Cloud AWS Registration
| Operation ID | Description | ||||
|---|---|---|---|---|---|
|
Retrieve existing AWS accounts by account IDs. | ||||
|
Creates a new account in our system for a customer. | ||||
|
Deletes an existing AWS account or organization in our system. | ||||
|
Patches a existing account in our system for a customer. | ||||
|
Retrieve existing AWS accounts by account IDs. | ||||
Retrieve existing AWS accounts by account IDs.
get_accounts
| Method | Route |
|---|---|
 |
/cloud-security-registration-aws/entities/account/v1 |
- Consumes: application/json
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| ids |  |
|
query | string or list of strings | AWS account IDs to filter. |
| parameters | |
|
query | dictionary | Full query string parameters payload in JSON format. |
from falconpy import CloudAWSRegistration
falcon = CloudAWSRegistration(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.get_accounts(ids=id_list)
print(response)from falconpy import CloudAWSRegistration
falcon = CloudAWSRegistration(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.cloud_registration_aws_get_accounts(ids=id_list)
print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.command("cloud_registration_aws_get_accounts", ids=id_list)
print(response)Creates a new account in our system for a customer.
create_account
| Method | Route |
|---|---|
 |
/cloud-security-registration-aws/entities/account/v1 |
- Consumes: application/json
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| account_id | |
 |
body | string | AWS account ID. |
| account_type | |
|
body | string | AWS account type. |
| body | |
 |
body | dictionary | Full body payload in JSON format. |
| csp_events | |
|
body | boolean | Flag indicating if CSP events should be included. |
| is_master | |
|
body | boolean | Flag indicating if this is a master account. |
| organization_id | |
|
body | string | AWS organization ID. |
| products | |
|
body | list_of_dictionaries | List of included products and features. |
from falconpy import CloudAWSRegistration
falcon = CloudAWSRegistration(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
# Can also pass a list here: ['PRODUCT_ID1', 'PRODUCT_ID2', 'PRODUCT_ID3']
products = [
{
"features": [
"string"
],
"product": "string"
}
]
response = falcon.create_account(account_id="string",
account_type="string",
csp_events=boolean,
is_master=boolean,
organization_id="string",
products=products
)
print(response)from falconpy import CloudAWSRegistration
falcon = CloudAWSRegistration(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
products = [
{
"features": [
"string"
],
"product": "string"
}
]
response = falcon.cloud_registration_aws_create_account(account_id="string",
account_type="string",
csp_events=boolean,
is_master=boolean,
organization_id="string",
products=products
)
print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
body_payload = {
"resources": [
{
"account_id": "string",
"account_type": "string",
"csp_events": boolean,
"is_master": boolean,
"organization_id": "string",
"products": [
{
"features": [
"string"
],
"product": "string"
}
]
}
]
}
response = falcon.command("cloud_registration_aws_create_account", body=body_payload)
print(response)Deletes an existing AWS account or organization in our system.
delete_account
| Method | Route |
|---|---|
 |
/cloud-security-registration-aws/entities/account/v1 |
- Consumes: application/json
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| ids | |
|
query | string or list of strings | AWS account IDs to filter. |
| organization_ids | |
|
query | string or list of strings | AWS organization IDs to remove |
| parameters | |
|
query | dictionary | Full query string parameters payload in JSON format. |
from falconpy import CloudAWSRegistration
falcon = CloudAWSRegistration(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
organization_id_list = 'ORG_ID1,ORG_ID2,ORG_ID3' # Can also pass a list here: ['ORG_ID1', 'ORG_ID2', 'ORG_ID3']
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.delete_account(organization_ids=organization_id_list, ids=id_list)
print(response)from falconpy import CloudAWSRegistration
falcon = CloudAWSRegistration(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
organization_id_list = 'ORG_ID1,ORG_ID2,ORG_ID3' # Can also pass a list here: ['ORG_ID1', 'ORG_ID2', 'ORG_ID3']
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.cloud_registration_aws_delete_account(organization_ids=organization_id_list, ids=id_list)
print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
organization_id_list = 'ORG_ID1,ORG_ID2,ORG_ID3' # Can also pass a list here: ['ORG_ID1', 'ORG_ID2', 'ORG_ID3']
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.command("cloud_registration_aws_delete_account", organization_ids=organization_id_list, ids=id_list)
print(response)Patches a existing account in our system for a customer.
update_account
| Method | Route |
|---|---|
 |
/cloud-security-registration-aws/entities/account/v1 |
- Consumes: application/json
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| account_id | |
|
body | string | AWS account ID. |
| account_type | |
|
body | string | AWS account type. |
| body | |
|
body | dictionary | Full body payload in JSON format. |
| csp_events | |
|
body | boolean | Flag indicating if CSP events should be included. |
| is_master | |
|
body | boolean | Flag indicating if this is a master account. |
| organization_id | |
|
body | string | AWS organization ID. |
| products | |
|
body | list_of_dictionaries | List of included products and features. |
from falconpy import CloudAWSRegistration
falcon = CloudAWSRegistration(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
products = [
{
"features": [
"string"
],
"product": "string"
}
]
response = falcon.update_account(account_id="string",
account_type="string",
csp_events=boolean,
is_master=boolean,
organization_id="string",
products=products
)
print(response)from falconpy import CloudAWSRegistration
falcon = CloudAWSRegistration(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
products = [
{
"features": [
"string"
],
"product": "string"
}
]
response = falcon.cloud_registration_aws_update_account(account_id="string",
account_type="string",
csp_events=boolean,
is_master=boolean,
organization_id="string",
products=products
)
print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
body_payload = {
"resources": [
{
"account_id": "string",
"account_type": "string",
"csp_events": boolean,
"is_master": boolean,
"organization_id": "string",
"products": [
{
"features": [
"string"
],
"product": "string"
}
]
}
]
}
response = falcon.command("cloud_registration_aws_update_account", body=body_payload)
print(response)Retrieve existing AWS accounts by account IDs
query_accounts
| Method | Route |
|---|---|
|
/cloud-security-registration-aws/queries/account/v1 |
- Consumes: application/json
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| organization_ids | |
|
query | array (string) | Organization IDs used to filter accounts. |
| products | |
|
query | array (string) | Products registered for an account. |
| features | |
|
query | array (string) | Features registered for an account. |
| account_status | |
|
query | string | Account status to filter results by. |
| limit | |
|
query | integer | The maximum number of items to return. When not specified or 0, 100 is used. When larger than 500, 500 is used. |
| offset | |
|
query | integer | The offset to start retrieving records from. |
| group_by | |
|
query | string | Field to group by. |
| parameters | |
|
query | dictionary | Full query string parameters payload in JSON format. |
from falconpy import CloudAWSRegistration
falcon = CloudAWSRegistration(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.query_accounts(organization_ids="string", # or ["string", "string"]
products="string", # or ["string", "string"]
features="string", # or ["string", "string"]
account_status="string",
limit=integer,
offset=integer,
group_by="string"
)
print(response)from falconpy import CloudAWSRegistration
falcon = CloudAWSRegistration(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.cloud_registration_aws_query_accounts(organization_ids="string", # or ["string", "string"]
products="string", # or ["string", "string"]
features="string", # or ["string", "string"]
account_status="string",
limit=integer,
offset=integer,
group_by="string"
)
print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("cloud_registration_aws_query_accounts",
organization_ids="string", # or ["string", "string"]
products="string", # or ["string", "string"]
features="string", # or ["string", "string"]
account_status="string",
limit=integer,
offset=integer,
group_by="string"
)
print(response)
- Home
- Discussions Board
- Glossary of Terms
- Installation, Upgrades and Removal
- Samples Collection
- Using FalconPy
- API Operations
-
Service Collections
- Alerts
- API Integrations
- ASPM
- CAO Hunting
- Certificate Based Exclusions
- Cloud AWS Registration
- Cloud Azure Registration
- Cloud OCI Registration
- Cloud Connect AWS (deprecated)
- Cloud Security Assets
- Cloud Snapshots
- Configuration Assessment
- Configuration Assessment Evaluation Logic
- Container Alerts
- Container Detections
- Container Image Compliance
- Container Images
- Container Packages
- Container Vulnerabilities
- Content Update Policies
- Correlation Rules
- CSPM Registration
- Custom IOAs
- Custom Storage
- D4C Registration (deprecated)
- DataScanner (deprecated)
- Delivery Settings
- Deployments
- Detects
- Device Content
- Device Control Policies
- Discover
- Downloads
- Drift Indicators
- Event Streams
- Exposure Management
- FaaS Execution
- Falcon Complete Dashboard
- Falcon Container
- Falcon Intelligence Sandbox
- FDR
- FileVantage
- Firewall Management
- Firewall Policies
- Foundry LogScale
- Host Group
- Host Migration
- Hosts
- Identity Protection
- Image Assessment Policies
- Incidents
- Installation Tokens
- Intel
- Intelligence Feeds
- Intelligence Indicator Graph
- IOA Exclusions
- IOC
- IOCs (deprecated)
- Kubernetes Protection
- MalQuery
- Message Center
- ML Exclusions
- Mobile Enrollment
- MSSP (Flight Control)
- NGSIEM
- OAuth2
- ODS (On Demand Scan)
- Overwatch Dashboard
- Prevention Policy
- Quarantine
- Quick Scan
- Quick Scan Pro
- Real Time Response
- Real Time Response Admin
- Real Time Response Audit
- Recon
- Report Executions
- Response Policies
- Sample Uploads
- Scheduled Reports
- Sensor Download
- Sensor Update Policy
- Sensor Usage
- Sensor Visibility Exclusions
- Serverless Vulnerabilities
- Spotlight Evaluation Logic
- Spotlight Vulnerabilities
- Tailored Intelligence
- ThreatGraph
- Unidentified Containers
- User Management
- Workflows
- Zero Trust Assessment
- Documentation Support
-
CrowdStrike SDKs
- Crimson Falcon - Ruby
- FalconPy - Python 3
- FalconJS - Javascript
- goFalcon - Go
- PSFalcon - Powershell
- Rusty Falcon - Rust
