CrowdStrike · jshcodes · Jan 31, 2024 · Jan 27, 2024 · Jan 27, 2024 · Jan 28, 2024
@@ -1275,3 +1275,38 @@ ReadContainersByDateRangeCount
 ReadContainerCountByRegistry
 FindContainersCountAffectedByZeroDayVulnerabilities
 ReadVulnerableContainerImageCount
+QueryActivityByCaseID
+CAwsAccount
+GetD
+Enums
+shubham
+WorkflowUpdateHumanInputV
+WorkflowGetHumanInputV
+WorkflowDefinitionsCreate
+WorkflowDefinitionsUpdate
+WorkflowDefinitionsImport
+WorkflowDefinitionsExport
+WorkflowExecutionsCombined
+WorkflowDefinitionsCombined
+DeletePolicyGroup
+UpdatePolicyGroups
+CreatePolicyGroups
+ReadPolicyGroups
+UpdatePolicyExclusions
+ReadPolicyExclusions
+DeletePolicy
+ReadPolicies
+CGCPUserScriptsAttachment
+CGCPServiceAccountsExt
+CGCPAccount
+ConnectD
+DeleteD
+GetDiscoverCloudAzureUserScriptsAttachment
+GetCSPMGCPServiceAccountsExt
+ConnectCSPMGCPAccount
+UpdateCSPMGCPAccount
+DeleteCSPMGCPAccount
+CreateCSPMAzureManagementGroup
+GetCSPMAzureManagementGroup
+ReadContainerAlertsCountBySeverity
+PostAggregatesAlertsV
@@ -1,3 +1,129 @@
+# Version 1.4.1
+## Added features and functionality
++ Added: `include_hidden` argument added to the _PostAggregatesAlertsV2_, _PostEntitiesAlertsV2_, _PatchEntitiesAlertsV3_ and _GetQueriesAlertsV2_ operations.
+    - `_endpoint/_alerts.py`
+
++ Added: _ReadContainerAlertsCountBySeverity_ operation added to the __Container Alerts__ service collection.
+    - `_endpoint/_container_alerts.py`
+    - `container_alerts.py`
+    > Unit testing expanded to complete code coverage.
+    - `tests/test_container_alerts.py`
+
++ Added: `cspm_lite` argument added to the _GetCSPMAwsAccount_ and _GetCSPMAzureAccount_ operations within the __CSPM Registration__ service collection.
+    - `_endpoint/_cspm_registration.py`
+    - `cspm_registration.py`
+
++ Added: `azure_management_group` argument added to the _GetCSPMAzureUserScriptsAttachment_ operation within the __CSPM Registration__ service collection.
+    - `_endpoint/_cspm_registration.py`
+    - `cspm_registration.py`
+
++ Added: 9 new operations added to the __CSPM Registration__ service collection.
+    * _GetCSPMAzureManagementGroup_
+    * _CreateCSPMAzureManagementGroup_
+    * _GetCSPMCGPAccount_
+    * _CreateCSPMGCPAccount_
+    * _DeleteCSPMGCPAccount_
+    * _UpdateCSPMGCPAccount_
+    * _ConnectCSPMGCPAccount_
+    * _GetCSPMGCPServiceAccountsExt_
+    * _GetCSPMGCPUserScriptsAttachment_
+    - `_endpoint/_cspm_registration.py`
+    - `_payload/_cspm_registration.py`
+    - `cspm_registration.py`
+    > Unit testing expanded to complete code coverage.
+    - `tests/test_cspm_registration.py`
+
++ Added: `azure_management_group` argument added to the _GetDiscoverCloudAzureUserScriptsAttachment_ operation within the __D4C Registration__ service collection.
+    - `_endpoint/_d4c_registration.py`
+    - `d4c_registration.py`
+
++ Added: 4 new operations added to the __D4C Registration__ service collection.
+    * _DeleteD4CGCPAccount_
+    * _ConnectD4CGCPAccount_
+    * _GetD4CGCPServiceAccountsExt_
+    * _GetD4CGCPUserScriptsAttachment_
+    - `_endpoint/_d4c_registration.py`
+    - `_payload/_d4c_registration.py`
+    - `d4c_registration.py`
+    > Unit testing expanded to complete code coverage.
+    - `tests/test_d4c_registration.py`
+
++ Added: `execution_cid` argument added to the _WorkflowExecute_ operation within the __Workflows__ service collection.
+    - `_endpoint/_workflows.py`
+    - `workflows.py`
+
++ Added: New service collection __Image Assessment Policies__ containing 11 new operations.
+    * _ReadPolicies_
+    * _CreatePolicies_
+    * _UpdatePolicies_
+    * _DeletePolicy_
+    * _ReadPolicyExclusions_
+    * _UpdatePolicyExclusions_
+    * _ReadPolicyGroups_
+    * _CreatePolicyGroups_
+    * _UpdatePolicyGroups_
+    * _DeletePolicyGroup_
+    * _UpdatePolicyPrecedence_
+    - `_endpoint/__init__.py`
+    - `_endpoint/_image_assessment_policies.py`
+    > 3 new payload handlers are added.
+    - `_payload/__init__.py`
+    - `_payload/_container.py`
+    - `__init__.py`
+    - `image_assessment_policies.py`
+    > Unit testing expanded to complete code coverage.
+    - `tests/test_image_assessment_policies.py`
+
++ Added: 8 new operations added to the __Workflows__ service collection.
+    * _WorkflowDefinitionsCombined_
+    * _WorkflowExecutionsCombined_
+    * _WorkflowDefinitionsExport_
+    * _WorkflowDefinitionsImport_
+    * _WorkflowDefinitionsUpdate_
+    * _WorkflowDefinitionsCreate_
+    * _WorkflowGetHumanInputV1_
+    * _WorkflowUpdateHumanInputV1_
+    - `_endpoint/_workflows.py`
+    - `workflows.py`
+    > 2 new payload handlers are added.
+    - `_payload/__init__.py`
+    - `_payload/_workflows.py`
+    > Unit testing expanded to complete code coverage.
+    - `tests/test_workflows.py`
+
+## Issue resolved
++ Fixed: `member_cid` argument is not being passed to the authentication event when leveraging Environment Authentication. Closes #1105.
+    - `_auth_object/_falcon_interface.py`
+
++ Fixed: `rule_ids` is not included in body payloads when the list is empty for the _update_rule_groups_ operation within the __Firewall Management__ Service Class. Closes #1107.
+    - `_payload/_firewall.py`
+
++ Fixed: Added missing actions to _allowed_actions validator within `PerformActionV2` method of the __Hosts__ service collection. Closes #1108.
+    - `hosts.py`
+    - Thanks go out to @i-shubham01 for identifying and resolving this issue! 🙇
+
+## Other
++ Updated: Enums added to _GetCSPMAwsAccount_ and _GetCSPMAwsConsoleSetupURLs_ operations within the __CSPM Registration__ endpoint module.
+    - `_endpoint/_cspm_registration.py`
+
++ Updated: Several parameter descriptions within the __Custom IOA__ endpoint module updated.
+    - `_endpoint/_custom_ioa.py`
+    - `_endpoint/deprecated/_custom_ioa.py`
+
++ Updated: Enum updated within the _GetD4CAwsAccount_ operation of the __D4C Registration__ endpoint module.
+    - `_endpoint/_d4c_registration.py`
+
++ Updated: Parameter description for the _Submit_ operation within the __Falcon Intelligence Sandbox__ endpoint module updated.
+    - `_endpoint/_falconx_sandbox.py`
+
++ Updated: Multiple parameter descriptions within the __Kubernetes Protection__ endpoint module updated.
+    - `_endpoint/_kubernetes_protection_.py`
+
++ Updated: Enum updated within the _QueryActivityByCaseID_ operation of the __Message Center__ endpoint module.
+    - `_endpoint/_message_center.py`
+
+---
+
 # Version 1.4.0
 ## Other
 + Dropped: Python 3.6 support.

@@ -118,6 +118,7 @@
 from .host_group import HostGroup
 from .hosts import Hosts
 from .identity_protection import IdentityProtection
+from .image_assessment_policies import ImageAssessmentPolicies
 from .incidents import Incidents
 from .installation_tokens import InstallationTokens
 from .intel import Intel
@@ -193,7 +194,8 @@
     "RealTimeResponseAudit", "Workflows", "DeprecatedClass", "DeprecatedOperation",
     "SDKDeprecationWarning", "ConfigurationAssessmentEvaluationLogic", "ConfigurationAssessment",
     "ContainerAlerts", "ContainerDetections", "ContainerImages", "ContainerPackages",
-    "ContainerVulnerabilities", "DriftIndicators", "UnidentifiedContainers"
+    "ContainerVulnerabilities", "DriftIndicators", "UnidentifiedContainers",
+    "ImageAssessmentPolicies"
     ]
 """
 This is free and unencumbered software released into the public domain.

@@ -163,6 +163,9 @@ def __init__(self,
                     "client_id": api_id,
                     "client_secret": api_sec
                 }
+                # Provide member_cid for MSSP environment authentication scenarios. Issue #1105.
+                if member_cid:
+                    self._creds["member_cid"] = member_cid
 
         # Log the creation of this object if debugging is enabled.
         # Starting with v1.3.0 minimal Python native logging is available. In order to reduce

@@ -68,6 +68,7 @@
 from ._host_group import _host_group_endpoints
 from ._hosts import _hosts_endpoints
 from ._identity_protection import _identity_protection_endpoints
+from ._image_assessment_policies import _image_assessment_policies_endpoints
 from ._incidents import _incidents_endpoints
 from ._installation_tokens import _installation_tokens_endpoints
 from ._intel import _intel_endpoints
@@ -135,6 +136,7 @@
 api_endpoints.extend(_host_group_endpoints)
 api_endpoints.extend(_hosts_endpoints)
 api_endpoints.extend(_identity_protection_endpoints)
+api_endpoints.extend(_image_assessment_policies_endpoints)
 api_endpoints.extend(_incidents_endpoints)
 api_endpoints.extend(_installation_tokens_endpoints)
 api_endpoints.extend(_intel_endpoints)

@@ -59,6 +59,13 @@
     "retrieves aggregate values for Alerts across all CIDs",
     "alerts",
     [
+      {
+        "type": "boolean",
+        "default": True,
+        "description": "allows previously hidden alerts to be retrieved",
+        "name": "include_hidden",
+        "in": "query"
+      },
       {
         "description": "request body takes a list of aggregate-alert query requests",
         "name": "body",
@@ -114,6 +121,13 @@
     "retrieves all Alerts given their composite ids",
     "alerts",
     [
+      {
+        "type": "boolean",
+        "default": True,
+        "description": "allows previously hidden alerts to be retrieved",
+        "name": "include_hidden",
+        "in": "query"
+      },
       {
         "name": "body",
         "in": "body",
@@ -125,7 +139,7 @@
     "PatchEntitiesAlertsV2",
     "PATCH",
     "/alerts/entities/alerts/v2",
-    "Perform actions on detections identified by detection ID(s) in request.\nEach action has a name and a "
+    "Perform actions on Alerts identified by composite ID(s) in request.\nEach action has a name and a "
     "description which describes what the action does.\nIf a request adds and removes tag in a single request, the "
     "order of processing would be to remove tags before adding new ones in.\n\n",
     "alerts",
@@ -142,11 +156,18 @@
     "PatchEntitiesAlertsV3",
     "PATCH",
     "/alerts/entities/alerts/v3",
-    "Perform actions on detections identified by detection ID(s) in request.\nEach action has a name and a "
+    "Perform actions on Alerts identified by composite ID(s) in request.\nEach action has a name and a "
     "description which describes what the action does.\nIf a request adds and removes tag in a single request, the "
     "order of processing would be to remove tags before adding new ones in.\n\n",
     "alerts",
     [
+      {
+        "type": "boolean",
+        "default": True,
+        "description": "allows previously hidden alerts to be retrieved",
+        "name": "include_hidden",
+        "in": "query"
+      },
       {
         "description": "request body takes a list of action parameter request that is applied against all \"ids\" provided",
         "name": "body",
@@ -219,6 +240,13 @@
     "retrieves all Alerts ids that match a given query",
     "alerts",
     [
+      {
+        "type": "boolean",
+        "default": True,
+        "description": "allows previously hidden alerts to be retrieved",
+        "name": "include_hidden",
+        "in": "query"
+      },
       {
         "type": "integer",
         "description": "The first detection to return, where `0` is the latest detection. Use with the "

@@ -37,6 +37,22 @@
 """
 
 _container_alerts_endpoints = [
+  [
+    "ReadContainerAlertsCountBySeverity",
+    "GET",
+    "/container-security/aggregates/container-alerts/count-by-severity/v1",
+    "Get Container Alerts counts by severity",
+    "container_alerts",
+    [
+      {
+        "type": "string",
+        "description": "Search Container Alerts using a query in Falcon Query Language (FQL). Supported "
+        "filters: cid,container_id,last_seen",
+        "name": "filter",
+        "in": "query"
+      }
+    ]
+  ],
   [
     "ReadContainerAlertsCount",
     "GET",
@@ -47,7 +63,7 @@
       {
         "type": "string",
         "description": "Search Container Alerts using a query in Falcon Query Language (FQL). Supported "
-        "filters:  cid,last_seen",
+        "filters:  cid,container_id,last_seen",
         "name": "filter",
         "in": "query"
       }