Cloud GCP Registration - CrowdStrike/falconpy GitHub Wiki
| Operation ID | Description | ||||
|---|---|---|---|---|---|
|
Retrieve all GCP entities (organizations, folders, projects) grouped by type with support for FQL filtering, sorting, and pagination. | ||||
|
Trigger health check scan for GCP registrations | ||||
|
Retrieve a Google Cloud Registration. | ||||
|
Creates/Updates a Google Cloud Registration. | ||||
|
Create a Google Cloud Registration. | ||||
|
Update a Google Cloud Registration. | ||||
|
Deletes a Google Cloud Registration and returns the deleted registration in the response body. | ||||
WARNING
client_idandclient_secretare keyword arguments that contain your CrowdStrike API credentials. Please note that all examples below do not hard code these values. (These values are ingested as strings.)CrowdStrike does not recommend hard coding API credentials or customer identifiers within source code.
Retrieve all GCP entities (organizations, folders, projects) grouped by type with support for FQL filtering, sorting, and pagination.
get_entities
| Method | Route |
|---|---|
 |
/cloud-security-registration-google-cloud/entities/accounts/v1 |
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| ids |  |
|
query | array (string) | Google Cloud Registration IDs to filter by. |
| filter | |
|
query | string | FQL (Falcon Query Language) string for filtering results. Allowed filters: entity_type, entity_id, entity_name, registration_id, registration_name, registration_scope, parent_id, ioa_status, iom_status, created, updated |
| sort | |
|
query | string | Field and direction for sorting results (e.g., created|desc). Sorting applies across all entity types before grouping. |
| limit | |
|
query | integer | Maximum number of records to return. Default: 100, Max: 500. |
| offset | |
|
query | integer | Starting index of result. |
| parameters | |
|
query | dictionary | Full query string parameters payload in JSON format. Not required when using other keywords. |
from falconpy import CloudGoogleCloudRegistration
# Do not hardcode API credentials!
falcon = CloudGoogleCloudRegistration(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.get_entities(ids=id_list,
filter="string",
sort="string",
limit=integer,
offset=integer
)
print(response)from falconpy import CloudGoogleCloudRegistration
# Do not hardcode API credentials!
falcon = CloudGoogleCloudRegistration(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.cloud_registration_gcp_get_entities(ids=id_list,
filter="string",
sort="string",
limit=integer,
offset=integer
)
print(response)from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.command("cloud_registration_gcp_get_entities",
ids=id_list,
filter="string",
sort="string",
limit=integer,
offset=integer
)
print(response)Back to Table of Contents
Trigger health check scan for GCP registrations
trigger_health_check
| Method | Route |
|---|---|
 |
/cloud-security-registration-google-cloud/entities/registration-scans/v1 |
- Consumes: application/json
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| ids | |
|
query | array (string) | GCP Registration IDs |
| parameters | |
|
query | dictionary | Full query string parameters payload in JSON format. Not required when using other keywords. |
from falconpy import CloudGoogleCloudRegistration
# Do not hardcode API credentials!
falcon = CloudGoogleCloudRegistration(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.trigger_health_check(ids=id_list)
print(response)from falconpy import CloudGoogleCloudRegistration
# Do not hardcode API credentials!
falcon = CloudGoogleCloudRegistration(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.cloud_registration_gcp_trigger_health_check(ids=id_list)
print(response)from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.command("cloud_registration_gcp_trigger_health_check", ids=id_list)
print(response)Back to Table of Contents
Retrieve a Google Cloud Registration.
get_registration
| Method | Route |
|---|---|
|
/cloud-security-registration-google-cloud/entities/registrations/v1 |
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| ids | |
|
query | string | Google Cloud Registration ID |
| parameters | |
|
query | dictionary | Full query string parameters payload in JSON format. Not required when using other keywords. |
from falconpy import CloudGoogleCloudRegistration
# Do not hardcode API credentials!
falcon = CloudGoogleCloudRegistration(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.get_registration(ids="string")
print(response)from falconpy import CloudGoogleCloudRegistration
# Do not hardcode API credentials!
falcon = CloudGoogleCloudRegistration(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.cloud_registration_gcp_get_registration(ids="string")
print(response)from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("cloud_registration_gcp_get_registration", ids="string")
print(response)Back to Table of Contents
Creates/Updates a Google Cloud Registration.
update_registration
| Method | Route |
|---|---|
 |
/cloud-security-registration-google-cloud/entities/registrations/v1 |
- Consumes: application/json
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| body | |
 |
body | dictionary | Full body payload in JSON format. Not required if using other keywords. |
| deployment_method | |
 |
body | string | The method of deployment. |
| entity_id | |
|
body | array (string) | The ID of the entity. |
| excluded_project_patterns | |
|
body | array (string) | Project patterns that should be excluded. |
| falcon_client_key_id | |
|
body | string | API client key ID. |
| falcon_client_key_type | |
|
body | string | API client key type. |
| infra_manager_region | |
|
body | string | Infrastructure manager region. |
| infra_project_id | |
|
body | string | Infrastructure project ID. |
| labels | |
|
body | dictionary | Prop labels. |
| products | |
|
body | array (dictionary) | Products. |
| registration_name | |
|
body | string | Registration name. |
| registration_scope | |
|
body | string | Registration scope. |
| resource_name_prefix | |
|
body | string | Resource name prefix. |
| resource_name_suffix | |
|
body | string | Resource name suffix. |
| tags | |
|
body | dictionary | Tags. |
| wif_project_id | |
|
body | string | WIF project ID. |
from falconpy import CloudGoogleCloudRegistration
# Do not hardcode API credentials!
falcon = CloudGoogleCloudRegistration(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.update_registration(deployment_method="string",
entity_id=["string"],
excluded_project_patterns=["string"],
falcon_client_key_id="string",
falcon_client_key_type="string",
infra_manager_region="string",
infra_project_id="string",
labels={
"additionalProp1": "string",
"additionalProp2": "string",
"additionalProp3": "string"
},
products=[{
"features": ["string"],
"product": "string"
}],
registration_name="string",
registration_scope="string",
resource_name_prefix="string",
resource_name_suffix="string",
tags={
"additionalProp1": "string",
"additionalProp2": "string",
"additionalProp3": "string"
},
wif_project_id="string"
)
print(response)from falconpy import CloudGoogleCloudRegistration
# Do not hardcode API credentials!
falcon = CloudGoogleCloudRegistration(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.cloud_registration_gcp_put_registration(deployment_method="string",
entity_id=["string"],
excluded_project_patterns=["string"],
falcon_client_key_id="string",
falcon_client_key_type="string",
infra_manager_region="string",
infra_project_id="string",
labels={
"additionalProp1": "string",
"additionalProp2": "string",
"additionalProp3": "string"
},
products=[{
"features": ["string"],
"product": "string"
}],
registration_name="string",
registration_scope="string",
resource_name_prefix="string",
resource_name_suffix="string",
tags={
"additionalProp1": "string",
"additionalProp2": "string",
"additionalProp3": "string"
},
wif_project_id="string"
)
print(response)from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
body_payload = {
"resources": [
{
"deployment_method": "string",
"entity_id": [
"string"
],
"excluded_project_patterns": [
"string"
],
"falcon_client_key_id": "string",
"falcon_client_key_type": "string",
"infra_manager_region": "string",
"infra_project_id": "string",
"labels": {
"additionalProp1": "string",
"additionalProp2": "string",
"additionalProp3": "string"
},
"products": [
{
"features": [
"string"
],
"product": "string"
}
],
"registration_name": "string",
"registration_scope": "string",
"resource_name_prefix": "string",
"resource_name_suffix": "string",
"tags": {
"additionalProp1": "string",
"additionalProp2": "string",
"additionalProp3": "string"
},
"wif_project_id": "string"
}
]
}
response = falcon.command("cloud_registration_gcp_put_registration", body=body_payload)
print(response)Back to Table of Contents
Create a Google Cloud Registration.
create_registration
| Method | Route |
|---|---|
|
/cloud-security-registration-google-cloud/entities/registrations/v1 |
- Consumes: application/json
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| body | |
|
body | dictionary | Full body payload in JSON format. |
| deployment_method | |
|
body | string | The method of deployment. |
| entity_id | |
|
body | array (string) | The ID of the entity. |
| excluded_project_patterns | |
|
body | array (string) | Project patterns that should be excluded. |
| falcon_client_key_id | |
|
body | string | API client key ID. |
| falcon_client_key_type | |
|
body | string | API client key type. |
| infra_manager_region | |
|
body | string | Infrastructure manager region. |
| infra_project_id | |
|
body | string | Infrastructure project ID. |
| labels | |
|
body | dictionary | Prop labels. |
| products | |
|
body | array (dictionary) | Products. |
| registration_name | |
|
body | string | Registration name. |
| registration_scope | |
|
body | string | Registration scope. |
| resource_name_prefix | |
|
body | string | Resource name prefix. |
| resource_name_suffix | |
|
body | string | Resource name suffix. |
| tags | |
|
body | dictionary | Tags. |
| wif_project_id | |
|
body | string | WIF project ID. |
from falconpy import CloudGoogleCloudRegistration
# Do not hardcode API credentials!
falcon = CloudGoogleCloudRegistration(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.create_registration(deployment_method="string",
entity_id=["string"],
excluded_project_patterns=["string"],
falcon_client_key_id="string",
falcon_client_key_type="string",
infra_manager_region="string",
infra_project_id="string",
labels={
"additionalProp1": "string",
"additionalProp2": "string",
"additionalProp3": "string"
},
products=[{
"features": ["string"],
"product": "string"
}],
registration_name="string",
registration_scope="string",
resource_name_prefix="string",
resource_name_suffix="string",
tags={
"additionalProp1": "string",
"additionalProp2": "string",
"additionalProp3": "string"
},
wif_project_id="string"
)
print(response)from falconpy import CloudGoogleCloudRegistration
# Do not hardcode API credentials!
falcon = CloudGoogleCloudRegistration(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.cloud_registration_gcp_create_registration(deployment_method="string",
entity_id=["string"],
excluded_project_patterns=["string"],
falcon_client_key_id="string",
falcon_client_key_type="string",
infra_manager_region="string",
infra_project_id="string",
labels={
"additionalProp1": "string",
"additionalProp2": "string",
"additionalProp3": "string"
},
products=[{
"features": ["string"],
"product": "string"
}],
registration_name="string",
registration_scope="string",
resource_name_prefix="string",
resource_name_suffix="string",
tags={
"additionalProp1": "string",
"additionalProp2": "string",
"additionalProp3": "string"
},
wif_project_id="string"
)
print(response)from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
body_payload = {
"resources": [
{
"deployment_method": "string",
"entity_id": [
"string"
],
"excluded_project_patterns": [
"string"
],
"falcon_client_key_id": "string",
"falcon_client_key_type": "string",
"infra_manager_region": "string",
"infra_project_id": "string",
"labels": {
"additionalProp1": "string",
"additionalProp2": "string",
"additionalProp3": "string"
},
"products": [
{
"features": [
"string"
],
"product": "string"
}
],
"registration_name": "string",
"registration_scope": "string",
"resource_name_prefix": "string",
"resource_name_suffix": "string",
"tags": {
"additionalProp1": "string",
"additionalProp2": "string",
"additionalProp3": "string"
},
"wif_project_id": "string"
}
]
}
response = falcon.command("cloud_registration_gcp_create_registration", body=body_payload)
print(response)Back to Table of Contents
Update a Google Cloud Registration.
cloud_registration_gcp_update_registration
| Method | Route |
|---|---|
 |
/cloud-security-registration-google-cloud/entities/registrations/v1 |
- Consumes: application/json
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| body | |
|
body | dictionary | Full body payload in JSON format. |
| ids | |
|
query | string | Google Cloud Registration ID. |
| deployment_method | |
|
body | string | The method of deployment. |
| entity_id | |
|
body | array (string) | The ID of the entity. |
| excluded_project_patterns | |
|
body | array (string) | Project patterns that should be excluded. |
| falcon_client_key_id | |
|
body | string | API client key ID. |
| falcon_client_key_type | |
|
body | string | API client key type. |
| infra_manager_region | |
|
body | string | Infrastructure manager region. |
| infra_project_id | |
|
body | string | Infrastructure project ID. |
| labels | |
|
body | dictionary | Prop labels. |
| products | |
|
body | array (dictionary) | Products. |
| registration_name | |
|
body | string | Registration name. |
| registration_scope | |
|
body | string | Registration scope. |
| resource_name_prefix | |
|
body | string | Resource name prefix. |
| resource_name_suffix | |
|
body | string | Resource name suffix. |
| tags | |
|
body | dictionary | Tags. |
| wif_project_id | |
|
body | string | WIF project ID. |
| parameters | |
|
query | dictionary | Full query string parameters payload in JSON format. Not required when using other keywords. |
from falconpy import CloudGoogleCloudRegistration
# Do not hardcode API credentials!
falcon = CloudGoogleCloudRegistration(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.cloud_registration_gcp_update_registration(ids="string",
deployment_method="string",
entity_id=["string"],
excluded_project_patterns=["string"],
falcon_client_key_id="string",
falcon_client_key_type="string",
infra_manager_region="string",
infra_project_id="string",
labels={
"additionalProp1": "string",
"additionalProp2": "string",
"additionalProp3": "string"
},
products=[{
"features": ["string"],
"product": "string"
}],
registration_name="string",
registration_scope="string",
resource_name_prefix="string",
resource_name_suffix="string",
tags={
"additionalProp1": "string",
"additionalProp2": "string",
"additionalProp3": "string"
},
wif_project_id="string"
)
print(response)from falconpy import CloudGoogleCloudRegistration
# Do not hardcode API credentials!
falcon = CloudGoogleCloudRegistration(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.cloud_registration_gcp_update_registration(ids="string",
deployment_method="string",
entity_id=["string"],
excluded_project_patterns=["string"],
falcon_client_key_id="string",
falcon_client_key_type="string",
infra_manager_region="string",
infra_project_id="string",
labels={
"additionalProp1": "string",
"additionalProp2": "string",
"additionalProp3": "string"
},
products=[{
"features": ["string"],
"product": "string"
}],
registration_name="string",
registration_scope="string",
resource_name_prefix="string",
resource_name_suffix="string",
tags={
"additionalProp1": "string",
"additionalProp2": "string",
"additionalProp3": "string"
},
wif_project_id="string"
)
print(response)from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
body_payload = {
"resources": [
{
"deployment_method": "string",
"entity_id": [
"string"
],
"excluded_project_patterns": [
"string"
],
"falcon_client_key_id": "string",
"falcon_client_key_type": "string",
"infra_manager_region": "string",
"infra_project_id": "string",
"labels": {
"additionalProp1": "string",
"additionalProp2": "string",
"additionalProp3": "string"
},
"products": [
{
"features": [
"string"
],
"product": "string"
}
],
"registration_name": "string",
"registration_scope": "string",
"resource_name_prefix": "string",
"resource_name_suffix": "string",
"tags": {
"additionalProp1": "string",
"additionalProp2": "string",
"additionalProp3": "string"
},
"wif_project_id": "string"
}
]
}
response = falcon.command("cloud_registration_gcp_update_registration",
body=body_payload,
ids="string"
)
print(response)Back to Table of Contents
Deletes a Google Cloud Registration and returns the deleted registration in the response body.
delete_registration
| Method | Route |
|---|---|
 |
/cloud-security-registration-google-cloud/entities/registrations/v1 |
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| ids | |
|
query | string | Google Cloud Registration ID |
| parameters | |
|
query | dictionary | Full query string parameters payload in JSON format. Not required when using other keywords. |
from falconpy import CloudGoogleCloudRegistration
# Do not hardcode API credentials!
falcon = CloudGoogleCloudRegistration(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.delete_registration(ids="string")
print(response)from falconpy import CloudGoogleCloudRegistration
# Do not hardcode API credentials!
falcon = CloudGoogleCloudRegistration(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.cloud_registration_gcp_delete_registration(ids="string")
print(response)from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("cloud_registration_gcp_delete_registration", ids="string")
print(response)Back to Table of Contents
