diff --git a/securitycenter/snippets/snippets_findings.py b/securitycenter/snippets/snippets_findings.py index ec465f20e02d..a47dbacde385 100644 --- a/securitycenter/snippets/snippets_findings.py +++ b/securitycenter/snippets/snippets_findings.py @@ -28,11 +28,13 @@ def create_source(organization_id): org_name = "organizations/{org_id}".format(org_id=organization_id) created = client.create_source( - org_name, - { - "display_name": "Customized Display Name", - "description": "A new custom source that does X", - }, + request={ + "parent": org_name, + "source": { + "display_name": "Customized Display Name", + "description": "A new custom source that does X", + }, + } ) print("Created Source: {}".format(created.name)) # [END create_source] @@ -51,7 +53,7 @@ def get_source(source_name): # source_name = "organizations/{organization_id}/sources/{source_id}" # e.g.: # source_name = "organizations/111122222444/sources/1234" - source = client.get_source(source_name) + source = client.get_source(request={"name": source_name}) print("Source: {}".format(source)) # [END get_source] @@ -76,8 +78,10 @@ def update_source(source_name): # e.g.: # source_name = "organizations/111122222444/sources/1234" updated = client.update_source( - {"name": source_name, "display_name": "Updated Display Name"}, - update_mask=field_mask, + request={ + "source": {"name": source_name, "display_name": "Updated Display Name"}, + "update_mask": field_mask, + } ) print("Updated Source: {}".format(updated)) # [END update_source] @@ -100,7 +104,7 @@ def add_user_to_source(source_name): # e.g.: # source_name = "organizations/111122222444/sources/1234" # Get the old policy so we can do an incremental update. - old_policy = client.get_iam_policy(source_name) + old_policy = client.get_iam_policy(request={"resource": source_name}) print("Old Policy: {}".format(old_policy)) # Setup a new IAM binding. @@ -112,7 +116,10 @@ def add_user_to_source(source_name): # Setting the e-tag avoids over-write existing policy updated = client.set_iam_policy( - source_name, {"etag": old_policy.etag, "bindings": [binding]} + request={ + "resource": source_name, + "policy": {"etag": old_policy.etag, "bindings": [binding]}, + } ) print("Updated Policy: {}".format(updated)) @@ -134,7 +141,7 @@ def list_source(organization_id): org_name = "organizations/{org_id}".format(org_id=organization_id) # Call the API and print out each existing source. - for i, source in enumerate(client.list_sources(org_name)): + for i, source in enumerate(client.list_sources(request={"parent": org_name})): print(i, source) # [END list_sources] return i @@ -144,15 +151,14 @@ def create_finding(source_name): """Creates a new finding.""" # [START create_finding] from google.cloud import securitycenter - from google.cloud.securitycenter_v1.proto.finding_pb2 import Finding - from google.protobuf.timestamp_pb2 import Timestamp + from google.cloud.securitycenter_v1 import CreateFindingRequest, Finding + import datetime # Create a new client. client = securitycenter.SecurityCenterClient() # Use the current time as the finding "event time". - now_proto = Timestamp() - now_proto.GetCurrentTime() + event_time = datetime.datetime.now() # source_name is the resource path for a source that has been # created previously (you can use list_sources to find a specific one). @@ -169,16 +175,21 @@ def create_finding(source_name): # if there are matches. resource_name = "//cloudresourcemanager.googleapis.com/organizations/11232" + finding = Finding( + state=Finding.State.ACTIVE, + resource_name=resource_name, + category="MEDIUM_RISK_ONE", + event_time=event_time, + ) + + request = CreateFindingRequest( + parent=source_name, + finding_id=finding_id, + finding=finding, + ) # Call The API. created_finding = client.create_finding( - source_name, - finding_id, - { - "state": Finding.ACTIVE, - "resource_name": resource_name, - "category": "MEDIUM_RISK_ONE", - "event_time": now_proto, - }, + request=request ) print(created_finding) # [END create_finding] @@ -188,9 +199,10 @@ def create_finding(source_name): def create_finding_with_source_properties(source_name): """Demonstrate creating a new finding with source properties. """ # [START create_finding_with_properties] + import datetime + from google.cloud import securitycenter - from google.cloud.securitycenter_v1.proto.finding_pb2 import Finding - from google.protobuf.timestamp_pb2 import Timestamp + from google.cloud.securitycenter_v1 import Finding from google.protobuf.struct_pb2 import Value # Create a new client. @@ -218,19 +230,22 @@ def create_finding_with_source_properties(source_name): num_value.number_value = 1234 # Use the current time as the finding "event time". - now_proto = Timestamp() - now_proto.GetCurrentTime() + event_time = datetime.datetime.now() + + finding = Finding( + state=Finding.State.ACTIVE, + resource_name=resource_name, + category="MEDIUM_RISK_ONE", + source_properties={"s_value": "string_example", "n_value": 1234}, + event_time=event_time, + ) created_finding = client.create_finding( - source_name, - finding_id, - { - "state": Finding.ACTIVE, - "resource_name": resource_name, - "category": "MEDIUM_RISK_ONE", - "source_properties": {"s_value": str_value, "n_value": num_value}, - "event_time": now_proto, - }, + request={ + "parent": source_name, + "finding_id": finding_id, + "finding": finding + } ) print(created_finding) # [END create_finding_with_properties] @@ -238,10 +253,11 @@ def create_finding_with_source_properties(source_name): def update_finding(source_name): # [START update_finding] + import datetime + from google.cloud import securitycenter - from google.protobuf.struct_pb2 import Value + from google.cloud.securitycenter_v1 import Finding from google.protobuf import field_mask_pb2 - from google.protobuf.timestamp_pb2 import Timestamp client = securitycenter.SecurityCenterClient() # Only update the specific source property and event_time. event_time @@ -249,13 +265,10 @@ def update_finding(source_name): field_mask = field_mask_pb2.FieldMask( paths=["source_properties.s_value", "event_time"] ) - value = Value() - value.string_value = "new_string" # Set the update time to Now. This must be some time greater then the # event_time on the original finding. - now_proto = Timestamp() - now_proto.GetCurrentTime() + event_time = datetime.datetime.now() # source_name is the resource path for a source that has been # created previously (you can use list_sources to find a specific one). @@ -264,18 +277,21 @@ def update_finding(source_name): # e.g.: # source_name = "organizations/111122222444/sources/1234" finding_name = "{}/findings/samplefindingid2".format(source_name) + finding = Finding( + name=finding_name, + source_properties={"s_value": "new_string"}, + event_time=event_time, + ) updated_finding = client.update_finding( - { - "name": finding_name, - "source_properties": {"s_value": value}, - "event_time": now_proto, - }, - update_mask=field_mask, + request={ + "finding": finding, + "update_mask": field_mask, + } ) print( "New Source properties: {}, Event Time {}".format( - updated_finding.source_properties, updated_finding.event_time.ToDatetime() + updated_finding.source_properties, updated_finding.event_time ) ) # [END update_finding] @@ -284,10 +300,10 @@ def update_finding(source_name): def update_finding_state(source_name): """Demonstrate updating only a finding state.""" # [START update_finding_state] - from google.cloud import securitycenter - from google.cloud.securitycenter_v1.proto.finding_pb2 import Finding - from google.protobuf.timestamp_pb2 import Timestamp + import datetime + from google.cloud import securitycenter + from google.cloud.securitycenter_v1 import Finding # Create a client. client = securitycenter.SecurityCenterClient() # source_name is the resource path for a source that has been @@ -298,14 +314,15 @@ def update_finding_state(source_name): # source_name = "organizations/111122222444/sources/1234" finding_name = "{}/findings/samplefindingid2".format(source_name) - now_proto = Timestamp() - now_proto.GetCurrentTime() - # Call the API to change the finding state to inactive as of now. new_finding = client.set_finding_state( - finding_name, Finding.INACTIVE, start_time=now_proto + request={ + "name": finding_name, + "state": Finding.State.INACTIVE, + "start_time": datetime.datetime.now(), + } ) - print("New state: {}".format(Finding.State.Name(new_finding.state))) + print(f"New state: {new_finding.state}") # [END update_finding_state] @@ -326,7 +343,10 @@ def trouble_shoot(source_name): # Check for permssions to call create_finding or update_finding. permission_response = client.test_iam_permissions( - source_name, ["securitycenter.findings.update"] + request={ + "resource": source_name, + "permissions": ["securitycenter.findings.update"], + } ) print( @@ -339,7 +359,10 @@ def trouble_shoot(source_name): # [START test_iam_permissions] # Check for permissions necessary to call set_finding_state. permission_response = client.test_iam_permissions( - source_name, ["securitycenter.findings.setState"] + request={ + "resource": source_name, + "permissions": ["securitycenter.findings.setState"], + } ) print( "Permision to update state? {}".format(len(permission_response.permissions) > 0) @@ -362,7 +385,7 @@ def list_all_findings(organization_id): # The "sources/-" suffix lists findings across all sources. You # also use a specific source_name instead. all_sources = "{org_name}/sources/-".format(org_name=org_name) - finding_result_iterator = client.list_findings(all_sources) + finding_result_iterator = client.list_findings(request={"parent": all_sources}) for i, finding_result in enumerate(finding_result_iterator): print( "{}: name: {} resource: {}".format( @@ -389,7 +412,7 @@ def list_filtered_findings(source_name): # You an also use a wild-card "-" for all sources: # source_name = "organizations/111122222444/sources/-" finding_result_iterator = client.list_findings( - source_name, filter_='category="MEDIUM_RISK_ONE"' + request={"parent": source_name, "filter": 'category="MEDIUM_RISK_ONE"'} ) # Iterate an print all finding names and the resource they are # in reference to. @@ -406,7 +429,6 @@ def list_filtered_findings(source_name): def list_findings_at_time(source_name): # [START list_findings_at_a_time] from google.cloud import securitycenter - from google.protobuf.timestamp_pb2 import Timestamp from datetime import timedelta, datetime # Create a new client. @@ -420,14 +442,14 @@ def list_findings_at_time(source_name): # source_name = "organizations/111122222444/sources/1234" # You an also use a wild-card "-" for all sources: # source_name = "organizations/111122222444/sources/-" - five_days_ago = Timestamp() - five_days_ago.FromDatetime(datetime.now() - timedelta(days=5)) + five_days_ago = str(datetime.now() - timedelta(days=5)) # [END list_findings_at_a_time] i = -1 - five_days_ago.FromDatetime(datetime(2019, 3, 5, 0, 0, 0)) # [START list_findings_at_a_time] - finding_result_iterator = client.list_findings(source_name, read_time=five_days_ago) + finding_result_iterator = client.list_findings( + request={"parent": source_name, "filter": five_days_ago} + ) for i, finding_result in enumerate(finding_result_iterator): print( "{}: name: {} resource: {}".format( @@ -452,7 +474,7 @@ def get_iam_policy(source_name): # e.g.: # source_name = "organizations/111122222444/sources/1234" # Get the old policy so we can do an incremental update. - policy = client.get_iam_policy(source_name) + policy = client.get_iam_policy(request={"resource": source_name}) print("Policy: {}".format(policy)) # [END get_source_iam] @@ -472,7 +494,9 @@ def group_all_findings(organization_id): # The "sources/-" suffix lists findings across all sources. You # also use a specific source_name instead. all_sources = "{org_name}/sources/-".format(org_name=org_name) - group_result_iterator = client.group_findings(all_sources, group_by="category") + group_result_iterator = client.group_findings( + request={"parent": all_sources, "group_by": "category"} + ) for i, group_result in enumerate(group_result_iterator): print((i + 1), group_result) # [END group_all_findings] @@ -496,7 +520,11 @@ def group_filtered_findings(source_name): # source_name = "organizations/111122222444/sources/1234" group_result_iterator = client.group_findings( - source_name, group_by="category", filter_='state="ACTIVE"' + request={ + "parent": source_name, + "group_by": "category", + "filter": 'state="ACTIVE"', + } ) for i, group_result in enumerate(group_result_iterator): print((i + 1), group_result) @@ -511,7 +539,6 @@ def group_findings_at_time(source_name): # [START group_findings_at_time] from datetime import datetime, timedelta from google.cloud import securitycenter - from google.protobuf.timestamp_pb2 import Timestamp # Create a client. client = securitycenter.SecurityCenterClient() @@ -525,11 +552,13 @@ def group_findings_at_time(source_name): # Group findings as of yesterday. read_time = datetime.utcnow() - timedelta(days=1) - timestamp_proto = Timestamp() - timestamp_proto.FromDatetime(read_time) group_result_iterator = client.group_findings( - source_name, group_by="category", read_time=timestamp_proto + request={ + "parent": source_name, + "group_by": "category", + "read_time": read_time, + } ) for i, group_result in enumerate(group_result_iterator): print((i + 1), group_result) @@ -545,7 +574,6 @@ def group_findings_and_changes(source_name): from datetime import timedelta from google.cloud import securitycenter - from google.protobuf.duration_pb2 import Duration # Create a client. client = securitycenter.SecurityCenterClient() @@ -559,12 +587,13 @@ def group_findings_and_changes(source_name): # List assets and their state change the last 30 days compare_delta = timedelta(days=30) - # Convert the timedelta to a Duration - duration_proto = Duration() - duration_proto.FromTimedelta(compare_delta) group_result_iterator = client.group_findings( - source_name, group_by="state_change", compare_duration=duration_proto + request={ + "parent": source_name, + "group_by": "state_change", + "compare_duration": compare_delta, + } ) for i, group_result in enumerate(group_result_iterator): print((i + 1), group_result) diff --git a/securitycenter/snippets/snippets_findings_test.py b/securitycenter/snippets/snippets_findings_test.py index 8ac01d8c13c4..8a68117aeb19 100644 --- a/securitycenter/snippets/snippets_findings_test.py +++ b/securitycenter/snippets/snippets_findings_test.py @@ -35,11 +35,13 @@ def source_name(organization_id): org_name = "organizations/{org_id}".format(org_id=organization_id) source = client.create_source( - org_name, - { - "display_name": "Unit test source", - "description": "A new custom source that does X", - }, + request={ + "parent": org_name, + "source": { + "display_name": "Unit test source", + "description": "A new custom source that does X", + }, + } ) return source.name diff --git a/securitycenter/snippets/snippets_list_assets.py b/securitycenter/snippets/snippets_list_assets.py index f88638023c16..7eb85932e315 100644 --- a/securitycenter/snippets/snippets_list_assets.py +++ b/securitycenter/snippets/snippets_list_assets.py @@ -29,7 +29,7 @@ def list_all_assets(organization_id): org_name = "organizations/{org_id}".format(org_id=organization_id) # Call the API and print results. - asset_iterator = client.list_assets(org_name) + asset_iterator = client.list_assets(request={"parent": org_name}) for i, asset_result in enumerate(asset_iterator): print(i, asset_result) # [END demo_list_all_assets] @@ -53,7 +53,9 @@ def list_assets_with_filters(organization_id): + '"google.cloud.resourcemanager.Project"' ) # Call the API and print results. - asset_iterator = client.list_assets(org_name, filter_=project_filter) + asset_iterator = client.list_assets( + request={"parent": org_name, "filter": project_filter} + ) for i, asset_result in enumerate(asset_iterator): print(i, asset_result) # [END demo_list_assets_with_filter] @@ -66,8 +68,6 @@ def list_assets_with_filters_and_read_time(organization_id): # [START demo_list_assets_with_filter_and_time] from datetime import datetime, timedelta - from google.protobuf.timestamp_pb2 import Timestamp - from google.cloud import securitycenter client = securitycenter.SecurityCenterClient() @@ -83,12 +83,14 @@ def list_assets_with_filters_and_read_time(organization_id): # Lists assets as of yesterday. read_time = datetime.utcnow() - timedelta(days=1) - timestamp_proto = Timestamp() - timestamp_proto.FromDatetime(read_time) # Call the API and print results. asset_iterator = client.list_assets( - org_name, filter_=project_filter, read_time=timestamp_proto + request={ + "parent": org_name, + "filter": project_filter, + "read_time": read_time, + } ) for i, asset_result in enumerate(asset_iterator): print(i, asset_result) @@ -102,7 +104,6 @@ def list_point_in_time_changes(organization_id): # [START demo_list_assets_changes] from datetime import timedelta - from google.protobuf.duration_pb2 import Duration from google.cloud import securitycenter client = securitycenter.SecurityCenterClient() @@ -117,12 +118,14 @@ def list_point_in_time_changes(organization_id): # List assets and their state change the last 30 days compare_delta = timedelta(days=30) - # Convert the timedelta to a Duration - duration_proto = Duration() - duration_proto.FromTimedelta(compare_delta) + # Call the API and print results. asset_iterator = client.list_assets( - org_name, filter_=project_filter, compare_duration=duration_proto + request={ + "parent": org_name, + "filter": project_filter, + "compare_duration": compare_delta, + } ) for i, asset in enumerate(asset_iterator): print(i, asset) @@ -145,7 +148,9 @@ def group_assets(organization_id): group_by_type = "security_center_properties.resource_type" - result_iterator = client.group_assets(org_name, group_by=group_by_type) + result_iterator = client.group_assets( + request={"parent": org_name, "group_by": group_by_type} + ) for i, result in enumerate(result_iterator): print((i + 1), result) # [END group_all_assets] @@ -170,7 +175,7 @@ def group_filtered_assets(organization_id): + '"google.cloud.resourcemanager.Project"' ) result_iterator = client.group_assets( - org_name, group_by=group_by_type, filter_=only_projects + request={"parent": org_name, "group_by": group_by_type, "filter": only_projects} ) for i, result in enumerate(result_iterator): print((i + 1), result) @@ -186,18 +191,20 @@ def group_assets_by_changes(organization_id): from datetime import timedelta from google.cloud import securitycenter - from google.protobuf.duration_pb2 import Duration client = securitycenter.SecurityCenterClient() - duration_proto = Duration() - duration_proto.FromTimedelta(timedelta(days=5)) + duration = timedelta(days=5) # organization_id is the numeric ID of the organization. # organization_id = "1234567777" org_name = "organizations/{org_id}".format(org_id=organization_id) result_iterator = client.group_assets( - org_name, group_by="state_change", compare_duration=duration_proto + request={ + "parent": org_name, + "group_by": "state_change", + "compare_duration": duration, + } ) for i, result in enumerate(result_iterator): print((i + 1), result) diff --git a/securitycenter/snippets/snippets_notification_configs.py b/securitycenter/snippets/snippets_notification_configs.py index f0a4a6dfdfd3..cadbd8e0b85b 100644 --- a/securitycenter/snippets/snippets_notification_configs.py +++ b/securitycenter/snippets/snippets_notification_configs.py @@ -31,13 +31,15 @@ def create_notification_config(organization_id, notification_config_id, pubsub_t org_name = "organizations/{org_id}".format(org_id=organization_id) created_notification_config = client.create_notification_config( - org_name, - notification_config_id, - { - "description": "Notification for active findings", - "pubsub_topic": pubsub_topic, - "streaming_config": {"filter": 'state = "ACTIVE"'}, - }, + request={ + "parent": org_name, + "config_id": notification_config_id, + "notification_config": { + "description": "Notification for active findings", + "pubsub_topic": pubsub_topic, + "streaming_config": {"filter": 'state = "ACTIVE"'}, + }, + } ) print(created_notification_config) @@ -59,7 +61,7 @@ def delete_notification_config(organization_id, notification_config_id): org_id=organization_id, config_id=notification_config_id ) - client.delete_notification_config(notification_config_name) + client.delete_notification_config(request={"name": notification_config_name}) print("Deleted notification config: {}".format(notification_config_name)) # [END scc_delete_notification_config] return True @@ -79,7 +81,9 @@ def get_notification_config(organization_id, notification_config_id): org_id=organization_id, config_id=notification_config_id ) - notification_config = client.get_notification_config(notification_config_name) + notification_config = client.get_notification_config( + request={"name": notification_config_name} + ) print("Got notification config: {}".format(notification_config)) # [END scc_get_notification_config] return notification_config @@ -95,7 +99,9 @@ def list_notification_configs(organization_id): # TODO: organization_id = "your-org-id" org_name = "organizations/{org_id}".format(org_id=organization_id) - notification_configs_iterator = client.list_notification_configs(org_name) + notification_configs_iterator = client.list_notification_configs( + request={"parent": org_name} + ) for i, config in enumerate(notification_configs_iterator): print("{}: notification_config: {}".format(i, config)) # [END scc_list_notification_configs] @@ -128,13 +134,15 @@ def update_notification_config(organization_id, notification_config_id, pubsub_t ) updated_notification_config = client.update_notification_config( - { - "name": notification_config_name, - "description": updated_description, - "pubsub_topic": pubsub_topic, - "streaming_config": {"filter": updated_filter}, - }, - update_mask=field_mask, + request={ + "notification_config": { + "name": notification_config_name, + "description": updated_description, + "pubsub_topic": pubsub_topic, + "streaming_config": {"filter": updated_filter}, + }, + "update_mask": field_mask, + } ) print(updated_notification_config) diff --git a/securitycenter/snippets/snippets_notification_receiver.py b/securitycenter/snippets/snippets_notification_receiver.py index aad6ba797bbd..9fb9f8e4101d 100644 --- a/securitycenter/snippets/snippets_notification_receiver.py +++ b/securitycenter/snippets/snippets_notification_receiver.py @@ -22,10 +22,7 @@ def receive_notifications(project_id, subscription_name): import concurrent from google.cloud import pubsub_v1 - from google.cloud.securitycenter_v1.proto.notification_message_pb2 import ( - NotificationMessage, - ) - from google.protobuf import json_format + from google.cloud.securitycenter_v1 import NotificationMessage # TODO: project_id = "your-project-id" # TODO: subscription_name = "your-subscription-name" @@ -33,8 +30,7 @@ def receive_notifications(project_id, subscription_name): def callback(message): print("Received message") - notification_msg = NotificationMessage() - json_format.Parse(message.data, notification_msg) + notification_msg = NotificationMessage.from_json(message.data) print( "Notification config name: {}".format( diff --git a/securitycenter/snippets/snippets_notification_test.py b/securitycenter/snippets/snippets_notification_test.py index 73ad00602bc7..fc129ab64b86 100644 --- a/securitycenter/snippets/snippets_notification_test.py +++ b/securitycenter/snippets/snippets_notification_test.py @@ -41,7 +41,7 @@ def cleanup_notification_config(notification_config_id): notification_config_name = "organizations/{org_id}/notificationConfigs/{config_id}".format( org_id=ORG_ID, config_id=notification_config_id ) - client.delete_notification_config(notification_config_name) + client.delete_notification_config(request={"name": notification_config_name}) @pytest.fixture @@ -51,13 +51,15 @@ def new_notification_config_for_update(): org_name = "organizations/{org_id}".format(org_id=ORG_ID) created_notification_config = client.create_notification_config( - org_name, - UPDATE_CONFIG_ID, - { - "description": "Notification for active findings", - "pubsub_topic": PUBSUB_TOPIC, - "streaming_config": {"filter": ""}, - }, + request={ + "parent": org_name, + "config_id": UPDATE_CONFIG_ID, + "notification_config": { + "description": "Notification for active findings", + "pubsub_topic": PUBSUB_TOPIC, + "streaming_config": {"filter": ""}, + }, + } ) yield created_notification_config cleanup_notification_config(UPDATE_CONFIG_ID) @@ -70,13 +72,15 @@ def new_notification_config_for_get(): org_name = "organizations/{org_id}".format(org_id=ORG_ID) created_notification_config = client.create_notification_config( - org_name, - GET_CONFIG_ID, - { - "description": "Notification for active findings", - "pubsub_topic": PUBSUB_TOPIC, - "streaming_config": {"filter": ""}, - }, + request={ + "parent": org_name, + "config_id": GET_CONFIG_ID, + "notification_config": { + "description": "Notification for active findings", + "pubsub_topic": PUBSUB_TOPIC, + "streaming_config": {"filter": ""}, + }, + } ) yield created_notification_config cleanup_notification_config(GET_CONFIG_ID) @@ -89,13 +93,15 @@ def deleted_notification_config(): org_name = "organizations/{org_id}".format(org_id=ORG_ID) created_notification_config = client.create_notification_config( - org_name, - DELETE_CONFIG_ID, - { - "description": "Notification for active findings", - "pubsub_topic": PUBSUB_TOPIC, - "streaming_config": {"filter": ""}, - }, + request={ + "parent": org_name, + "config_id": DELETE_CONFIG_ID, + "notification_config": { + "description": "Notification for active findings", + "pubsub_topic": PUBSUB_TOPIC, + "streaming_config": {"filter": ""}, + }, + } ) return created_notification_config @@ -110,10 +116,8 @@ def test_create_notification_config(): def test_delete_notification_config(deleted_notification_config): - assert ( - snippets_notification_configs.delete_notification_config( - ORG_ID, DELETE_CONFIG_ID - ) + assert snippets_notification_configs.delete_notification_config( + ORG_ID, DELETE_CONFIG_ID ) @@ -137,8 +141,6 @@ def test_update_notification_config(new_notification_config_for_update): def test_receive_notifications(): - assert ( - snippets_notification_receiver.receive_notifications( - PROJECT_ID, PUBSUB_SUBSCRIPTION - ) + assert snippets_notification_receiver.receive_notifications( + PROJECT_ID, PUBSUB_SUBSCRIPTION ) diff --git a/securitycenter/snippets/snippets_orgs.py b/securitycenter/snippets/snippets_orgs.py index 6b95e49e8601..057173455cc1 100644 --- a/securitycenter/snippets/snippets_orgs.py +++ b/securitycenter/snippets/snippets_orgs.py @@ -27,7 +27,7 @@ def get_settings(organization_id): org_settings_name = client.organization_settings_path(organization_id) - org_settings = client.get_organization_settings(org_settings_name) + org_settings = client.get_organization_settings(request={"name": org_settings_name}) print(org_settings) # [END get_org_settings] @@ -50,8 +50,13 @@ def update_asset_discovery_org_settings(organization_id): field_mask = field_mask_pb2.FieldMask(paths=["enable_asset_discovery"]) # Call the service. updated = client.update_organization_settings( - {"name": org_settings_name, "enable_asset_discovery": True}, - update_mask=field_mask, + request={ + "organization_settings": { + "name": org_settings_name, + "enable_asset_discovery": True, + }, + "update_mask": field_mask, + } ) print("Asset Discovery Enabled? {}".format(updated.enable_asset_discovery)) # [END update_org_settings] diff --git a/securitycenter/snippets/snippets_security_marks.py b/securitycenter/snippets/snippets_security_marks.py index 885323410c40..96491a070b2a 100644 --- a/securitycenter/snippets/snippets_security_marks.py +++ b/securitycenter/snippets/snippets_security_marks.py @@ -37,10 +37,10 @@ def add_to_asset(asset_name): marks = {"key_a": "value_a", "key_b": "value_b"} updated_marks = client.update_security_marks( - {"name": marks_name, "marks": marks}, - # If this field was left empty, all marks would be cleared before adding - # the new values. - update_mask=field_mask, + request={ + "security_marks": {"name": marks_name, "marks": marks}, + "update_mask": field_mask, + } ) print(updated_marks) # [END add_marks_to_asset] @@ -67,13 +67,14 @@ def clear_from_asset(asset_name): field_mask = field_mask_pb2.FieldMask(paths=["marks.key_a", "marks.key_b"]) updated_marks = client.update_security_marks( - { - "name": marks_name - # Note, no marks specified, so the specified values in - # the fields masks will be deleted. - }, - # If this field was left empty, all marks would be cleared. - update_mask=field_mask, + request={ + "security_marks": { + "name": marks_name + # Note, no marks specified, so the specified values in + # the fields masks will be deleted. + }, + "update_mask": field_mask, + } ) print(updated_marks) # [END clear_marks_asset] @@ -99,7 +100,10 @@ def delete_and_update_marks(asset_name): marks = {"key_a": "new_value_for_a"} updated_marks = client.update_security_marks( - {"name": marks_name, "marks": marks}, update_mask=field_mask + request={ + "security_marks": {"name": marks_name, "marks": marks}, + "update_mask": field_mask, + } ) print(updated_marks) # [END delete_and_update_marks] @@ -128,7 +132,10 @@ def add_to_finding(finding_name): marks = {"finding_key_a": "value_a", "finding_key_b": "value_b"} updated_marks = client.update_security_marks( - {"name": finding_marks_name, "marks": marks}, update_mask=field_mask + request={ + "security_marks": {"name": finding_marks_name, "marks": marks}, + "update_mask": field_mask, + } ) # [END add_marks_to_finding] return updated_marks, marks @@ -149,10 +156,14 @@ def list_assets_with_query_marks(organization_id, asset_name): marks_filter = 'security_marks.marks.key_a = "value_a"' # Call the API and print results. - asset_iterator = client.list_assets(org_name, filter_=marks_filter) + asset_iterator = client.list_assets( + request={"parent": org_name, "filter": marks_filter} + ) # Call the API and print results. - asset_iterator = client.list_assets(org_name, filter_=marks_filter) + asset_iterator = client.list_assets( + request={"parent": org_name, "filter": marks_filter} + ) for i, asset_result in enumerate(asset_iterator): print(i, asset_result) # [END demo_list_assets_with_security_marks] @@ -178,7 +189,9 @@ def list_findings_with_query_marks(source_name, finding_name): marks_filter = 'NOT security_marks.marks.finding_key_a="value_a"' # Call the API and print results. - finding_iterator = client.list_findings(source_name, filter_=marks_filter) + finding_iterator = client.list_findings( + request={"parent": source_name, "filter": marks_filter} + ) for i, finding_result in enumerate(finding_iterator): print(i, finding_result) # [END demo_list_findings_with_security_marks] diff --git a/securitycenter/snippets/snippets_security_marks_test.py b/securitycenter/snippets/snippets_security_marks_test.py index 18950f86bbfd..10182416c05e 100644 --- a/securitycenter/snippets/snippets_security_marks_test.py +++ b/securitycenter/snippets/snippets_security_marks_test.py @@ -37,13 +37,18 @@ def asset_name(organization_id): # organization_id is the numeric ID of the organization. # organization_id=1234567777 org_name = "organizations/{org_id}".format(org_id=organization_id) - assets = list(client.list_assets(org_name)) + assets = list(client.list_assets(request={"parent": org_name})) # Select a random asset to avoid collision between integration tests. asset = (random.sample(assets, 1)[0]).asset.name # Set fresh marks. update = client.update_security_marks( - {"name": "{}/securityMarks".format(asset), "marks": {"other": "other_val"}} + request={ + "security_marks": { + "name": "{}/securityMarks".format(asset), + "marks": {"other": "other_val"}, + } + } ) assert update.marks == {"other": "other_val"} return asset @@ -57,11 +62,13 @@ def source_name(organization_id): client = securitycenter.SecurityCenterClient() org_name = "organizations/{org_id}".format(org_id=organization_id) source = client.create_source( - org_name, - { - "display_name": "Security marks Unit test source", - "description": "A new custom source that does X", - }, + request={ + "parent": org_name, + "source": { + "display_name": "Security marks Unit test source", + "description": "A new custom source that does X", + }, + } ) return source.name @@ -70,7 +77,7 @@ def source_name(organization_id): def finding_name(source_name): """Creates a new finding and returns it name.""" from google.cloud import securitycenter - from google.cloud.securitycenter_v1.proto.finding_pb2 import Finding + from google.cloud.securitycenter_v1 import Finding from google.protobuf.timestamp_pb2 import Timestamp client = securitycenter.SecurityCenterClient() @@ -79,24 +86,28 @@ def finding_name(source_name): now_proto.GetCurrentTime() finding = client.create_finding( - source_name, - "scfinding", - { - "state": Finding.ACTIVE, - "category": "C1", - "event_time": now_proto, - "resource_name": "//cloudresourcemanager.googleapis.com/organizations/1234", - }, + request={ + "parent": source_name, + "finding_id": "scfinding", + "finding": { + "state": Finding.State.ACTIVE, + "category": "C1", + "event_time": now_proto, + "resource_name": "//cloudresourcemanager.googleapis.com/organizations/1234", + }, + } ) client.create_finding( - source_name, - "untouched", - { - "state": Finding.ACTIVE, - "category": "MEDIUM_RISK_ONE", - "event_time": now_proto, - "resource_name": "//cloudresourcemanager.googleapis.com/organizations/1234", - }, + request={ + "parent": source_name, + "finding_id": "untouched", + "finding": { + "state": Finding.State.ACTIVE, + "category": "MEDIUM_RISK_ONE", + "event_time": now_proto, + "resource_name": "//cloudresourcemanager.googleapis.com/organizations/1234", + }, + } ) return finding.name