feat(securitycenter): Add Resource SCC Management API Org SHA Custom … #3952
Conversation
|
Here is the summary of changes. You are about to add 4 region tags.
This comment is generated by snippet-bot.
|
product-auto-label
bot
added
the
api: securitycenter
![code-review-assist[bot]](https://avatars.githubusercontent.com/in/1008254?s=60&v=4){kind=small}
There was a problem hiding this comment.
Hi team,
I'm currently reviewing this pull request and will provide my feedback shortly. In the meantime, I'm providing this summary of the pull request's content for you and other reviewers to quickly get up to speed on the changes and intent.
This pull request, authored by agggaurav2024, aims to add code samples for the Security Health Analytics Custom Module in the Google Cloud Security Command Center (SCC) Management API. The changes include:
- New files added:
security-center/snippets/management_api/createSecurityHealthAnalyticsCustomModule.js: Adds a function to create a new Security Health Analytics Custom Module. (Lines 1-99)security-center/snippets/management_api/getEffectiveSecurityHealthAnalyticsCustomModule.js: Adds a function to retrieve an existing effective Security Health Analytics Custom Module. (Lines 1-52)security-center/snippets/management_api/getSecurityHealthAnalyticsCustomModule.js: Adds a function to retrieve an existing Security Health Analytics Custom Module. (Lines 1-51)security-center/snippets/management_api/updateSecurityHealthAnalyticsCustomModule.js: Adds a function to update an existing Security Health Analytics Custom Module. (Lines 1-69)security-center/snippets/system-test/management_api/securityHealthAnalyticsCustomModule.test.js: Adds comprehensive system tests for the new functionality. (Lines 1-175)
security-center/snippets/package.jsonupdated: Adds@google-cloud/securitycentermanagementas a dependency. (Line 18)
The pull request addresses issues b/347347427, b/347347480, b/347347258, and b/347347835. The author has indicated that the tests pass and that the code follows the style guidelines.
I'll be checking for completeness, correctness, and adherence to best practices in my full review. I'll also look at the test coverage and ensure the new samples are well-documented and easy to use.
A little poem to brighten your day:
Code flows like a river,
Testing's the current's strong pull,
Bugs swim to the sea.
Thanks!
Gemini
product-auto-label
bot
added
the
samples
security-center/snippets/management_api/createSecurityHealthAnalyticsCustomModule.js
Outdated
Show resolved
Hide resolved
| // define the CEL expression here and this will scans for keys that have not been rotated in | ||
| // the last 30 days, change it according to the your requirements | ||
| const expr = { | ||
| expression: `has(resource.rotationPeriod) && (resource.rotationPeriod > duration('2592000s'))`, |
There was a problem hiding this comment.
Use duration('30d') instead of '2592000s' for better readability.
| expression: `has(resource.rotationPeriod) && (resource.rotationPeriod > duration('2592000s'))`, | |
| expression: `has(resource.rotationPeriod) && (resource.rotationPeriod > duration('30d'))`, |
There was a problem hiding this comment.
@agggaurav2024 what do you think? this seems like a good suggestion to me to make it match what's in the comment.
There was a problem hiding this comment.
I have taken reference from java code samples
https://github.com/GoogleCloudPlatform/java-docs-samples/blob/main/security-command-center/snippets/src/main/java/management/api/CreateSecurityHealthAnalyticsCustomModule.java
| description: 'add your description here', | ||
| recommendation: 'add your recommendation here', |
There was a problem hiding this comment.
Instead of placeholder comments, provide a clear explanation of what should be added to the description and recommendation fields. Give examples of good descriptions and recommendations.
| description: 'add your description here', | |
| recommendation: 'add your recommendation here', | |
| description: 'CryptoKey has not been rotated in the last 30 days.', | |
| recommendation: 'Rotate the CryptoKey to ensure key hygiene.' |
There was a problem hiding this comment.
@agggaurav2024 this looks like another good suggestion although I'd recommend putting whatever the description and recommendation is for the sample itself.
There was a problem hiding this comment.
I have taken reference from java code samples
https://github.com/GoogleCloudPlatform/java-docs-samples/blob/main/security-command-center/snippets/src/main/java/management/api/CreateSecurityHealthAnalyticsCustomModule.java
security-center/snippets/system-test/management_api/securityHealthAnalyticsCustomModule.test.js
Outdated
Show resolved
Hide resolved
| try { | ||
| if (module.displayName === customModuleDisplayName) { | ||
| const customModuleId = module.name.split('/').pop(); | ||
| // Proceed with deletion if module exist |
There was a problem hiding this comment.
The condition if (customModuleId) is always true since customModuleId is derived from splitting a string and popping the last element. It's redundant to check if it exists. Remove the conditional check.
await client.deleteSecurityHealthAnalyticsCustomModule({
name: `organizations/${organizationId}/locations/${locationId}/securityHealthAnalyticsCustomModules/${customModuleId}`,
});There was a problem hiding this comment.
Addressed.
Refactored the cleanup code.
Co-authored-by: code-review-assist[bot] <182814678+code-review-assist[bot]@users.noreply.github.com>
…Modules
Description
Fixes # b/347347427, b/347347480, b/347347258, b/347347835
This PR adds SCC Managament API Org Security Health Analytics Custom Module Code Samples for Create, Update, Get and GetEffective.
Note: Before submitting a pull request, please open an issue for discussion if you are not associated with Google.
Checklist
npm test(see Testing)npm run lint(see Style)GoogleCloudPlatform/nodejs-docs-samples. Not a fork.