diff --git a/security-center/snippets/management_api/getSecurityCenterService.js b/security-center/snippets/management_api/getSecurityCenterService.js new file mode 100644 index 0000000000..d316d682b8 --- /dev/null +++ b/security-center/snippets/management_api/getSecurityCenterService.js @@ -0,0 +1,61 @@ +/* + * Copyright 2025 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +'use strict'; + +// Retrieve a specific security center service by its name. +function main(organizationId, service, location = 'global') { + // [START securitycenter_get_security_center_service] + // Imports the Google Cloud client library. + const {SecurityCenterManagementClient} = + require('@google-cloud/securitycentermanagement').v1; + + // Create a Security Center Management client + const client = new SecurityCenterManagementClient(); + + /* + * Required. Resource name of security center service + * Its format is + * `organizations/[organizationId]/locations/[location]/securityCenterServices/[service]` + * `folders/[folderId]/locations/[location]/securityCenterServices/[service]` + * `projects/[projectId]/locations/[location]/securityCenterServices/[service]` + */ + // TODO(developer): Update the organization ID, location, and service name to match your environment. + // const organizationId = 'YOUR_ORGANIZATION_ID'; + // const location = 'LOCATION_ID'; + // const service = 'SERVICE'; + // Replace SERVICE with one of the valid values: + // container-threat-detection, event-threat-detection, security-health-analytics, + // vm-threat-detection, web-security-scanner + const name = `organizations/${organizationId}/locations/${location}/securityCenterServices/${service}`; + + // Build the request. + const getSecurityCenterServiceRequest = { + name: name, + }; + + async function getSecurityCenterService() { + // Call the API. + const [response] = await client.getSecurityCenterService( + getSecurityCenterServiceRequest + ); + console.log('Retrieved SecurityCenterService:', response.name); + } + + getSecurityCenterService(); + // [END securitycenter_get_security_center_service] +} + +main(...process.argv.slice(2)); diff --git a/security-center/snippets/management_api/listSecurityCenterServices.js b/security-center/snippets/management_api/listSecurityCenterServices.js new file mode 100644 index 0000000000..65b8fce54d --- /dev/null +++ b/security-center/snippets/management_api/listSecurityCenterServices.js @@ -0,0 +1,58 @@ +/* + * Copyright 2025 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +'use strict'; + +// List all security center services for the given parent. +function main(organizationId, location = 'global') { + // [START securitycenter_list_security_center_service] + // Imports the Google Cloud client library. + const {SecurityCenterManagementClient} = + require('@google-cloud/securitycentermanagement').v1; + + // Create a Security Center Management client + const client = new SecurityCenterManagementClient(); + + /** + * Required. The name of the parent resource. Its + * format is "organizations/[organizationId]/locations/[location]", + * "folders/[folderId]/locations/[location]", or + * "projects/[projectId]/locations/[location]". + */ + //TODO(developer): Update the organization ID and location to match your environment. + // const organizationId = 'YOUR_ORGANIZATION_ID'; + // const location = 'LOCATION_ID'; + const parent = `organizations/${organizationId}/locations/${location}`; + + // Build the request. + const listSecurityCenterServicesRequest = { + parent: parent, + }; + + async function listSecurityCenterServices() { + // Call the API. + const [services] = await client.listSecurityCenterServices( + listSecurityCenterServicesRequest + ); + for (const service of services) { + console.log('Security Center Service Name:', service.name); + } + } + + listSecurityCenterServices(); + // [END securitycenter_list_security_center_service] +} + +main(...process.argv.slice(2)); diff --git a/security-center/snippets/management_api/updateSecurityCenterService.js b/security-center/snippets/management_api/updateSecurityCenterService.js new file mode 100644 index 0000000000..a443bf0540 --- /dev/null +++ b/security-center/snippets/management_api/updateSecurityCenterService.js @@ -0,0 +1,76 @@ +/* + * Copyright 2025 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +'use strict'; + +// Updates a security center service configuration. +function main(organizationId, service, location = 'global') { + // [START securitycenter_update_security_center_service] + // Imports the Google Cloud client library. + const {SecurityCenterManagementClient} = + require('@google-cloud/securitycentermanagement').v1; + + // Create a Security Center Management client + const client = new SecurityCenterManagementClient(); + + /* + * Required. Resource name of security center service + * Its format is + * `organizations/[organizationId]/locations/[location]/securityCenterServices/[service]` + * `folders/[folderId]/locations/[location]/securityCenterServices/[service]` + * `projects/[projectId]/locations/[location]/securityCenterServices/[service]` + */ + // TODO(developer): Update the organization ID, location, and service name to match your environment. + // const organizationId = 'YOUR_ORGANIZATION_ID'; + // const location = 'LOCATION_ID'; + // const service = 'SERVICE'; + // Replace SERVICE with one of the valid values: + // container-threat-detection, event-threat-detection, security-health-analytics, + // vm-threat-detection, web-security-scanner + const name = `organizations/${organizationId}/locations/${location}/securityCenterServices/${service}`; + + // Define the security center service configuration, update the + // IntendedEnablementState accordingly. + const securityCenterService = { + name: name, + intendedEnablementState: 'ENABLED', + }; + + // Set the field mask to specify which properties should be updated. + const fieldMask = { + paths: ['intended_enablement_state'], + }; + + // Build the request. + const updateSecurityCenterServiceRequest = { + securityCenterService: securityCenterService, + updateMask: fieldMask, + }; + + async function updateSecurityCenterService() { + // Call the API. + const [response] = await client.updateSecurityCenterService( + updateSecurityCenterServiceRequest + ); + console.log( + `Updated SecurityCenterService: ${response.name} with new enablement state: ${response.intendedEnablementState}` + ); + } + + updateSecurityCenterService(); + // [END securitycenter_update_security_center_service] +} + +main(...process.argv.slice(2)); diff --git a/security-center/snippets/system-test/management_api/securityCenterService.test.js b/security-center/snippets/system-test/management_api/securityCenterService.test.js new file mode 100644 index 0000000000..764ed75f76 --- /dev/null +++ b/security-center/snippets/system-test/management_api/securityCenterService.test.js @@ -0,0 +1,67 @@ +/* + * Copyright 2025 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +const {assert} = require('chai'); +const {execSync} = require('child_process'); +const exec = cmd => execSync(cmd, {encoding: 'utf8'}); +const {describe, it} = require('mocha'); + +// TODO(developer): Update the organization ID and service name to match your testing environment +const organizationId = '1081635000895'; +// Replace service with one of the valid values: +// container-threat-detection, event-threat-detection, security-health-analytics, +// vm-threat-detection, web-security-scanner +const service = 'event_threat_detection'; + +describe('Security Center Service', async () => { + const data = { + orgId: organizationId, + service: service, + }; + + it('should get the security center service', done => { + const output = exec( + `node management_api/getSecurityCenterService.js ${data.orgId} ${data.service}` + ); + assert(output.includes(data.orgId)); + assert(output.includes(data.service)); + assert.match(output, /Retrieved SecurityCenterService/); + assert.notMatch(output, /undefined/); + done(); + }); + + it('should list the security center services', done => { + const output = exec( + `node management_api/listSecurityCenterServices.js ${data.orgId}` + ); + assert(output.includes(data.orgId)); + assert(output.includes(data.service.toUpperCase())); + assert.match(output, /Security Center Service Name/); + assert.notMatch(output, /undefined/); + done(); + }); + + it('should update the security center service', done => { + const output = exec( + `node management_api/updateSecurityCenterService.js ${data.orgId} ${data.service}` + ); + assert(output.includes(data.orgId)); + assert(output.includes(data.service)); + assert.match(output, /Updated SecurityCenterService/); + assert.notMatch(output, /undefined/); + done(); + }); +});