diff --git a/securitycenter/snippets/pom.xml b/securitycenter/snippets/pom.xml
new file mode 100644
index 00000000000..d216b83b341
--- /dev/null
+++ b/securitycenter/snippets/pom.xml
@@ -0,0 +1,48 @@
+
+
+ 4.0.0
+ com.example.securitycenter
+ securitycenter-snippets
+ jar
+ Google Security Center Snippets
+
+
+ com.google.cloud.samples
+ shared-configuration
+ 1.2.0
+
+
+
+ 1.8
+ 1.8
+ UTF-8
+
+
+
+
+
+ com.google.cloud
+ libraries-bom
+ 26.33.0
+ pom
+ import
+
+
+
+
+
+
+ com.google.cloud
+ google-cloud-securitycenter
+
+
+
+ junit
+ junit
+ 4.13.2
+ test
+
+
+
\ No newline at end of file
diff --git a/securitycenter/snippets/src/main/java/com/example/securitycenter/FindingSnippets.java b/securitycenter/snippets/src/main/java/com/example/securitycenter/FindingSnippets.java
new file mode 100644
index 00000000000..b2f0b71c10d
--- /dev/null
+++ b/securitycenter/snippets/src/main/java/com/example/securitycenter/FindingSnippets.java
@@ -0,0 +1,541 @@
+/*
+ * Copyright 2019 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.example.securitycenter;
+
+import com.google.cloud.securitycenter.v1.Finding;
+import com.google.cloud.securitycenter.v1.Finding.State;
+import com.google.cloud.securitycenter.v1.FindingName;
+import com.google.cloud.securitycenter.v1.GroupFindingsRequest;
+import com.google.cloud.securitycenter.v1.GroupResult;
+import com.google.cloud.securitycenter.v1.ListFindingsRequest;
+import com.google.cloud.securitycenter.v1.ListFindingsResponse.ListFindingsResult;
+import com.google.cloud.securitycenter.v1.OrganizationName;
+import com.google.cloud.securitycenter.v1.SecurityCenterClient;
+import com.google.cloud.securitycenter.v1.SecurityCenterClient.GroupFindingsPagedResponse;
+import com.google.cloud.securitycenter.v1.SecurityCenterClient.ListFindingsPagedResponse;
+import com.google.cloud.securitycenter.v1.SourceName;
+import com.google.cloud.securitycenter.v1.UpdateFindingRequest;
+import com.google.common.collect.ImmutableList;
+import com.google.common.collect.ImmutableMap;
+import com.google.iam.v1.TestIamPermissionsResponse;
+import com.google.protobuf.FieldMask;
+import com.google.protobuf.Timestamp;
+import com.google.protobuf.Value;
+import java.io.IOException;
+import java.time.Duration;
+import java.time.Instant;
+import java.util.List;
+
+/**
+ * Snippets for how to work with Findings in Security Command Center.
+ */
+public class FindingSnippets {
+
+ private FindingSnippets() {
+ }
+
+ /**
+ * Create a finding under a source.
+ *
+ * @param sourceName The source for the finding.
+ */
+ static Finding createFinding(SourceName sourceName, String findingId) {
+ try (SecurityCenterClient client = SecurityCenterClient.create()) {
+ // SourceName sourceName = SourceName.of(/*organization=*/"123234324",/*source=*/
+ // "423432321");
+ // String findingId = "samplefindingid";
+
+ // Use the current time as the finding "event time".
+ Instant eventTime = Instant.now();
+
+ // The resource this finding applies to. The CSCC UI can link
+ // the findings for a resource to the corresponding Asset of a resource
+ // if there are matches.
+ String resourceName = "//cloudresourcemanager.googleapis.com/organizations/11232";
+
+ // Start setting up a request to create a finding in a source.
+ Finding finding =
+ Finding.newBuilder()
+ .setParent(sourceName.toString())
+ .setState(State.ACTIVE)
+ .setResourceName(resourceName)
+ .setEventTime(
+ Timestamp.newBuilder()
+ .setSeconds(eventTime.getEpochSecond())
+ .setNanos(eventTime.getNano()))
+ .setCategory("MEDIUM_RISK_ONE")
+ .build();
+
+ // Call the API.
+ Finding response = client.createFinding(sourceName, findingId, finding);
+
+ System.out.println("Created Finding: " + response);
+ return response;
+ } catch (IOException e) {
+ throw new RuntimeException("Couldn't create client.", e);
+ }
+ }
+
+ /**
+ * Create a finding with source properties under a source.
+ *
+ * @param sourceName The source for the finding.
+ */
+ static Finding createFindingWithSourceProperties(SourceName sourceName) {
+ try (SecurityCenterClient client = SecurityCenterClient.create()) {
+ // SourceName sourceName = SourceName.of(/*organization=*/"123234324",/*source=*/
+ // "423432321");
+
+ // Use the current time as the finding "event time".
+ Instant eventTime = Instant.now();
+
+ // Controlled by caller.
+ String findingId = "samplefindingid2";
+
+ // The resource this finding applies to. The CSCC UI can link
+ // the findings for a resource to the corresponding Asset of a resource
+ // if there are matches.
+ String resourceName = "//cloudresourcemanager.googleapis.com/organizations/11232";
+
+ // Define source properties values as protobuf "Value" objects.
+ Value stringValue = Value.newBuilder().setStringValue("stringExample").build();
+ Value numValue = Value.newBuilder().setNumberValue(1234).build();
+ ImmutableMap sourceProperties =
+ ImmutableMap.of("stringKey", stringValue, "numKey", numValue);
+
+ // Start setting up a request to create a finding in a source.
+ Finding finding =
+ Finding.newBuilder()
+ .setParent(sourceName.toString())
+ .setState(State.ACTIVE)
+ .setResourceName(resourceName)
+ .setEventTime(
+ Timestamp.newBuilder()
+ .setSeconds(eventTime.getEpochSecond())
+ .setNanos(eventTime.getNano()))
+ .putAllSourceProperties(sourceProperties)
+ .build();
+
+ // Call the API.
+ Finding response = client.createFinding(sourceName, findingId, finding);
+
+ System.out.println("Created Finding with Source Properties: " + response);
+ return response;
+ } catch (IOException e) {
+ throw new RuntimeException("Couldn't create client.", e);
+ }
+ }
+
+ /**
+ * Update a finding's source properties.
+ *
+ * @param findingName The finding to update.
+ */
+ static Finding updateFinding(FindingName findingName) {
+ try (SecurityCenterClient client = SecurityCenterClient.create()) {
+ // FindingName findingName = FindingName.of(/*organization=*/"123234324",
+ // /*source=*/"423432321", /*findingId=*/"samplefindingid2");
+
+ // Use the current time as the finding "event time".
+ Instant eventTime = Instant.now();
+
+ // Define source properties values as protobuf "Value" objects.
+ Value stringValue = Value.newBuilder().setStringValue("value").build();
+
+ FieldMask updateMask =
+ FieldMask.newBuilder()
+ .addPaths("event_time")
+ .addPaths("source_properties.stringKey")
+ .build();
+
+ Finding finding =
+ Finding.newBuilder()
+ .setName(findingName.toString())
+ .setEventTime(
+ Timestamp.newBuilder()
+ .setSeconds(eventTime.getEpochSecond())
+ .setNanos(eventTime.getNano()))
+ .putSourceProperties("stringKey", stringValue)
+ .build();
+
+ UpdateFindingRequest.Builder request =
+ UpdateFindingRequest.newBuilder().setFinding(finding).setUpdateMask(updateMask);
+
+ // Call the API.
+ Finding response = client.updateFinding(request.build());
+
+ System.out.println("Updated Finding: " + response);
+ return response;
+ } catch (IOException e) {
+ throw new RuntimeException("Couldn't create client.", e);
+ }
+ }
+
+ /**
+ * Updates a finding's state to INACTIVE.
+ *
+ * @param findingName The finding to update.
+ */
+ static Finding setFindingState(FindingName findingName) {
+ try (SecurityCenterClient client = SecurityCenterClient.create()) {
+ // FindingName findingName = FindingName.of(/*organization=*/"123234324",
+ // /*source=*/"423432321", /*findingId=*/"samplefindingid2");
+
+ // Use the current time as the finding "event time".
+ Instant eventTime = Instant.now();
+
+ Finding response =
+ client.setFindingState(
+ findingName,
+ State.INACTIVE,
+ Timestamp.newBuilder()
+ .setSeconds(eventTime.getEpochSecond())
+ .setNanos(eventTime.getNano())
+ .build());
+
+ System.out.println("Updated Finding: " + response);
+ return response;
+ } catch (IOException e) {
+ throw new RuntimeException("Couldn't create client.", e);
+ }
+ }
+
+ /**
+ * List all findings under an organization.
+ *
+ * @param organizationName The source to list all findings for.
+ */
+ static ImmutableList listAllFindings(OrganizationName organizationName) {
+ try (SecurityCenterClient client = SecurityCenterClient.create()) {
+ // Input parameters for SourceName must be in one of the following formats:
+ // * OrganizationName organizationName = OrganizationName.of("organization-id");
+ // organizationName.getOrganization();
+ // * ProjectName projectName = ProjectName.of("project-id");
+ // projectName.getProject();
+ // * FolderName folderName = FolderName.of("folder-id");
+ // folderName.getFolder();
+ //
+ // "-" Indicates listing across all sources.
+ SourceName sourceName = SourceName.of(organizationName.getOrganization(), "-");
+
+ ListFindingsRequest.Builder request =
+ ListFindingsRequest.newBuilder().setParent(sourceName.toString());
+
+ // Call the API.
+ ListFindingsPagedResponse response = client.listFindings(request.build());
+
+ // This creates one list for all findings. If your organization has a large number of
+ // findings this can cause out of memory issues. You can process them in incrementally
+ // by returning the Iterable returned response.iterateAll() directly.
+ ImmutableList results = ImmutableList.copyOf(response.iterateAll());
+ System.out.println("Findings:");
+ System.out.println(results);
+ return results;
+ } catch (IOException e) {
+ throw new RuntimeException("Couldn't create client.", e);
+ }
+ }
+
+ /**
+ * List filtered findings under a source.
+ *
+ * @param sourceName The source to list filtered findings for.
+ */
+ static ImmutableList listFilteredFindings(SourceName sourceName) {
+ try (SecurityCenterClient client = SecurityCenterClient.create()) {
+ // parentId: must be one of the following:
+ // "organization-id"
+ // "project-id"
+ // "folder-id"
+ // SourceName sourceName = SourceName.of(parentId, sourceId);
+
+ // Create filter to category of MEDIUM_RISK_ONE
+ String filter = "category=\"MEDIUM_RISK_ONE\"";
+
+ ListFindingsRequest.Builder request =
+ ListFindingsRequest.newBuilder().setParent(sourceName.toString()).setFilter(filter);
+
+ // Call the API.
+ ListFindingsPagedResponse response = client.listFindings(request.build());
+
+ // This creates one list for all findings. If your organization has a large number of
+ // findings this can cause out of memory issues. You can process them in incrementally
+ // by returning the Iterable returned response.iterateAll() directly.
+ ImmutableList results = ImmutableList.copyOf(response.iterateAll());
+ System.out.println("Findings:");
+ System.out.println(results);
+ return results;
+ } catch (IOException e) {
+ throw new RuntimeException("Couldn't create client.", e);
+ }
+ }
+
+ /**
+ * List findings at a specific time under a source.
+ *
+ * @param sourceName The source to list findings at a specific time for.
+ */
+ // [START securitycenter_list_findings_at_time]
+ static ImmutableList listFindingsAtTime(SourceName sourceName) {
+ try (SecurityCenterClient client = SecurityCenterClient.create()) {
+ // parentId: must be one of the following:
+ // "organization-id"
+ // "project-id"
+ // "folder-id"
+ // SourceName sourceName = SourceName.of(parentId, sourceId);
+
+ // 5 days ago
+ Instant fiveDaysAgo = Instant.now().minus(Duration.ofDays(5));
+
+ // Create filter to only list findings that occurred before five days ago.
+ String filter = String.format("event_time < \"%s\"", fiveDaysAgo.toString());
+
+ ListFindingsRequest.Builder request =
+ ListFindingsRequest.newBuilder().setParent(sourceName.toString()).setFilter(filter);
+
+ // Call the API.
+ ListFindingsPagedResponse response = client.listFindings(request.build());
+
+ // This creates one list for all findings. If your organization has a large number of
+ // findings this can cause out of memory issues. You can process them in incrementally
+ // by returning the Iterable returned response.iterateAll() directly.
+ ImmutableList results = ImmutableList.copyOf(response.iterateAll());
+ System.out.println("Findings:");
+ System.out.println(results);
+ return results;
+ } catch (IOException e) {
+ throw new RuntimeException("Couldn't create client.", e);
+ }
+ }
+ // [END securitycenter_list_findings_at_time]
+
+ /**
+ * Demonstrate calling testIamPermissions to determin if the service account has the correct
+ * permissions.
+ *
+ * @param sourceName The source to create a finding for.
+ */
+ static TestIamPermissionsResponse testIamPermissions(SourceName sourceName) {
+ try (SecurityCenterClient client = SecurityCenterClient.create()) {
+ // SourceName sourceName = SourceName.of(/*organizationId=*/"123234324",
+ // /*sourceId=*/"423432321");
+
+ // Iam permission to test.
+ List permissionsToTest =
+ ImmutableList.of("securitycenter.findings.update");
+
+ // Call the API.
+ TestIamPermissionsResponse response =
+ client.testIamPermissions(sourceName.toString(), permissionsToTest);
+ System.out.println("IAM Permission:");
+ System.out.println(response);
+
+ return response;
+ } catch (IOException e) {
+ throw new RuntimeException("Couldn't create client.", e);
+ }
+ }
+
+ /**
+ * Group all findings under an organization across all sources by their specified properties (e.g.
+ * category).
+ *
+ * @param organizationName The organization to group all findings for.
+ */
+ static ImmutableList groupFindings(OrganizationName organizationName) {
+ try (SecurityCenterClient client = SecurityCenterClient.create()) {
+ // Input parameters for 'SourceName' must be in one of the following formats:
+ // * OrganizationName organizationName = OrganizationName.of("organization-id");
+ // organizationName.getOrganization();
+ // * ProjectName projectName = ProjectName.of("project-id");
+ // projectName.getProject();
+ // * FolderName folderName = FolderName.of("folder-id");
+ // folderName.getFolder();
+ SourceName sourceName = SourceName.of(organizationName.getOrganization(), "-");
+
+ GroupFindingsRequest.Builder request =
+ GroupFindingsRequest.newBuilder().setParent(sourceName.toString()).setGroupBy("category");
+
+ // Call the API.
+ GroupFindingsPagedResponse response = client.groupFindings(request.build());
+
+ // This creates one list for all findings. If your organization has a large number of
+ // findings
+ // this can cause out of memory issues. You can process them batches by returning
+ // the Iterable returned response.iterateAll() directly.
+ ImmutableList results = ImmutableList.copyOf(response.iterateAll());
+ System.out.println("Findings:");
+ System.out.println(results);
+ return results;
+ } catch (IOException e) {
+ throw new RuntimeException("Couldn't create client.", e);
+ }
+ }
+
+ /**
+ * Group findings under an organization and a source by their specified properties (e.g.
+ * category).
+ *
+ * @param sourceName The source to limit the findings to.
+ */
+ static ImmutableList groupFindingsWithSource(SourceName sourceName) {
+ try (SecurityCenterClient client = SecurityCenterClient.create()) {
+ // parentId: must be one of the following:
+ // "organization-id"
+ // "project-id"
+ // "folder-id"
+ // SourceName sourceName = SourceName.of(parentId, sourceId);
+
+ GroupFindingsRequest.Builder request =
+ GroupFindingsRequest.newBuilder().setParent(sourceName.toString()).setGroupBy("category");
+
+ // Call the API.
+ GroupFindingsPagedResponse response = client.groupFindings(request.build());
+
+ // This creates one list for all findings. If your organization has a large number of
+ // findings
+ // this can cause out of memory issues. You can process them batches by returning
+ // the Iterable returned response.iterateAll() directly.
+ ImmutableList results = ImmutableList.copyOf(response.iterateAll());
+ System.out.println("Findings:");
+ System.out.println(results);
+ return results;
+ } catch (IOException e) {
+ throw new RuntimeException("Couldn't create client.", e);
+ }
+ }
+
+ /**
+ * Group active findings under an organization and a source by their specified properties (e.g.
+ * category).
+ *
+ * @param sourceName The source to limit the findings to.
+ */
+ static ImmutableList groupActiveFindingsWithSource(SourceName sourceName) {
+ try (SecurityCenterClient client = SecurityCenterClient.create()) {
+ // parentId: must be one of the following:
+ // "organization-id"
+ // "project-id"
+ // "folder-id"
+ // SourceName sourceName = SourceName.of(parentId, sourceId);
+
+ GroupFindingsRequest.Builder request =
+ GroupFindingsRequest.newBuilder()
+ .setParent(sourceName.toString())
+ .setGroupBy("category")
+ .setFilter("state=\"ACTIVE\"");
+
+ // Call the API.
+ GroupFindingsPagedResponse response = client.groupFindings(request.build());
+
+ // This creates one list for all findings. If your organization has a large number of
+ // findings
+ // this can cause out of memory issues. You can process them batches by returning
+ // the Iterable returned response.iterateAll() directly.
+ ImmutableList results = ImmutableList.copyOf(response.iterateAll());
+ System.out.println("Findings:");
+ System.out.println(results);
+ return results;
+ } catch (IOException e) {
+ throw new RuntimeException("Couldn't create client.", e);
+ }
+ }
+
+ /**
+ * Group active findings under an organization and a source by their specified properties (e.g.
+ * category) at a specified time.
+ *
+ * @param sourceName The source to limit the findings to.
+ */
+ static ImmutableList groupActiveFindingsWithSourceAtTime(SourceName sourceName) {
+ try (SecurityCenterClient client = SecurityCenterClient.create()) {
+ // parentId: must be one of the following:
+ // "organization-id"
+ // "project-id"
+ // "folder-id"
+ // SourceName sourceName = SourceName.of(parentId, sourceId);
+
+ // 1 day ago
+ Instant oneDayAgo = Instant.now().minusSeconds(60 * 60 * 24);
+
+ GroupFindingsRequest.Builder request =
+ GroupFindingsRequest.newBuilder()
+ .setParent(sourceName.toString())
+ .setGroupBy("category")
+ .setFilter("state=\"ACTIVE\"")
+ .setReadTime(
+ Timestamp.newBuilder()
+ .setSeconds(oneDayAgo.getEpochSecond())
+ .setNanos(oneDayAgo.getNano()));
+
+ // Call the API.
+ GroupFindingsPagedResponse response = client.groupFindings(request.build());
+
+ // This creates one list for all findings. If your organization has a large number of
+ // findings
+ // this can cause out of memory issues. You can process them batches by returning
+ // the Iterable returned response.iterateAll() directly.
+ ImmutableList results = ImmutableList.copyOf(response.iterateAll());
+ System.out.println("Findings:");
+ System.out.println(results);
+ return results;
+ } catch (IOException e) {
+ throw new RuntimeException("Couldn't create client.", e);
+ }
+ }
+
+ /**
+ * Group active findings under an organization and a source by their state_changes
+ * (ADDED/CHANGED/UNCHANGED) during a period.
+ *
+ * @param sourceName The source to limit the findings to.
+ */
+ static ImmutableList groupActiveFindingsWithSourceAndCompareDuration(
+ SourceName sourceName, Duration duration) {
+ try (SecurityCenterClient client = SecurityCenterClient.create()) {
+ // parentId: must be one of the following:
+ // "organization-id"
+ // "project-id"
+ // "folder-id"
+ // SourceName sourceName = SourceName.of(parentId, sourceId);
+
+ GroupFindingsRequest.Builder request =
+ GroupFindingsRequest.newBuilder()
+ .setParent(sourceName.toString())
+ .setGroupBy("state_change")
+ .setFilter("state=\"ACTIVE\"");
+ request
+ .getCompareDurationBuilder()
+ .setSeconds(duration.getSeconds())
+ .setNanos(duration.getNano());
+
+ // Call the API.
+ GroupFindingsPagedResponse response = client.groupFindings(request.build());
+
+ // This creates one list for all findings. If your organization has a large number of
+ // findings
+ // this can cause out of memory issues. You can process them batches by returning
+ // the Iterable returned response.iterateAll() directly.
+ ImmutableList results = ImmutableList.copyOf(response.iterateAll());
+ System.out.println("Findings:");
+ System.out.println(results);
+ return results;
+ } catch (IOException e) {
+ throw new RuntimeException("Couldn't create client.", e);
+ }
+ }
+}
diff --git a/securitycenter/snippets/src/main/java/com/example/securitycenter/SourceSnippets.java b/securitycenter/snippets/src/main/java/com/example/securitycenter/SourceSnippets.java
new file mode 100644
index 00000000000..1553e461a23
--- /dev/null
+++ b/securitycenter/snippets/src/main/java/com/example/securitycenter/SourceSnippets.java
@@ -0,0 +1,211 @@
+/*
+ * Copyright 2019 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.example.securitycenter;
+
+import com.google.cloud.securitycenter.v1.CreateSourceRequest;
+import com.google.cloud.securitycenter.v1.GetSourceRequest;
+import com.google.cloud.securitycenter.v1.ListSourcesRequest;
+import com.google.cloud.securitycenter.v1.OrganizationName;
+import com.google.cloud.securitycenter.v1.SecurityCenterClient;
+import com.google.cloud.securitycenter.v1.SecurityCenterClient.ListSourcesPagedResponse;
+import com.google.cloud.securitycenter.v1.Source;
+import com.google.cloud.securitycenter.v1.SourceName;
+import com.google.cloud.securitycenter.v1.UpdateSourceRequest;
+import com.google.common.collect.ImmutableList;
+import com.google.iam.v1.Binding;
+import com.google.iam.v1.GetIamPolicyRequest;
+import com.google.iam.v1.Policy;
+import com.google.iam.v1.SetIamPolicyRequest;
+import com.google.protobuf.FieldMask;
+import java.io.IOException;
+
+/**
+ * Snippets for how to work with Sources in Security Command Center.
+ */
+public class SourceSnippets {
+
+ private SourceSnippets() {
+ }
+
+ /**
+ * Create a source under an organization.
+ *
+ * @param organizationName The organization for the source.
+ */
+ static Source createSource(OrganizationName organizationName) {
+ try (SecurityCenterClient client = SecurityCenterClient.create()) {
+ // Start setting up a request to create a source in an organization.
+ // OrganizationName organizationName = OrganizationName.of(/*organizationId=*/"123234324");
+ Source source =
+ Source.newBuilder()
+ .setDisplayName("Customized Display Name")
+ .setDescription("A new custom source that does X")
+ .build();
+
+ CreateSourceRequest.Builder request =
+ CreateSourceRequest.newBuilder().setParent(organizationName.toString()).setSource(source);
+
+ // Call the API.
+ Source response = client.createSource(request.build());
+
+ System.out.println("Created Source: " + response);
+ return response;
+ } catch (IOException e) {
+ throw new RuntimeException("Couldn't create client.", e);
+ }
+ }
+
+ /**
+ * List sources under an organization.
+ *
+ * @param organizationName The organization for the source.
+ */
+ static ImmutableList listSources(OrganizationName organizationName) {
+ try (SecurityCenterClient client = SecurityCenterClient.create()) {
+ // Start setting up a request to list sources in an organization, project, or folder.
+ // Parent must be in one of the following formats:
+ // OrganizationName organizationName = OrganizationName.of("organization-id");
+ // ProjectName projectName = ProjectName.of("project-id");
+ // FolderName folderName = FolderName.of("folder-id");
+ ListSourcesRequest.Builder request =
+ ListSourcesRequest.newBuilder().setParent(organizationName.toString());
+
+ // Call the API.
+ ListSourcesPagedResponse response = client.listSources(request.build());
+
+ // This creates one list for all sources. If your organization has a large number of sources
+ // this can cause out of memory issues. You can process them batches by returning
+ // the Iterable returned response.iterateAll() directly.
+ ImmutableList results = ImmutableList.copyOf(response.iterateAll());
+ System.out.println("Sources:");
+ System.out.println(results);
+ return results;
+ } catch (IOException e) {
+ throw new RuntimeException("Couldn't create client.", e);
+ }
+ }
+
+ /**
+ * Update a source under an organization.
+ *
+ * @param sourceName The source to update.
+ */
+ static Source updateSource(SourceName sourceName) {
+ try (SecurityCenterClient client = SecurityCenterClient.create()) {
+ // Start setting up a request to update a source.
+ // SourceName sourceName = SourceName.of(/*organization=*/"123234324",/*source=*/
+ // "423432321");
+ Source source =
+ Source.newBuilder()
+ .setDisplayName("Updated Display Name")
+ .setName(sourceName.toString())
+ .build();
+ FieldMask updateMask = FieldMask.newBuilder().addPaths("display_name").build();
+
+ UpdateSourceRequest.Builder request =
+ UpdateSourceRequest.newBuilder().setSource(source).setUpdateMask(updateMask);
+
+ // Call the API.
+ Source response = client.updateSource(request.build());
+
+ System.out.println("Updated Source: " + response);
+ return response;
+ } catch (IOException e) {
+ throw new RuntimeException("Couldn't create client.", e);
+ }
+ }
+
+ /**
+ * Get a source under an organization.
+ *
+ * @param sourceName The source to get.
+ */
+ static Source getSource(SourceName sourceName) {
+ try (SecurityCenterClient client = SecurityCenterClient.create()) {
+ // Start setting up a request to get a source.
+ // SourceName sourceName = SourceName.of(/*organization=*/"123234324",/*source=*/
+ // "423432321");
+ GetSourceRequest.Builder request =
+ GetSourceRequest.newBuilder().setName(sourceName.toString());
+
+ // Call the API.
+ Source response = client.getSource(request.build());
+
+ System.out.println("Source: " + response);
+ return response;
+ } catch (IOException e) {
+ throw new RuntimeException("Couldn't create client.", e);
+ }
+ }
+
+ /**
+ * Set IAM policy for a source.
+ *
+ * @param sourceName The source to set IAM Policy for.
+ */
+ static Policy setIamPolicySource(SourceName sourceName, String userEmail) {
+ try (SecurityCenterClient client = SecurityCenterClient.create()) {
+ // userEmail = "someuser@domain.com"
+ // Set up IAM Policy for the user userMail to use the role findingsEditor.
+ // The user must be a valid google account.
+ Policy oldPolicy = client.getIamPolicy(sourceName.toString());
+ Binding bindings =
+ Binding.newBuilder()
+ .setRole("roles/securitycenter.findingsEditor")
+ .addMembers("user:" + userEmail)
+ .build();
+ Policy policy = oldPolicy.toBuilder().addBindings(bindings).build();
+
+ // Start setting up a request to set IAM policy for a source.
+ // SourceName sourceName = SourceName.of("123234324", "423432321");
+ SetIamPolicyRequest.Builder request =
+ SetIamPolicyRequest.newBuilder().setPolicy(policy).setResource(sourceName.toString());
+
+ // Call the API.
+ Policy response = client.setIamPolicy(request.build());
+
+ System.out.println("Policy: " + response);
+ return response;
+ } catch (IOException e) {
+ throw new RuntimeException("Couldn't create client.", e);
+ }
+ }
+
+ /**
+ * Get IAM policy for a source.
+ *
+ * @param sourceName The source to set IAM Policy for.
+ */
+ static Policy getIamPolicySource(SourceName sourceName) {
+ try (SecurityCenterClient client = SecurityCenterClient.create()) {
+ // Start setting up a request to get IAM policy for a source.
+ // SourceName sourceName = SourceName.of(/*organization=*/"123234324",/*source=*/
+ // "423432321");
+ GetIamPolicyRequest request =
+ GetIamPolicyRequest.newBuilder().setResource(sourceName.toString()).build();
+
+ // Call the API.
+ Policy response = client.getIamPolicy(request);
+
+ System.out.println("Policy: " + response);
+ return response;
+ } catch (IOException e) {
+ throw new RuntimeException("Couldn't create client.", e);
+ }
+ }
+
+}
\ No newline at end of file
diff --git a/securitycenter/snippets/src/test/java/com/example/securitycenter/ITFindingSnippets.java b/securitycenter/snippets/src/test/java/com/example/securitycenter/ITFindingSnippets.java
new file mode 100644
index 00000000000..2653285cef5
--- /dev/null
+++ b/securitycenter/snippets/src/test/java/com/example/securitycenter/ITFindingSnippets.java
@@ -0,0 +1,129 @@
+/*
+ * Copyright 2019 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.example.securitycenter;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
+import com.google.cloud.securitycenter.v1.Finding.State;
+import com.google.cloud.securitycenter.v1.FindingName;
+import com.google.cloud.securitycenter.v1.OrganizationName;
+import com.google.cloud.securitycenter.v1.SourceName;
+import com.google.protobuf.Value;
+import java.io.IOException;
+import java.time.Duration;
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+/** Smoke tests for {@link com.google.cloud.examples.securitycenter.snippets.FindingSnippets} */
+public class ITFindingSnippets {
+
+ private static SourceName SOURCE_NAME;
+ private static FindingName FINDING_NAME;
+
+ @BeforeClass
+ public static void setUp() throws IOException {
+ org.junit.Assume.assumeTrue(
+ "Skipping tests: GCLOUD_ORGANIZATION env var is not set.",
+ System.getenv("GCLOUD_ORGANIZATION") != null);
+ SOURCE_NAME = SourceName.parse(SourceSnippets.createSource(getOrganizationId()).getName());
+ FINDING_NAME =
+ FindingName.parse(FindingSnippets.createFinding(SOURCE_NAME, "testfindingid").getName());
+ }
+
+ @Test
+ public void testCreateFinding() throws IOException {
+ assertNotNull(FindingSnippets.createFinding(SOURCE_NAME, "samplefindingid"));
+ }
+
+ @Test
+ public void testCreateFindingWithSourceProperties() throws IOException {
+ assertNotNull(FindingSnippets.createFindingWithSourceProperties(SOURCE_NAME));
+ }
+
+ @Test
+ public void testUpdateFinding() throws IOException {
+ Value stringValue = Value.newBuilder().setStringValue("value").build();
+ assertEquals(
+ stringValue,
+ FindingSnippets.updateFinding(FINDING_NAME)
+ .getSourcePropertiesMap()
+ .get("stringKey"));
+ }
+
+ @Test
+ public void testUpdateFindingState() throws IOException {
+ assertEquals(State.INACTIVE, FindingSnippets.setFindingState(FINDING_NAME).getState());
+ }
+
+ @Test
+ public void testListAllFindings() throws IOException {
+ assertTrue(FindingSnippets.listAllFindings(getOrganizationId()).size() > 1);
+ }
+
+ @Test
+ public void testListFilteredFindings() throws IOException {
+ assertTrue(FindingSnippets.listFilteredFindings(SOURCE_NAME).size() > 0);
+ }
+
+ @Test
+ public void testListFindingsAtTime() throws IOException {
+ assertEquals(0, FindingSnippets.listFindingsAtTime(SOURCE_NAME).size());
+ }
+
+ @Test
+ public void testTestIamPermissions() throws IOException {
+ assertTrue(
+ FindingSnippets.testIamPermissions(SOURCE_NAME)
+ .getPermissions(0)
+ .equals("securitycenter.findings.update"));
+ }
+
+ @Test
+ public void testGroupFindings() throws IOException {
+ assertTrue(FindingSnippets.groupFindings(getOrganizationId()).size() > 0);
+ }
+
+ @Test
+ public void testGroupFindingsWithSource() throws IOException {
+ assertTrue(FindingSnippets.groupFindingsWithSource(SOURCE_NAME).size() > 0);
+ }
+
+ @Test
+ public void testGroupActiveFindingsWithSource() throws IOException {
+ assertTrue(FindingSnippets.groupActiveFindingsWithSource(SOURCE_NAME).size() > 0);
+ }
+
+ @Test
+ public void testGroupActiveFindingsWithSourceAtTime() throws IOException {
+ assertEquals(0, FindingSnippets.groupActiveFindingsWithSourceAtTime(SOURCE_NAME).size());
+ }
+
+ @Test
+ public void testGroupActiveFindingsWithSourceAndCompareDuration() throws IOException {
+ assertTrue(
+ FindingSnippets.groupActiveFindingsWithSourceAndCompareDuration(
+ SOURCE_NAME, Duration.ofDays(1))
+ .size()
+ > 0);
+ }
+
+ private static OrganizationName getOrganizationId() {
+ return OrganizationName.of(System.getenv("GCLOUD_ORGANIZATION"));
+ }
+}
\ No newline at end of file
diff --git a/securitycenter/snippets/src/test/java/com/example/securitycenter/ITSourceSnippets.java b/securitycenter/snippets/src/test/java/com/example/securitycenter/ITSourceSnippets.java
new file mode 100644
index 00000000000..9348a2f45dd
--- /dev/null
+++ b/securitycenter/snippets/src/test/java/com/example/securitycenter/ITSourceSnippets.java
@@ -0,0 +1,80 @@
+/*
+ * Copyright 2019 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.example.securitycenter;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
+import com.google.cloud.securitycenter.v1.OrganizationName;
+import com.google.cloud.securitycenter.v1.SourceName;
+import java.io.IOException;
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+/** Smoke tests for {@link com.google.cloud.examples.securitycenter.snippets.SourceSnippets} */
+public class ITSourceSnippets {
+
+ private static SourceName SOURCE_NAME;
+
+ @BeforeClass
+ public static void setUp() throws IOException {
+ org.junit.Assume.assumeTrue(
+ "Skipping tests: GCLOUD_ORGANIZATION env var is not set.",
+ System.getenv("GCLOUD_ORGANIZATION") != null);
+ SOURCE_NAME = SourceName.parse(SourceSnippets.createSource(getOrganizationId()).getName());
+ }
+
+ @Test
+ public void testCreateSource() throws IOException {
+ assertNotNull(SourceSnippets.createSource(getOrganizationId()));
+ }
+
+ @Test
+ public void testListSources() throws IOException {
+ assertTrue(SourceSnippets.listSources(getOrganizationId()).size() > 1);
+ }
+
+ @Test
+ public void testUpdateSource() throws IOException {
+ assertEquals(
+ "Updated Display Name", SourceSnippets.updateSource(SOURCE_NAME).getDisplayName());
+ }
+
+ @Test
+ public void testGetSource() throws IOException {
+ assertTrue(SourceSnippets.getSource(SOURCE_NAME).getName().equals(SOURCE_NAME.toString()));
+ }
+
+ @Test
+ public void testSetSourceIamPolicy() throws IOException {
+ assertTrue(
+ SourceSnippets.setIamPolicySource(SOURCE_NAME, "csccclienttest@gmail.com")
+ .getBindings(0)
+ .getRole()
+ .equals("roles/securitycenter.findingsEditor"));
+ }
+
+ @Test
+ public void testGetSourceIamPolicy() throws IOException {
+ assertNotNull(SourceSnippets.getIamPolicySource(SOURCE_NAME));
+ }
+
+ private static OrganizationName getOrganizationId() {
+ return OrganizationName.of(System.getenv("GCLOUD_ORGANIZATION"));
+ }
+}