feat: add bigquery export samples

security-command-center/snippets/pom.xml

@@ -73,5 +73,11 @@
       <version>1.4.0</version>
       <scope>test</scope>
     </dependency>
+    <dependency>
+      <groupId>org.mockito</groupId>
+      <artifactId>mockito-core</artifactId>
+      <version>5.2.0</version>
+      <scope>test</scope>
+    </dependency>
   </dependencies>
 </project>

security-command-center/snippets/src/main/java/vtwo/bigquery/CreateBigQueryExport.java

@@ -0,0 +1,91 @@
+/*
+ * Copyright 2024 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package vtwo.bigquery;
+
+// [START securitycenter_create_bigquery_export_v2]
+
+import com.google.cloud.securitycenter.v2.BigQueryExport;
+import com.google.cloud.securitycenter.v2.CreateBigQueryExportRequest;
+import com.google.cloud.securitycenter.v2.OrganizationLocationName;
+import com.google.cloud.securitycenter.v2.SecurityCenterClient;
+import java.io.IOException;
+import java.util.UUID;
+
+public class CreateBigQueryExport {
+
+  public static void main(String[] args) throws IOException {
+    // TODO(Developer): Modify the following variable values.
+    // organizationId: Google Cloud Organization id.
+    String organizationId = "{google-cloud-organization-id}";
+
+    // projectId: Google Cloud Project id.
+    String projectId = "{your-project}";
+
+    // Specify the location.
+    String location = "global";
+
+    // filter: Expression that defines the filter to apply across create/update events of findings.
+    String filter = "severity=\"LOW\" OR severity=\"MEDIUM\"";
+
+    // bigQueryDatasetId: The BigQuery dataset to write findings' updates to.
+    String bigQueryDatasetId = "{bigquery-dataset-id}";
+
+    // bigQueryExportId: Unique identifier provided by the client.
+    // For more info, see:
+    // https://cloud.google.com/security-command-center/docs/how-to-analyze-findings-in-big-query#export_findings_from_to
+    String bigQueryExportId = "default-" + UUID.randomUUID().toString().split("-")[0];
+
+    createBigQueryExport(organizationId, location, projectId, filter, bigQueryDatasetId,
+        bigQueryExportId);
+  }
+
+  // Create export configuration to export findings from a project to a BigQuery dataset.
+  // Optionally specify filter to export certain findings only.
+  public static BigQueryExport createBigQueryExport(String organizationId, String location,
+      String projectId, String filter, String bigQueryDatasetId, String bigQueryExportId)
+      throws IOException {
+    // Initialize client that will be used to send requests. This client only needs to be created
+    // once, and can be reused for multiple requests.
+    try (SecurityCenterClient client = SecurityCenterClient.create()) {
+      OrganizationLocationName organizationName = OrganizationLocationName.of(organizationId,
+          location);
+      // Create the BigQuery export configuration.
+      BigQueryExport bigQueryExport =
+          BigQueryExport.newBuilder()
+              .setDescription(
+                  "Export low and medium findings if the compute resource "
+                      + "has an IAM anomalous grant")
+              .setFilter(filter)
+              .setDataset(String.format("projects/%s/datasets/%s", projectId, bigQueryDatasetId))
+              .build();
+
+      CreateBigQueryExportRequest bigQueryExportRequest =
+          CreateBigQueryExportRequest.newBuilder()
+              .setParent(organizationName.toString())
+              .setBigQueryExport(bigQueryExport)
+              .setBigQueryExportId(bigQueryExportId)
+              .build();
+
+      // Create the export request.
+      BigQueryExport response = client.createBigQueryExport(bigQueryExportRequest);
+
+      System.out.printf("BigQuery export request created successfully: %s\n", response.getName());
+      return response;
+    }
+  }
+}
+// [END securitycenter_create_bigquery_export_v2]

security-command-center/snippets/src/main/java/vtwo/bigquery/DeleteBigQueryExport.java

@@ -0,0 +1,65 @@
+/*
+ * Copyright 2024 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package vtwo.bigquery;
+
+// [START securitycenter_delete_bigquery_export_v2]
+
+import com.google.cloud.securitycenter.v2.BigQueryExportName;
+import com.google.cloud.securitycenter.v2.DeleteBigQueryExportRequest;
+import com.google.cloud.securitycenter.v2.SecurityCenterClient;
+import java.io.IOException;
+
+public class DeleteBigQueryExport {
+
+  public static void main(String[] args) throws IOException {
+    // TODO(Developer): Modify the following variable values.
+    // organizationId: Google Cloud Organization id.
+    String organizationId = "{google-cloud-organization-id}";
+
+    // Specify the location to list the findings.
+    String location = "global";
+
+    // bigQueryExportId: Unique identifier that is used to identify the export.
+    String bigQueryExportId = "{bigquery-export-id}";
+
+    deleteBigQueryExport(organizationId, location, bigQueryExportId);
+  }
+
+  // Delete an existing BigQuery export.
+  public static void deleteBigQueryExport(String organizationId, String location,
+      String bigQueryExportId)
+      throws IOException {
+    // Initialize client that will be used to send requests. This client only needs to be created
+    // once, and can be reused for multiple requests.
+    try (SecurityCenterClient client = SecurityCenterClient.create()) {
+      // Optionally BigQueryExportName or String can be used
+      // String bigQueryExportName = String.format("organizations/%s/locations/%s
+      // /bigQueryExports/%s",organizationId,location, bigQueryExportId);
+      BigQueryExportName bigQueryExportName = BigQueryExportName.of(organizationId, location,
+          bigQueryExportId);
+
+      DeleteBigQueryExportRequest bigQueryExportRequest =
+          DeleteBigQueryExportRequest.newBuilder()
+              .setName(bigQueryExportName.toString())
+              .build();
+
+      client.deleteBigQueryExport(bigQueryExportRequest);
+      System.out.printf("BigQuery export request deleted successfully: %s", bigQueryExportId);
+    }
+  }
+}
+// [END securitycenter_delete_bigquery_export_v2]

security-command-center/snippets/src/main/java/vtwo/bigquery/GetBigQueryExport.java

@@ -0,0 +1,64 @@
+/*
+ * Copyright 2024 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package vtwo.bigquery;
+
+// [START securitycenter_get_bigquery_export_v2]
+
+import com.google.cloud.securitycenter.v2.BigQueryExport;
+import com.google.cloud.securitycenter.v2.BigQueryExportName;
+import com.google.cloud.securitycenter.v2.GetBigQueryExportRequest;
+import com.google.cloud.securitycenter.v2.SecurityCenterClient;
+import java.io.IOException;
+
+public class GetBigQueryExport {
+
+  public static void main(String[] args) throws IOException {
+    // TODO(Developer): Modify the following variable values.
+    // organizationId: Google Cloud Organization id.
+    String organizationId = "{google-cloud-organization-id}";
+
+    // Specify the location to list the findings.
+    String location = "global";
+
+    // bigQueryExportId: Unique identifier that is used to identify the export.
+    String bigQueryExportId = "{bigquery-export-id}";
+
+    getBigQueryExport(organizationId, location, bigQueryExportId);
+  }
+
+  // Retrieve an existing BigQuery export.
+  public static BigQueryExport getBigQueryExport(String organizationId, String location,
+      String bigQueryExportId) throws IOException {
+    // Initialize client that will be used to send requests. This client only needs to be created
+    // once, and can be reused for multiple requests.
+    try (SecurityCenterClient client = SecurityCenterClient.create()) {
+
+      BigQueryExportName bigQueryExportName = BigQueryExportName.of(organizationId, location,
+          bigQueryExportId);
+
+      GetBigQueryExportRequest bigQueryExportRequest =
+          GetBigQueryExportRequest.newBuilder()
+              .setName(bigQueryExportName.toString())
+              .build();
+
+      BigQueryExport response = client.getBigQueryExport(bigQueryExportRequest);
+      System.out.printf("Retrieved the BigQuery export: %s", response.getName());
+      return response;
+    }
+  }
+}
+// [END securitycenter_get_bigquery_export_v2]

security-command-center/snippets/src/main/java/vtwo/bigquery/ListBigQueryExports.java

@@ -0,0 +1,64 @@
+/*
+ * Copyright 2024 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package vtwo.bigquery;
+
+// [START securitycenter_list_bigquery_export_v2]
+
+import com.google.cloud.securitycenter.v2.BigQueryExport;
+import com.google.cloud.securitycenter.v2.ListBigQueryExportsRequest;
+import com.google.cloud.securitycenter.v2.OrganizationLocationName;
+import com.google.cloud.securitycenter.v2.SecurityCenterClient;
+import com.google.cloud.securitycenter.v2.SecurityCenterClient.ListBigQueryExportsPagedResponse;
+import java.io.IOException;
+
+public class ListBigQueryExports {
+
+  public static void main(String[] args) throws IOException {
+    // TODO(Developer): Modify the following variable values.
+    // organizationId: Google Cloud Organization id.
+    String organizationId = "{google-cloud-organization-id}";
+
+    // Specify the location to list the findings.
+    String location = "global";
+
+    listBigQueryExports(organizationId, location);
+  }
+
+  // List BigQuery exports in the given parent.
+  public static ListBigQueryExportsPagedResponse listBigQueryExports(String organizationId,
+      String location) throws IOException {
+    // Initialize client that will be used to send requests. This client only needs to be created
+    // once, and can be reused for multiple requests.
+    try (SecurityCenterClient client = SecurityCenterClient.create()) {
+      OrganizationLocationName organizationName = OrganizationLocationName.of(organizationId,
+          location);
+
+      ListBigQueryExportsRequest request = ListBigQueryExportsRequest.newBuilder()
+          .setParent(organizationName.toString())
+          .build();
+
+      ListBigQueryExportsPagedResponse response = client.listBigQueryExports(request);
+
+      System.out.println("Listing BigQuery exports:");
+      for (BigQueryExport bigQueryExport : response.iterateAll()) {
+        System.out.println(bigQueryExport.getName());
+      }
+      return response;
+    }
+  }
+}
+// [END securitycenter_list_bigquery_export_v2]

security-command-center/snippets/src/main/java/vtwo/bigquery/UpdateBigQueryExport.java

@@ -0,0 +1,90 @@
+/*
+ * Copyright 2024 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package vtwo.bigquery;
+
+// [START securitycenter_update_bigquery_export_v2]
+
+import com.google.cloud.securitycenter.v2.BigQueryExport;
+import com.google.cloud.securitycenter.v2.BigQueryExportName;
+import com.google.cloud.securitycenter.v2.SecurityCenterClient;
+import com.google.cloud.securitycenter.v2.UpdateBigQueryExportRequest;
+import com.google.protobuf.FieldMask;
+import java.io.IOException;
+
+public class UpdateBigQueryExport {
+
+  public static void main(String[] args) throws IOException {
+    // TODO(Developer): Modify the following variable values.
+    // organizationId: Google Cloud Organization id.
+    String organizationId = "{google-cloud-organization-id}";
+
+    // Specify the location to list the findings.
+    String location = "global";
+
+    // filter: Expression that defines the filter to apply across create/update events of findings.
+    String filter =
+        "severity=\"LOW\" OR severity=\"MEDIUM\" AND "
+            + "category=\"Persistence: IAM Anomalous Grant\" AND "
+            + "-resource.type:\"compute\"";
+
+    // bigQueryExportId: Unique identifier provided by the client.
+    // For more info, see:
+    // https://cloud.google.com/security-command-center/docs/how-to-analyze-findings-in-big-query#export_findings_from_to
+    String bigQueryExportId = "{bigquery-export-id}";
+
+    updateBigQueryExport(organizationId, location, filter, bigQueryExportId);
+  }
+
+  // Updates an existing BigQuery export.
+  public static BigQueryExport updateBigQueryExport(String organizationId, String location,
+      String filter, String bigQueryExportId) throws IOException {
+    // Initialize client that will be used to send requests. This client only needs to be created
+    // once, and can be reused for multiple requests.
+    try (SecurityCenterClient client = SecurityCenterClient.create()) {
+      // Optionally BigQueryExportName or String can be used
+      // String bigQueryExportName = String.format("organizations/%s/locations/%s
+      // /bigQueryExports/%s",organizationId,location, bigQueryExportId);
+      BigQueryExportName bigQueryExportName = BigQueryExportName.of(organizationId, location,
+          bigQueryExportId);
+
+      //  Set the new values for export configuration.
+      BigQueryExport bigQueryExport =
+          BigQueryExport.newBuilder()
+              .setName(bigQueryExportName.toString())
+              .setDescription("Updated description.")
+              .setFilter(filter)
+              .build();
+
+      UpdateBigQueryExportRequest request =
+          UpdateBigQueryExportRequest.newBuilder()
+              .setBigQueryExport(bigQueryExport)
+              // Set the update mask to specify which properties should be updated.
+              // If empty, all mutable fields will be updated.
+              // For more info on constructing field mask path, see the proto or:
+              // https://cloud.google.com/java/docs/reference/protobuf/latest/com.google.protobuf.FieldMask
+              .setUpdateMask(FieldMask.newBuilder()
+                  .addPaths("filter")
+                  .addPaths("description").build())
+              .build();
+
+      BigQueryExport response = client.updateBigQueryExport(request);
+      System.out.println("BigQueryExport updated successfully!");
+      return response;
+    }
+  }
+}
+// [END securitycenter_update_bigquery_export_v2]