docs(samples): added samples for Mute config (#719)

* docs(scc-samples): init add CRUD mute config samples

* added bulk mute and mute/unmute samples

* refactor(samples): modified class name

* refactor(samples): added muteConfigId and refactored class name

* test(samples): added tests for mute config samples

* 🦉 Updates from OwlBot

See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md

* docs(samples): updated samples and test files

* 🦉 Updates from OwlBot

See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md

* docs(samples): lint fix

* 🦉 Updates from OwlBot

See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md

* docs(samples): applied documentation review comments

* docs(samples): applied review comments

* 🦉 Updates from OwlBot post-processor

See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md

* docs(samples): added test env variables

* 🦉 Updates from OwlBot post-processor

See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md

* docs(samples): added test env variables

* updated config typo

* test: try changing the env var name

* Update samples.cfg

* Update samples.cfg

* updated samples.cfg

* docs(samples): updated acc to review comments

* lint fix

* lint fix

* lint fix

Co-authored-by: Owl Bot <gcf-owl-bot[bot]@users.noreply.github.com>
Co-authored-by: Neenu Shaji <[email protected]>

Author: 3 people

.kokoro/presubmit/samples.cfg

@@ -29,5 +29,5 @@ env_vars: {
 
 env_vars: {
   key: "SECRET_MANAGER_KEYS"
-  value: "java-docs-samples-service-account"
+  value: "java-docs-samples-service-account,java-scc-samples-secrets"
 }

README.md

@@ -30,6 +30,7 @@ If you are using Maven with [BOM][libraries-bom], add this to your pom.xml file
   <dependency>
     <groupId>com.google.cloud</groupId>
     <artifactId>google-cloud-securitycenter</artifactId>
+    <version>2.3.1</version>
   </dependency>
 
   <dependency>
@@ -56,6 +57,7 @@ If you are using Gradle 5.x or later, add this to your dependencies
 ```Groovy
 implementation platform('com.google.cloud:libraries-bom:25.0.0')
 
+
 implementation 'com.google.cloud:google-cloud-securitycenter'
 ```
 If you are using Gradle without BOM, add this to your dependencies
@@ -117,6 +119,13 @@ Samples are in the [`samples/`](https://github.com/googleapis/java-securitycente
 | List Notification Config Snippets | [source code](https://github.com/googleapis/java-securitycenter/blob/main/samples/snippets/src/main/java/com/google/cloud/examples/securitycenter/snippets/ListNotificationConfigSnippets.java) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/java-securitycenter&page=editor&open_in_editor=samples/snippets/src/main/java/com/google/cloud/examples/securitycenter/snippets/ListNotificationConfigSnippets.java) |
 | Notification Receiver | [source code](https://github.com/googleapis/java-securitycenter/blob/main/samples/snippets/src/main/java/com/google/cloud/examples/securitycenter/snippets/NotificationReceiver.java) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/java-securitycenter&page=editor&open_in_editor=samples/snippets/src/main/java/com/google/cloud/examples/securitycenter/snippets/NotificationReceiver.java) |
 | Update Notification Config Snippets | [source code](https://github.com/googleapis/java-securitycenter/blob/main/samples/snippets/src/main/java/com/google/cloud/examples/securitycenter/snippets/UpdateNotificationConfigSnippets.java) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/java-securitycenter&page=editor&open_in_editor=samples/snippets/src/main/java/com/google/cloud/examples/securitycenter/snippets/UpdateNotificationConfigSnippets.java) |
+| Bulk Mute Findings | [source code](https://github.com/googleapis/java-securitycenter/blob/main/samples/snippets/src/main/java/com/google/cloud/examples/securitycenter/snippets/muteconfig/BulkMuteFindings.java) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/java-securitycenter&page=editor&open_in_editor=samples/snippets/src/main/java/com/google/cloud/examples/securitycenter/snippets/muteconfig/BulkMuteFindings.java) |
+| Create Mute Rule | [source code](https://github.com/googleapis/java-securitycenter/blob/main/samples/snippets/src/main/java/com/google/cloud/examples/securitycenter/snippets/muteconfig/CreateMuteRule.java) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/java-securitycenter&page=editor&open_in_editor=samples/snippets/src/main/java/com/google/cloud/examples/securitycenter/snippets/muteconfig/CreateMuteRule.java) |
+| Delete Mute Rule | [source code](https://github.com/googleapis/java-securitycenter/blob/main/samples/snippets/src/main/java/com/google/cloud/examples/securitycenter/snippets/muteconfig/DeleteMuteRule.java) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/java-securitycenter&page=editor&open_in_editor=samples/snippets/src/main/java/com/google/cloud/examples/securitycenter/snippets/muteconfig/DeleteMuteRule.java) |
+| Get Mute Rule | [source code](https://github.com/googleapis/java-securitycenter/blob/main/samples/snippets/src/main/java/com/google/cloud/examples/securitycenter/snippets/muteconfig/GetMuteRule.java) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/java-securitycenter&page=editor&open_in_editor=samples/snippets/src/main/java/com/google/cloud/examples/securitycenter/snippets/muteconfig/GetMuteRule.java) |
+| List Mute Rules | [source code](https://github.com/googleapis/java-securitycenter/blob/main/samples/snippets/src/main/java/com/google/cloud/examples/securitycenter/snippets/muteconfig/ListMuteRules.java) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/java-securitycenter&page=editor&open_in_editor=samples/snippets/src/main/java/com/google/cloud/examples/securitycenter/snippets/muteconfig/ListMuteRules.java) |
+| Set Mute Unmute Finding | [source code](https://github.com/googleapis/java-securitycenter/blob/main/samples/snippets/src/main/java/com/google/cloud/examples/securitycenter/snippets/muteconfig/SetMuteUnmuteFinding.java) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/java-securitycenter&page=editor&open_in_editor=samples/snippets/src/main/java/com/google/cloud/examples/securitycenter/snippets/muteconfig/SetMuteUnmuteFinding.java) |
+| Update Mute Rule | [source code](https://github.com/googleapis/java-securitycenter/blob/main/samples/snippets/src/main/java/com/google/cloud/examples/securitycenter/snippets/muteconfig/UpdateMuteRule.java) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/java-securitycenter&page=editor&open_in_editor=samples/snippets/src/main/java/com/google/cloud/examples/securitycenter/snippets/muteconfig/UpdateMuteRule.java) |
 
 
 

samples/snippets/pom.xml

@@ -41,6 +41,7 @@
     <dependency>
       <groupId>com.google.cloud</groupId>
       <artifactId>google-cloud-securitycenter</artifactId>
+      <version>2.3.1</version>
     </dependency>
 
     <dependency>

samples/snippets/src/main/java/com/google/cloud/examples/securitycenter/snippets/muteconfig/BulkMuteFindings.java

@@ -0,0 +1,71 @@
+/*
+ * Copyright 2021 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.examples.securitycenter.snippets.muteconfig;
+
+// [START securitycenter_bulk_mute]
+
+import com.google.cloud.securitycenter.v1.BulkMuteFindingsRequest;
+import com.google.cloud.securitycenter.v1.BulkMuteFindingsResponse;
+import com.google.cloud.securitycenter.v1.SecurityCenterClient;
+import java.io.IOException;
+import java.util.concurrent.ExecutionException;
+
+public class BulkMuteFindings {
+
+  public static void main(String[] args) {
+    // TODO: Replace the variables within {}
+
+    // parentPath: Use any one of the following options:
+    //             - organizations/{organization_id}
+    //             - folders/{folder_id}
+    //             - projects/{project_id}
+    String parentPath = String.format("projects/%s", "your-google-cloud-project-id");
+
+    // muteRule: Expression that identifies findings that should be muted.
+    // eg: "resource.project_display_name=\"PROJECT_ID\""
+    String muteRule = "{filter-condition}";
+
+    bulkMute(parentPath, muteRule);
+  }
+
+  // Kicks off a long-running operation (LRO) to bulk mute findings for a parent based on a filter.
+  // The parent can be either an organization, folder, or project. The findings
+  // matched by the filter will be muted after the LRO is done.
+  public static void bulkMute(String parentPath, String muteRule) {
+    // Initialize client that will be used to send requests. This client only needs to be created
+    // once, and can be reused for multiple requests. After completing all of your requests, call
+    // the "close" method on the client to safely clean up any remaining background resources.
+    try (SecurityCenterClient client = SecurityCenterClient.create()) {
+
+      BulkMuteFindingsRequest bulkMuteFindingsRequest =
+          BulkMuteFindingsRequest.newBuilder()
+              .setParent(parentPath)
+              // To create mute rules, see:
+              // https://cloud.google.com/security-command-center/docs/how-to-mute-findings#create_mute_rules
+              .setFilter(muteRule)
+              .build();
+
+      // ExecutionException is thrown if the below call fails.
+      BulkMuteFindingsResponse response =
+          client.bulkMuteFindingsAsync(bulkMuteFindingsRequest).get();
+      System.out.println("Bulk mute findings completed successfully! " + response);
+    } catch (IOException | InterruptedException | ExecutionException e) {
+      System.out.println("Bulk mute findings failed! \n Exception: " + e);
+    }
+  }
+}
+// [END securitycenter_bulk_mute]

samples/snippets/src/main/java/com/google/cloud/examples/securitycenter/snippets/muteconfig/CreateMuteRule.java

@@ -0,0 +1,79 @@
+/*
+ * Copyright 2021 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.examples.securitycenter.snippets.muteconfig;
+
+// [START securitycenter_create_mute_config]
+
+import com.google.cloud.securitycenter.v1.CreateMuteConfigRequest;
+import com.google.cloud.securitycenter.v1.MuteConfig;
+import com.google.cloud.securitycenter.v1.SecurityCenterClient;
+import java.io.IOException;
+import java.util.UUID;
+
+public class CreateMuteRule {
+
+  public static void main(String[] args) {
+    // TODO: Replace the variables within {}
+
+    // parentPath: Use any one of the following options:
+    //             - organizations/{organization_id}
+    //             - folders/{folder_id}
+    //             - projects/{project_id}
+    String parentPath = String.format("projects/%s", "your-google-cloud-project-id");
+
+    // muteConfigId: Set a random id; max of 63 chars.
+    String muteConfigId = "random-mute-id-" + UUID.randomUUID();
+    createMuteRule(parentPath, muteConfigId);
+  }
+
+  // Creates a mute configuration under a given scope that will mute
+  // all new findings that match a given filter.
+  // Existing findings will not be muted.
+  public static void createMuteRule(String parentPath, String muteConfigId) {
+    // Initialize client that will be used to send requests. This client only needs to be created
+    // once, and can be reused for multiple requests. After completing all of your requests, call
+    // the "close" method on the client to safely clean up any remaining background resources.
+    try (SecurityCenterClient client = SecurityCenterClient.create()) {
+
+      MuteConfig muteConfig =
+          MuteConfig.newBuilder()
+              .setDescription("Mute low-medium IAM grants excluding 'compute' ")
+              // Set mute rule(s).
+              // To construct mute rules and for supported properties, see:
+              // https://cloud.google.com/security-command-center/docs/how-to-mute-findings#create_mute_rules
+              .setFilter(
+                  "severity=\"LOW\" OR severity=\"MEDIUM\" AND "
+                      + "category=\"Persistence: IAM Anomalous Grant\" AND "
+                      + "-resource.type:\"compute\"")
+              .build();
+
+      CreateMuteConfigRequest request =
+          CreateMuteConfigRequest.newBuilder()
+              .setParent(parentPath)
+              .setMuteConfigId(muteConfigId)
+              .setMuteConfig(muteConfig)
+              .build();
+
+      // ExecutionException is thrown if the below call fails.
+      MuteConfig response = client.createMuteConfig(request);
+      System.out.println("Mute rule created successfully: " + response.getName());
+    } catch (IOException e) {
+      System.out.println("Mute rule creation failed! \n Exception: " + e);
+    }
+  }
+}
+// [END securitycenter_create_mute_config]

samples/snippets/src/main/java/com/google/cloud/examples/securitycenter/snippets/muteconfig/DeleteMuteRule.java

@@ -0,0 +1,60 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.examples.securitycenter.snippets.muteconfig;
+
+// [START securitycenter_delete_mute_config]
+
+import com.google.cloud.securitycenter.v1.MuteConfigName;
+import com.google.cloud.securitycenter.v1.SecurityCenterClient;
+import java.io.IOException;
+
+public class DeleteMuteRule {
+
+  public static void main(String[] args) {
+    // TODO(Developer): Replace the following variables
+    // parentPath: Use any one of the following options:
+    //             - organizations/{organization_id}
+    //             - folders/{folder_id}
+    //             - projects/{project_id}
+    String parentPath = String.format("projects/%s", "your-google-cloud-project-id");
+
+    // muteConfigId: Specify the name of the mute config to delete.
+    String muteConfigId = "mute-config-id";
+
+    deleteMuteRule(parentPath, muteConfigId);
+  }
+
+  // Deletes a mute configuration given its resource name.
+  // Note: Previously muted findings are not affected when a mute config is deleted.
+  public static void deleteMuteRule(String projectId, String muteConfigId) {
+    // Initialize client that will be used to send requests. This client only needs to be created
+    // once, and can be reused for multiple requests. After completing all of your requests, call
+    // the "close" method on the client to safely clean up any remaining background resources.
+    try (SecurityCenterClient client = SecurityCenterClient.create()) {
+      // Use appropriate MuteConfigName methods depending on the type of parent.
+      // org -> MuteConfigName.ofOrganizationMuteConfigName()
+      // folder -> MuteConfigName.ofFolderMuteConfigName()
+      // project -> MuteConfigName.ofProjectMuteConfigName)
+      client.deleteMuteConfig(MuteConfigName.ofProjectMuteConfigName(projectId, muteConfigId));
+
+      System.out.println("Mute rule deleted successfully: " + muteConfigId);
+    } catch (IOException e) {
+      System.out.println("Mute rule deletion failed! \n Exception: " + e);
+    }
+  }
+}
+// [END securitycenter_delete_mute_config]

samples/snippets/src/main/java/com/google/cloud/examples/securitycenter/snippets/muteconfig/GetMuteRule.java

@@ -0,0 +1,62 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.examples.securitycenter.snippets.muteconfig;
+
+// [START securitycenter_get_mute_config]
+
+import com.google.cloud.securitycenter.v1.MuteConfig;
+import com.google.cloud.securitycenter.v1.MuteConfigName;
+import com.google.cloud.securitycenter.v1.SecurityCenterClient;
+import java.io.IOException;
+
+public class GetMuteRule {
+
+  public static void main(String[] args) {
+    // TODO(Developer): Replace the following variables
+
+    // parentPath: Use any one of the following options:
+    //             - organizations/{organization_id}
+    //             - folders/{folder_id}
+    //             - projects/{project_id}
+    String parentPath = String.format("projects/%s", "your-google-cloud-project-id");
+
+    // muteConfigId: Name of the mute config to retrieve.
+    String muteConfigId = "mute-config-id";
+
+    getMuteRule(parentPath, muteConfigId);
+  }
+
+  // Retrieves a mute configuration given its resource name.
+  public static void getMuteRule(String projectId, String muteConfigId) {
+    // Initialize client that will be used to send requests. This client only needs to be created
+    // once, and can be reused for multiple requests. After completing all of your requests, call
+    // the "close" method on the client to safely clean up any remaining background resources.
+    try (SecurityCenterClient client = SecurityCenterClient.create()) {
+      // Use appropriate MuteConfigName methods depending on the type of parent.
+      // (org -> MuteConfigName.ofOrganizationMuteConfigName()
+      // folder -> MuteConfigName.ofFolderMuteConfigName()
+      // project -> MuteConfigName.ofProjectMuteConfigName)
+      MuteConfig muteConfig =
+          client.getMuteConfig(MuteConfigName.ofProjectMuteConfigName(projectId, muteConfigId));
+
+      System.out.println("Retrieved the mute config: " + muteConfig);
+    } catch (IOException e) {
+      System.out.println("Mute rule retrieval failed! \n Exception: " + e);
+    }
+  }
+}
+// [END securitycenter_get_mute_config]