davidkotnik/novafarma
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Add new gcloud commands, API clients, and third-party libraries across various services.

Browse Source
This commit is contained in:
David Kotnik
2026-01-01 20:26:35 +01:00
parent 5e23cbece0
commit a19e592eb7
25221 changed files with 8324611 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
gcloud auth application-default login/google-cloud-sdk/lib/surface/scc/postures/__init__.py Normal file
View File

@@ -0,0 +1,28 @@
# -*- coding: utf-8 -*- #
# Copyright 2023 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command group for Cloud Security Command Center (SCC) postures."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from googlecloudsdk.calliope import base
@base.ReleaseTracks(base.ReleaseTrack.ALPHA, base.ReleaseTrack.GA)
class Postures(base.Group):
"""Manage Cloud Security Command Center (SCC) postures."""
category = base.SECURITY_CATEGORY

42
gcloud auth application-default login/google-cloud-sdk/lib/surface/scc/postures/create.yaml Normal file
View File

@@ -0,0 +1,42 @@
- release_tracks: [ALPHA, GA]
help_text:
brief: Create a Cloud Security Command Center (SCC) posture.
description: |
Create a Cloud Security Command Center (SCC) posture. First argument consists of the parent
and name of the posture to be created. The posture details are provided in YAML file. The file
path is mentioned in `--posture-from-file` flag.
Created posture is returned as the response of the command. LRO operation ID is printed as the
standard output.
examples: |
Create a posture named `posture-foo-1` within parent `organizations/123/locations/global`(i.e. a posture in organization `123`, location `global`, with ID `posture-foo-1`):
$ {command} organizations/123/locations/global/postures/posture-foo-1 --posture-from-file=posture.yaml
request:
collection: securityposture.organizations.locations.postures
api_version: v1alpha
method: create
GA:
api_version: v1
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.scc.resources:posture
help_text: |
The name of the posture to be created. For example organizations/<organizationID>/locations/<location>/postures/<postureID>.
params:
- arg_name: posture-from-file
api_field: posture
required: true
type: "googlecloudsdk.calliope.arg_parsers:FileContents:"
processor: googlecloudsdk.core.yaml:load
help_text: |
YAML file containing the body of the posture to be created.
async:
collection: securityposture.organizations.locations.operations
output:
format: yaml

44
gcloud auth application-default login/google-cloud-sdk/lib/surface/scc/postures/delete.yaml Normal file
View File

@@ -0,0 +1,44 @@
- release_tracks: [ALPHA, GA]
help_text:
brief: Delete a Cloud Security Command Center (SCC) posture.
description: |
Delete a Cloud Security Command Center (SCC) posture.
Posture with all its revisions is deleted. Deletion won't be allowed in case any of the versions of the posture is deployed on a workload.
ETAG can be provided as an optional flag.
examples: |
Delete the posture named `organizations/123/locations/global/postures/posture-foo-1` (i.e. a posture in organization `123`, location `global`, with id `posture-foo-1`):
$ {command} organizations/123/locations/global/postures/posture-foo-1
Delete the posture named `organizations/123/locations/global/postures/posture-foo-1` (i.e. a posture in organization `123`, location `global`, with id `posture-foo-1`)
for the ETAG ABcdO1Rf5clu7Yhlkwgelo7Vl4tiqd7Sy5iP5SdkSVU
$ {command} organizations/123/locations/global/postures/posture-foo-1 --etag=ABcdO1Rf5clu7Yhlkwgelo7Vl4tiqd7Sy5iI5SdkSVU
request:
collection: securityposture.organizations.locations.postures
api_version: v1alpha
method: delete
GA:
api_version: v1
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.scc.resources:posture
help_text: |
The name of the posture to be deleted. For example organizations/<organizationID>/locations/<location>/postures/<postureID>.
params:
- arg_name: etag
api_field: etag
required: false
help_text: |
Etag is an optional flag. If the provided Etag doesn't match the server generated Etag, the delete operation won't proceed.
input:
confirmation_prompt: |
You are about to delete a posture [{__name__}]. All its revisions will be deleted.
async:
collection: securityposture.organizations.locations.operations

38
gcloud auth application-default login/google-cloud-sdk/lib/surface/scc/postures/describe.yaml Normal file
View File

@@ -0,0 +1,38 @@
- release_tracks: [ALPHA, GA]
help_text:
brief: Describe a Cloud Security Command Center (SCC) posture.
description: |
Describe a Cloud Security Command Center (SCC) posture.
By default, the latest updated revision of the posture is described. Users must provide revision ID to describe a specific revision.
examples: |
Describe the latest updated revision of a posture named `organizations/123/locations/global/postures/posture-foo-1` (i.e. a posture in organization `123`, location `global`, with id `posture-foo-1`):
$ {command} organizations/123/locations/global/postures/posture-foo-1
Describe a specific revision `abcdefg` of posture named `organizations/123/locations/global/postures/posture-foo-1`:
$ {command} organizations/123/locations/global/postures/posture-foo-1 --revision-id=abcdefg
request:
collection: securityposture.organizations.locations.postures
api_version: v1alpha
method: get
GA:
api_version: v1
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.scc.resources:posture
help_text: |
The posture to be described. For example organizations/<organizationID>/locations/<location>/postures/<postureID>.
params:
- arg_name: revision-id
api_field: revisionId
required: false
help_text: |
ID of the specific posture revision to described. If not specified, latest revision is described.
output:
format: yaml

41
gcloud auth application-default login/google-cloud-sdk/lib/surface/scc/postures/extract.yaml Normal file
View File

@@ -0,0 +1,41 @@
- release_tracks: [ALPHA, GA]
help_text:
brief: Extract a Cloud Security Command Center (SCC) posture from a workload.
description: |
Extract a Cloud Security Command Center (SCC) posture from a workload. First argument is the
parent and name of the posture to be created. The workload from where the organization
policies need to be extracted is provided via '--workload' flag.
Extracted posture is returned as the response of the command. LRO operation ID is printed as the
standard output.
examples: |
Extract a posture named `posture-foo-1` within parent `organizations/123/locations/global`(i.e. a posture in organization `123`, location `global`, with id `posture-foo-1`) from workload `projects/456`:
$ {command} organizations/123/locations/global/postures/posture-foo-1 --workload=projects/456
request:
collection: securityposture.organizations.locations.postures
api_version: v1alpha
method: extract
GA:
api_version: v1
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.scc.resources:posture_for_extract
help_text: |
The name of the posture to be created. For example organizations/<organizationID>/locations/<location>/postures/<postureID>.
params:
- arg_name: workload
api_field: extractPostureRequest.workload
required: true
help_text: |
Workload from where policies has to be extracted into a posture. It can be in one
of the following formats: `projects/projectNumber`, `folders/folderNumber`, `organizations/organizationNumber`.
async:
collection: securityposture.organizations.locations.operations
output:
format: yaml

169
gcloud auth application-default login/google-cloud-sdk/lib/surface/scc/postures/list.py Normal file
View File

@@ -0,0 +1,169 @@
# -*- coding: utf-8 -*- #
# Copyright 2025 Google LLC. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Command for listing all the Cloud Security Command Center postures for an organization."""
from __future__ import absolute_import
from __future__ import division
from __future__ import print_function
from __future__ import unicode_literals
from apitools.base.py import list_pager
from googlecloudsdk.api_lib.scc.postures import util as securityposture_client
from googlecloudsdk.calliope import base
from googlecloudsdk.command_lib.scc import errors
from googlecloudsdk.command_lib.scc import util as scc_util
from googlecloudsdk.command_lib.scc.postures import flags
@base.ReleaseTracks(base.ReleaseTrack.GA)
@base.DefaultUniverseOnly
class List(base.ListCommand):
"""Lists all the Cloud Security Command Center postures for an organization."""
detailed_help = {
"DESCRIPTION": """
Lists all the Cloud Security Command Center postures for an
organization.""",
"EXAMPLES": """
To list all the Cloud Security Command Center postures for an
organization `123`
and in the `global` location, run:
$ {command} organizations/123/locations/global
$ {command} --organization=123 --location=global
""",
"API REFERENCE": (
"""
This command uses the securityposture/v1 API. The full documentation for
this API can be found at: https://cloud.google.com/security-command-center"""
),
}
@staticmethod
def Args(parser):
# Remove URI flag.
base.URI_FLAG.RemoveFromParser(parser)
# Add shared flags and parent positional argument.
flags.AddParentOrFlagsGroup(parser)
def Run(self, args):
version = scc_util.GetVersionFromArguments(
args, version_specific_existing_resource=True
)
messages = securityposture_client.GetMessagesModule(base.ReleaseTrack.GA)
client = securityposture_client.GetClientInstance(base.ReleaseTrack.GA)
location = scc_util.ValidateAndGetLocation(args, version)
if (args.IsKnownAndSpecified("PARENT")):
parent = args.PARENT
else:
parent = f"{scc_util.GetParentFromPositionalArguments(args)}/locations/{location}"
# Build request.
request = messages.SecuritypostureOrganizationsLocationsPosturesListRequest(
parent=parent,
filter=getattr(args, "filter", None),
pageSize=getattr(args, "page_size", None),
)
return list_pager.YieldFromList(
client.organizations_locations_postures,
request,
batch_size_attribute="pageSize",
batch_size=args.page_size,
field="postures",
)
@base.ReleaseTracks(base.ReleaseTrack.ALPHA)
@base.DefaultUniverseOnly
class ListAlpha(base.ListCommand):
"""Lists all the Cloud Security Command Center postures for an organization."""
detailed_help = {
"DESCRIPTION": """
Lists all the Cloud Security Command Center postures for an
organization.""",
"EXAMPLES": """
To list all the Cloud Security Command Center postures for an
organization `123`
and in the `global` location, run:
$ {command} organizations/123/locations/global
$ {command} --organization=123 --location=global
""",
"API REFERENCE": """
This command uses the securityposture/v1alpha API. The full documentation
for this API can be found at:
https://cloud.google.com/security-command-center""",
}
@staticmethod
def Args(parser):
# Remove URI flag.
base.URI_FLAG.RemoveFromParser(parser)
# Add shared flags and parent positional argument.
flags.AddParentOrFlagsGroup(parser)
def Run(self, args):
version = scc_util.GetVersionFromArguments(
args, version_specific_existing_resource=True
)
messages = securityposture_client.GetMessagesModule(base.ReleaseTrack.ALPHA)
client = securityposture_client.GetClientInstance(base.ReleaseTrack.ALPHA)
location = scc_util.ValidateAndGetLocation(args, version)
if (args.IsKnownAndSpecified("PARENT")) and (
args.IsSpecified("organization") and args.IsSpecified("location")
):
raise errors.InvalidSCCInputError(
"Cannot provide both a positional `PARENT` and argument "
"(`--organization`, `--location`) flags."
)
if (args.IsKnownAndSpecified("PARENT")):
parent = args.PARENT
elif (args.IsSpecified("organization") and args.IsSpecified("location")):
parent = f"{scc_util.GetParentFromPositionalArguments(args)}/locations/{location}"
else:
raise errors.InvalidSCCInputError(
"Must provide either positional `PARENT` or both `--organization` "
"and `--location` flags."
)
# Build request.
request = messages.SecuritypostureOrganizationsLocationsPosturesListRequest(
parent=parent,
filter=getattr(args, "filter", None),
pageSize=getattr(args, "page_size", None),
)
return list_pager.YieldFromList(
client.organizations_locations_postures,
request,
batch_size_attribute="pageSize",
batch_size=args.page_size,
field="postures",
)

26
gcloud auth application-default login/google-cloud-sdk/lib/surface/scc/postures/list_revisions.yaml Normal file
View File

@@ -0,0 +1,26 @@
- release_tracks: [ALPHA, GA]
help_text:
brief: List the revisions of a Cloud Security Command Center (SCC) posture.
description: |
List the revisions of a Cloud Security Command Center (SCC) posture.
examples: |
To list Cloud Security Command Center posture revisions for posture `organizations/123/locations/global/postures/posture123` , run:
$ {command} organizations/123/locations/global/postures/posture123
command_type: LIST
request:
collection: securityposture.organizations.locations.postures
api_version: v1alpha
method: listRevisions
disable_pagination: true
GA:
api_version: v1
response:
result_attribute: revisions
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.scc.resources:posture
help_text: |
The posture whose revisions are to be listed. For example organizations/<organizationID>/locations/<location>/postures/<postureID>.

100
gcloud auth application-default login/google-cloud-sdk/lib/surface/scc/postures/update.yaml Normal file
View File

@@ -0,0 +1,100 @@
- release_tracks: [ALPHA, GA]
help_text:
brief: Update the given Cloud Security Command Center (SCC) posture.
description: |
Update a Cloud Security Command Center (SCC) posture.
Fields specified in update-mask flag are updated. Updatable fields are state, description and policy_sets.
State of the posture can't be updated along with update of other fields.
An empty or "*" as field mask will result in update of policy_sets and description.
In case of the update of policy_sets, the value mentioned in the update posture request overwrites the exisiting value of policy_sets.
Valid state transitions are:
a) ACTIVE to DRAFT
b) ACTIVE to DEPRECATED
c) DRAFT to ACTIVE
d) DEPRECATED to ACTIVE
The update operation will result in the update of the revision-id specified in the request, unless the posture revision is currently deployed on a workload.
A new revision is created for an already deployed posture revision.
examples: |
Update the revision-id `abcdefgh` of the posture named `foo-posture` in the organization `organizations/123/locations/global`:
Change State to ACTIVE.
$ {command} organizations/123/locations/global/postures/foo-posture --posture-from-file=update_posture.yaml --revision-id=abcdefgh update_mask=state
Contents of update_posture.yaml are |
name: organizations/123/locations/global/postures/foo-posture
state: ACTIVE
Update the revision-id `abcdefgh` of the posture named `foo-posture` in the organization `organizations/123/locations/global`:
Change description and policy_sets to the values mentioned in update_posture.yaml
$ {command} organizations/123/locations/global/postures/foo-posture --posture-from-file=update_posture.yaml --revision-id=abcdefgh update_mask=description,policy_sets
Contents of update_posture.yaml are |
name: organizations/123/locations/global/postures/foo-posture
description: updated description
policy_sets:
- policy_set_id: newPolicySet1
policies:
- policy_id: newPolicy
constraint:
org_policy_canned_constraint:
canned_constraint_id: storage.uniformBucketLevelAccess
policy_rules:
enforce: false
- policy_set_id: PolicySet2
policies:
- policy_id: Policy3
constraint:
org_policy_custom_constraint:
custom_constraint:
name: organizations/9454078371/customConstraints/custom.newConstraint
resource_types: container.$$UNIVERSE_DOMAIN$$/NodePool
method_types: UPDATE
condition: resource.management.autoUpgrade == false
action_type: ALLOW
policy_rules:
enforce: true
request:
collection: securityposture.organizations.locations.postures
api_version: v1alpha
method: patch
GA:
api_version: v1
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.scc.resources:posture
help_text: |
Arguments and flags that specify the Posture instance to be updated.
params:
- arg_name: posture-from-file
api_field: posture
required: true
type: "googlecloudsdk.calliope.arg_parsers:FileContents:"
processor: googlecloudsdk.core.yaml:load
help_text: |
Path of the file containing the details of the field to be updated. Contents include the name of the
posture to be updated and value of the fields to be updated.
- arg_name: revision-id
api_field: revisionId
required: true
help_text: |
Revision ID of the posture to be updated. The same revision ID will be updated in case the posture
revision is not deployed on any workload. A new revision will be created for a deployed
posture.
- arg_name: update-mask
api_field: updateMask
help_text: |
Comma separated string containing list of fields to be updated.
async:
collection: securityposture.organizations.locations.operations
output:
format: yaml