Merge branch 'main' into compute_disk_start_stop_replication

Author: TetyanaYahodska

dataflow/snippets/pom.xml

@@ -163,11 +163,10 @@
       <version>${apache_beam.version}</version>
     </dependency>
     <dependency>
-      <!-- For sending Kafka messages in the integration test -->
+      <!-- For initializing the KafkaIO connector -->
       <groupId>org.apache.kafka</groupId>
       <artifactId>kafka-clients</artifactId>
       <version>3.8.0</version>
-      <scope>test</scope>
     </dependency>
     <dependency>
       <!-- For running containerized Kafka instance in the integration test -->

dataflow/snippets/src/main/java/com/example/dataflow/KafkaReadTopics.java

@@ -0,0 +1,111 @@
+/*
+ * Copyright 2024 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.example.dataflow;
+
+// [START dataflow_kafka_read_multi_topic]
+import java.util.List;
+import org.apache.beam.sdk.Pipeline;
+import org.apache.beam.sdk.PipelineResult;
+import org.apache.beam.sdk.io.TextIO;
+import org.apache.beam.sdk.io.kafka.KafkaIO;
+import org.apache.beam.sdk.options.Description;
+import org.apache.beam.sdk.options.PipelineOptionsFactory;
+import org.apache.beam.sdk.options.StreamingOptions;
+import org.apache.beam.sdk.transforms.Filter;
+import org.apache.beam.sdk.transforms.MapElements;
+import org.apache.beam.sdk.values.TypeDescriptors;
+import org.apache.kafka.common.serialization.LongDeserializer;
+import org.apache.kafka.common.serialization.StringDeserializer;
+import org.joda.time.Duration;
+import org.joda.time.Instant;
+
+public class KafkaReadTopics {
+
+  // [END dataflow_kafka_read_multi_topic]
+  public interface Options extends StreamingOptions {
+    @Description("The Kafka bootstrap server. Example: localhost:9092")
+    String getBootstrapServer();
+
+    void setBootstrapServer(String value);
+
+    @Description("The first Kafka topic to read from.")
+    String getTopic1();
+
+    void setTopic1(String value);
+
+    @Description("The second Kafka topic to read from.")
+    String getTopic2();
+
+    void setTopic2(String value);
+  }
+
+  public static PipelineResult.State main(String[] args) {
+    // Parse the pipeline options passed into the application. Example:
+    //   --bootstrap_servers=$BOOTSTRAP_SERVERS --topic=$KAFKA_TOPIC --outputPath=$OUTPUT_FILE
+    // For more information, see https://beam.apache.org/documentation/programming-guide/#configuring-pipeline-options
+    var options = PipelineOptionsFactory.fromArgs(args).withValidation().as(Options.class);
+    options.setStreaming(true);
+
+    Pipeline pipeline = createPipeline(options);
+    return pipeline.run().waitUntilFinish();
+  }
+
+  // [START dataflow_kafka_read_multi_topic]
+  public static Pipeline createPipeline(Options options) {
+    String topic1 = options.getTopic1();
+    String topic2 = options.getTopic2();
+
+    // Build the pipeline.
+    var pipeline = Pipeline.create(options);
+    var allTopics = pipeline
+        .apply(KafkaIO.<Long, String>read()
+            .withTopics(List.of(topic1, topic2))
+            .withBootstrapServers(options.getBootstrapServer())
+            .withKeyDeserializer(LongDeserializer.class)
+            .withValueDeserializer(StringDeserializer.class)
+            .withMaxReadTime(Duration.standardSeconds(10))
+            .withStartReadTime(Instant.EPOCH)
+        );
+
+    // Create separate pipeline branches for each topic.
+    // The first branch filters on topic1.
+    allTopics
+        .apply(Filter.by(record -> record.getTopic().equals(topic1)))
+        .apply(MapElements
+            .into(TypeDescriptors.strings())
+            .via(record -> record.getKV().getValue()))
+        .apply(TextIO.write()
+            .to(topic1)
+            .withSuffix(".txt")
+            .withNumShards(1)
+        );
+
+    // The second branch filters on topic2.
+    allTopics
+        .apply(Filter.by(record -> record.getTopic().equals(topic2)))
+        .apply(MapElements
+            .into(TypeDescriptors.strings())
+            .via(record -> record.getKV().getValue()))
+        .apply(TextIO.write()
+            .to(topic2)
+            .withSuffix(".txt")
+            .withNumShards(1)
+        );
+    return pipeline;
+  }
+}
+// [END dataflow_kafka_read_multi_topic]

dataflow/snippets/src/test/java/com/example/dataflow/KafkaReadIT.java

@@ -39,10 +39,13 @@
 import org.testcontainers.utility.DockerImageName;
 
 public class KafkaReadIT {
-  private static final String TOPIC_NAME = "topic-" + UUID.randomUUID();
+  private static final String[] TOPIC_NAMES = {
+      "topic-" + UUID.randomUUID(),
+      "topic-" + UUID.randomUUID()
+  };
 
-  private static final String OUTPUT_FILE_NAME_PREFIX = UUID.randomUUID().toString();
-  private static final String OUTPUT_FILE_NAME = OUTPUT_FILE_NAME_PREFIX + "-00000-of-00001.txt";
+  // The TextIO connector appends this suffix to the pipeline output file.
+  private static final String OUTPUT_FILE_SUFFIX = "-00000-of-00001.txt";
 
   private static KafkaContainer kafka;
   private static String bootstrapServer;
@@ -54,40 +57,61 @@ public void setUp() throws ExecutionException, InterruptedException {
     kafka.start();
     bootstrapServer = kafka.getBootstrapServers();
 
-    // Create a topic.
+    // Create topics.
     Properties properties = new Properties();
     properties.put("bootstrap.servers", bootstrapServer);
     AdminClient adminClient = AdminClient.create(properties);
-    var topic = new NewTopic(TOPIC_NAME, 1, (short) 1);
-    adminClient.createTopics(Arrays.asList(topic));
+    for (String topicName : TOPIC_NAMES) {
+      var topic = new NewTopic(topicName, 1, (short) 1);
+      adminClient.createTopics(Arrays.asList(topic));
+    }
 
-    // Send a message to the topic.
-    properties.put("key.serializer", "org.apache.kafka.common.serialization.StringSerializer");
+    // Send messages to the topics.
+    properties.put("key.serializer", "org.apache.kafka.common.serialization.LongSerializer");
     properties.put("value.serializer", "org.apache.kafka.common.serialization.StringSerializer");
-    KafkaProducer<String, String> producer = new KafkaProducer<>(properties);
-    ProducerRecord<String, String> record = new ProducerRecord<>(TOPIC_NAME, "key-0", "event-0");
-    Future future = producer.send(record);
-    future.get();
+    KafkaProducer<Long, String> producer = new KafkaProducer<>(properties);
+    for (String topicName : TOPIC_NAMES) {
+      var record = new ProducerRecord<>(topicName, 0L, topicName + "-event-0");
+      Future future = producer.send(record);
+      future.get();
+    }
   }
 
   @After
   public void tearDown() throws IOException {
     kafka.stop();
-    Files.deleteIfExists(Paths.get(OUTPUT_FILE_NAME));
+    for (String topicName : TOPIC_NAMES) {
+      Files.deleteIfExists(Paths.get(topicName + OUTPUT_FILE_SUFFIX));
+    }
   }
 
   @Test
   public void testApacheKafkaRead() throws IOException {
     PipelineResult.State state = KafkaRead.main(new String[] {
         "--runner=DirectRunner",
         "--bootstrapServer=" + bootstrapServer,
-        "--topic=" + TOPIC_NAME,
-        "--outputPath=" + OUTPUT_FILE_NAME_PREFIX
+        "--topic=" + TOPIC_NAMES[0],
+        "--outputPath=" + TOPIC_NAMES[0] // Use the topic name as the output file name.
     });
     assertEquals(PipelineResult.State.DONE, state);
+    verifyOutput(TOPIC_NAMES[0]);
+  }
+
+  @Test
+  public void testApacheKafkaReadTopics() throws IOException {
+    PipelineResult.State state = KafkaReadTopics.main(new String[] {
+        "--runner=DirectRunner",
+        "--bootstrapServer=" + bootstrapServer,
+        "--topic1=" + TOPIC_NAMES[0],
+        "--topic2=" + TOPIC_NAMES[1]
+    });
+    assertEquals(PipelineResult.State.DONE, state);
+    verifyOutput(TOPIC_NAMES[0]);
+    verifyOutput(TOPIC_NAMES[1]);
+  }
 
-    // Verify the pipeline wrote the output.
-    String output = Files.readString(Paths.get(OUTPUT_FILE_NAME));
-    assertTrue(output.contains("event-0"));
+  private void verifyOutput(String topic) throws IOException {
+    String output = Files.readString(Paths.get(topic + OUTPUT_FILE_SUFFIX));
+    assertTrue(output.contains(topic + "-event-0"));
   }
 }

security-command-center/snippets/pom.xml

@@ -45,6 +45,18 @@
       <version>2.45.0</version>
     </dependency>
 
+    <dependency>
+      <groupId>com.google.cloud</groupId>
+      <artifactId>google-cloud-securitycentermanagement</artifactId>
+      <version>0.20.0</version>
+    </dependency>
+
+	<dependency>
+      <groupId>com.google.api.grpc</groupId>
+      <artifactId>proto-google-cloud-securitycentermanagement-v1</artifactId>
+      <version>0.20.0</version>
+	</dependency>
+
     <dependency>
       <groupId>com.google.cloud</groupId>
       <artifactId>google-cloud-pubsub</artifactId>
@@ -80,4 +92,13 @@
       <scope>test</scope>
     </dependency>
   </dependencies>
+	<build>
+	 <plugins>
+	   <plugin>
+	     <groupId>org.apache.maven.plugins</groupId>
+	     <artifactId>maven-surefire-plugin</artifactId>
+ 	     <version>3.2.5</version>
+	   </plugin>
+	  </plugins>
+	</build>
 </project>

security-command-center/snippets/src/main/java/management/api/CreateSecurityHealthAnalyticsCustomModule.java

@@ -0,0 +1,101 @@
+/*
+ * Copyright 2024 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package management.api;
+
+// [START securitycenter_create_security_health_analytics_custom_module]
+import com.google.cloud.securitycentermanagement.v1.CreateSecurityHealthAnalyticsCustomModuleRequest;
+import com.google.cloud.securitycentermanagement.v1.CustomConfig;
+import com.google.cloud.securitycentermanagement.v1.CustomConfig.ResourceSelector;
+import com.google.cloud.securitycentermanagement.v1.CustomConfig.Severity;
+import com.google.cloud.securitycentermanagement.v1.SecurityCenterManagementClient;
+import com.google.cloud.securitycentermanagement.v1.SecurityHealthAnalyticsCustomModule;
+import com.google.cloud.securitycentermanagement.v1.SecurityHealthAnalyticsCustomModule.EnablementState;
+import com.google.type.Expr;
+import java.io.IOException;
+
+public class CreateSecurityHealthAnalyticsCustomModule {
+
+  public static void main(String[] args) throws IOException {
+    // https://cloud.google.com/security-command-center/docs/reference/security-center-management/rest/v1/organizations.locations.securityHealthAnalyticsCustomModules/create
+    //  replace "project_id" with a real project ID
+    String parent = String.format("projects/%s/locations/%s", "project_id", "global");
+
+    String customModuleDisplayName = "custom_module_display_name";
+
+    createSecurityHealthAnalyticsCustomModule(parent, customModuleDisplayName);
+  }
+
+  public static SecurityHealthAnalyticsCustomModule createSecurityHealthAnalyticsCustomModule(
+      String parent, String customModuleDisplayName) throws IOException {
+
+    // Initialize client that will be used to send requests. This client only needs
+    // to be created
+    // once, and can be reused for multiple requests.
+    try (SecurityCenterManagementClient client = SecurityCenterManagementClient.create()) {
+
+      String name =
+          String.format("%s/securityHealthAnalyticsCustomModules/%s", parent, "custom_module");
+
+      // define the CEL expression here, change it according to the your requirements
+      Expr expr =
+          Expr.newBuilder()
+              .setExpression(
+                  "has(resource.rotationPeriod) && (resource.rotationPeriod > "
+                      + "duration('2592000s'))")
+              .build();
+
+      // define the resource selector
+      ResourceSelector resourceSelector =
+          ResourceSelector.newBuilder()
+              .addResourceTypes("cloudkms.googleapis.com/CryptoKey")
+              .build();
+
+      // define the custom module configuration, update the severity, description,
+      // recommendation below
+      CustomConfig customConfig =
+          CustomConfig.newBuilder()
+              .setPredicate(expr)
+              .setResourceSelector(resourceSelector)
+              .setSeverity(Severity.MEDIUM)
+              .setDescription("add your description here")
+              .setRecommendation("add your recommendation here")
+              .build();
+
+      // define the security health analytics custom module configuration, update the
+      // EnablementState below
+      SecurityHealthAnalyticsCustomModule securityHealthAnalyticsCustomModule =
+          SecurityHealthAnalyticsCustomModule.newBuilder()
+              .setName(name)
+              .setDisplayName(customModuleDisplayName)
+              .setEnablementState(EnablementState.ENABLED)
+              .setCustomConfig(customConfig)
+              .build();
+
+      CreateSecurityHealthAnalyticsCustomModuleRequest request =
+          CreateSecurityHealthAnalyticsCustomModuleRequest.newBuilder()
+              .setParent(parent)
+              .setSecurityHealthAnalyticsCustomModule(securityHealthAnalyticsCustomModule)
+              .build();
+
+      SecurityHealthAnalyticsCustomModule response =
+          client.createSecurityHealthAnalyticsCustomModule(request);
+
+      return response;
+    }
+  }
+}
+// [END securitycenter_create_security_health_analytics_custom_module]