def create_security_health_analytics_custom

def create_security_health_analytics_custom_module()

in securitycenter/snippets_management_api/security_health_analytics_custom_modules.py [0:0]
52 lines of code
2 McCabe index (conditional complexity)

def create_security_health_analytics_custom_module(parent: str) -> securitycentermanagement_v1.SecurityHealthAnalyticsCustomModule:
    """
    Creates a Security Health Analytics custom module.

    This custom module evaluates Cloud KMS CryptoKeys to ensure their rotation period exceeds 30 days (2592000 seconds),
    as per security best practices. A shorter rotation period helps reduce the risk of exposure in the event of a compromise.

    Args:
        parent: Use any one of the following options:
                - organizations/{organization_id}/locations/{location_id}
                - folders/{folder_id}/locations/{location_id}
                - projects/{project_id}/locations/{location_id}
    Returns:
        Dict: Created custom module details.
    """
    client = securitycentermanagement_v1.SecurityCenterManagementClient()

    try:
        # Generate a unique suffix
        unique_suffix = str(uuid.uuid4()).replace("-", "_")
        # Generate a unique display name
        display_name = f"python_sample_sha_custom_module_{unique_suffix}"

        # Define the custom module configuration
        custom_module = {
            "display_name": display_name,
            "enablement_state": "ENABLED",
            "custom_config": {
                "description": (
                    "Sample custom module for testing purposes. This custom module evaluates "
                    "Cloud KMS CryptoKeys to ensure their rotation period exceeds 30 days (2592000 seconds)."
                ),
                "predicate": {
                    "expression": "has(resource.rotationPeriod) && (resource.rotationPeriod > duration('2592000s'))",
                    "title": "Cloud KMS CryptoKey Rotation Period",
                    "description": (
                        "Evaluates whether the rotation period of a Cloud KMS CryptoKey exceeds 30 days. "
                        "A longer rotation period might increase the risk of exposure."
                    ),
                },
                "recommendation": (
                    "Review and adjust the rotation period for Cloud KMS CryptoKeys to align with your security policies. "
                    "Consider setting a shorter rotation period if possible."
                ),
                "resource_selector": {"resource_types": ["cloudkms.googleapis.com/CryptoKey"]},
                "severity": "CRITICAL",
                "custom_output": {
                    "properties": [
                        {
                            "name": "example_property",
                            "value_expression": {
                                "description": "The resource name of the CryptoKey being evaluated.",
                                "expression": "resource.name",
                                "location": "global",
                                "title": "CryptoKey Resource Name",
                            },
                        }
                    ]
                },
            },
        }

        request = securitycentermanagement_v1.CreateSecurityHealthAnalyticsCustomModuleRequest(
            parent=parent,
            security_health_analytics_custom_module=custom_module,
        )

        response = client.create_security_health_analytics_custom_module(request=request)
        print(f"Created SecurityHealthAnalytics Custom Module: {response.name}")
        return response

    except GoogleAPICallError as e:
        print(f"Failed to create EventThreatDetectionCustomModule: {e}")
        raise