Image Assessment Policies
| Operation ID | Description | ||||
|---|---|---|---|---|---|
|
Get all Image Assessment policies | ||||
|
Create Image Assessment policies | ||||
|
Delete Image Assessment Policy by policy UUID | ||||
|
Update Image Assessment Policy entities | ||||
|
Retrieve Image Assessment Policy Exclusion entities | ||||
|
Update Image Assessment Policy Exclusion entities | ||||
|
Retrieve Image Assessment Policy Group entities | ||||
|
Create Image Assessment Policy Group entities | ||||
|
Delete Image Assessment Policy Group entities | ||||
|
Update Image Assessment Policy Group entities | ||||
|
Update Image Assessment Policy precedence | ||||
Get all Image Assessment policies.
read_policies
| Method | Route |
|---|---|
 |
/container-security/entities/image-assessment-policies/v1 |
- Produces: application/json
No keywords or arguments accepted.
from falconpy import ImageAssessmentPolicies
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.read_policies()
print(response)from falconpy import ImageAssessmentPolicies
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.ReadPolicies()
print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("ReadPolicies")
print(response)Create Image Assessment policies.
create_policies
| Method | Route |
|---|---|
 |
/container-security/entities/image-assessment-policies/v1 |
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| body |
 |
 |
body | dictionary | Full body payload in JSON format. |
| description |
|
 |
body | string | Policy description. |
| name |
|
|
body | string | Policy name. |
from falconpy import ImageAssessmentPolicies
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.create_policies(description="string", name="string")
print(response)from falconpy import ImageAssessmentPolicies
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.CreatePolicies(description="string", name="string")
print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
body_payload = {
"description": "string",
"name": "string"
}
response = falcon.command("CreatePolicies", body=body_payload)
print(response)Delete Image Assessment Policy by policy UUID.
delete_policy
| Method | Route |
|---|---|
 |
/container-security/entities/image-assessment-policies/v1 |
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| id |
|
|
query | string | Image Assessment Policy entity UUID. |
| parameters |
|
|
query | dictionary | Full query string parameters payload in JSON format. |
from falconpy import ImageAssessmentPolicies
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.delete_policy(id="string")
print(response)from falconpy import ImageAssessmentPolicies
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.DeletePolicy(id="string")
print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("DeletePolicy", id="string")
print(response)Update Image Assessment Policy entities.
update_policies
| Method | Route |
|---|---|
 |
/container-security/entities/image-assessment-policies/v1 |
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| body | |
|
body | dictionary | Full body payload in JSON format. |
| description | |
|
body | string | Policy description. |
| id | |
|
query | string | Image Assessment Policy entity UUID. |
| is_enabled | |
|
query | boolean | Flag indicating if the policy is currently enabled. |
| name | |
|
body | string | Policy name. |
| parameters | |
|
query | dictionary | Full query string parameters payload in JSON format. |
| policy_data | |
|
body | dictionary | Image Assessment Policy rules in JSON format. |
from falconpy import ImageAssessmentPolicies
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
policy_data = {
"rules": [
{
"action": "string",
"policy_rules_data": {
"conditions": [
{}
]
}
}
]
}
response = falcon.update_policies(description="string",
id="string",
is_enabled=boolean,
name="string",
policy_data=policy_data
)
print(response)from falconpy import ImageAssessmentPolicies
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
policy_data = {
"rules": [
{
"action": "string",
"policy_rules_data": {
"conditions": [
{}
]
}
}
]
}
response = falcon.UpdatePolicies(description="string",
id="string",
is_enabled=boolean,
name="string",
policy_data=policy_data
)
print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
body_payload = {
"description": "string",
"is_enabled": boolean,
"name": "string",
"policy_data": {
"rules": [
{
"action": "string",
"policy_rules_data": {
"conditions": [
{}
]
}
}
]
}
}
response = falcon.command("UpdatePolicies",
id="string",
body=body_payload
)
print(response)Retrieve Image Assessment Policy Exclusion entities.
read_policy_exclusions
| Method | Route |
|---|---|
|
/container-security/entities/image-assessment-policy-exclusions/v1 |
- Produces: application/json
No keywords or arguments accepted.
from falconpy import ImageAssessmentPolicies
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.read_policy_exclusions()
print(response)from falconpy import ImageAssessmentPolicies
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.ReadPolicyExclusions()
print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("ReadPolicyExclusions")
print(response)Update Image Assessment Policy Exclusion entities.
update_policy_exclusions
| Method | Route |
|---|---|
|
/container-security/entities/image-assessment-policy-exclusions/v1 |
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| body | |
|
body | dictionary | Full body payload in JSON format. |
| conditions | |
|
body | list of dictionaries | List of conditions to apply. Overrides other keywords if provided. |
| description | |
|
body | string | Condition description. Ignored if conditions keyword is used. |
| prop | |
|
body | string | Condition property. Ignored if conditions keyword is used. |
| ttl | |
|
body | integer | Condition time to live. Ignored if conditions keyword is used. |
| value | |
|
body | list of strings | Condition values. Ignored if conditions keyword is used. |
from falconpy import ImageAssessmentPolicies
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
value_list = ["VALUE1", "VALUE2", "VALUE3"]
response = falcon.update_policy_exclusions(description="string",
prop="string",
ttl=integer,
value=value_list
)
print(response)from falconpy import ImageAssessmentPolicies
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
value_list = ["VALUE1", "VALUE2", "VALUE3"]
response = falcon.UpdatePolicyExclusions(description="string",
prop="string",
ttl=integer,
value=value_list
)
print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
# The following structure can be used in the examples
# above (i.e. Service Class usage) by leveraging the
# conditions keyword. This will override the other
# keywords listed in the examples above.
conditions_list = [
{
"description": "string",
"prop": "string",
"ttl": integer,
"value": [
"string"
]
},
{
"description": "string",
"prop": "string",
"ttl": integer,
"value": [
"string"
]
}
]
body_payload = {
"conditions": conditions_list
}
response = falcon.command("UpdatePolicyExclusions", body=body_payload)
print(response)Retrieve Image Assessment Policy Group entities.
read_policy_groups
| Method | Route |
|---|---|
|
/container-security/entities/image-assessment-policy-groups/v1 |
- Produces: application/json
No keywords or arguments accepted.
from falconpy import ImageAssessmentPolicies
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.read_policy_groups()
print(response)from falconpy import ImageAssessmentPolicies
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.ReadPolicyGroups()
print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("ReadPolicyGroups")
print(response)Create Image Assessment Policy Group entities.
create_policy_groups
| Method | Route |
|---|---|
|
/container-security/entities/image-assessment-policy-groups/v1 |
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| body | |
|
body | dictionary | Full body payload in JSON format. |
| conditions | |
|
body | list of dictionaries | List of policy conditions to apply. Overriden if policy_group_data keyword is used. |
| description | |
|
body | string | Policy group description. |
| name | |
|
body | string | Policy group name. |
| policy_group_data | |
|
body | dictionary | Policy group data in JSON format. Overrides conditions keyword if provided. |
| policy_id | |
|
body | string | Policy ID. |
from falconpy import ImageAssessmentPolicies
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
conditions_list = [
{},
{}
]
response = falcon.create_policy_groups(conditions=conditions_list,
description="string",
name="string",
policy_id="string"
)
print(response)from falconpy import ImageAssessmentPolicies
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
conditions_list = [
{},
{}
]
response = falcon.CreatePolicyGroups(conditions=conditions_list,
description="string",
name="string",
policy_id="string"
)
print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
conditions_list = [
{},
{}
]
body_payload = {
"description": "string",
"name": "string",
"policy_group_data": {
"conditions": condtions_list
},
"policy_id": "string"
}
response = falcon.command("CreatePolicyGroups", body=body_payload)
print(response)Delete Image Assessment Policy Group entities
delete_policy_group
| Method | Route |
|---|---|
|
/container-security/entities/image-assessment-policy-groups/v1 |
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| id |
|
|
query | string | Policy Image group entity UUID. |
| parameters |
|
|
query | dictionary | Full query string parameters payload in JSON format. |
from falconpy import ImageAssessmentPolicies
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.delete_policy_group(id="string")
print(response)from falconpy import ImageAssessmentPolicies
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.DeletePolicyGroup(id="string")
print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("DeletePolicyGroup", id="string")
print(response)Update Image Assessment Policy Group entities
update_policy_groups
| Method | Route |
|---|---|
|
/container-security/entities/image-assessment-policy-groups/v1 |
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| body | |
|
body | dictionary | Full body payload in JSON format. |
| conditions | |
|
body | list of dictionaries | List of policy conditions to apply. Overriden if policy_group_data keyword is used. |
| description | |
|
body | string | Policy group description. |
| id |
|
|
query | string | Policy Image group entity UUID. |
| name | |
|
body | string | Policy group name. |
| parameters |
|
|
query | dictionary | Full query string parameters payload in JSON format. |
| policy_group_data | |
|
body | dictionary | Policy group data in JSON format. Overrides conditions keyword if provided. |
from falconpy import ImageAssessmentPolicies
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
conditions_list = [
{},
{}
]
response = falcon.update_policy_groups(id="string",
conditions=conditions_list,
description="string",
name="string"
)
print(response)from falconpy import ImageAssessmentPolicies
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
conditions_list = [
{},
{}
]
response = falcon.UpdatePolicyGroups(id="string",
conditions=conditions_list,
description="string",
name="string"
)
print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
conditions_list = [
{},
{}
]
body_payload = {
"description": "string",
"name": "string",
"policy_group_data": {
"conditions": conditions_list
}
}
response = falcon.command("UpdatePolicyGroups", id="string", body=body_payload)
print(response)Update Image Assessment Policy precedence
update_policy_precedence
| Method | Route |
|---|---|
|
/container-security/entities/image-assessment-policy-precedence/v1 |
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| body | |
|
body | dictionary | Full body payload in JSON format. |
| precedence | |
|
body | string or list of strings | List of policy conditions to apply. |
from falconpy import ImageAssessmentPolicies
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
# Precedence will be applied in the order provided.
ordered_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.update_policy_precedence(precedence=ordered_list)
print(response)from falconpy import ImageAssessmentPolicies
falcon = ImageAssessmentPolicies(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
# Precedence will be applied in the order provided.
ordered_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.UpdatePolicyPrecedence(precedence=ordered_list)
print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
# Precedence will be applied in the order provided.
ordered_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
body_payload = {
"precedence": ordered_list
}
response = falcon.command("UpdatePolicyPrecedence", body=body_payload)
print(response)
- Home
- Discussions Board
- Glossary of Terms
- Installation, Upgrades and Removal
- Samples Collection
- Using FalconPy
- API Operations
-
Service Collections
- Alerts
- API Integrations
- ASPM
- CAO Hunting
- Certificate Based Exclusions
- Cloud AWS Registration
- Cloud Azure Registration
- Cloud OCI Registration
- Cloud Connect AWS (deprecated)
- Cloud Security Assets
- Cloud Snapshots
- Configuration Assessment
- Configuration Assessment Evaluation Logic
- Container Alerts
- Container Detections
- Container Image Compliance
- Container Images
- Container Packages
- Container Vulnerabilities
- Content Update Policies
- Correlation Rules
- CSPM Registration
- Custom IOAs
- Custom Storage
- D4C Registration (deprecated)
- DataScanner (deprecated)
- Delivery Settings
- Deployments
- Detects
- Device Content
- Device Control Policies
- Discover
- Downloads
- Drift Indicators
- Event Streams
- Exposure Management
- FaaS Execution
- Falcon Complete Dashboard
- Falcon Container
- Falcon Intelligence Sandbox
- FDR
- FileVantage
- Firewall Management
- Firewall Policies
- Foundry LogScale
- Host Group
- Host Migration
- Hosts
- Identity Protection
- Image Assessment Policies
- Incidents
- Installation Tokens
- Intel
- Intelligence Feeds
- Intelligence Indicator Graph
- IOA Exclusions
- IOC
- IOCs (deprecated)
- Kubernetes Protection
- MalQuery
- Message Center
- ML Exclusions
- Mobile Enrollment
- MSSP (Flight Control)
- NGSIEM
- OAuth2
- ODS (On Demand Scan)
- Overwatch Dashboard
- Prevention Policy
- Quarantine
- Quick Scan
- Quick Scan Pro
- Real Time Response
- Real Time Response Admin
- Real Time Response Audit
- Recon
- Report Executions
- Response Policies
- Sample Uploads
- Scheduled Reports
- Sensor Download
- Sensor Update Policy
- Sensor Usage
- Sensor Visibility Exclusions
- Serverless Vulnerabilities
- Spotlight Evaluation Logic
- Spotlight Vulnerabilities
- Tailored Intelligence
- ThreatGraph
- Unidentified Containers
- User Management
- Workflows
- Zero Trust Assessment
- Documentation Support
-
CrowdStrike SDKs
- Crimson Falcon - Ruby
- FalconPy - Python 3
- FalconJS - Javascript
- goFalcon - Go
- PSFalcon - Powershell
- Rusty Falcon - Rust
