Merge branch 'main' into hivanalejandro-migrate-region-step1-392698287

Author: iennae

security-center/snippets/management_api/createEventThreatDetectionCustomModule.js

@@ -0,0 +1,94 @@
+/*
+ * Copyright 2025 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+'use strict';
+
+/**
+ * Demonstrates how to create a new event threat detection custom module
+ */
+function main(organizationId, customModuleDisplayName, location = 'global') {
+  // [START securitycenter_create_event_threat_detection_custom_module]
+  // Imports the Google cloud client library.
+  const {SecurityCenterManagementClient} =
+    require('@google-cloud/securitycentermanagement').v1;
+
+  // Create a Security Center Management client
+  const client = new SecurityCenterManagementClient();
+
+  /**
+   *  Required. The name of the parent resource of the create event threat detection module. Its
+   *  format is "organizations/[organization_id]/locations/[location_id]",
+   *  "folders/[folder_id]/locations/[location_id]", or
+   *  "projects/[project_id]/locations/[location_id]".
+   */
+  //TODO(developer): Update the following references for your own environment before running the sample.
+  // const organizationId = 'YOUR_ORGANIZATION_ID';
+  // const location = 'LOCATION_ID';
+  const parent = `organizations/${organizationId}/locations/${location}`;
+
+  // define the event threat detection custom module configuration, update the EnablementState
+  // below
+  const eventThreatDetectionCustomModule = {
+    displayName: customModuleDisplayName,
+    enablementState: 'ENABLED',
+    type: 'CONFIGURABLE_BAD_IP',
+    config: prepareConfigDetails(),
+  };
+
+  // Build the request.
+  const createEventThreatDetectionCustomModuleRequest = {
+    parent: parent,
+    eventThreatDetectionCustomModule: eventThreatDetectionCustomModule,
+  };
+
+  async function createEventThreatDetectionCustomModule() {
+    // Call the API.
+    const [response] = await client.createEventThreatDetectionCustomModule(
+      createEventThreatDetectionCustomModuleRequest
+    );
+    console.log('EventThreatDetectionCustomModule created : %j', response);
+  }
+
+  function prepareConfigDetails() {
+    // define the metadata and other config parameters severity, description,
+    // recommendation and ips below
+    const config = {
+      fields: {
+        metadata: {
+          structValue: {
+            fields: {
+              severity: {stringValue: 'LOW'},
+              description: {stringValue: 'Flagged by Cymbal as malicious'},
+              recommendation: {
+                stringValue: 'Contact the owner of the relevant project.',
+              },
+            },
+          },
+        },
+        ips: {
+          listValue: {
+            values: [{stringValue: '192.0.2.1'}, {stringValue: '192.0.2.0/24'}],
+          },
+        },
+      },
+    };
+    return config;
+  }
+
+  createEventThreatDetectionCustomModule();
+  // [END securitycenter_create_event_threat_detection_custom_module]
+}
+
+main(...process.argv.slice(2));

security-center/snippets/management_api/deleteEventThreatDetectionCustomModule.js

@@ -0,0 +1,63 @@
+/*
+ * Copyright 2025 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+'use strict';
+
+/**
+ *  Delete an existing event threat detection custom module
+ */
+function main(organizationId, customModuleId, location = 'global') {
+  // [START securitycenter_delete_event_threat_detection_custom_module]
+  // Imports the Google Cloud client library.
+  const {SecurityCenterManagementClient} =
+    require('@google-cloud/securitycentermanagement').v1;
+
+  // Create a Security Center Management client
+  const client = new SecurityCenterManagementClient();
+
+  /*
+   * Required. Resource name of event threat detection module.
+   *     Its format is
+   *    `organizations/[organization_id]/locations/[location_id]/eventThreatDetectionCustomModules/[custom_module]`
+   *    `folders/[folder_id]/locations/[location_id]/eventThreatDetectionCustomModules/[custom_module]`
+   *    `projects/[project_id]/locations/[location_id]/eventThreatDetectionCustomModules/[custom_module]`
+   */
+  // TODO(developer): Update the following references for your own environment before running the sample.
+  // const organizationId = 'YOUR_ORGANIZATION_ID';
+  // const location = 'LOCATION_ID';
+  // const customModuleId = 'CUSTOM_MODULE_ID';
+  const name = `organizations/${organizationId}/locations/${location}/eventThreatDetectionCustomModules/${customModuleId}`;
+
+  // Build the request.
+  const deleteEventThreatDetectionCustomModuleRequest = {
+    name: name,
+  };
+
+  async function deleteEventThreatDetectionCustomModule() {
+    // Call the API.
+    const [response] = await client.deleteEventThreatDetectionCustomModule(
+      deleteEventThreatDetectionCustomModuleRequest
+    );
+    console.log(
+      'EventThreatDetectionCustomModule deleted successfully: %j',
+      response
+    );
+  }
+
+  deleteEventThreatDetectionCustomModule();
+  // [END securitycenter_delete_event_threat_detection_custom_module]
+}
+
+main(...process.argv.slice(2));

security-center/snippets/management_api/getEventThreatDetectionCustomModule.js

@@ -0,0 +1,60 @@
+/*
+ * Copyright 2025 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+'use strict';
+
+/**
+ *  Retrieve an existing event threat detection custom module.
+ */
+function main(organizationId, customModuleId, location = 'global') {
+  // [START securitycenter_get_event_threat_detection_custom_module]
+  // Imports the Google Cloud client library.
+  const {SecurityCenterManagementClient} =
+    require('@google-cloud/securitycentermanagement').v1;
+
+  // Create a Security Center Management client
+  const client = new SecurityCenterManagementClient();
+
+  /*
+   * Required. Resource name of event threat detection module.
+   *     Its format is
+   *    `organizations/[organization_id]/locations/[location_id]/eventThreatDetectionCustomModules/[custom_module]`
+   *    `folders/[folder_id]/locations/[location_id]/eventThreatDetectionCustomModules/[custom_module]`
+   *    `projects/[project_id]/locations/[location_id]/eventThreatDetectionCustomModules/[custom_module]`
+   */
+  // TODO(developer): Update the following references for your own environment before running the sample.
+  // const organizationId = 'YOUR_ORGANIZATION_ID';
+  // const location = 'LOCATION_ID';
+  // const customModuleId = 'CUSTOM_MODULE_ID';
+  const name = `organizations/${organizationId}/locations/${location}/eventThreatDetectionCustomModules/${customModuleId}`;
+
+  // Build the request.
+  const getEventThreatDetectionCustomModuleRequest = {
+    name: name,
+  };
+
+  async function getEventThreatDetectionCustomModule() {
+    // Call the API.
+    const [response] = await client.getEventThreatDetectionCustomModule(
+      getEventThreatDetectionCustomModuleRequest
+    );
+    console.log('Retrieved EventThreatDetectionCustomModule: %j', response);
+  }
+
+  getEventThreatDetectionCustomModule();
+  // [END securitycenter_get_event_threat_detection_custom_module]
+}
+
+main(...process.argv.slice(2));

security-center/snippets/management_api/listEventThreatDetectionCustomModules.js

@@ -0,0 +1,58 @@
+/*
+ * Copyright 2025 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+'use strict';
+
+// List all event threat detection custom module under a given parent resource.
+function main(organizationId, location = 'global') {
+  // [START securitycenter_list_event_threat_detection_custom_module]
+  // Imports the Google Cloud client library.
+  const {SecurityCenterManagementClient} =
+    require('@google-cloud/securitycentermanagement').v1;
+
+  // Create a Security Center Management client
+  const client = new SecurityCenterManagementClient();
+
+  /**
+   *  Required. The name of the parent resource of the list event threat detection custom module. Its
+   *  format is "organizations/[organization_id]/locations/[location_id]",
+   *  "folders/[folder_id]/locations/[location_id]", or
+   *  "projects/[project_id]/locations/[location_id]".
+   */
+  //TODO(developer): Update the following references for your own environment before running the sample.
+  // const organizationId = 'YOUR_ORGANIZATION_ID';
+  // const location = 'LOCATION_ID';
+  const parent = `organizations/${organizationId}/locations/${location}`;
+
+  // Build the request.
+  const listEventThreatDetectionCustomModulesRequest = {
+    parent: parent,
+  };
+
+  async function listEventThreatDetectionCustomModules() {
+    // Call the API.
+    const [modules] = await client.listEventThreatDetectionCustomModules(
+      listEventThreatDetectionCustomModulesRequest
+    );
+    for (const module of modules) {
+      console.log('Custom Module name:', module.name);
+    }
+  }
+
+  listEventThreatDetectionCustomModules();
+  // [END securitycenter_list_event_threat_detection_custom_module]
+}
+
+main(...process.argv.slice(2));

security-center/snippets/management_api/updateEventThreatDetectionCustomModule.js

@@ -0,0 +1,73 @@
+/*
+ * Copyright 2025 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+'use strict';
+
+/**
+ *  Updates an existing event threat detection custom module.
+ */
+function main(organizationId, customModuleId, location = 'global') {
+  // [START securitycenter_update_event_threat_detection_custom_module]
+  // Imports the Google Cloud client library.
+  const {SecurityCenterManagementClient} =
+    require('@google-cloud/securitycentermanagement').v1;
+
+  // Create a Security Center Management client
+  const client = new SecurityCenterManagementClient();
+
+  /*
+   * Required. Resource name of event threat detection module.
+   *     Its format is
+   *    `organizations/[organization_id]/locations/[location_id]/eventThreatDetectionCustomModules/[custom_module]`
+   *    `folders/[folder_id]/locations/[location_id]/eventThreatDetectionCustomModules/[custom_module]`
+   *    `projects/[project_id]/locations/[location_id]/eventThreatDetectionCustomModules/[custom_module]`
+   */
+  // TODO(developer): Update the following references for your own environment before running the sample.
+  // const organizationId = 'YOUR_ORGANIZATION_ID';
+  // const location = 'LOCATION_ID';
+  // const customModuleId = 'CUSTOM_MODULE_ID';
+  const name = `organizations/${organizationId}/locations/${location}/eventThreatDetectionCustomModules/${customModuleId}`;
+
+  // Define the event threat detection custom module configuration, update the
+  // EnablementState accordingly.
+  const eventThreatDetectionCustomModule = {
+    name: name,
+    enablementState: 'DISABLED',
+  };
+
+  // Set the field mask to specify which properties should be updated.
+  const fieldMask = {
+    paths: ['enablement_state'],
+  };
+
+  // Build the request.
+  const updateEventThreatDetectionCustomModuleRequest = {
+    eventThreatDetectionCustomModule: eventThreatDetectionCustomModule,
+    updateMask: fieldMask,
+  };
+
+  async function updateEventThreatDetectionCustomModule() {
+    // Call the API.
+    const [response] = await client.updateEventThreatDetectionCustomModule(
+      updateEventThreatDetectionCustomModuleRequest
+    );
+    console.log('Updated EventThreatDetectionCustomModule: %j', response);
+  }
+
+  updateEventThreatDetectionCustomModule();
+  // [END securitycenter_update_event_threat_detection_custom_module]
+}
+
+main(...process.argv.slice(2));

security-center/snippets/package.json

@@ -14,7 +14,8 @@
   "license": "Apache-2.0",
   "dependencies": {
     "@google-cloud/pubsub": "^4.0.0",
-    "@google-cloud/security-center": "^8.7.0"
+    "@google-cloud/security-center": "^8.7.0",
+    "@google-cloud/securitycentermanagement": "^0.5.0"
   },
   "devDependencies": {
     "c8": "^10.0.0",