chore(gcp): enhance GCP APIs logic (#7046)

prowler-cloud · Feb 28, 2025 · 2f741f3 · 2f741f3
1 parent c411466
commit 2f741f3
Show file tree

Hide file tree

Showing 5 changed files with 150 additions and 196 deletions.
diff --git a/docs/tutorials/gcp/authentication.md b/docs/tutorials/gcp/authentication.md
@@ -25,6 +25,9 @@ Prowler will follow the same credentials search as [Google authentication librar
 
 Those credentials must be associated to a user or service account with proper permissions to do all checks. To make sure, add the `Viewer` role to the member associated with the credentials.
 
+???+ note
+    Prowler will use the enabled Google Cloud APIs to get the information needed to perform the checks.
+
 ## Impersonate Service Account
 
 If you want to impersonate a GCP service account, you can use the `--impersonate-service-account` argument:
@@ -34,23 +37,3 @@ prowler gcp --impersonate-service-account <service-account-email>
 ```
 
 This argument will use the default credentials to impersonate the service account provided.
-
-## Service APIs
-
-Prowler will use the Google Cloud APIs to get the information needed to perform the checks. Make sure that the following APIs are enabled in the project:
-
-- apikeys.googleapis.com
-- artifactregistry.googleapis.com
-- bigquery.googleapis.com
-- sqladmin.googleapis.com
-- storage.googleapis.com
-- compute.googleapis.com
-- dataproc.googleapis.com
-- dns.googleapis.com
-- containerregistry.googleapis.com
-- container.googleapis.com
-- iam.googleapis.com
-- cloudkms.googleapis.com
-- logging.googleapis.com
-
-You can enable them automatically using our script [enable_apis_in_projects.sh](https://github.com/prowler-cloud/prowler/blob/master/contrib/gcp/enable_apis_in_projects.sh)
diff --git a/prowler/providers/gcp/exceptions/exceptions.py b/prowler/providers/gcp/exceptions/exceptions.py
@@ -6,14 +6,6 @@ class GCPBaseException(ProwlerException):
     """Base class for GCP Errors."""
 
     GCP_ERROR_CODES = {
-        (3000, "GCPCloudResourceManagerAPINotUsedError"): {
-            "message": "Cloud Resource Manager API not used",
-            "remediation": "Enable the Cloud Resource Manager API for the project.",
-        },
-        (3001, "GCPHTTPError"): {
-            "message": "HTTP error",
-            "remediation": "Check the HTTP error and ensure the request is properly formatted.",
-        },
         (3002, "GCPNoAccesibleProjectsError"): {
             "message": "No Project IDs are active or can be accessed via Google Credentials",
             "remediation": "Ensure the project is active and accessible.",
@@ -22,10 +14,6 @@ class GCPBaseException(ProwlerException):
             "message": "Error setting up session",
             "remediation": "Check the session setup and ensure it is properly set up.",
         },
-        (3004, "GCPGetProjectError"): {
-            "message": "Error getting project",
-            "remediation": "Check the project and ensure it is properly set up.",
-        },
         (3005, "GCPTestConnectionError"): {
             "message": "Error testing connection to GCP",
             "remediation": "Check the connection and ensure it is properly set up.",
@@ -42,10 +30,6 @@ class GCPBaseException(ProwlerException):
             "message": "Provider does not match with the expected project_id",
             "remediation": "Check the provider and ensure it matches the expected project_id.",
         },
-        (3009, "GCPCloudAssetAPINotUsedError"): {
-            "message": "Cloud Asset API not used",
-            "remediation": "Enable the Cloud Asset API for the project.",
-        },
         (3010, "GCPLoadServiceAccountKeyFromDictError"): {
             "message": "Error loading Service Account Private Key credentials from dictionary",
             "remediation": "Check the dictionary and ensure it contains a Service Account Private Key.",
@@ -73,20 +57,6 @@ def __init__(self, code, file=None, original_exception=None, message=None):
         super().__init__(code, file, original_exception, message)
 
 
-class GCPCloudResourceManagerAPINotUsedError(GCPBaseException):
-    def __init__(self, file=None, original_exception=None, message=None):
-        super().__init__(
-            3000, file=file, original_exception=original_exception, message=message
-        )
-
-
-class GCPHTTPError(GCPBaseException):
-    def __init__(self, file=None, original_exception=None, message=None):
-        super().__init__(
-            3001, file=file, original_exception=original_exception, message=message
-        )
-
-
 class GCPNoAccesibleProjectsError(GCPCredentialsError):
     def __init__(self, file=None, original_exception=None, message=None):
         super().__init__(
@@ -101,13 +71,6 @@ def __init__(self, file=None, original_exception=None, message=None):
         )
 
 
-class GCPGetProjectError(GCPCredentialsError):
-    def __init__(self, file=None, original_exception=None, message=None):
-        super().__init__(
-            3004, file=file, original_exception=original_exception, message=message
-        )
-
-
 class GCPTestConnectionError(GCPBaseException):
     def __init__(self, file=None, original_exception=None, message=None):
         super().__init__(
@@ -136,13 +99,6 @@ def __init__(self, file=None, original_exception=None, message=None):
         )
 
 
-class GCPCloudAssetAPINotUsedError(GCPBaseException):
-    def __init__(self, file=None, original_exception=None, message=None):
-        super().__init__(
-            3009, file=file, original_exception=original_exception, message=message
-        )
-
-
 class GCPLoadServiceAccountKeyFromDictError(GCPCredentialsError):
     def __init__(self, file=None, original_exception=None, message=None):
         super().__init__(