All URIs are relative to https://api.crowdstrike.com
| Method | HTTP request | Description |
|---|---|---|
| azure_download_certificate | GET /cloud-connect-cspm-azure/entities/download-certificate/v1 | Returns JSON object(s) that contain the base64 encoded certificate for a service principal. |
| connect_cspmgcp_account | POST /cloud-connect-cspm-gcp/entities/account/v2 | Creates a new GCP account with newly-uploaded service account or connects with existing service account with only the following fields: parent_id, parent_type and service_account_id |
| create_cspm_aws_account | POST /cloud-connect-cspm-aws/entities/account/v1 | Creates a new account in our system for a customer and generates a script for them to run in their AWS cloud environment to grant us access. |
| create_cspm_azure_account | POST /cloud-connect-cspm-azure/entities/account/v1 | Creates a new account in our system for a customer and generates a script for them to run in their cloud environment to grant us access. |
| create_cspm_azure_management_group | POST /cloud-connect-cspm-azure/entities/management-group/v1 | Creates a new management group in our system for a customer. |
| create_cspmgcp_account | POST /cloud-connect-cspm-gcp/entities/account/v1 | Creates a new account in our system for a customer and generates a new service account for them to add access to in their GCP environment to grant us access. |
| delete_cspm_aws_account | DELETE /cloud-connect-cspm-aws/entities/account/v1 | Deletes an existing AWS account or organization in our system. |
| delete_cspm_azure_account | DELETE /cloud-connect-cspm-azure/entities/account/v1 | Deletes an Azure subscription from the system. |
| delete_cspmgcp_account | DELETE /cloud-connect-cspm-gcp/entities/account/v1 | Deletes a GCP account from the system. |
| get_behavior_detections | GET /detects/entities/ioa/v1 | Get list of detected behaviors |
| get_configuration_detection_entities | GET /detects/entities/iom/v2 | Get misconfigurations based on the ID - including custom policy detections in addition to default policy detections. |
| get_configuration_detection_ids_v2 | GET /detects/queries/iom/v2 | Get list of active misconfiguration ids - including custom policy detections in addition to default policy detections. |
| get_configuration_detections | GET /detects/entities/iom/v1 | Get list of active misconfigurations. This endpoint is deprecated, please use /queries/iom/v2 and /entities/iom/v2 instead |
| get_cspm_aws_account | GET /cloud-connect-cspm-aws/entities/account/v1 | Returns information about the current status of an AWS account. |
| get_cspm_aws_account_scripts_attachment | GET /cloud-connect-cspm-aws/entities/user-scripts-download/v1 | Return a script for customer to run in their cloud environment to grant us access to their AWS environment as a downloadable attachment. |
| get_cspm_aws_console_setup_urls | GET /cloud-connect-cspm-aws/entities/console-setup-urls/v1 | Return a URL for customer to visit in their cloud environment to grant us access to their AWS environment. |
| get_cspm_azure_account | GET /cloud-connect-cspm-azure/entities/account/v1 | Return information about Azure account registration |
| get_cspm_azure_management_group | GET /cloud-connect-cspm-azure/entities/management-group/v1 | Return information about Azure management group registration |
| get_cspm_azure_user_scripts_attachment | GET /cloud-connect-cspm-azure/entities/user-scripts-download/v1 | Return a script for customer to run in their cloud environment to grant us access to their Azure environment as a downloadable attachment |
| get_cspm_policies_details | GET /settings/entities/policy-details/v2 | Given an array of policy IDs, returns detailed policies information. |
| get_cspm_policy | GET /settings/entities/policy-details/v1 | Given a policy ID, returns detailed policy information. |
| get_cspm_policy_settings | GET /settings/entities/policy/v1 | Returns information about current policy settings. |
| get_cspm_scan_schedule | GET /settings/scan-schedule/v1 | Returns scan schedule configuration for one or more cloud platforms. |
| get_cspmcgp_account | GET /cloud-connect-cspm-gcp/entities/account/v1 | Returns information about the current status of an GCP account. |
| get_cspmgcp_service_accounts_ext | GET /cloud-connect-cspm-gcp/entities/service-accounts/v1 | Returns the service account id and client email for external clients. |
| get_cspmgcp_user_scripts_attachment | GET /cloud-connect-cspm-gcp/entities/user-scripts-download/v1 | Return a script for customer to run in their cloud environment to grant us access to their GCP environment as a downloadable attachment |
| patch_cspm_aws_account | PATCH /cloud-connect-cspm-aws/entities/account/v1 | Patches a existing account in our system for a customer. |
| update_cspm_azure_account | PATCH /cloud-connect-cspm-azure/entities/account/v1 | Patches a existing account in our system for a customer. |
| update_cspm_azure_account_client_id | PATCH /cloud-connect-cspm-azure/entities/client-id/v1 | Update an Azure service account in our system by with the user-created client_id created with the public key we've provided |
| update_cspm_azure_tenant_default_subscription_id | PATCH /cloud-connect-cspm-azure/entities/default-subscription-id/v1 | Update an Azure default subscription_id in our system for given tenant_id |
| update_cspm_policy_settings | PATCH /settings/entities/policy/v1 | Updates a policy setting - can be used to override policy severity or to disable a policy entirely. |
| update_cspm_scan_schedule | POST /settings/scan-schedule/v1 | Updates scan schedule configuration for one or more cloud platforms. |
| update_cspmgcp_account | PATCH /cloud-connect-cspm-gcp/entities/account/v1 | Patches a existing account in our system for a customer. |
azure_download_certificate(tenant_id, opts)
Returns JSON object(s) that contain the base64 encoded certificate for a service principal.
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::CspmRegistrationApi.new
tenant_id = ['inner_example'] # Array<String> | Azure Tenant ID
opts = {
refresh: true, # Boolean | Setting to true will invalidate the current certificate and generate a new certificate
years_valid: 'years_valid_example' # String | Years the certificate should be valid (only used when refresh=true)
}
begin
# Returns JSON object(s) that contain the base64 encoded certificate for a service principal.
result = api_instance.azure_download_certificate(tenant_id, opts)
p result
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->azure_download_certificate: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> azure_download_certificate_with_http_info(tenant_id, opts)
begin
# Returns JSON object(s) that contain the base64 encoded certificate for a service principal.
data, status_code, headers = api_instance.azure_download_certificate_with_http_info(tenant_id, opts)
p status_code # => 2xx
p headers # => { ... }
p data # => <RegistrationAzureDownloadCertificateResponseV1>
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->azure_download_certificate_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| tenant_id | Array<String> | Azure Tenant ID | |
| refresh | Boolean | Setting to true will invalidate the current certificate and generate a new certificate | [optional][default to false] |
| years_valid | String | Years the certificate should be valid (only used when refresh=true) | [optional] |
RegistrationAzureDownloadCertificateResponseV1
oauth2
- Content-Type: Not defined
- Accept: application/json, application/octet-stream
connect_cspmgcp_account(body)
Creates a new GCP account with newly-uploaded service account or connects with existing service account with only the following fields: parent_id, parent_type and service_account_id
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::CspmRegistrationApi.new
body = Falcon::RegistrationGCPAccountExtRequestV2.new({resources: [Falcon::RegistrationGCPAccountReqObjV2.new({parent_id: 'parent_id_example'})]}) # RegistrationGCPAccountExtRequestV2 |
begin
# Creates a new GCP account with newly-uploaded service account or connects with existing service account with only the following fields: parent_id, parent_type and service_account_id
result = api_instance.connect_cspmgcp_account(body)
p result
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->connect_cspmgcp_account: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> connect_cspmgcp_account_with_http_info(body)
begin
# Creates a new GCP account with newly-uploaded service account or connects with existing service account with only the following fields: parent_id, parent_type and service_account_id
data, status_code, headers = api_instance.connect_cspmgcp_account_with_http_info(body)
p status_code # => 2xx
p headers # => { ... }
p data # => <RegistrationGCPAccountResponseExtV2>
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->connect_cspmgcp_account_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| body | RegistrationGCPAccountExtRequestV2 |
RegistrationGCPAccountResponseExtV2
oauth2
- Content-Type: application/json
- Accept: application/json
create_cspm_aws_account(body)
Creates a new account in our system for a customer and generates a script for them to run in their AWS cloud environment to grant us access.
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::CspmRegistrationApi.new
body = Falcon::RegistrationAWSAccountCreateRequestExtV2.new({resources: [Falcon::RegistrationAWSAccountExtV2.new({account_id: 'account_id_example', cloudtrail_region: 'cloudtrail_region_example', iam_role_arn: 'iam_role_arn_example', organization_id: 'organization_id_example'})]}) # RegistrationAWSAccountCreateRequestExtV2 |
begin
# Creates a new account in our system for a customer and generates a script for them to run in their AWS cloud environment to grant us access.
result = api_instance.create_cspm_aws_account(body)
p result
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->create_cspm_aws_account: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> create_cspm_aws_account_with_http_info(body)
begin
# Creates a new account in our system for a customer and generates a script for them to run in their AWS cloud environment to grant us access.
data, status_code, headers = api_instance.create_cspm_aws_account_with_http_info(body)
p status_code # => 2xx
p headers # => { ... }
p data # => <RegistrationAWSAccountResponseV2>
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->create_cspm_aws_account_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| body | RegistrationAWSAccountCreateRequestExtV2 |
RegistrationAWSAccountResponseV2
oauth2
- Content-Type: application/json
- Accept: application/json
create_cspm_azure_account(body)
Creates a new account in our system for a customer and generates a script for them to run in their cloud environment to grant us access.
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::CspmRegistrationApi.new
body = Falcon::RegistrationAzureAccountCreateRequestExternalV1.new({resources: [Falcon::RegistrationAzureAccountExternalV1.new]}) # RegistrationAzureAccountCreateRequestExternalV1 |
begin
# Creates a new account in our system for a customer and generates a script for them to run in their cloud environment to grant us access.
result = api_instance.create_cspm_azure_account(body)
p result
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->create_cspm_azure_account: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> create_cspm_azure_account_with_http_info(body)
begin
# Creates a new account in our system for a customer and generates a script for them to run in their cloud environment to grant us access.
data, status_code, headers = api_instance.create_cspm_azure_account_with_http_info(body)
p status_code # => 2xx
p headers # => { ... }
p data # => <RegistrationAzureAccountResponseV1>
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->create_cspm_azure_account_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| body | RegistrationAzureAccountCreateRequestExternalV1 |
RegistrationAzureAccountResponseV1
oauth2
- Content-Type: application/json
- Accept: application/json
create_cspm_azure_management_group(body)
Creates a new management group in our system for a customer.
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::CspmRegistrationApi.new
body = Falcon::RegistrationAzureManagementGroupCreateRequestExternalV1.new({resources: [Falcon::RegistrationAzureManagementGroupExternalV1.new({tenant_id: 'tenant_id_example'})]}) # RegistrationAzureManagementGroupCreateRequestExternalV1 |
begin
# Creates a new management group in our system for a customer.
result = api_instance.create_cspm_azure_management_group(body)
p result
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->create_cspm_azure_management_group: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> create_cspm_azure_management_group_with_http_info(body)
begin
# Creates a new management group in our system for a customer.
data, status_code, headers = api_instance.create_cspm_azure_management_group_with_http_info(body)
p status_code # => 2xx
p headers # => { ... }
p data # => <RegistrationAzureAccountResponseV1>
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->create_cspm_azure_management_group_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| body | RegistrationAzureManagementGroupCreateRequestExternalV1 |
RegistrationAzureAccountResponseV1
oauth2
- Content-Type: application/json
- Accept: application/json
create_cspmgcp_account(body)
Creates a new account in our system for a customer and generates a new service account for them to add access to in their GCP environment to grant us access.
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::CspmRegistrationApi.new
body = Falcon::RegistrationGCPAccountCreateRequestExtV1.new({resources: [Falcon::RegistrationGCPAccountExtV1.new({parent_id: 'parent_id_example'})]}) # RegistrationGCPAccountCreateRequestExtV1 |
begin
# Creates a new account in our system for a customer and generates a new service account for them to add access to in their GCP environment to grant us access.
result = api_instance.create_cspmgcp_account(body)
p result
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->create_cspmgcp_account: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> create_cspmgcp_account_with_http_info(body)
begin
# Creates a new account in our system for a customer and generates a new service account for them to add access to in their GCP environment to grant us access.
data, status_code, headers = api_instance.create_cspmgcp_account_with_http_info(body)
p status_code # => 2xx
p headers # => { ... }
p data # => <RegistrationGCPAccountResponseV1>
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->create_cspmgcp_account_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| body | RegistrationGCPAccountCreateRequestExtV1 |
RegistrationGCPAccountResponseV1
oauth2
- Content-Type: application/json
- Accept: application/json
delete_cspm_aws_account(opts)
Deletes an existing AWS account or organization in our system.
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::CspmRegistrationApi.new
opts = {
ids: ['inner_example'], # Array<String> | AWS account IDs to remove
organization_ids: ['inner_example'] # Array<String> | AWS organization IDs to remove
}
begin
# Deletes an existing AWS account or organization in our system.
result = api_instance.delete_cspm_aws_account(opts)
p result
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->delete_cspm_aws_account: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> delete_cspm_aws_account_with_http_info(opts)
begin
# Deletes an existing AWS account or organization in our system.
data, status_code, headers = api_instance.delete_cspm_aws_account_with_http_info(opts)
p status_code # => 2xx
p headers # => { ... }
p data # => <MsaBaseEntitiesResponse>
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->delete_cspm_aws_account_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| ids | Array<String> | AWS account IDs to remove | [optional] |
| organization_ids | Array<String> | AWS organization IDs to remove | [optional] |
oauth2
- Content-Type: Not defined
- Accept: application/json
delete_cspm_azure_account(opts)
Deletes an Azure subscription from the system.
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::CspmRegistrationApi.new
opts = {
ids: ['inner_example'], # Array<String> | Azure subscription IDs to remove
tenant_ids: ['inner_example'], # Array<String> | Tenant ids to remove
retain_tenant: 'retain_tenant_example' # String |
}
begin
# Deletes an Azure subscription from the system.
result = api_instance.delete_cspm_azure_account(opts)
p result
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->delete_cspm_azure_account: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> delete_cspm_azure_account_with_http_info(opts)
begin
# Deletes an Azure subscription from the system.
data, status_code, headers = api_instance.delete_cspm_azure_account_with_http_info(opts)
p status_code # => 2xx
p headers # => { ... }
p data # => <MsaBaseEntitiesResponse>
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->delete_cspm_azure_account_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| ids | Array<String> | Azure subscription IDs to remove | [optional] |
| tenant_ids | Array<String> | Tenant ids to remove | [optional] |
| retain_tenant | String | [optional] |
oauth2
- Content-Type: Not defined
- Accept: application/json
delete_cspmgcp_account(opts)
Deletes a GCP account from the system.
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::CspmRegistrationApi.new
opts = {
ids: ['inner_example'] # Array<String> | Hierarchical Resource IDs of accounts
}
begin
# Deletes a GCP account from the system.
result = api_instance.delete_cspmgcp_account(opts)
p result
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->delete_cspmgcp_account: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> delete_cspmgcp_account_with_http_info(opts)
begin
# Deletes a GCP account from the system.
data, status_code, headers = api_instance.delete_cspmgcp_account_with_http_info(opts)
p status_code # => 2xx
p headers # => { ... }
p data # => <MsaBaseEntitiesResponse>
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->delete_cspmgcp_account_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| ids | Array<String> | Hierarchical Resource IDs of accounts | [optional] |
oauth2
- Content-Type: Not defined
- Accept: application/json
get_behavior_detections(opts)
Get list of detected behaviors
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::CspmRegistrationApi.new
opts = {
cloud_provider: 'aws', # String | Cloud Provider (e.g.: aws|azure)
service: 'ACM', # String | Cloud Service (e.g. EC2 | EBS | S3)
account_id: 'account_id_example', # String | Cloud Account ID (e.g.: AWS accountID, Azure subscriptionID)
aws_account_id: 'aws_account_id_example', # String | AWS Account ID
azure_subscription_id: 'azure_subscription_id_example', # String | Azure Subscription ID
azure_tenant_id: 'azure_tenant_id_example', # String | Azure Tenant ID
state: 'closed', # String | State (e.g.: open | closed)
date_time_since: 'date_time_since_example', # String | Filter to get all events after this date, in format RFC3339 : e.g. 2006-01-02T15:04:05Z07:00
since: 'since_example', # String | Filter events using a duration string (e.g. 24h)
severity: 'Critical', # String | Policy Severity
next_token: 'next_token_example', # String | String to get next page of results, is associated with a previous execution of GetBehaviorDetections. Must include all filters from previous execution.
limit: 56, # Integer | The maximum records to return. [1-500]
resource_id: ['inner_example'], # Array<String> | Resource ID
resource_uuid: ['inner_example'] # Array<String> | Resource UUID
}
begin
# Get list of detected behaviors
result = api_instance.get_behavior_detections(opts)
p result
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->get_behavior_detections: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> get_behavior_detections_with_http_info(opts)
begin
# Get list of detected behaviors
data, status_code, headers = api_instance.get_behavior_detections_with_http_info(opts)
p status_code # => 2xx
p headers # => { ... }
p data # => <RegistrationExternalIOAEventResponse>
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->get_behavior_detections_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| cloud_provider | String | Cloud Provider (e.g.: aws | azure) |
| service | String | Cloud Service (e.g. EC2 | EBS |
| account_id | String | Cloud Account ID (e.g.: AWS accountID, Azure subscriptionID) | [optional] |
| aws_account_id | String | AWS Account ID | [optional] |
| azure_subscription_id | String | Azure Subscription ID | [optional] |
| azure_tenant_id | String | Azure Tenant ID | [optional] |
| state | String | State (e.g.: open | closed) |
| date_time_since | String | Filter to get all events after this date, in format RFC3339 : e.g. 2006-01-02T15:04:05Z07:00 | [optional] |
| since | String | Filter events using a duration string (e.g. 24h) | [optional][default to '24h'] |
| severity | String | Policy Severity | [optional] |
| next_token | String | String to get next page of results, is associated with a previous execution of GetBehaviorDetections. Must include all filters from previous execution. | [optional] |
| limit | Integer | The maximum records to return. [1-500] | [optional] |
| resource_id | Array<String> | Resource ID | [optional] |
| resource_uuid | Array<String> | Resource UUID | [optional] |
RegistrationExternalIOAEventResponse
oauth2
- Content-Type: Not defined
- Accept: application/json
get_configuration_detection_entities(ids)
Get misconfigurations based on the ID - including custom policy detections in addition to default policy detections.
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::CspmRegistrationApi.new
ids = ['inner_example'] # Array<String> | detection ids
begin
# Get misconfigurations based on the ID - including custom policy detections in addition to default policy detections.
result = api_instance.get_configuration_detection_entities(ids)
p result
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->get_configuration_detection_entities: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> get_configuration_detection_entities_with_http_info(ids)
begin
# Get misconfigurations based on the ID - including custom policy detections in addition to default policy detections.
data, status_code, headers = api_instance.get_configuration_detection_entities_with_http_info(ids)
p status_code # => 2xx
p headers # => { ... }
p data # => <RegistrationExternalIOMEventResponseV2>
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->get_configuration_detection_entities_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| ids | Array<String> | detection ids |
RegistrationExternalIOMEventResponseV2
oauth2
- Content-Type: Not defined
- Accept: application/json
get_configuration_detection_ids_v2(opts)
Get list of active misconfiguration ids - including custom policy detections in addition to default policy detections.
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::CspmRegistrationApi.new
opts = {
filter: 'filter_example', # String | use_current_scan_ids - *use this to get records for latest scans* account_name account_id agent_id attack_types azure_subscription_id cloud_provider cloud_service_keyword custom_policy_id is_managed policy_id policy_type resource_id region status scan_time severity severity_string
sort: 'sort_example', # String | account_name account_id attack_types azure_subscription_id cloud_provider cloud_service_keyword status is_managed policy_id policy_type resource_id region scan_time severity severity_string timestamp
limit: 56, # Integer | The max number of detections to return
offset: 56, # Integer | Offset returned detections. Cannot be combined with next_token filter
next_token: 'next_token_example' # String | String to get next page of results. Cannot be combined with any filter except limit.
}
begin
# Get list of active misconfiguration ids - including custom policy detections in addition to default policy detections.
result = api_instance.get_configuration_detection_ids_v2(opts)
p result
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->get_configuration_detection_ids_v2: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> get_configuration_detection_ids_v2_with_http_info(opts)
begin
# Get list of active misconfiguration ids - including custom policy detections in addition to default policy detections.
data, status_code, headers = api_instance.get_configuration_detection_ids_v2_with_http_info(opts)
p status_code # => 2xx
p headers # => { ... }
p data # => <RegistrationIOMEventIDsResponseV2>
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->get_configuration_detection_ids_v2_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| filter | String | use_current_scan_ids - use this to get records for latest scans account_name account_id agent_id attack_types azure_subscription_id cloud_provider cloud_service_keyword custom_policy_id is_managed policy_id policy_type resource_id region status scan_time severity severity_string | [optional] |
| sort | String | account_name account_id attack_types azure_subscription_id cloud_provider cloud_service_keyword status is_managed policy_id policy_type resource_id region scan_time severity severity_string timestamp | [optional][default to 'timestamp |
| limit | Integer | The max number of detections to return | [optional][default to 500] |
| offset | Integer | Offset returned detections. Cannot be combined with next_token filter | [optional] |
| next_token | String | String to get next page of results. Cannot be combined with any filter except limit. | [optional] |
RegistrationIOMEventIDsResponseV2
oauth2
- Content-Type: Not defined
- Accept: application/json
get_configuration_detections(opts)
Get list of active misconfigurations. This endpoint is deprecated, please use /queries/iom/v2 and /entities/iom/v2 instead
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::CspmRegistrationApi.new
opts = {
cloud_provider: 'aws', # String | Cloud Provider (e.g.: aws|azure|gcp)
account_id: 'account_id_example', # String | AWS account ID or GCP Project Number or Azure subscription ID
azure_subscription_id: 'azure_subscription_id_example', # String | Azure Subscription ID
azure_tenant_id: 'azure_tenant_id_example', # String | Azure Tenant ID
status: 'all', # String | Status (e.g.: new|reoccurring|all)
region: 'region_example', # String | Cloud Provider Region
severity: 'Critical', # String | Policy Severity
service: 'ACM', # String | Cloud Service (e.g.: EBS|EC2|S3 etc.)
next_token: 'next_token_example', # String | String to get next page of results, is associated with a previous execution of GetConfigurationDetections. Cannot be combined with any filter except limit.
limit: 56 # Integer | The maximum records to return. [1-500]
}
begin
# Get list of active misconfigurations. This endpoint is deprecated, please use /queries/iom/v2 and /entities/iom/v2 instead
result = api_instance.get_configuration_detections(opts)
p result
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->get_configuration_detections: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> get_configuration_detections_with_http_info(opts)
begin
# Get list of active misconfigurations. This endpoint is deprecated, please use /queries/iom/v2 and /entities/iom/v2 instead
data, status_code, headers = api_instance.get_configuration_detections_with_http_info(opts)
p status_code # => 2xx
p headers # => { ... }
p data # => <RegistrationExternalIOMEventResponse>
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->get_configuration_detections_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| cloud_provider | String | Cloud Provider (e.g.: aws | azure |
| account_id | String | AWS account ID or GCP Project Number or Azure subscription ID | [optional] |
| azure_subscription_id | String | Azure Subscription ID | [optional] |
| azure_tenant_id | String | Azure Tenant ID | [optional] |
| status | String | Status (e.g.: new | reoccurring |
| region | String | Cloud Provider Region | [optional] |
| severity | String | Policy Severity | [optional] |
| service | String | Cloud Service (e.g.: EBS | EC2 |
| next_token | String | String to get next page of results, is associated with a previous execution of GetConfigurationDetections. Cannot be combined with any filter except limit. | [optional] |
| limit | Integer | The maximum records to return. [1-500] | [optional] |
RegistrationExternalIOMEventResponse
oauth2
- Content-Type: Not defined
- Accept: application/json
get_cspm_aws_account(opts)
Returns information about the current status of an AWS account.
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::CspmRegistrationApi.new
opts = {
scan_type: 'dry', # String | Type of scan, dry or full, to perform on selected accounts
ids: ['inner_example'], # Array<String> | AWS account IDs
iam_role_arns: ['inner_example'], # Array<String> | AWS IAM role ARNs
organization_ids: ['inner_example'], # Array<String> | AWS organization IDs
status: 'provisioned', # String | Account status to filter results by.
limit: 56, # Integer | The maximum records to return. Defaults to 100.
cspm_lite: 'true', # String | Only return CSPM Lite accounts
migrated: 'true', # String | Only return migrated d4c accounts
offset: 56, # Integer | The offset to start retrieving records from
group_by: 'organization' # String | Field to group by.
}
begin
# Returns information about the current status of an AWS account.
result = api_instance.get_cspm_aws_account(opts)
p result
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->get_cspm_aws_account: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> get_cspm_aws_account_with_http_info(opts)
begin
# Returns information about the current status of an AWS account.
data, status_code, headers = api_instance.get_cspm_aws_account_with_http_info(opts)
p status_code # => 2xx
p headers # => { ... }
p data # => <RegistrationAWSAccountResponseV2>
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->get_cspm_aws_account_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| scan_type | String | Type of scan, dry or full, to perform on selected accounts | [optional] |
| ids | Array<String> | AWS account IDs | [optional] |
| iam_role_arns | Array<String> | AWS IAM role ARNs | [optional] |
| organization_ids | Array<String> | AWS organization IDs | [optional] |
| status | String | Account status to filter results by. | [optional] |
| limit | Integer | The maximum records to return. Defaults to 100. | [optional][default to 100] |
| cspm_lite | String | Only return CSPM Lite accounts | [optional] |
| migrated | String | Only return migrated d4c accounts | [optional] |
| offset | Integer | The offset to start retrieving records from | [optional] |
| group_by | String | Field to group by. | [optional] |
RegistrationAWSAccountResponseV2
oauth2
- Content-Type: Not defined
- Accept: application/json
get_cspm_aws_account_scripts_attachment(opts)
Return a script for customer to run in their cloud environment to grant us access to their AWS environment as a downloadable attachment.
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::CspmRegistrationApi.new
opts = {
ids: ['inner_example'] # Array<String> | AWS account IDs
}
begin
# Return a script for customer to run in their cloud environment to grant us access to their AWS environment as a downloadable attachment.
result = api_instance.get_cspm_aws_account_scripts_attachment(opts)
p result
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->get_cspm_aws_account_scripts_attachment: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> get_cspm_aws_account_scripts_attachment_with_http_info(opts)
begin
# Return a script for customer to run in their cloud environment to grant us access to their AWS environment as a downloadable attachment.
data, status_code, headers = api_instance.get_cspm_aws_account_scripts_attachment_with_http_info(opts)
p status_code # => 2xx
p headers # => { ... }
p data # => <RegistrationAWSProvisionGetAccountScriptResponseV2>
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->get_cspm_aws_account_scripts_attachment_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| ids | Array<String> | AWS account IDs | [optional] |
RegistrationAWSProvisionGetAccountScriptResponseV2
oauth2
- Content-Type: Not defined
- Accept: application/json, application/octet-stream
get_cspm_aws_console_setup_urls(opts)
Return a URL for customer to visit in their cloud environment to grant us access to their AWS environment.
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::CspmRegistrationApi.new
opts = {
ids: ['inner_example'], # Array<String> | AWS account IDs
use_existing_cloudtrail: 'true', # String |
region: 'region_example' # String | Region
}
begin
# Return a URL for customer to visit in their cloud environment to grant us access to their AWS environment.
result = api_instance.get_cspm_aws_console_setup_urls(opts)
p result
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->get_cspm_aws_console_setup_urls: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> get_cspm_aws_console_setup_urls_with_http_info(opts)
begin
# Return a URL for customer to visit in their cloud environment to grant us access to their AWS environment.
data, status_code, headers = api_instance.get_cspm_aws_console_setup_urls_with_http_info(opts)
p status_code # => 2xx
p headers # => { ... }
p data # => <RegistrationAWSAccountConsoleURL>
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->get_cspm_aws_console_setup_urls_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| ids | Array<String> | AWS account IDs | [optional] |
| use_existing_cloudtrail | String | [optional] | |
| region | String | Region | [optional] |
RegistrationAWSAccountConsoleURL
oauth2
- Content-Type: Not defined
- Accept: application/json
get_cspm_azure_account(opts)
Return information about Azure account registration
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::CspmRegistrationApi.new
opts = {
ids: ['inner_example'], # Array<String> | SubscriptionIDs of accounts to select for this status operation. If this is empty then all accounts are returned.
tenant_ids: ['inner_example'], # Array<String> | Tenant ids to filter azure accounts
scan_type: 'scan_type_example', # String | Type of scan, dry or full, to perform on selected accounts
status: 'status_example', # String | Account status to filter results by.
cspm_lite: 'false', # String | Only return CSPM Lite accounts
limit: 56, # Integer | The maximum records to return. Defaults to 100.
offset: 56 # Integer | The offset to start retrieving records from
}
begin
# Return information about Azure account registration
result = api_instance.get_cspm_azure_account(opts)
p result
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->get_cspm_azure_account: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> get_cspm_azure_account_with_http_info(opts)
begin
# Return information about Azure account registration
data, status_code, headers = api_instance.get_cspm_azure_account_with_http_info(opts)
p status_code # => 2xx
p headers # => { ... }
p data # => <RegistrationAzureAccountResponseV1>
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->get_cspm_azure_account_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| ids | Array<String> | SubscriptionIDs of accounts to select for this status operation. If this is empty then all accounts are returned. | [optional] |
| tenant_ids | Array<String> | Tenant ids to filter azure accounts | [optional] |
| scan_type | String | Type of scan, dry or full, to perform on selected accounts | [optional] |
| status | String | Account status to filter results by. | [optional] |
| cspm_lite | String | Only return CSPM Lite accounts | [optional] |
| limit | Integer | The maximum records to return. Defaults to 100. | [optional][default to 100] |
| offset | Integer | The offset to start retrieving records from | [optional] |
RegistrationAzureAccountResponseV1
oauth2
- Content-Type: Not defined
- Accept: application/json
get_cspm_azure_management_group(opts)
Return information about Azure management group registration
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::CspmRegistrationApi.new
opts = {
tenant_ids: ['inner_example'], # Array<String> | Tenant ids to filter azure accounts
limit: 56, # Integer | The maximum records to return. Defaults to 100.
offset: 56 # Integer | The offset to start retrieving records from
}
begin
# Return information about Azure management group registration
result = api_instance.get_cspm_azure_management_group(opts)
p result
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->get_cspm_azure_management_group: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> get_cspm_azure_management_group_with_http_info(opts)
begin
# Return information about Azure management group registration
data, status_code, headers = api_instance.get_cspm_azure_management_group_with_http_info(opts)
p status_code # => 2xx
p headers # => { ... }
p data # => <RegistrationAzureManagementGroupResponseV1>
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->get_cspm_azure_management_group_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| tenant_ids | Array<String> | Tenant ids to filter azure accounts | [optional] |
| limit | Integer | The maximum records to return. Defaults to 100. | [optional][default to 100] |
| offset | Integer | The offset to start retrieving records from | [optional] |
RegistrationAzureManagementGroupResponseV1
oauth2
- Content-Type: Not defined
- Accept: application/json
get_cspm_azure_user_scripts_attachment(opts)
Return a script for customer to run in their cloud environment to grant us access to their Azure environment as a downloadable attachment
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::CspmRegistrationApi.new
opts = {
tenant_id: 'tenant_id_example', # String | Tenant ID to generate script for. Defaults to most recently registered tenant.
subscription_ids: ['inner_example'], # Array<String> | Subscription IDs to generate script for. Defaults to all.
account_type: 'commercial', # String |
template: 'template_example', # String | Template to be rendered
azure_management_group: true # Boolean | Use Azure Management Group
}
begin
# Return a script for customer to run in their cloud environment to grant us access to their Azure environment as a downloadable attachment
result = api_instance.get_cspm_azure_user_scripts_attachment(opts)
p result
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->get_cspm_azure_user_scripts_attachment: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> get_cspm_azure_user_scripts_attachment_with_http_info(opts)
begin
# Return a script for customer to run in their cloud environment to grant us access to their Azure environment as a downloadable attachment
data, status_code, headers = api_instance.get_cspm_azure_user_scripts_attachment_with_http_info(opts)
p status_code # => 2xx
p headers # => { ... }
p data # => <RegistrationAzureProvisionGetUserScriptResponseV1>
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->get_cspm_azure_user_scripts_attachment_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| tenant_id | String | Tenant ID to generate script for. Defaults to most recently registered tenant. | [optional] |
| subscription_ids | Array<String> | Subscription IDs to generate script for. Defaults to all. | [optional] |
| account_type | String | [optional] | |
| template | String | Template to be rendered | [optional] |
| azure_management_group | Boolean | Use Azure Management Group | [optional] |
RegistrationAzureProvisionGetUserScriptResponseV1
oauth2
- Content-Type: Not defined
- Accept: application/json, application/octet-stream
get_cspm_policies_details(ids)
Given an array of policy IDs, returns detailed policies information.
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::CspmRegistrationApi.new
ids = [37] # Array<Integer> | Policy IDs
begin
# Given an array of policy IDs, returns detailed policies information.
result = api_instance.get_cspm_policies_details(ids)
p result
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->get_cspm_policies_details: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> get_cspm_policies_details_with_http_info(ids)
begin
# Given an array of policy IDs, returns detailed policies information.
data, status_code, headers = api_instance.get_cspm_policies_details_with_http_info(ids)
p status_code # => 2xx
p headers # => { ... }
p data # => <RegistrationPolicyResponseV1>
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->get_cspm_policies_details_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| ids | Array<Integer> | Policy IDs |
oauth2
- Content-Type: Not defined
- Accept: application/json
get_cspm_policy(ids)
Given a policy ID, returns detailed policy information.
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::CspmRegistrationApi.new
ids = 56 # Integer | Policy ID
begin
# Given a policy ID, returns detailed policy information.
result = api_instance.get_cspm_policy(ids)
p result
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->get_cspm_policy: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> get_cspm_policy_with_http_info(ids)
begin
# Given a policy ID, returns detailed policy information.
data, status_code, headers = api_instance.get_cspm_policy_with_http_info(ids)
p status_code # => 2xx
p headers # => { ... }
p data # => <RegistrationPolicyResponseV1>
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->get_cspm_policy_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| ids | Integer | Policy ID |
oauth2
- Content-Type: Not defined
- Accept: application/json
get_cspm_policy_settings(opts)
Returns information about current policy settings.
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::CspmRegistrationApi.new
opts = {
service: 'ACM', # String | Service type to filter policy settings by.
policy_id: 'policy_id_example', # String | Policy ID
cloud_platform: 'aws' # String | Cloud Platform (e.g.: aws|azure|gcp)
}
begin
# Returns information about current policy settings.
result = api_instance.get_cspm_policy_settings(opts)
p result
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->get_cspm_policy_settings: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> get_cspm_policy_settings_with_http_info(opts)
begin
# Returns information about current policy settings.
data, status_code, headers = api_instance.get_cspm_policy_settings_with_http_info(opts)
p status_code # => 2xx
p headers # => { ... }
p data # => <RegistrationPolicySettingsResponseV1>
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->get_cspm_policy_settings_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| service | String | Service type to filter policy settings by. | [optional] |
| policy_id | String | Policy ID | [optional] |
| cloud_platform | String | Cloud Platform (e.g.: aws | azure |
RegistrationPolicySettingsResponseV1
oauth2
- Content-Type: Not defined
- Accept: application/json
get_cspm_scan_schedule(opts)
Returns scan schedule configuration for one or more cloud platforms.
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::CspmRegistrationApi.new
opts = {
cloud_platform: ['inner_example'] # Array<String> | Cloud Platform
}
begin
# Returns scan schedule configuration for one or more cloud platforms.
result = api_instance.get_cspm_scan_schedule(opts)
p result
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->get_cspm_scan_schedule: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> get_cspm_scan_schedule_with_http_info(opts)
begin
# Returns scan schedule configuration for one or more cloud platforms.
data, status_code, headers = api_instance.get_cspm_scan_schedule_with_http_info(opts)
p status_code # => 2xx
p headers # => { ... }
p data # => <RegistrationScanScheduleResponseV1>
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->get_cspm_scan_schedule_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| cloud_platform | Array<String> | Cloud Platform | [optional] |
RegistrationScanScheduleResponseV1
oauth2
- Content-Type: Not defined
- Accept: application/json
get_cspmcgp_account(opts)
Returns information about the current status of an GCP account.
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::CspmRegistrationApi.new
opts = {
parent_type: 'Folder', # String | GCP Hierarchy Parent Type, organization/folder/project
ids: ['inner_example'], # Array<String> | Hierarchical Resource IDs of accounts
scan_type: 'dry', # String | Type of scan, dry or full, to perform on selected accounts
status: 'operational', # String | Account status to filter results by.
limit: 56, # Integer | The maximum records to return. Defaults to 100.
offset: 56, # Integer | The offset to start retrieving records from
sort: 'sort_example' # String | Order fields in ascending or descending order. Ex: parent_type|asc.
}
begin
# Returns information about the current status of an GCP account.
result = api_instance.get_cspmcgp_account(opts)
p result
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->get_cspmcgp_account: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> get_cspmcgp_account_with_http_info(opts)
begin
# Returns information about the current status of an GCP account.
data, status_code, headers = api_instance.get_cspmcgp_account_with_http_info(opts)
p status_code # => 2xx
p headers # => { ... }
p data # => <RegistrationGCPAccountResponseV1>
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->get_cspmcgp_account_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| parent_type | String | GCP Hierarchy Parent Type, organization/folder/project | [optional] |
| ids | Array<String> | Hierarchical Resource IDs of accounts | [optional] |
| scan_type | String | Type of scan, dry or full, to perform on selected accounts | [optional] |
| status | String | Account status to filter results by. | [optional] |
| limit | Integer | The maximum records to return. Defaults to 100. | [optional][default to 100] |
| offset | Integer | The offset to start retrieving records from | [optional] |
| sort | String | Order fields in ascending or descending order. Ex: parent_type | asc. |
RegistrationGCPAccountResponseV1
oauth2
- Content-Type: Not defined
- Accept: application/json
get_cspmgcp_service_accounts_ext(opts)
Returns the service account id and client email for external clients.
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::CspmRegistrationApi.new
opts = {
id: 'id_example' # String | Service Account ID
}
begin
# Returns the service account id and client email for external clients.
result = api_instance.get_cspmgcp_service_accounts_ext(opts)
p result
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->get_cspmgcp_service_accounts_ext: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> get_cspmgcp_service_accounts_ext_with_http_info(opts)
begin
# Returns the service account id and client email for external clients.
data, status_code, headers = api_instance.get_cspmgcp_service_accounts_ext_with_http_info(opts)
p status_code # => 2xx
p headers # => { ... }
p data # => <RegistrationGCPServiceAccountResponseExtV1>
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->get_cspmgcp_service_accounts_ext_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| id | String | Service Account ID | [optional] |
RegistrationGCPServiceAccountResponseExtV1
oauth2
- Content-Type: Not defined
- Accept: application/json
get_cspmgcp_user_scripts_attachment(opts)
Return a script for customer to run in their cloud environment to grant us access to their GCP environment as a downloadable attachment
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::CspmRegistrationApi.new
opts = {
parent_type: 'Folder', # String | GCP Hierarchy Parent Type, organization/folder/project
ids: ['inner_example'] # Array<String> | Hierarchical Resource IDs of accounts
}
begin
# Return a script for customer to run in their cloud environment to grant us access to their GCP environment as a downloadable attachment
result = api_instance.get_cspmgcp_user_scripts_attachment(opts)
p result
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->get_cspmgcp_user_scripts_attachment: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> get_cspmgcp_user_scripts_attachment_with_http_info(opts)
begin
# Return a script for customer to run in their cloud environment to grant us access to their GCP environment as a downloadable attachment
data, status_code, headers = api_instance.get_cspmgcp_user_scripts_attachment_with_http_info(opts)
p status_code # => 2xx
p headers # => { ... }
p data # => <RegistrationGCPProvisionGetUserScriptResponseV1>
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->get_cspmgcp_user_scripts_attachment_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| parent_type | String | GCP Hierarchy Parent Type, organization/folder/project | [optional] |
| ids | Array<String> | Hierarchical Resource IDs of accounts | [optional] |
RegistrationGCPProvisionGetUserScriptResponseV1
oauth2
- Content-Type: Not defined
- Accept: application/json, application/octet-stream
patch_cspm_aws_account(body)
Patches a existing account in our system for a customer.
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::CspmRegistrationApi.new
body = Falcon::RegistrationAWSAccountPatchRequest.new({resources: [Falcon::RegistrationAWSAccountPatch.new({account_id: 'account_id_example', iam_role_arn: 'iam_role_arn_example'})]}) # RegistrationAWSAccountPatchRequest |
begin
# Patches a existing account in our system for a customer.
result = api_instance.patch_cspm_aws_account(body)
p result
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->patch_cspm_aws_account: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> patch_cspm_aws_account_with_http_info(body)
begin
# Patches a existing account in our system for a customer.
data, status_code, headers = api_instance.patch_cspm_aws_account_with_http_info(body)
p status_code # => 2xx
p headers # => { ... }
p data # => <RegistrationAWSAccountResponseV2>
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->patch_cspm_aws_account_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| body | RegistrationAWSAccountPatchRequest |
RegistrationAWSAccountResponseV2
oauth2
- Content-Type: application/json
- Accept: application/json
update_cspm_azure_account(body)
Patches a existing account in our system for a customer.
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::CspmRegistrationApi.new
body = Falcon::RegistrationAzureAccountPatchRequest.new({resources: [Falcon::RegistrationAzureAccountPatch.new({subscription_id: 'subscription_id_example'})]}) # RegistrationAzureAccountPatchRequest |
begin
# Patches a existing account in our system for a customer.
result = api_instance.update_cspm_azure_account(body)
p result
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->update_cspm_azure_account: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> update_cspm_azure_account_with_http_info(body)
begin
# Patches a existing account in our system for a customer.
data, status_code, headers = api_instance.update_cspm_azure_account_with_http_info(body)
p status_code # => 2xx
p headers # => { ... }
p data # => <RegistrationAzureAccountResponseV1>
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->update_cspm_azure_account_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| body | RegistrationAzureAccountPatchRequest |
RegistrationAzureAccountResponseV1
oauth2
- Content-Type: application/json
- Accept: application/json
update_cspm_azure_account_client_id(id, opts)
Update an Azure service account in our system by with the user-created client_id created with the public key we've provided
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::CspmRegistrationApi.new
id = 'id_example' # String | ClientID to use for the Service Principal associated with the customer's Azure account
opts = {
tenant_id: 'tenant_id_example' # String | Tenant ID to update client ID for. Required if multiple tenants are registered.
}
begin
# Update an Azure service account in our system by with the user-created client_id created with the public key we've provided
result = api_instance.update_cspm_azure_account_client_id(id, opts)
p result
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->update_cspm_azure_account_client_id: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> update_cspm_azure_account_client_id_with_http_info(id, opts)
begin
# Update an Azure service account in our system by with the user-created client_id created with the public key we've provided
data, status_code, headers = api_instance.update_cspm_azure_account_client_id_with_http_info(id, opts)
p status_code # => 2xx
p headers # => { ... }
p data # => <RegistrationAzureTenantConfigurationResponseV1>
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->update_cspm_azure_account_client_id_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| id | String | ClientID to use for the Service Principal associated with the customer's Azure account | |
| tenant_id | String | Tenant ID to update client ID for. Required if multiple tenants are registered. | [optional] |
RegistrationAzureTenantConfigurationResponseV1
oauth2
- Content-Type: Not defined
- Accept: application/json
update_cspm_azure_tenant_default_subscription_id(subscription_id, opts)
Update an Azure default subscription_id in our system for given tenant_id
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::CspmRegistrationApi.new
subscription_id = 'subscription_id_example' # String | Default Subscription ID to patch for all subscriptions belonged to a tenant.
opts = {
tenant_id: 'tenant_id_example' # String | Tenant ID to update client ID for. Required if multiple tenants are registered.
}
begin
# Update an Azure default subscription_id in our system for given tenant_id
result = api_instance.update_cspm_azure_tenant_default_subscription_id(subscription_id, opts)
p result
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->update_cspm_azure_tenant_default_subscription_id: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> update_cspm_azure_tenant_default_subscription_id_with_http_info(subscription_id, opts)
begin
# Update an Azure default subscription_id in our system for given tenant_id
data, status_code, headers = api_instance.update_cspm_azure_tenant_default_subscription_id_with_http_info(subscription_id, opts)
p status_code # => 2xx
p headers # => { ... }
p data # => <RegistrationAzureTenantDefaultSubscriptionIDResponseV1>
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->update_cspm_azure_tenant_default_subscription_id_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| subscription_id | String | Default Subscription ID to patch for all subscriptions belonged to a tenant. | |
| tenant_id | String | Tenant ID to update client ID for. Required if multiple tenants are registered. | [optional] |
RegistrationAzureTenantDefaultSubscriptionIDResponseV1
oauth2
- Content-Type: Not defined
- Accept: application/json
update_cspm_policy_settings(body)
Updates a policy setting - can be used to override policy severity or to disable a policy entirely.
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::CspmRegistrationApi.new
body = Falcon::RegistrationPolicyRequestExtV1.new({resources: [Falcon::RegistrationPolicyExtV1.new({account_id: 'account_id_example', account_ids: ['account_ids_example'], enabled: false, policy_id: 37, regions: ['regions_example'], severity: 'severity_example', tag_excluded: false})]}) # RegistrationPolicyRequestExtV1 |
begin
# Updates a policy setting - can be used to override policy severity or to disable a policy entirely.
result = api_instance.update_cspm_policy_settings(body)
p result
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->update_cspm_policy_settings: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> update_cspm_policy_settings_with_http_info(body)
begin
# Updates a policy setting - can be used to override policy severity or to disable a policy entirely.
data, status_code, headers = api_instance.update_cspm_policy_settings_with_http_info(body)
p status_code # => 2xx
p headers # => { ... }
p data # => <RegistrationPolicySettingsResponseV1>
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->update_cspm_policy_settings_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| body | RegistrationPolicyRequestExtV1 |
RegistrationPolicySettingsResponseV1
oauth2
- Content-Type: application/json
- Accept: application/json
update_cspm_scan_schedule(body)
Updates scan schedule configuration for one or more cloud platforms.
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::CspmRegistrationApi.new
body = Falcon::RegistrationScanScheduleUpdateRequestV1.new({resources: [Falcon::DomainScanScheduleDataV1.new({cloud_platform: 'cloud_platform_example'})]}) # RegistrationScanScheduleUpdateRequestV1 |
begin
# Updates scan schedule configuration for one or more cloud platforms.
result = api_instance.update_cspm_scan_schedule(body)
p result
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->update_cspm_scan_schedule: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> update_cspm_scan_schedule_with_http_info(body)
begin
# Updates scan schedule configuration for one or more cloud platforms.
data, status_code, headers = api_instance.update_cspm_scan_schedule_with_http_info(body)
p status_code # => 2xx
p headers # => { ... }
p data # => <RegistrationScanScheduleResponseV1>
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->update_cspm_scan_schedule_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| body | RegistrationScanScheduleUpdateRequestV1 |
RegistrationScanScheduleResponseV1
oauth2
- Content-Type: application/json
- Accept: application/json
update_cspmgcp_account(body)
Patches a existing account in our system for a customer.
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::CspmRegistrationApi.new
body = Falcon::RegistrationGCPAccountPatchRequest.new({resources: [Falcon::RegistrationGCPAccountPatch.new({parent_id: 'parent_id_example'})]}) # RegistrationGCPAccountPatchRequest |
begin
# Patches a existing account in our system for a customer.
result = api_instance.update_cspmgcp_account(body)
p result
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->update_cspmgcp_account: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> update_cspmgcp_account_with_http_info(body)
begin
# Patches a existing account in our system for a customer.
data, status_code, headers = api_instance.update_cspmgcp_account_with_http_info(body)
p status_code # => 2xx
p headers # => { ... }
p data # => <RegistrationGCPAccountResponseV1>
rescue Falcon::ApiError => e
puts "Error when calling CspmRegistrationApi->update_cspmgcp_account_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| body | RegistrationGCPAccountPatchRequest |
RegistrationGCPAccountResponseV1
oauth2
- Content-Type: application/json
- Accept: application/json