Example 1 with SecurityCenterClient
use of com.google.cloud.securitycenter.v1.SecurityCenterClient in project google-cloud-java by GoogleCloudPlatform.
the class FindingSnippets method groupActiveFindingsWithSourceAndCompareDuration.
// [END securitycenter_group_active_findings_with_source_at_time]
/**
* Group active findings under an organization and a source by their state_changes
* (ADDED/CHANGED/UNCHANGED) during a period.
*
* @param sourceName The source to limit the findings to.
*/
// [START securitycenter_group_active_findings_with_source_and_compare_duration]
static ImmutableList<GroupResult> groupActiveFindingsWithSourceAndCompareDuration(SourceName sourceName, Duration duration) {
try (SecurityCenterClient client = SecurityCenterClient.create()) {
// SourceName sourceName = SourceName.of(/*organization=*/"123234324",/*source=*/
// "423432321");
GroupFindingsRequest.Builder request = GroupFindingsRequest.newBuilder().setParent(sourceName.toString()).setGroupBy("state_change").setFilter("state=\"ACTIVE\"");
request.getCompareDurationBuilder().setSeconds(duration.getSeconds()).setNanos(duration.getNano());
// Call the API.
GroupFindingsPagedResponse response = client.groupFindings(request.build());
// This creates one list for all findings. If your organization has a large number of
// findings
// this can cause out of memory issues. You can process them batches by returning
// the Iterable returned response.iterateAll() directly.
ImmutableList<GroupResult> results = ImmutableList.copyOf(response.iterateAll());
System.out.println("Findings:");
System.out.println(results);
return results;
} catch (IOException e) {
throw new RuntimeException("Couldn't create client.", e);
}
}
Also used :
GroupFindingsRequest(com.google.cloud.securitycenter.v1.GroupFindingsRequest)
GroupResult(com.google.cloud.securitycenter.v1.GroupResult)
GroupFindingsPagedResponse(com.google.cloud.securitycenter.v1.SecurityCenterClient.GroupFindingsPagedResponse)
IOException(java.io.IOException)
SecurityCenterClient(com.google.cloud.securitycenter.v1.SecurityCenterClient)
Example 2 with SecurityCenterClient
use of com.google.cloud.securitycenter.v1.SecurityCenterClient in project google-cloud-java by GoogleCloudPlatform.
the class FindingSnippets method setFindingState.
// [END securitycenter_update_finding_source_properties]
/**
* Updates a finding's state to INACTIVE.
*
* @param findingName The finding to update.
*/
// [START securitycenter_update_finding_state]
static Finding setFindingState(FindingName findingName) {
try (SecurityCenterClient client = SecurityCenterClient.create()) {
// FindingName findingName = FindingName.of(/*organization=*/"123234324",
// /*source=*/"423432321", /*findingId=*/"samplefindingid2");
// Use the current time as the finding "event time".
Instant eventTime = Instant.now();
Finding response = client.setFindingState(findingName, State.INACTIVE, Timestamp.newBuilder().setSeconds(eventTime.getEpochSecond()).setNanos(eventTime.getNano()).build());
System.out.println("Updated Finding: " + response);
return response;
} catch (IOException e) {
throw new RuntimeException("Couldn't create client.", e);
}
}
Also used :
Instant(org.threeten.bp.Instant)
Finding(com.google.cloud.securitycenter.v1.Finding)
IOException(java.io.IOException)
SecurityCenterClient(com.google.cloud.securitycenter.v1.SecurityCenterClient)
Example 3 with SecurityCenterClient
use of com.google.cloud.securitycenter.v1.SecurityCenterClient in project google-cloud-java by GoogleCloudPlatform.
the class FindingSnippets method testIamPermissions.
// [END securitycenter_list_findings_at_time]
/**
* Demonstrate calling testIamPermissions to determin if the service account has the correct
* permissions.
*
* @param sourceName The source to create a finding for.
*/
// [START securitycenter_test_iam]
static TestIamPermissionsResponse testIamPermissions(SourceName sourceName) {
try (SecurityCenterClient client = SecurityCenterClient.create()) {
// SourceName sourceName = SourceName.of(/*organizationId=*/"123234324",
// /*sourceId=*/"423432321");
// Iam permission to test.
List<String> permissionsToTest = new ArrayList<>();
permissionsToTest.add("securitycenter.findings.update");
// Call the API.
TestIamPermissionsResponse response = client.testIamPermissions(sourceName.toString(), permissionsToTest);
System.out.println("IAM Permission:");
System.out.println(response);
return response;
} catch (IOException e) {
throw new RuntimeException("Couldn't create client.", e);
}
}
Also used :
TestIamPermissionsResponse(com.google.iam.v1.TestIamPermissionsResponse)
ArrayList(java.util.ArrayList)
IOException(java.io.IOException)
SecurityCenterClient(com.google.cloud.securitycenter.v1.SecurityCenterClient)
Example 4 with SecurityCenterClient
use of com.google.cloud.securitycenter.v1.SecurityCenterClient in project google-cloud-java by GoogleCloudPlatform.
the class SecurityMarkSnippets method deleteAndUpdateMarks.
// [END securitycenter_delete_security_marks]
/**
* Deletes and updates a security mark for an asset.
*
* @param assetName The asset resource path to update and remove the security marks for.
*/
// [START securitycenter_add_delete_security_marks]
static SecurityMarks deleteAndUpdateMarks(String assetName) {
// String assetName = "organizations/123123342/assets/12312321";
try (SecurityCenterClient client = SecurityCenterClient.create()) {
// Start setting up a request to clear and update security marks for an asset.
// Create security mark and field mask for clearing security marks.
SecurityMarks securityMarks = SecurityMarks.newBuilder().setName(assetName + "/securityMarks").putMarks("key_a", "new_value_for_a").build();
FieldMask updateMask = FieldMask.newBuilder().addPaths("marks.key_a").addPaths("marks.key_b").build();
UpdateSecurityMarksRequest request = UpdateSecurityMarksRequest.newBuilder().setSecurityMarks(securityMarks).setUpdateMask(updateMask).build();
// Call the API.
SecurityMarks response = client.updateSecurityMarks(request);
System.out.println("Security Marks updated and cleared:");
System.out.println(response);
return response;
} catch (IOException e) {
throw new RuntimeException("Couldn't create client.", e);
}
}
Also used :
SecurityMarks(com.google.cloud.securitycenter.v1.SecurityMarks)
UpdateSecurityMarksRequest(com.google.cloud.securitycenter.v1.UpdateSecurityMarksRequest)
IOException(java.io.IOException)
SecurityCenterClient(com.google.cloud.securitycenter.v1.SecurityCenterClient)
FieldMask(com.google.protobuf.FieldMask)
Example 5 with SecurityCenterClient
use of com.google.cloud.securitycenter.v1.SecurityCenterClient in project google-cloud-java by GoogleCloudPlatform.
the class SecurityMarkSnippets method listAssetsWithQueryMarks.
// [END securitycenter_add_finding_security_marks]
/**
* Lists all assets with a filter on security marks.
*
* @param organizationName The organization to list assets for.
*/
// [START securitycenter_list_assets_with_security_marks]
static ImmutableList<ListAssetsResult> listAssetsWithQueryMarks(OrganizationName organizationName) {
try (SecurityCenterClient client = SecurityCenterClient.create()) {
// Start setting up a request for to list all assets filtered by a specific security mark.
// OrganizationName organizationName = OrganizationName.of(/*organizationId=*/"123234324");
ListAssetsRequest request = ListAssetsRequest.newBuilder().setParent(organizationName.toString()).setFilter("security_marks.marks.key_a = \"value_a\"").build();
// Call the API.
ListAssetsPagedResponse response = client.listAssets(request);
// This creates one list for all assets. If your organization has a large number of assets
// this can cause out of memory issues. You can process them batches by returning
// the Iterable returned response.iterateAll() directly.
ImmutableList<ListAssetsResult> results = ImmutableList.copyOf(response.iterateAll());
System.out.println("Assets with security mark - key_a=value_a:");
System.out.println(results);
return results;
} catch (IOException e) {
throw new RuntimeException("Couldn't create client.", e);
}
}
Also used :
ListAssetsRequest(com.google.cloud.securitycenter.v1.ListAssetsRequest)
ListAssetsResult(com.google.cloud.securitycenter.v1.ListAssetsResponse.ListAssetsResult)
ListAssetsPagedResponse(com.google.cloud.securitycenter.v1.SecurityCenterClient.ListAssetsPagedResponse)
IOException(java.io.IOException)
SecurityCenterClient(com.google.cloud.securitycenter.v1.SecurityCenterClient)
Aggregations
SecurityCenterClient (com.google.cloud.securitycenter.v1.SecurityCenterClient)35
IOException (java.io.IOException)35
GroupResult (com.google.cloud.securitycenter.v1.GroupResult)8
FieldMask (com.google.protobuf.FieldMask)7
Instant (org.threeten.bp.Instant)6
GroupFindingsRequest (com.google.cloud.securitycenter.v1.GroupFindingsRequest)5
ListAssetsRequest (com.google.cloud.securitycenter.v1.ListAssetsRequest)5
ListAssetsResult (com.google.cloud.securitycenter.v1.ListAssetsResponse.ListAssetsResult)5
GroupFindingsPagedResponse (com.google.cloud.securitycenter.v1.SecurityCenterClient.GroupFindingsPagedResponse)5
ListAssetsPagedResponse (com.google.cloud.securitycenter.v1.SecurityCenterClient.ListAssetsPagedResponse)5
Finding (com.google.cloud.securitycenter.v1.Finding)4
ListFindingsRequest (com.google.cloud.securitycenter.v1.ListFindingsRequest)4
ListFindingsResult (com.google.cloud.securitycenter.v1.ListFindingsResponse.ListFindingsResult)4
ListFindingsPagedResponse (com.google.cloud.securitycenter.v1.SecurityCenterClient.ListFindingsPagedResponse)4
SecurityMarks (com.google.cloud.securitycenter.v1.SecurityMarks)4
Source (com.google.cloud.securitycenter.v1.Source)4
UpdateSecurityMarksRequest (com.google.cloud.securitycenter.v1.UpdateSecurityMarksRequest)4
GroupAssetsRequest (com.google.cloud.securitycenter.v1.GroupAssetsRequest)3
GroupAssetsPagedResponse (com.google.cloud.securitycenter.v1.SecurityCenterClient.GroupAssetsPagedResponse)3
OrganizationSettings (com.google.cloud.securitycenter.v1.OrganizationSettings)2
