Overview
Manage Azure subscription and tenant registration, configuration, and monitoring for CrowdStrike Falcon Cloud Security (CSPM). These cmdlets enable you to connect Azure tenants, configure subscriptions, manage certificates, and monitor security posture across your Azure infrastructure.Prerequisites
- CSPM registration: Read - Required for retrieval operations
- CSPM registration: Write - Required for account provisioning and modifications
Get-FalconCloudAzureAccount
Search for registered Falcon Cloud Security Azure accounts.Get-FalconCloudAzureAccount
Parameters
Azure subscription identifier (GUID format)
Azure tenant identifier (GUID format)
Scan type. Valid values:
full, dryAzure account status. Valid values:
provisioned, operationalOnly return CSPM Lite accounts
Maximum number of results per request (1-500)
Position to begin retrieving results
Repeat requests until all available results are retrieved
Display total result count instead of results
Example
New-FalconCloudAzureAccount
Provision a new Falcon Cloud Security Azure account.New-FalconCloudAzureAccount
Parameters
Azure subscription identifier (GUID format)
Azure tenant identifier (GUID format)
Azure client identifier
Azure account type
Account is the default Azure subscription
Number of years certificate is valid
Example
Edit-FalconCloudAzureAccount
Modify the default Falcon Cloud Security Azure client or subscription identifier.Tenant ID is required when multiple tenants have been registered.
Edit-FalconCloudAzureAccount
Parameters
Azure client identifier (GUID format)
Azure subscription identifier (GUID format)
Azure tenant identifier (GUID format)
Example
Remove-FalconCloudAzureAccount
Remove Falcon Cloud Security Azure accounts.Remove-FalconCloudAzureAccount
Parameters
Azure account identifier (GUID format)
Azure tenant identifier (GUID format)
Retain Azure tenant when removing an account
Example
Get-FalconCloudAzureCertificate
Retrieve the base64 encoded certificate for a Falcon Cloud Security Azure tenant.Get-FalconCloudAzureCertificate
Parameters
Azure tenant identifier (GUID format)
Refresh certificate (default: false)
Years the certificate should be valid (required when Refresh is true)
Example
Get-FalconCloudAzureGroup
Retrieve Falcon Cloud Security Azure management group registration.Get-FalconCloudAzureGroup
Parameters
Azure tenant identifier (GUID format)
Maximum number of results per request (default: 100)
Position to begin retrieving results
Example
New-FalconCloudAzureGroup
Create a Falcon Cloud Security Azure management group.New-FalconCloudAzureGroup
Parameters
Default Azure subscription identifier (GUID format)
Azure tenant identifier (GUID format)
Example
Remove-FalconCloudAzureGroup
Remove Falcon Cloud Security Azure management groups.Remove-FalconCloudAzureGroup
Parameters
Azure tenant identifier (GUID format)
Example
Receive-FalconCloudAzureScript
Download a Bash script which grants Falcon Cloud Security access using Azure Cloud Shell.Receive-FalconCloudAzureScript
Parameters
Azure tenant identifier (default: most recently registered, GUID format)
Azure subscription identifier (default: all, GUID format)
Template to be rendered
Account type. Valid values:
commercial, govUse Azure Management Group
Destination path for the script (.sh extension)
Overwrite existing file when present