Please note that all examples below do not hard code these values. (These values are ingested as strings.)

CrowdStrike does not recommend hard coding API credentials or customer identifiers within source code.

cloud_registration_aws_get_accounts

Retrieve existing AWS accounts by account IDs.

PEP8 method name

get_accounts

Endpoint

Method	Route
	`/cloud-security-registration-aws/entities/account/v1`

Required Scope

cloud-aws-registration:read

Content-Type

Consumes: application/json
Produces: application/json

Keyword Arguments

Name	Type	Data type	Description
ids	query	string or list of strings	AWS account IDs to filter.
organization_ids	query	string or list of strings	AWS organization IDs to filter.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Usage

Service class example (PEP8 syntax)

from falconpy import CloudAWSRegistration

# Do not hardcode API credentials!
falcon = CloudAWSRegistration(client_id=CLIENT_ID,
                              client_secret=CLIENT_SECRET
                              )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

organization_id_list = 'ORG_ID1,ORG_ID2,ORG_ID3'  # Can also pass a list here: ['ORG_ID1', 'ORG_ID2', 'ORG_ID3']

response = falcon.get_accounts(ids=id_list, organization_ids=organization_id_list)

print(response)

Service class example (Operation ID syntax)

from falconpy import CloudAWSRegistration

# Do not hardcode API credentials!
falcon = CloudAWSRegistration(client_id=CLIENT_ID,
                              client_secret=CLIENT_SECRET
                              )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

organization_id_list = 'ORG_ID1,ORG_ID2,ORG_ID3'  # Can also pass a list here: ['ORG_ID1', 'ORG_ID2', 'ORG_ID3']

response = falcon.cloud_registration_aws_get_accounts(ids=id_list, organization_ids=organization_id_list)

print(response)

Uber class example

from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

organization_id_list = 'ORG_ID1,ORG_ID2,ORG_ID3'  # Can also pass a list here: ['ORG_ID1', 'ORG_ID2', 'ORG_ID3']

response = falcon.command("cloud_registration_aws_get_accounts", ids=id_list, organization_ids=organization_id_list)

print(response)

Back to Table of Contents

cloud_registration_aws_create_account

Creates a new account in our system for a customer.

PEP8 method name

create_account

Endpoint

Method	Route
	`/cloud-security-registration-aws/entities/account/v1`

Required Scope

cloud-aws-registration:write

Content-Type

Consumes: application/json
Produces: application/json

Keyword Arguments

Name	Type	Data type	Description
account_id	body	string	AWS account ID.
account_type	body	string	AWS account type.
body	body	dictionary	Full body payload in JSON format.
csp_events	body	boolean	Flag indicating if CSP events should be included.
is_master	body	boolean	Flag indicating if this is a master account.
organization_id	body	string	AWS organization ID.
products	body	list_of_dictionaries	List of included products and features.

Usage

Service class example (PEP8 syntax)

from falconpy import CloudAWSRegistration

# Do not hardcode API credentials!
falcon = CloudAWSRegistration(client_id=CLIENT_ID,
                              client_secret=CLIENT_SECRET
                              )

# Can also pass a list here: ['PRODUCT_ID1', 'PRODUCT_ID2', 'PRODUCT_ID3']
products = [
    {
        "features": [
            "string"
        ],
        "product": "string"
    }
]

response = falcon.create_account(account_id="string",
                                 account_type="string",
                                 csp_events=boolean,
                                 is_master=boolean,
                                 organization_id="string",
                                 products=products
                                 )
print(response)

Service class example (Operation ID syntax)

from falconpy import CloudAWSRegistration

# Do not hardcode API credentials!
falcon = CloudAWSRegistration(client_id=CLIENT_ID,
                              client_secret=CLIENT_SECRET
                              )

products = [
    {
        "features": [
            "string"
        ],
        "product": "string"
    }
]

response = falcon.cloud_registration_aws_create_account(account_id="string",
                                                        account_type="string",
                                                        csp_events=boolean,
                                                        is_master=boolean,
                                                        organization_id="string",
                                                        products=products
                                                        )
print(response)

Uber class example

from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

body_payload = {
  "resources": [
    {
      "account_id": "string",
      "account_type": "string",
      "csp_events": boolean,
      "is_master": boolean,
      "organization_id": "string",
      "products": [
        {
          "features": [
            "string"
          ],
          "product": "string"
        }
      ]
    }
  ]
}

response = falcon.command("cloud_registration_aws_create_account", body=body_payload)

print(response)

Back to Table of Contents

cloud_registration_aws_delete_account

Deletes an existing AWS account or organization in our system.

PEP8 method name

delete_account

Endpoint

Method	Route
	`/cloud-security-registration-aws/entities/account/v1`

Required Scope

cloud-aws-registration:write

Content-Type

Consumes: application/json
Produces: application/json

Keyword Arguments

Name	Type	Data type	Description
ids	query	string or list of strings	AWS account IDs to filter.
organization_ids	query	string or list of strings	AWS organization IDs to remove
parameters	query	dictionary	Full query string parameters payload in JSON format.

Usage

Service class example (PEP8 syntax)

from falconpy import CloudAWSRegistration

# Do not hardcode API credentials!
falcon = CloudAWSRegistration(client_id=CLIENT_ID,
                              client_secret=CLIENT_SECRET
                              )

organization_id_list = 'ORG_ID1,ORG_ID2,ORG_ID3'  # Can also pass a list here: ['ORG_ID1', 'ORG_ID2', 'ORG_ID3']

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.delete_account(organization_ids=organization_id_list, ids=id_list)

print(response)

Service class example (Operation ID syntax)

from falconpy import CloudAWSRegistration

# Do not hardcode API credentials!
falcon = CloudAWSRegistration(client_id=CLIENT_ID,
                              client_secret=CLIENT_SECRET
                              )

organization_id_list = 'ORG_ID1,ORG_ID2,ORG_ID3'  # Can also pass a list here: ['ORG_ID1', 'ORG_ID2', 'ORG_ID3']

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.cloud_registration_aws_delete_account(organization_ids=organization_id_list, ids=id_list)

print(response)

Uber class example

from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

organization_id_list = 'ORG_ID1,ORG_ID2,ORG_ID3'  # Can also pass a list here: ['ORG_ID1', 'ORG_ID2', 'ORG_ID3']

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.command("cloud_registration_aws_delete_account", organization_ids=organization_id_list, ids=id_list)

print(response)

Back to Table of Contents

cloud_registration_aws_trigger_health_check

Trigger health check scan for AWS accounts.

PEP8 method name

trigger_health_check

Endpoint

Method	Route
	`/cloud-security-registration-aws/entities/account-scans/v1`

Required Scope

cloud-aws-registration:write

Content-Type

Consumes: application/json
Produces: application/json

Keyword Arguments

Name	Type	Data type	Description
account_ids	query	string or list of strings	AWS Account IDs.
organization_ids	query	string or list of strings	Organization IDs.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Usage

Service class example (PEP8 syntax)

from falconpy import CloudAWSRegistration

# Do not hardcode API credentials!
falcon = CloudAWSRegistration(client_id=CLIENT_ID,
                              client_secret=CLIENT_SECRET
                              )

account_id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

organization_id_list = 'ORG_ID1,ORG_ID2,ORG_ID3'  # Can also pass a list here: ['ORG_ID1', 'ORG_ID2', 'ORG_ID3']

response = falcon.trigger_health_check(account_ids=account_id_list,
                                       organization_ids=organization_id_list
                                       )

print(response)

Service class example (Operation ID syntax)

from falconpy import CloudAWSRegistration

# Do not hardcode API credentials!
falcon = CloudAWSRegistration(client_id=CLIENT_ID,
                              client_secret=CLIENT_SECRET
                              )

account_id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

organization_id_list = 'ORG_ID1,ORG_ID2,ORG_ID3'  # Can also pass a list here: ['ORG_ID1', 'ORG_ID2', 'ORG_ID3']

response = falcon.cloud_registration_aws_trigger_health_check(account_ids=account_id_list,
                                                             organization_ids=organization_id_list
                                                             )

print(response)

Uber class example

from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

account_id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

organization_id_list = 'ORG_ID1,ORG_ID2,ORG_ID3'  # Can also pass a list here: ['ORG_ID1', 'ORG_ID2', 'ORG_ID3']

response = falcon.command("cloud_registration_aws_trigger_health_check",
                          account_ids=account_id_list,
                          organization_ids=organization_id_list
                          )

print(response)

Back to Table of Contents

cloud_registration_aws_update_account

Patches a existing account in our system for a customer.

PEP8 method name

update_account

Endpoint

Method	Route
	`/cloud-security-registration-aws/entities/account/v1`

Required Scope

cloud-security-aws-registration:write

Content-Type

Consumes: application/json
Produces: application/json

Keyword Arguments

Name	Type	Data type	Description
account_id	body	string	AWS account ID.
account_type	body	string	AWS account type.
body	body	dictionary	Full body payload in JSON format.
csp_events	body	boolean	Flag indicating if CSP events should be included.
is_master	body	boolean	Flag indicating if this is a master account.
organization_id	body	string	AWS organization ID.
products	body	list_of_dictionaries	List of included products and features.

Usage

Service class example (PEP8 syntax)

from falconpy import CloudAWSRegistration

# Do not hardcode API credentials!
falcon = CloudAWSRegistration(client_id=CLIENT_ID,
                              client_secret=CLIENT_SECRET
                              )
products = [
    {
        "features": [
            "string"
        ],
        "product": "string"
    }
]

response = falcon.update_account(account_id="string",
                                 account_type="string",
                                 csp_events=boolean,
                                 is_master=boolean,
                                 organization_id="string",
                                 products=products
                                 )
print(response)

Service class example (Operation ID syntax)

from falconpy import CloudAWSRegistration

# Do not hardcode API credentials!
falcon = CloudAWSRegistration(client_id=CLIENT_ID,
                              client_secret=CLIENT_SECRET
                              )

products = [
    {
        "features": [
            "string"
        ],
        "product": "string"
    }
]

response = falcon.cloud_registration_aws_update_account(account_id="string",
                                                        account_type="string",
                                                        csp_events=boolean,
                                                        is_master=boolean,
                                                        organization_id="string",
                                                        products=products
                                                        )
print(response)

Uber class example

from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

body_payload = {
    "resources": [
        {
        "account_id": "string",
        "account_type": "string",
        "csp_events": boolean,
        "is_master": boolean,
        "organization_id": "string",
        "products": [
            {
                "features": [
                    "string"
                ],
                "product": "string"
            }
        ]
        }
    ]
}

response = falcon.command("cloud_registration_aws_update_account", body=body_payload)

print(response)

Back to Table of Contents

cloud_registration_aws_validate_accounts

Validates the AWS account registration status, and discover organization child accounts if organization is specified.

PEP8 method name

validate_accounts

Endpoint

Method	Route
	`/cloud-security-registration-aws/entities/account/validate/v1`

Required Scope

cloud-aws-registration:write

Content-Type

Consumes: application/json
Produces: application/json

Keyword Arguments

Name	Type	Data type	Description
account_id	query	string	AWS Account ID. organization-id shouldn't be specified if this is specified.
iam_role_arn	query	string	IAM Role ARN.
organization_id	query	string	AWS organization ID to validate master account. account-id shouldn't be specified if this is specified.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Usage

Service class example (PEP8 syntax)

from falconpy import CloudAWSRegistration

# Do not hardcode API credentials!
falcon = CloudAWSRegistration(client_id=CLIENT_ID,
                              client_secret=CLIENT_SECRET
                              )

response = falcon.validate_accounts(account_id="string",
                                   iam_role_arn="string",
                                   organization_id="string"
                                   )
print(response)

Service class example (Operation ID syntax)

from falconpy import CloudAWSRegistration

# Do not hardcode API credentials!
falcon = CloudAWSRegistration(client_id=CLIENT_ID,
                              client_secret=CLIENT_SECRET
                              )

response = falcon.cloud_registration_aws_validate_accounts(account_id="string",
                                                          iam_role_arn="string",
                                                          organization_id="string"
                                                          )
print(response)

Uber class example

from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("cloud_registration_aws_validate_accounts",
                          account_id="string",
                          iam_role_arn="string",
                          organization_id="string"
                          )
print(response)

Back to Table of Contents

cloud_registration_aws_query_accounts

Retrieve existing AWS accounts by account IDs

PEP8 method name

query_accounts

Endpoint

Method	Route
	`/cloud-security-registration-aws/queries/account/v1`

Required Scope

cloud-aws-registration:read

Content-Type

Consumes: application/json
Produces: application/json

Keyword Arguments

Name	Type	Data type	Description
organization_ids	query	array (string)	Organization IDs used to filter accounts.
products	query	array (string)	Products registered for an account.
features	query	array (string)	Features registered for an account.
account_status	query	string	Account status to filter results by.
limit	query	integer	The maximum number of items to return. When not specified or 0, 100 is used. When larger than 500, 500 is used.
offset	query	integer	The offset to start retrieving records from.
group_by	query	string	Field to group by.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Usage

Service class example (PEP8 syntax)

from falconpy import CloudAWSRegistration

# Do not hardcode API credentials!
falcon = CloudAWSRegistration(client_id=CLIENT_ID,
                              client_secret=CLIENT_SECRET
                              )

response = falcon.query_accounts(organization_ids="string",  # or ["string", "string"]
                                 products="string",  # or ["string", "string"]
                                 features="string",  # or ["string", "string"]
                                 account_status="string",
                                 limit=integer,
                                 offset=integer,
                                 group_by="string"
                                 )
print(response)

Service class example (Operation ID syntax)

from falconpy import CloudAWSRegistration

# Do not hardcode API credentials!
falcon = CloudAWSRegistration(client_id=CLIENT_ID,
                              client_secret=CLIENT_SECRET
                              )

response = falcon.cloud_registration_aws_query_accounts(organization_ids="string",  # or ["string", "string"]
                                                        products="string",  # or ["string", "string"]
                                                        features="string",  # or ["string", "string"]
                                                        account_status="string",
                                                        limit=integer,
                                                        offset=integer,
                                                        group_by="string"
                                                        )
print(response)

Uber class example

from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("cloud_registration_aws_query_accounts",
                          organization_ids="string",  # or ["string", "string"]
                          products="string",  # or ["string", "string"]
                          features="string",  # or ["string", "string"]
                          account_status="string",
                          limit=integer,
                          offset=integer,
                          group_by="string"
                          )
print(response)

Back to Table of Contents

Home
Discussions Board
Glossary of Terms
Installation, Upgrades and Removal
Samples Collection
Using FalconPy
API Operations
Service Collections
Documentation Support
- Report broken link
- Report documentation error
CrowdStrike SDKs
- Crimson Falcon - Ruby
- FalconPy - Python 3
- FalconJS - Javascript
- goFalcon - Go
- PSFalcon - Powershell
- Rusty Falcon - Rust

CrowdStrike Falcon

Cloud AWS Registration

Using the Cloud AWS Registration service collection

Table of Contents

Passing credentials

cloud_registration_aws_get_accounts

PEP8 method name

Endpoint

Required Scope

Content-Type

Keyword Arguments

Usage

Service class example (PEP8 syntax)

Service class example (Operation ID syntax)

Uber class example

cloud_registration_aws_create_account

PEP8 method name

Endpoint

Required Scope

Content-Type

Keyword Arguments

Usage

Service class example (PEP8 syntax)

Service class example (Operation ID syntax)

Uber class example

cloud_registration_aws_delete_account

PEP8 method name

Endpoint

Required Scope

Content-Type

Keyword Arguments

Usage

Service class example (PEP8 syntax)

Service class example (Operation ID syntax)

Uber class example

cloud_registration_aws_trigger_health_check

PEP8 method name

Endpoint

Required Scope

Content-Type

Keyword Arguments

Usage

Service class example (PEP8 syntax)

Service class example (Operation ID syntax)

Uber class example

cloud_registration_aws_update_account

PEP8 method name

Endpoint

Required Scope

Content-Type

Keyword Arguments

Usage

Service class example (PEP8 syntax)

Service class example (Operation ID syntax)

Uber class example

cloud_registration_aws_validate_accounts

PEP8 method name

Endpoint

Required Scope

Content-Type

Keyword Arguments

Usage

Service class example (PEP8 syntax)

Service class example (Operation ID syntax)

Uber class example

cloud_registration_aws_query_accounts

PEP8 method name

Endpoint

Required Scope

Content-Type

Keyword Arguments

Usage

Service class example (PEP8 syntax)

Service class example (Operation ID syntax)

Uber class example

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!