Add Resource v2 assets security marks

Author: vijaykanthm

security-center/snippets/system-test/v2/assetSecurityMarks.test.js

@@ -0,0 +1,79 @@
+// Copyright 2024 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+'use strict';
+
+const {SecurityCenterClient} = require('@google-cloud/security-center');
+const {assert} = require('chai');
+const {describe, it, before} = require('mocha');
+const {execSync} = require('child_process');
+const exec = cmd => execSync(cmd, {encoding: 'utf8'});
+
+// TODO(developers): update for your own environment
+const organizationId = '1081635000895';
+
+describe('client with security marks for assets', async () => {
+  let data;
+  before(async () => {
+    // Creates a new client.
+    const client = new SecurityCenterClient();
+
+    const [assetResults] = await client.listAssets({
+      parent: client.organizationPath(organizationId),
+    });
+    const randomAsset =
+      assetResults[Math.floor(Math.random() * assetResults.length)].asset;
+    console.log('random %j', randomAsset);
+    data = {
+      orgId: organizationId,
+      assetName: randomAsset.name,
+    };
+    console.log('data %j', data);
+  });
+  it('client can add security marks to asset.', () => {
+    const output = exec(`node v2/addSecurityMarks.js ${data.assetName}`);
+    assert.include(output, data.assetName);
+    assert.match(output, /key_a/);
+    assert.match(output, /value_a/);
+    assert.match(output, /key_b/);
+    assert.match(output, /value_b/);
+    assert.notMatch(output, /undefined/);
+  });
+
+  it('client can add and delete security marks', () => {
+    // Ensure marks are set.
+    exec(`node v2/addSecurityMarks.js ${data.assetName}`);
+
+    const output = exec(`node v2/addDeleteSecurityMarks.js ${data.assetName}`);
+    assert.match(output, /key_a/);
+    assert.match(output, /new_value_a/);
+    assert.notMatch(output, /key_b/);
+    assert.notMatch(output, /undefined/);
+  });
+
+  it('client can delete security marks', () => {
+    // Ensure marks are set.
+    exec(`node v2/addSecurityMarks.js ${data.assetName}`);
+
+    const output = exec(`node v2/deleteAssetsSecurityMarks.js ${data.assetName}`);
+    assert.notMatch(output, /key_a/);
+    assert.notMatch(output, /value_a/);
+    assert.notMatch(output, /key_b/);
+    assert.notMatch(output, /value_b/);
+    assert.include(output, data.assetName);
+    assert.include(output, data.assetName);
+    assert.notMatch(output, /undefined/);
+  });
+
+});

security-center/snippets/v2/addDeleteSecurityMarks.js

@@ -0,0 +1,49 @@
+// Copyright 2024 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+'use strict';
+
+/**
+ * Demonstrates adding/updating at the same time as deleting security
+ * marks from an asset.
+ */
+function main(assetName = 'full asset path to add marks to') {
+  // [START securitycenter_add_delete_security_marks_v2]
+  // Imports the Google Cloud client library.
+  const {SecurityCenterClient} = require('@google-cloud/security-center').v2;
+
+  // Creates a new client.
+  const client = new SecurityCenterClient();
+
+  async function addDeleteSecurityMarks() {
+    // assetName is the full resource path for the asset to update.
+    // Specify the value of 'assetName' in one of the following formats:
+    //    `organizations/${org-id}/assets/${asset-id}`;
+    //    `projects/${project-id}/assets/${asset-id}`;
+    //    `folders/${folder-id}/assets/${asset-id}`;
+    const [newMarks] = await client.updateSecurityMarks({
+      securityMarks: {
+        name: `${assetName}/securityMarks`,
+        marks: {key_a: 'new_value_a'},
+      },
+      // Only update the enableAssetDiscovery field.
+      updateMask: {paths: ['marks.key_a', 'marks.key_b']},
+    });
+
+    console.log('New marks: %j', newMarks);
+  }
+  addDeleteSecurityMarks();
+  // [END securitycenter_add_delete_security_marks_v2]
+}
+
+main(...process.argv.slice(2));

security-center/snippets/v2/addSecurityMarks.js

@@ -0,0 +1,53 @@
+// Copyright 2024 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+'use strict';
+
+/**
+ * Demostrates adding security marks to an asset.
+ */
+function main(assetName = 'full asset path to add marks to') {
+  // [START securitycenter_add_security_marks_v2]
+  // Imports the Google Cloud client library.
+  const {SecurityCenterClient} = require('@google-cloud/security-center').v2;
+
+  // Creates a new client.
+  const client = new SecurityCenterClient();
+
+  async function addSecurityMarks() {
+    // assetName is the full resource path for the asset to update.
+    /*
+     * TODO(developer): Uncomment the following lines
+     */
+    // Specify the value of 'assetName' in one of the following formats:
+    //    `organizations/${org-id}/assets/${asset-id}`;
+    //    `projects/${project-id}/assets/${asset-id}`;
+    //    `folders/${folder-id}/assets/${asset-id}`;
+    // const assetName = "organizations/123123342/assets/12312321";
+    const [newMarks] = await client.updateSecurityMarks({
+      securityMarks: {
+        name: `${assetName}/securityMarks`,
+        marks: {key_a: 'value_a', key_b: 'value_b'},
+      },
+      // Only update the marks with these keys.
+      updateMask: {paths: ['marks.key_a', 'marks.key_b']},
+    });
+
+    console.log('New marks: %', newMarks);
+  }
+  addSecurityMarks();
+  // [END securitycenter_add_security_marks_v2]
+}
+
+main(...process.argv.slice(2));

security-center/snippets/v2/deleteAssetsSecurityMarks.js

@@ -0,0 +1,53 @@
+// Copyright 2024 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+'use strict';
+
+/**
+ * Demostrates deleting security marks on an asset.
+ */
+function main(assetName = 'full asset path to add marks to') {
+  // [START securitycenter_delete_security_marks_v2]
+  // Imports the Google Cloud client library.
+  const {SecurityCenterClient} = require('@google-cloud/security-center').v2;
+
+  // Creates a new client.
+  const client = new SecurityCenterClient();
+
+  async function deleteSecurityMarks() {
+    // assetName is the full resource path for the asset to update.
+    /*
+     * TODO(developer): Uncomment the following lines
+     */
+    // Specify the value of 'assetName' in one of the following formats:
+    //    `organizations/${org-id}/assets/${asset-id}`;
+    //    `projects/${project-id}/assets/${asset-id}`;
+    //    `folders/${folder-id}/assets/${asset-id}`;
+    // const assetName = "organizations/123123342/assets/12312321";
+    const [newMarks] = await client.updateSecurityMarks({
+      securityMarks: {
+        name: `${assetName}/securityMarks`,
+        // Intentionally, not setting marks to delete them.
+      },
+      // Only delete marks for the following keys.
+      updateMask: {paths: ['marks.key_a', 'marks.key_b']},
+    });
+
+    console.log('Updated marks: %j', newMarks);
+  }
+  deleteSecurityMarks();
+  // [END securitycenter_delete_security_marks_v2]
+}
+
+main(...process.argv.slice(2));