feat(securitycenter): Add Resource SCC Management API Org security ce…

[lovenishs04]

…nter service custom module samples

Description

Fixes #b/347347700, b/347347712, b/347347246
This PR adds SCC Managament API Org Security Center Service Custom Module Samples for Get, List and Update.

Note: Before submitting a pull request, please open an issue for discussion if you are not associated with Google.

Checklist

• I have followed guidelines from CONTRIBUTING.MD and Samples Style Guide
• Tests pass: npm test (see Testing)
• Lint pass: npm run lint (see Style)
• These samples need a new API enabled in testing projects to pass (let us know which ones)
• These samples need a new/updated env vars in testing projects set to pass (let us know which ones)
• This pull request is from a branch created directly off of GoogleCloudPlatform/nodejs-docs-samples. Not a fork.
• This sample adds a new sample directory, and I updated the CODEOWNERS file with the codeowners for this sample
• This sample adds a new sample directory, and I created GitHub Actions workflow for this sample
• This sample adds a new Product API, and I updated the Blunderbuss issue/PR auto-assigner with the codeowners for this sample
• Please merge this PR for me once it is approved

[snippet-bot]

Here is the summary of changes.

You are about to add 3 region tags.

• security-center/snippets/management_api/getSecurityCenterService.js:20, tag securitycenter_get_security_center_service
• security-center/snippets/management_api/listSecurityCenterServices.js:20, tag securitycenter_list_security_center_service
• security-center/snippets/management_api/updateSecurityCenterService.js:20, tag securitycenter_update_security_center_service

---

This comment is generated by snippet-bot.
If you find problems with this result, please file an issue at:
https://github.com/googleapis/repo-automation-bots/issues.
To update this comment, add snippet-bot:force-run label or use the checkbox below:

• Refresh this comment

[code-review-assist]

Hi @lovenishs04 and reviewers,

I'm Gemini, and I'm currently reviewing this pull request. In the meantime, I'm providing a summary of its content to help you and other reviewers quickly understand the changes and intent.

This pull request, titled "feat(securitycenter): Add Resource SCC Management API Org security ce…", aims to add Security Command Center (SCC) Management API samples for managing Security Center services. Specifically, it includes samples for Get, List, and Update operations. The description mentions that it addresses issues b/347347700, b/347347712, and b/347347246.

Here's a summary of the changes:

• New files added:
  • security-center/snippets/management_api/getSecurityCenterService.js: Implements the Get operation for SCC services.
  • security-center/snippets/management_api/listSecurityCenterServices.js: Implements the List operation for SCC services.
  • security-center/snippets/management_api/updateSecurityCenterService.js: Implements the Update operation for SCC services.
  • security-center/snippets/system-test/management_api/securityCenterService.test.js: Adds system tests for the new samples.
• security-center/snippets/package.json updated: Adds a dependency on @google-cloud/securitycentermanagement.

The changes primarily involve adding new JavaScript files containing the sample code, along with corresponding tests. The code uses the @google-cloud/securitycentermanagement client library to interact with the SCC Management API.

I'll have a more detailed review shortly. In the meantime, please let me know if you have any questions.

---

A little poem for your coding pleasure:

Code flows like a river,
Tests ensure it's clear and pure,
Bugs flee in the night.

[code-review-assist]

This pull request adds samples for the Security Health Analytics API. The code generally looks good, but there are some minor improvements that can be made. The Google JavaScript Style Guide was used as a reference for this review: https://google.github.io/styleguide/jsguide.html

Here is a summary of the style guide elements that were referenced in the review comments below:

• Function Declarations: Function expressions should be used instead of function declarations. Function declarations are hoisted, which can lead to unexpected behavior. Function expressions are not hoisted, so they are easier to reason about.
• Arrow Functions: Arrow functions provide a more concise syntax for function expressions. They are especially useful for short, simple functions.
• Constants: Constants should be declared using const whenever possible. This helps to prevent accidental modification of values that should not be changed.
• Template Literals: Template literals provide a more readable way to create strings that contain expressions. They are especially useful for strings that contain multiple lines or complex formatting.
• Promises: Promises should be used for asynchronous operations. They provide a more structured and easier-to-use way to handle asynchronous code than callbacks.
• Async/Await: Async/await makes asynchronous code look and behave a bit more like synchronous code. This can make asynchronous code easier to read and reason about.
• Comments: Comments should be used to explain the purpose of code and to document any non-obvious behavior. Comments should be clear, concise, and up-to-date.
• Linting: Use a linter, such as ESLint, to enforce coding style and to catch potential errors.

[code-review-assist]

Per the Google JavaScript Style Guide, prefer using a function expression or an arrow function over a function declaration. This makes it easier to reason about the code, as function expressions are not hoisted. Also, consider using template literals for string concatenation, as it makes the code more readable.

const main = (organizationId, service, location = 'global') => {
  // [START securitycenter_get_security_center_service]
  // Imports the Google Cloud client library.
  const {SecurityCenterManagementClient} =
    require('@google-cloud/securitycentermanagement').v1;

  // Create a Security Center Management client
  const client = new SecurityCenterManagementClient();

  /*
   * Required. Resource name of security center service
   *     Its format is
   *    `organizations/[organizationId]/locations/[location]/securityCenterServices/[service]`
   *    `folders/[folderId]/locations/[location]/securityCenterServices/[service]`
   *    `projects/[projectId]/locations/[location]/securityCenterServices/[service]`
   */
  // TODO(developer): Update the following references for your own environment before running the sample.
  // const organizationId = 'YOUR_ORGANIZATION_ID';
  // const location = 'LOCATION_ID';
  // const service = 'SERVICE';
  // Replace SERVICE with one of the valid values:
  // container-threat-detection, event-threat-detection, security-health-analytics,
  // vm-threat-detection, web-security-scanner
  const name = `organizations/${organizationId}/locations/${location}/securityCenterServices/${service}`;

  // Build the request.
  const getSecurityCenterServiceRequest = {
    name,
  };

  const getSecurityCenterService = async () => {
    // Call the API.
    const [response] = await client.getSecurityCenterService(
      getSecurityCenterServiceRequest
    );
    console.log(`Retrieved SecurityCenterService: ${response.name}`);
  };

  getSecurityCenterService();
  // [END securitycenter_get_security_center_service]
};

[code-review-assist]

The TODO comment should be more specific. Instead of just saying "Update the following references", it should specify what the references are and how they should be updated. For example, it could say "Update the organization ID, location, and service name to match your environment."

Suggested change

	// TODO(developer): Update the following references for your own environment before running the sample.
	// const organizationId = 'YOUR_ORGANIZATION_ID';
	// const location = 'LOCATION_ID';
	// const service = 'SERVICE';
	// Replace SERVICE with one of the valid values:
	// container-threat-detection, event-threat-detection, security-health-analytics,
	// vm-threat-detection, web-security-scanner
	// TODO(developer): Update the organization ID, location, and service name to match your environment.
	// const organizationId = 'YOUR_ORGANIZATION_ID';
	// const location = 'LOCATION_ID';
	// const service = 'SERVICE';
	// Replace SERVICE with one of the valid values:
	// container-threat-detection, event-threat-detection, security-health-analytics,
	// vm-threat-detection, web-security-scanner

[lovenishs04]

Addressed

[code-review-assist]

Per the Google JavaScript Style Guide, prefer using a function expression or an arrow function over a function declaration. This makes it easier to reason about the code, as function expressions are not hoisted. Also, consider using template literals for string concatenation, as it makes the code more readable.

const main = (organizationId, location = 'global') => {
  // [START securitycenter_list_security_center_service]
  // Imports the Google Cloud client library.
  const {SecurityCenterManagementClient} =
    require('@google-cloud/securitycentermanagement').v1;

  // Create a Security Center Management client
  const client = new SecurityCenterManagementClient();

  /**
   *  Required. The name of the parent resource. Its
   *  format is "organizations/[organizationId]/locations/[location]",
   *  "folders/[folderId]/locations/[location]", or
   *  "projects/[projectId]/locations/[location]".
   */
  //TODO(developer): Update the following references for your own environment before running the sample.
  // const organizationId = 'YOUR_ORGANIZATION_ID';
  // const location = 'LOCATION_ID';
  const parent = `organizations/${organizationId}/locations/${location}`;

  // Build the request.
  const listSecurityCenterServicesRequest = {
    parent,
  };

  const listSecurityCenterServices = async () => {
    // Call the API.
    const [services] = await client.listSecurityCenterServices(
      listSecurityCenterServicesRequest
    );
    for (const service of services) {
      console.log(`Security Center Service Name: ${service.name}`);
    }
  };

  listSecurityCenterServices();
  // [END securitycenter_list_security_center_service]
};

[code-review-assist]

The TODO comment should be more specific. Instead of just saying "Update the following references", it should specify what the references are and how they should be updated. For example, it could say "Update the organization ID and location to match your environment."

Suggested change

	//TODO(developer): Update the following references for your own environment before running the sample.
	// const organizationId = 'YOUR_ORGANIZATION_ID';
	// const location = 'LOCATION_ID';
	//TODO(developer): Update the organization ID and location to match your environment.
	// const organizationId = 'YOUR_ORGANIZATION_ID';
	// const location = 'LOCATION_ID';

[lovenishs04]

Addressed

[code-review-assist]

Per the Google JavaScript Style Guide, prefer using a function expression or an arrow function over a function declaration. This makes it easier to reason about the code, as function expressions are not hoisted. Also, consider using template literals for string concatenation, as it makes the code more readable.

const main = (organizationId, service, location = 'global') => {
  // [START securitycenter_update_security_center_service]
  // Imports the Google Cloud client library.
  const {SecurityCenterManagementClient} =
    require('@google-cloud/securitycentermanagement').v1;

  // Create a Security Center Management client
  const client = new SecurityCenterManagementClient();

  /*
   * Required. Resource name of security center service
   *     Its format is
   *    `organizations/[organizationId]/locations/[location]/securityCenterServices/[service]`
   *    `folders/[folderId]/locations/[location]/securityCenterServices/[service]`
   *    `projects/[projectId]/locations/[location]/securityCenterServices/[service]`
   */
  // TODO(developer): Update the following references for your own environment before running the sample.
  // const organizationId = 'YOUR_ORGANIZATION_ID';
  // const location = 'LOCATION_ID';
  // const service = 'SERVICE';
  // Replace SERVICE with one of the valid values:
  // container-threat-detection, event-threat-detection, security-health-analytics,
  // vm-threat-detection, web-security-scanner
  const name = `organizations/${organizationId}/locations/${location}/securityCenterServices/${service}`;

  // Define the security center service configuration, update the
  // IntendedEnablementState accordingly.
  const securityCenterService = {
    name,
    intendedEnablementState: 'ENABLED',
  };

  // Set the field mask to specify which properties should be updated.
  const fieldMask = {
    paths: ['intended_enablement_state'],
  };

  // Build the request.
  const updateSecurityCenterServiceRequest = {
    securityCenterService,
    updateMask,
  };

  const updateSecurityCenterService = async () => {
    // Call the API.
    const [response] = await client.updateSecurityCenterService(
      updateSecurityCenterServiceRequest
    );
    console.log(
      `Updated SecurityCenterService: ${response.name} with new enablement state: ${response.intendedEnablementState}`
    );
  };

  updateSecurityCenterService();
  // [END securitycenter_update_security_center_service]
};

[code-review-assist]

The TODO comment should be more specific. Instead of just saying "Update the following references", it should specify what the references are and how they should be updated. For example, it could say "Update the organization ID, location, and service name to match your environment."

Suggested change

	// TODO(developer): Update the following references for your own environment before running the sample.
	// const organizationId = 'YOUR_ORGANIZATION_ID';
	// const location = 'LOCATION_ID';
	// const service = 'SERVICE';
	// Replace SERVICE with one of the valid values:
	// container-threat-detection, event-threat-detection, security-health-analytics,
	// vm-threat-detection, web-security-scanner
	// TODO(developer): Update the organization ID, location, and service name to match your environment.
	// const organizationId = 'YOUR_ORGANIZATION_ID';
	// const location = 'LOCATION_ID';
	// const service = 'SERVICE';
	// Replace SERVICE with one of the valid values:
	// container-threat-detection, event-threat-detection, security-health-analytics,
	// vm-threat-detection, web-security-scanner

[lovenishs04]

Addressed

[code-review-assist]

The TODO comment should be more specific. Instead of just saying "update for your own environment", it should specify what needs to be updated and how. For example, it could say "Update the organization ID, location, and service name to match your testing environment."

Suggested change

	// TODO(developer): update for your own environment
	// TODO(developer): Update the organization ID, location, and service name to match your testing environment

[lovenishs04]

Addressed