feat: add v2 API for muteconfig Go client libraries or samples (#4268)

* Add muteconfig v2

* Add Resource mute config v2

* Address comments

* go mod tidy

* Remove bulk mute sample due to server side issue

---------

Co-authored-by: Deleplace <[email protected]>

Author: vijaykanthm

securitycenter/muteconfigv2/create_mute_rule.go

@@ -0,0 +1,71 @@
+// Copyright 2024 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package muteconfigv2
+
+// [START securitycenter_create_mute_config_v2]
+
+import (
+	"context"
+	"fmt"
+	"io"
+
+	securitycenter "cloud.google.com/go/securitycenter/apiv2"
+	"cloud.google.com/go/securitycenter/apiv2/securitycenterpb"
+)
+
+// createMuteRule: Creates a mute configuration under a given scope that will mute
+// all new findings that match a given filter.
+// Existing findings will not be muted.
+func createMuteRule(w io.Writer, parent string, muteConfigId string) error {
+	// parent: Use any one of the following options:
+	//             - organizations/{organization_id}
+	//             - folders/{folder_id}
+	//             - projects/{project_id}
+	// parent := fmt.Sprintf("projects/%s", "your-google-cloud-project-id")
+	// muteConfigId: Set a random id; max of 63 chars.
+	// muteConfigId := "random-mute-id-" + uuid.New().String()
+	ctx := context.Background()
+	client, err := securitycenter.NewClient(ctx)
+	if err != nil {
+		return fmt.Errorf("securitycenter.NewClient: %w", err)
+	}
+	defer client.Close()
+
+	muteConfig := &securitycenterpb.MuteConfig{
+		Description: "Mute low-medium IAM grants excluding 'compute' ",
+		// Set mute rule(s).
+		// To construct mute rules and for supported properties, see:
+		// https://cloud.google.com/security-command-center/docs/how-to-mute-findings#create_mute_rules
+		Filter: "severity=\"LOW\" OR severity=\"MEDIUM\" AND " +
+			"category=\"Persistence: IAM Anomalous Grant\" AND " +
+			"-resource.type:\"compute\"",
+		Type: securitycenterpb.MuteConfig_STATIC,
+	}
+
+	req := &securitycenterpb.CreateMuteConfigRequest{
+		Parent:       parent,
+		MuteConfigId: muteConfigId,
+		MuteConfig:   muteConfig,
+	}
+
+	response, err := client.CreateMuteConfig(ctx, req)
+	if err != nil {
+		return fmt.Errorf("failed to create mute rule: %w", err)
+	}
+	fmt.Fprintf(w, "Mute rule created successfully: %s", response.Name)
+	return nil
+}
+
+// [END securitycenter_create_mute_config_v2]

securitycenter/muteconfigv2/delete_mute_rule.go

@@ -0,0 +1,57 @@
+// Copyright 2024 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package muteconfigv2
+
+// [START securitycenter_delete_mute_config_v2]
+
+import (
+	"context"
+	"fmt"
+	"io"
+
+	securitycenter "cloud.google.com/go/securitycenter/apiv2"
+	"cloud.google.com/go/securitycenter/apiv2/securitycenterpb"
+)
+
+// deleteMuteRule deletes a mute configuration given its resource name.
+// Note: Previously muted findings are not affected when a mute config is deleted.
+func deleteMuteRule(w io.Writer, parent string, muteConfigId string) error {
+	// parent: Use any one of the following options:
+	//             - organizations/{organization_id}
+	//             - folders/{folder_id}
+	//             - projects/{project_id}
+	// parent := fmt.Sprintf("projects/%s", "your-google-cloud-project-id")
+	//
+	// muteConfigId: Specify the name of the mute config to delete.
+	// muteConfigId := "mute-config-id"
+	ctx := context.Background()
+	client, err := securitycenter.NewClient(ctx)
+	if err != nil {
+		return fmt.Errorf("securitycenter.NewClient: %w", err)
+	}
+	defer client.Close()
+
+	req := &securitycenterpb.DeleteMuteConfigRequest{
+		Name: fmt.Sprintf("%s/muteConfigs/%s", parent, muteConfigId),
+	}
+
+	if err := client.DeleteMuteConfig(ctx, req); err != nil {
+		return fmt.Errorf("failed to delete Muteconfig: %w", err)
+	}
+	fmt.Fprintf(w, "Mute rule deleted successfully: %s", muteConfigId)
+	return nil
+}
+
+// [END securitycenter_delete_mute_config_v2]

securitycenter/muteconfigv2/get_mute_rule.go

@@ -0,0 +1,56 @@
+// Copyright 2024 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package muteconfigv2
+
+// [START securitycenter_get_mute_config_v2]
+import (
+	"context"
+	"fmt"
+	"io"
+
+	securitycenter "cloud.google.com/go/securitycenter/apiv2"
+	"cloud.google.com/go/securitycenter/apiv2/securitycenterpb"
+)
+
+// getMuteRule retrieves a mute configuration given its resource name.
+func getMuteRule(w io.Writer, parent string, muteConfigId string) error {
+	// Use any one of the following resource paths to get mute configuration:
+	//         - organizations/{organization_id}
+	//         - folders/{folder_id}
+	//         - projects/{project_id}
+	// parent := fmt.Sprintf("projects/%s", "your-google-cloud-project-id")
+	//
+	// Name of the mute config to retrieve.
+	// muteConfigId := "mute-config-id"
+	ctx := context.Background()
+	client, err := securitycenter.NewClient(ctx)
+	if err != nil {
+		return fmt.Errorf("securitycenter.NewClient: %w", err)
+	}
+	defer client.Close()
+
+	req := &securitycenterpb.GetMuteConfigRequest{
+		Name: fmt.Sprintf("%s/muteConfigs/%s", parent, muteConfigId),
+	}
+
+	muteconfig, err := client.GetMuteConfig(ctx, req)
+	if err != nil {
+		return fmt.Errorf("Failed to retrieve Muteconfig: %w", err)
+	}
+	fmt.Fprintf(w, "Muteconfig Name: %s ", muteconfig.Name)
+	return nil
+}
+
+// [END securitycenter_get_mute_config_v2]

securitycenter/muteconfigv2/list_mute_rules.go

@@ -0,0 +1,62 @@
+// Copyright 2024 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package muteconfigv2
+
+// [START securitycenter_list_mute_configs_v2]
+import (
+	"context"
+	"fmt"
+	"io"
+
+	securitycenter "cloud.google.com/go/securitycenter/apiv2"
+	"cloud.google.com/go/securitycenter/apiv2/securitycenterpb"
+	"google.golang.org/api/iterator"
+)
+
+// listMuteRules lists mute configs at the organization level will return all the configs
+// at the org, folder, and project levels.
+// Similarly, listing configs at folder level will list all the configs
+// at the folder and project levels.
+func listMuteRules(w io.Writer, parent string) error {
+	// Use any one of the following resource paths to list mute configurations:
+	//         - organizations/{organization_id}
+	//         - folders/{folder_id}
+	//         - projects/{project_id}
+	// parent := fmt.Sprintf("projects/%s", "your-google-cloud-project-id")
+	ctx := context.Background()
+	client, err := securitycenter.NewClient(ctx)
+	if err != nil {
+		return fmt.Errorf("securitycenter.NewClient: %w", err)
+	}
+	defer client.Close()
+
+	req := &securitycenterpb.ListMuteConfigsRequest{Parent: parent}
+
+	// List all mute configs present in the resource.
+	it := client.ListMuteConfigs(ctx, req)
+	for {
+		muteconfig, err := it.Next()
+		if err == iterator.Done {
+			break
+		}
+		if err != nil {
+			return fmt.Errorf("it.Next: %w", err)
+		}
+		fmt.Fprintf(w, "Muteconfig Name: %s, ", muteconfig.Name)
+	}
+	return nil
+}
+
+// [END securitycenter_list_mute_configs_v2]