Cloud Security Compliance - CrowdStrike/falconpy GitHub Wiki

CrowdStrike Falcon CrowdStrike Subreddit

Using the Cloud Security Compliance service collection

Uber class support Service class support Documentation Version Page Updated

Table of Contents

Operation ID Description
cloud_compliance_framework_posture_summaries
PEP 8 framework_posture_summaries
Get sections and requirements with scores for benchmarks.
cloud_compliance_rule_posture_summaries
PEP 8 rule_posture_summaries
Get compliance score and counts for rules.

Passing credentials

WARNING

client_id and client_secret are keyword arguments that contain your CrowdStrike API credentials. Please note that all examples below do not hard code these values. (These values are ingested as strings.)

CrowdStrike does not recommend hard coding API credentials or customer identifiers within source code.

cloud_compliance_framework_posture_summaries

Get sections and requirements with scores for benchmarks.

PEP8 method name

framework_posture_summaries

Endpoint

Method Route
GET /cloud-security-compliance/entities/framework-posture-summaries/v1

Required Scope

cloud-security-assets:read

Content-Type

  • Produces: application/json

Keyword Arguments

Name Service Uber Type Data type Description
filter Service Class Support Uber Class Support query string FQL filter, supported properties: account_id account_name business_impact cloud_label cloud_label_id cloud_provider environment groups region resource_type resource_type_name tag_key tag_value tags_string
ids Service Class Support Uber Class Support query string or list of strings The uuids of compliance frameworks to retrieve (maximum 20 IDs allowed).
parameters Service Class Support Uber Class Support query dictionary Full query string parameters payload in JSON format. Not required when using other keywords.

Usage

Service class example (PEP8 syntax)
from falconpy import CloudSecurityCompliance

# Do not hardcode API credentials!
falcon = CloudSecurityCompliance(client_id=CLIENT_ID,
                                 client_secret=CLIENT_SECRET
                                 )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.framework_posture_summaries(ids=id_list,
                                             filter="string"
                                             )

print(response)
Service class example (Operation ID syntax)
from falconpy import CloudSecurityCompliance

# Do not hardcode API credentials!
falcon = CloudSecurityCompliance(client_id=CLIENT_ID,
                                 client_secret=CLIENT_SECRET
                                 )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.cloud_compliance_framework_posture_summaries(ids=id_list,
                                                              filter="string"
                                                              )

print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.command("cloud_compliance_framework_posture_summaries",
                          ids=id_list,
                          filter="string"
                          )

print(response)

Back to Table of Contents

cloud_compliance_rule_posture_summaries

Get compliance score and counts for rules.

PEP8 method name

rule_posture_summaries

Endpoint

Method Route
GET /cloud-security-compliance/entities/rule-posture-summaries/v1

Required Scope

cloud-security-assets:read

Content-Type

  • Produces: application/json

Keyword Arguments

Name Service Uber Type Data type Description
filter Service Class Support Uber Class Support query string FQL filter, supported properties: account_id account_name business_impact cloud_label cloud_label_id cloud_provider environment groups region resource_type resource_type_name tag_key tag_value tags_string
ids Service Class Support Uber Class Support query string or list of strings The uuids of compliance rules to retrieve (maximum 350 IDs allowed).
parameters Service Class Support Uber Class Support query dictionary Full query string parameters payload in JSON format. Not required when using other keywords.

Usage

Service class example (PEP8 syntax)
from falconpy import CloudSecurityCompliance

# Do not hardcode API credentials!
falcon = CloudSecurityCompliance(client_id=CLIENT_ID,
                                 client_secret=CLIENT_SECRET
                                 )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.rule_posture_summaries(ids=id_list,
                                        filter="string"
                                        )

print(response)
Service class example (Operation ID syntax)
from falconpy import CloudSecurityCompliance

# Do not hardcode API credentials!
falcon = CloudSecurityCompliance(client_id=CLIENT_ID,
                                 client_secret=CLIENT_SECRET
                                 )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.cloud_compliance_rule_posture_summaries(ids=id_list,
                                                         filter="string"
                                                         )

print(response)
Uber class example
from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.command("cloud_compliance_rule_posture_summaries",
                          ids=id_list,
                          filter="string"
                          )

print(response)

Back to Table of Contents

⚠️ **GitHub.com Fallback** ⚠️