diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index 380a344138b6..d59e06fc9c33 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -1023,6 +1023,13 @@ components: required: true schema: type: string + SecurityMonitoringCriticalAssetID: + description: The ID of the critical asset. + in: path + name: critical_asset_id + required: true + schema: + type: string SecurityMonitoringRuleID: description: The ID of the rule. in: path @@ -47935,6 +47942,236 @@ components: x-enum-varnames: - DONE - TIMEOUT + SecurityMonitoringCriticalAsset: + description: The critical asset's properties. + properties: + attributes: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetAttributes' + id: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetID' + type: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetType' + type: object + SecurityMonitoringCriticalAssetAttributes: + description: The attributes of the critical asset. + properties: + creation_author_id: + description: ID of user who created the critical asset. + example: 367742 + format: int64 + type: integer + creation_date: + description: A Unix millisecond timestamp given the creation date of the + critical asset. + format: int64 + type: integer + creator: + $ref: '#/components/schemas/SecurityMonitoringUser' + enabled: + description: Whether the critical asset is enabled. + example: true + type: boolean + query: + description: The query for the critical asset. It uses the same syntax as + the queries to search signals in the Signals Explorer. + example: security:monitoring + type: string + rule_query: + description: The rule query of the critical asset, with the same syntax + as the search bar for detection rules. This determines which rules this + critical asset will apply to. + example: type:log_detection source:cloudtrail + type: string + severity: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetSeverity' + tags: + description: List of tags associated with the critical asset. + example: + - team:database + - source:cloudtrail + items: + type: string + type: array + update_author_id: + description: ID of user who updated the critical asset. + example: 367743 + format: int64 + type: integer + update_date: + description: A Unix millisecond timestamp given the update date of the critical + asset. + format: int64 + type: integer + updater: + $ref: '#/components/schemas/SecurityMonitoringUser' + version: + description: The version of the critical asset; it starts at 1, and is incremented + at each update. + example: 2 + format: int32 + maximum: 2147483647 + type: integer + type: object + SecurityMonitoringCriticalAssetCreateAttributes: + description: Object containing the attributes of the critical asset to be created. + properties: + enabled: + description: Whether the critical asset is enabled. Defaults to `true` if + not specified. + example: true + type: boolean + query: + description: The query for the critical asset. It uses the same syntax as + the queries to search signals in the Signals Explorer. + example: security:monitoring + type: string + rule_query: + description: The rule query of the critical asset, with the same syntax + as the search bar for detection rules. This determines which rules this + critical asset will apply to. + example: type:(log_detection OR signal_correlation OR workload_security + OR application_security) source:cloudtrail + type: string + severity: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetSeverity' + tags: + description: List of tags associated with the critical asset. + example: + - team:database + - source:cloudtrail + items: + type: string + type: array + required: + - query + - severity + - rule_query + type: object + SecurityMonitoringCriticalAssetCreateData: + description: Object for a single critical asset. + properties: + attributes: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetCreateAttributes' + type: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetType' + required: + - type + - attributes + type: object + SecurityMonitoringCriticalAssetCreateRequest: + description: Request object that includes the critical asset that you would + like to create. + properties: + data: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetCreateData' + required: + - data + type: object + SecurityMonitoringCriticalAssetID: + description: The ID of the critical asset. + example: 4e2435a5-6670-4b8f-baff-46083cd1c250 + type: string + SecurityMonitoringCriticalAssetResponse: + description: Response object containing a single critical asset. + properties: + data: + $ref: '#/components/schemas/SecurityMonitoringCriticalAsset' + type: object + SecurityMonitoringCriticalAssetSeverity: + description: Severity associated with this critical asset. Either an explicit + severity can be set, or the severity can be increased or decreased. + enum: + - info + - low + - medium + - high + - critical + - increase + - decrease + example: increase + type: string + x-enum-varnames: + - INFO + - LOW + - MEDIUM + - HIGH + - CRITICAL + - INCREASE + - DECREASE + SecurityMonitoringCriticalAssetType: + default: critical_assets + description: The type of the resource. The value should always be `critical_assets`. + enum: + - critical_assets + example: critical_assets + type: string + x-enum-varnames: + - CRITICAL_ASSETS + SecurityMonitoringCriticalAssetUpdateAttributes: + description: The critical asset properties to be updated. + properties: + enabled: + description: Whether the critical asset is enabled. + example: true + type: boolean + query: + description: The query for the critical asset. It uses the same syntax as + the queries to search signals in the Signals Explorer. + example: security:monitoring + type: string + rule_query: + description: The rule query of the critical asset, with the same syntax + as the search bar for detection rules. This determines which rules this + critical asset will apply to. + example: type:log_detection source:cloudtrail + type: string + severity: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetSeverity' + tags: + description: List of tags associated with the critical asset. + example: + - technique:T1110-brute-force + - source:cloudtrail + items: + type: string + type: array + version: + description: The version of the critical asset being updated. Used for optimistic + locking to prevent concurrent modifications. + example: 1 + format: int32 + maximum: 2147483647 + type: integer + type: object + SecurityMonitoringCriticalAssetUpdateData: + description: The new critical asset properties; partial updates are supported. + properties: + attributes: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetUpdateAttributes' + type: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetType' + required: + - type + - attributes + type: object + SecurityMonitoringCriticalAssetUpdateRequest: + description: Request object containing the fields to update on the critical + asset. + properties: + data: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetUpdateData' + required: + - data + type: object + SecurityMonitoringCriticalAssetsResponse: + description: Response object containing the available critical assets. + properties: + data: + description: A list of critical assets objects. + items: + $ref: '#/components/schemas/SecurityMonitoringCriticalAsset' + type: array + type: object SecurityMonitoringFilter: description: The rule's suppression filter. properties: @@ -59591,6 +59828,8 @@ components: & unsubscribing from apps in the marketplace, and enabling & disabling Remote Configuration for the entire organization. security_comments_read: Read comments of vulnerabilities. + security_monitoring_critical_assets_read: Read Critical Assets. + security_monitoring_critical_assets_write: Write Critical Assets. security_monitoring_filters_read: Read Security Filters. security_monitoring_filters_write: Create, edit, and delete Security Filters. security_monitoring_findings_read: View a list of findings that include @@ -83925,6 +84164,184 @@ paths: operator: OR permissions: - security_monitoring_cws_agent_rules_write + /api/v2/security_monitoring/configuration/critical_assets: + get: + description: Get the list of all critical assets. + operationId: ListSecurityMonitoringCriticalAssets + parameters: + - description: Query string. + in: query + name: query + required: false + schema: + type: string + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetsResponse' + description: OK + '403': + $ref: '#/components/responses/NotAuthorizedResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_critical_assets_read + summary: Get all critical assets + tags: + - Security Monitoring + post: + description: Create a new critical asset. + operationId: CreateSecurityMonitoringCriticalAsset + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetCreateRequest' + description: The definition of the new critical asset. + required: true + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetResponse' + description: OK + '400': + $ref: '#/components/responses/BadRequestResponse' + '403': + $ref: '#/components/responses/NotAuthorizedResponse' + '409': + $ref: '#/components/responses/ConflictResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_critical_assets_write + summary: Create a critical asset + tags: + - Security Monitoring + x-codegen-request-body-name: body + /api/v2/security_monitoring/configuration/critical_assets/rules/{rule_id}: + get: + description: Get the list of critical assets that affect a specific existing + rule by the rule's ID. + operationId: GetCriticalAssetsAffectingRule + parameters: + - $ref: '#/components/parameters/SecurityMonitoringRuleID' + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetsResponse' + description: OK + '403': + $ref: '#/components/responses/NotAuthorizedResponse' + '404': + $ref: '#/components/responses/NotFoundResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_critical_assets_read + summary: Get critical assets affecting a specific rule + tags: + - Security Monitoring + /api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id}: + delete: + description: Delete a specific critical asset. + operationId: DeleteSecurityMonitoringCriticalAsset + parameters: + - $ref: '#/components/parameters/SecurityMonitoringCriticalAssetID' + responses: + '204': + description: OK + '403': + $ref: '#/components/responses/NotAuthorizedResponse' + '404': + $ref: '#/components/responses/NotFoundResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_critical_assets_write + summary: Delete a critical asset + tags: + - Security Monitoring + get: + description: Get the details of a specific critical asset. + operationId: GetSecurityMonitoringCriticalAsset + parameters: + - $ref: '#/components/parameters/SecurityMonitoringCriticalAssetID' + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetResponse' + description: OK + '403': + $ref: '#/components/responses/NotAuthorizedResponse' + '404': + $ref: '#/components/responses/NotFoundResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_critical_assets_read + summary: Get a critical asset + tags: + - Security Monitoring + patch: + description: Update a specific critical asset. + operationId: UpdateSecurityMonitoringCriticalAsset + parameters: + - $ref: '#/components/parameters/SecurityMonitoringCriticalAssetID' + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetUpdateRequest' + description: New definition of the critical asset. Supports partial updates. + required: true + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetResponse' + description: OK + '400': + $ref: '#/components/responses/BadRequestResponse' + '403': + $ref: '#/components/responses/NotAuthorizedResponse' + '404': + $ref: '#/components/responses/NotFoundResponse' + '409': + $ref: '#/components/responses/ConcurrentModificationResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_critical_assets_write + summary: Update a critical asset + tags: + - Security Monitoring /api/v2/security_monitoring/configuration/security_filters: get: description: Get the list of configured security filters with their definitions. diff --git a/cassettes/features/v2/security_monitoring/Create-a-critical-asset-returns-OK-response.frozen b/cassettes/features/v2/security_monitoring/Create-a-critical-asset-returns-OK-response.frozen new file mode 100644 index 000000000000..04dabca22b4e --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Create-a-critical-asset-returns-OK-response.frozen @@ -0,0 +1 @@ +2026-01-02T19:09:02.221Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Create-a-critical-asset-returns-OK-response.yml b/cassettes/features/v2/security_monitoring/Create-a-critical-asset-returns-OK-response.yml new file mode 100644 index 000000000000..54340a9b5830 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Create-a-critical-asset-returns-OK-response.yml @@ -0,0 +1,42 @@ +http_interactions: +- recorded_at: Fri, 02 Jan 2026 19:09:02 GMT + request: + body: + encoding: UTF-8 + string: '{"data":{"attributes":{"query":"host:testcreateacriticalassetreturnsokresponse1767380942","rule_query":"type:(log_detection + OR signal_correlation OR workload_security OR application_security) source:cloudtrail","severity":"decrease","tags":["team:security","env:test"]},"type":"critical_assets"}}' + headers: + Accept: + - application/json + Content-Type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets + response: + body: + encoding: UTF-8 + string: '{"data":{"id":"93d5a224-589d-4d6d-adbf-f6657f484ecc","type":"critical_assets","attributes":{"creation_author_id":1445416,"creation_date":1767380942322,"creator":{"handle":"frog@datadoghq.com","name":"frog"},"enabled":true,"query":"host:testcreateacriticalassetreturnsokresponse1767380942","rule_query":"type:(log_detection + OR signal_correlation OR workload_security OR application_security) source:cloudtrail","severity":"decrease","tags":["team:security","env:test"],"update_author_id":1445416,"update_date":1767380942322,"updater":{"handle":"frog@datadoghq.com","name":"frog"},"version":1}}}' + headers: + Content-Type: + - application/vnd.api+json + status: + code: 200 + message: OK +- recorded_at: Fri, 02 Jan 2026 19:09:02 GMT + request: + body: null + headers: + Accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/93d5a224-589d-4d6d-adbf-f6657f484ecc + response: + body: + encoding: UTF-8 + string: '' + headers: {} + status: + code: 204 + message: No Content +recorded_with: VCR 6.0.0 diff --git a/cassettes/features/v2/security_monitoring/Delete-a-critical-asset-returns-Not-Found-response.frozen b/cassettes/features/v2/security_monitoring/Delete-a-critical-asset-returns-Not-Found-response.frozen new file mode 100644 index 000000000000..0eee84fdab47 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Delete-a-critical-asset-returns-Not-Found-response.frozen @@ -0,0 +1 @@ +2026-01-02T19:09:07.983Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Delete-a-critical-asset-returns-Not-Found-response.yml b/cassettes/features/v2/security_monitoring/Delete-a-critical-asset-returns-Not-Found-response.yml new file mode 100644 index 000000000000..d9b6f746fafd --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Delete-a-critical-asset-returns-Not-Found-response.yml @@ -0,0 +1,21 @@ +http_interactions: +- recorded_at: Fri, 02 Jan 2026 19:09:07 GMT + request: + body: null + headers: + Accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/00000000-0000-0000-0000-000000000000 + response: + body: + encoding: UTF-8 + string: '{"errors":["not_found(Critical asset with ID 00000000-0000-0000-0000-000000000000 + not found)"]}' + headers: + Content-Type: + - application/json + status: + code: 404 + message: Not Found +recorded_with: VCR 6.0.0 diff --git a/cassettes/features/v2/security_monitoring/Delete-a-critical-asset-returns-OK-response.frozen b/cassettes/features/v2/security_monitoring/Delete-a-critical-asset-returns-OK-response.frozen new file mode 100644 index 000000000000..b36aecf36b1a --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Delete-a-critical-asset-returns-OK-response.frozen @@ -0,0 +1 @@ +2026-01-12T19:41:34.038Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Delete-a-critical-asset-returns-OK-response.yml b/cassettes/features/v2/security_monitoring/Delete-a-critical-asset-returns-OK-response.yml new file mode 100644 index 000000000000..813b746379e2 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Delete-a-critical-asset-returns-OK-response.yml @@ -0,0 +1,61 @@ +http_interactions: +- recorded_at: Mon, 12 Jan 2026 19:41:34 GMT + request: + body: + encoding: UTF-8 + string: '{"data":{"attributes":{"query":"security:monitoring","rule_query":"source:k9","severity":"medium","tags":["team:security"]},"type":"critical_assets"}}' + headers: + Accept: + - application/json + Content-Type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets + response: + body: + encoding: UTF-8 + string: '{"data":{"id":"f340fbe7-ed28-466e-924e-7e23475dd405","type":"critical_assets","attributes":{"creation_author_id":2320499,"creation_date":1768246895425,"creator":{"handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca","name":"CI + Account"},"enabled":true,"query":"security:monitoring","rule_query":"source:k9","severity":"medium","tags":["team:security"],"update_author_id":2320499,"update_date":1768246895425,"updater":{"handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca","name":"CI + Account"},"version":1}}}' + headers: + Content-Type: + - application/vnd.api+json + status: + code: 200 + message: OK +- recorded_at: Mon, 12 Jan 2026 19:41:34 GMT + request: + body: null + headers: + Accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/f340fbe7-ed28-466e-924e-7e23475dd405 + response: + body: + encoding: UTF-8 + string: '' + headers: {} + status: + code: 204 + message: No Content +- recorded_at: Mon, 12 Jan 2026 19:41:34 GMT + request: + body: null + headers: + Accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/f340fbe7-ed28-466e-924e-7e23475dd405 + response: + body: + encoding: UTF-8 + string: '{"errors":["not_found(Critical asset with ID f340fbe7-ed28-466e-924e-7e23475dd405 + not found)"]}' + headers: + Content-Type: + - application/json + status: + code: 404 + message: Not Found +recorded_with: VCR 6.0.0 diff --git a/cassettes/features/v2/security_monitoring/Get-a-critical-asset-returns-Not-Found-response.frozen b/cassettes/features/v2/security_monitoring/Get-a-critical-asset-returns-Not-Found-response.frozen new file mode 100644 index 000000000000..7b90a9183298 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Get-a-critical-asset-returns-Not-Found-response.frozen @@ -0,0 +1 @@ +2026-01-02T19:09:12.106Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Get-a-critical-asset-returns-Not-Found-response.yml b/cassettes/features/v2/security_monitoring/Get-a-critical-asset-returns-Not-Found-response.yml new file mode 100644 index 000000000000..82e365d27b2b --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Get-a-critical-asset-returns-Not-Found-response.yml @@ -0,0 +1,21 @@ +http_interactions: +- recorded_at: Fri, 02 Jan 2026 19:09:12 GMT + request: + body: null + headers: + Accept: + - application/json + method: GET + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/00000000-0000-0000-0000-000000000000 + response: + body: + encoding: UTF-8 + string: '{"errors":["not_found(Critical asset with ID 00000000-0000-0000-0000-000000000000 + not found)"]}' + headers: + Content-Type: + - application/json + status: + code: 404 + message: Not Found +recorded_with: VCR 6.0.0 diff --git a/cassettes/features/v2/security_monitoring/Get-a-critical-asset-returns-OK-response.frozen b/cassettes/features/v2/security_monitoring/Get-a-critical-asset-returns-OK-response.frozen new file mode 100644 index 000000000000..cd9a61964175 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Get-a-critical-asset-returns-OK-response.frozen @@ -0,0 +1 @@ +2026-01-12T19:41:36.187Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Get-a-critical-asset-returns-OK-response.yml b/cassettes/features/v2/security_monitoring/Get-a-critical-asset-returns-OK-response.yml new file mode 100644 index 000000000000..cc9c5d8cb93f --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Get-a-critical-asset-returns-OK-response.yml @@ -0,0 +1,62 @@ +http_interactions: +- recorded_at: Mon, 12 Jan 2026 19:41:36 GMT + request: + body: + encoding: UTF-8 + string: '{"data":{"attributes":{"query":"security:monitoring","rule_query":"source:k9","severity":"medium","tags":["team:security"]},"type":"critical_assets"}}' + headers: + Accept: + - application/json + Content-Type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets + response: + body: + encoding: UTF-8 + string: '{"data":{"id":"a9dfa43c-734a-4984-bed6-68934254cb59","type":"critical_assets","attributes":{"creation_author_id":2320499,"creation_date":1768246896448,"creator":{"handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca","name":"CI + Account"},"enabled":true,"query":"security:monitoring","rule_query":"source:k9","severity":"medium","tags":["team:security"],"update_author_id":2320499,"update_date":1768246896448,"updater":{"handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca","name":"CI + Account"},"version":1}}}' + headers: + Content-Type: + - application/vnd.api+json + status: + code: 200 + message: OK +- recorded_at: Mon, 12 Jan 2026 19:41:36 GMT + request: + body: null + headers: + Accept: + - application/json + method: GET + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/a9dfa43c-734a-4984-bed6-68934254cb59 + response: + body: + encoding: UTF-8 + string: '{"data":{"id":"a9dfa43c-734a-4984-bed6-68934254cb59","type":"critical_assets","attributes":{"creation_author_id":2320499,"creation_date":1768246896448,"creator":{"handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca","name":"CI + Account"},"enabled":true,"query":"security:monitoring","rule_query":"source:k9","severity":"medium","tags":["team:security"],"update_author_id":2320499,"update_date":1768246896448,"updater":{"handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca","name":"CI + Account"},"version":1}}}' + headers: + Content-Type: + - application/vnd.api+json + status: + code: 200 + message: OK +- recorded_at: Mon, 12 Jan 2026 19:41:36 GMT + request: + body: null + headers: + Accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/a9dfa43c-734a-4984-bed6-68934254cb59 + response: + body: + encoding: UTF-8 + string: '' + headers: {} + status: + code: 204 + message: No Content +recorded_with: VCR 6.0.0 diff --git a/cassettes/features/v2/security_monitoring/Get-all-critical-assets-returns-OK-response.frozen b/cassettes/features/v2/security_monitoring/Get-all-critical-assets-returns-OK-response.frozen new file mode 100644 index 000000000000..73ce7ea8b982 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Get-all-critical-assets-returns-OK-response.frozen @@ -0,0 +1 @@ +2026-01-02T19:09:14.824Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Get-all-critical-assets-returns-OK-response.yml b/cassettes/features/v2/security_monitoring/Get-all-critical-assets-returns-OK-response.yml new file mode 100644 index 000000000000..f5f695859868 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Get-all-critical-assets-returns-OK-response.yml @@ -0,0 +1,20 @@ +http_interactions: +- recorded_at: Fri, 02 Jan 2026 19:09:14 GMT + request: + body: null + headers: + Accept: + - application/json + method: GET + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets + response: + body: + encoding: UTF-8 + string: '{"data":[]}' + headers: + Content-Type: + - application/vnd.api+json + status: + code: 200 + message: OK +recorded_with: VCR 6.0.0 diff --git a/cassettes/features/v2/security_monitoring/Get-critical-assets-affecting-a-specific-rule-returns-Not-Found-response.frozen b/cassettes/features/v2/security_monitoring/Get-critical-assets-affecting-a-specific-rule-returns-Not-Found-response.frozen new file mode 100644 index 000000000000..8316ba542612 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Get-critical-assets-affecting-a-specific-rule-returns-Not-Found-response.frozen @@ -0,0 +1 @@ +2026-01-02T18:44:02.157Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Get-critical-assets-affecting-a-specific-rule-returns-Not-Found-response.yml b/cassettes/features/v2/security_monitoring/Get-critical-assets-affecting-a-specific-rule-returns-Not-Found-response.yml new file mode 100644 index 000000000000..d3feba9794c5 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Get-critical-assets-affecting-a-specific-rule-returns-Not-Found-response.yml @@ -0,0 +1,20 @@ +http_interactions: +- recorded_at: Fri, 02 Jan 2026 18:44:02 GMT + request: + body: null + headers: + Accept: + - application/json + method: GET + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/rules/aaa-bbb-ccc-ddd + response: + body: + encoding: UTF-8 + string: '{"data":[]}' + headers: + Content-Type: + - application/vnd.api+json + status: + code: 200 + message: OK +recorded_with: VCR 6.0.0 diff --git a/cassettes/features/v2/security_monitoring/Get-critical-assets-affecting-a-specific-rule-returns-OK-response.frozen b/cassettes/features/v2/security_monitoring/Get-critical-assets-affecting-a-specific-rule-returns-OK-response.frozen new file mode 100644 index 000000000000..7d88794debb8 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Get-critical-assets-affecting-a-specific-rule-returns-OK-response.frozen @@ -0,0 +1 @@ +2026-01-02T19:09:15.164Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Get-critical-assets-affecting-a-specific-rule-returns-OK-response.yml b/cassettes/features/v2/security_monitoring/Get-critical-assets-affecting-a-specific-rule-returns-OK-response.yml new file mode 100644 index 000000000000..9ef77417fe32 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Get-critical-assets-affecting-a-specific-rule-returns-OK-response.yml @@ -0,0 +1,60 @@ +http_interactions: +- recorded_at: Fri, 02 Jan 2026 19:09:15 GMT + request: + body: + encoding: UTF-8 + string: '{"cases":[{"condition":"a > 0","name":"","notifications":[],"status":"info"}],"filters":[],"isEnabled":true,"message":"Test + rule","name":"Test-Get_critical_assets_affecting_a_specific_rule_returns_OK_response-1767380955","options":{"evaluationWindow":900,"keepAlive":3600,"maxSignalDuration":86400},"queries":[{"aggregation":"count","distinctFields":[],"groupByFields":[],"metrics":[],"query":"@test:true"}],"tags":[],"type":"log_detection"}' + headers: + Accept: + - application/json + Content-Type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/security_monitoring/rules + response: + body: + encoding: UTF-8 + string: '{"name":"Test-Get_critical_assets_affecting_a_specific_rule_returns_OK_response-1767380955","createdAt":1767380955311,"isDefault":false,"isPartner":false,"isEnabled":true,"isBeta":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"@test:true","groupByFields":[],"hasOptionalGroupByFields":false,"distinctFields":[],"aggregation":"count","name":"","dataSource":"logs"}],"options":{"evaluationWindow":900,"detectionMethod":"threshold","maxSignalDuration":86400,"keepAlive":3600},"cases":[{"name":"","status":"info","notifications":[],"condition":"a + \u003e 0"}],"message":"Test rule","tags":[],"hasExtendedTitle":false,"type":"log_detection","filters":[],"version":1,"id":"kcp-m1q-tmu","blocking":false,"metadata":{"entities":null,"sources":null},"creationAuthorId":1445416,"creator":{"handle":"frog@datadoghq.com","name":"frog"},"updater":{"handle":"","name":""}}' + headers: + Content-Type: + - application/json + status: + code: 200 + message: OK +- recorded_at: Fri, 02 Jan 2026 19:09:15 GMT + request: + body: null + headers: + Accept: + - application/json + method: GET + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/rules/kcp-m1q-tmu + response: + body: + encoding: UTF-8 + string: '{"data":[]}' + headers: + Content-Type: + - application/vnd.api+json + status: + code: 200 + message: OK +- recorded_at: Fri, 02 Jan 2026 19:09:15 GMT + request: + body: null + headers: + Accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security_monitoring/rules/kcp-m1q-tmu + response: + body: + encoding: UTF-8 + string: '' + headers: {} + status: + code: 204 + message: No Content +recorded_with: VCR 6.0.0 diff --git a/cassettes/features/v2/security_monitoring/Update-a-critical-asset-returns-Bad-Request-response.frozen b/cassettes/features/v2/security_monitoring/Update-a-critical-asset-returns-Bad-Request-response.frozen new file mode 100644 index 000000000000..bc893621263e --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Update-a-critical-asset-returns-Bad-Request-response.frozen @@ -0,0 +1 @@ +2026-01-02T18:44:09.415Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Update-a-critical-asset-returns-Bad-Request-response.yml b/cassettes/features/v2/security_monitoring/Update-a-critical-asset-returns-Bad-Request-response.yml new file mode 100644 index 000000000000..a829f9e2240d --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Update-a-critical-asset-returns-Bad-Request-response.yml @@ -0,0 +1,25 @@ +http_interactions: +- recorded_at: Fri, 02 Jan 2026 18:44:09 GMT + request: + body: + encoding: UTF-8 + string: '{"data":{"attributes":{"severity":"invalid_severity"},"type":"critical_assets"}}' + headers: + Accept: + - application/json + Content-Type: + - application/json + method: PATCH + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/00000000-0000-0000-0000-000000000000 + response: + body: + encoding: UTF-8 + string: '{"errors":["not_found(Critical asset with ID 00000000-0000-0000-0000-000000000000 + not found)"]}' + headers: + Content-Type: + - application/json + status: + code: 404 + message: Not Found +recorded_with: VCR 6.0.0 diff --git a/cassettes/features/v2/security_monitoring/Update-a-critical-asset-returns-Not-Found-response.frozen b/cassettes/features/v2/security_monitoring/Update-a-critical-asset-returns-Not-Found-response.frozen new file mode 100644 index 000000000000..34439436f4cd --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Update-a-critical-asset-returns-Not-Found-response.frozen @@ -0,0 +1 @@ +2026-01-02T19:09:24.526Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Update-a-critical-asset-returns-Not-Found-response.yml b/cassettes/features/v2/security_monitoring/Update-a-critical-asset-returns-Not-Found-response.yml new file mode 100644 index 000000000000..2ba70a5df269 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Update-a-critical-asset-returns-Not-Found-response.yml @@ -0,0 +1,25 @@ +http_interactions: +- recorded_at: Fri, 02 Jan 2026 19:09:24 GMT + request: + body: + encoding: UTF-8 + string: '{"data":{"attributes":{"severity":"high"},"type":"critical_assets"}}' + headers: + Accept: + - application/json + Content-Type: + - application/json + method: PATCH + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/00000000-0000-0000-0000-000000000001 + response: + body: + encoding: UTF-8 + string: '{"errors":["not_found(Critical asset with ID 00000000-0000-0000-0000-000000000001 + not found)"]}' + headers: + Content-Type: + - application/json + status: + code: 404 + message: Not Found +recorded_with: VCR 6.0.0 diff --git a/cassettes/features/v2/security_monitoring/Update-a-critical-asset-returns-OK-response.frozen b/cassettes/features/v2/security_monitoring/Update-a-critical-asset-returns-OK-response.frozen new file mode 100644 index 000000000000..8a0b1a02a280 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Update-a-critical-asset-returns-OK-response.frozen @@ -0,0 +1 @@ +2026-01-12T19:41:37.223Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Update-a-critical-asset-returns-OK-response.yml b/cassettes/features/v2/security_monitoring/Update-a-critical-asset-returns-OK-response.yml new file mode 100644 index 000000000000..6a154456975a --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Update-a-critical-asset-returns-OK-response.yml @@ -0,0 +1,68 @@ +http_interactions: +- recorded_at: Mon, 12 Jan 2026 19:41:37 GMT + request: + body: + encoding: UTF-8 + string: '{"data":{"attributes":{"query":"security:monitoring","rule_query":"source:k9","severity":"medium","tags":["team:security"]},"type":"critical_assets"}}' + headers: + Accept: + - application/json + Content-Type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets + response: + body: + encoding: UTF-8 + string: '{"data":{"id":"8fb467ae-b5c8-4bb1-822d-7648fe10a912","type":"critical_assets","attributes":{"creation_author_id":2320499,"creation_date":1768246897503,"creator":{"handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca","name":"CI + Account"},"enabled":true,"query":"security:monitoring","rule_query":"source:k9","severity":"medium","tags":["team:security"],"update_author_id":2320499,"update_date":1768246897503,"updater":{"handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca","name":"CI + Account"},"version":1}}}' + headers: + Content-Type: + - application/vnd.api+json + status: + code: 200 + message: OK +- recorded_at: Mon, 12 Jan 2026 19:41:37 GMT + request: + body: + encoding: UTF-8 + string: '{"data":{"attributes":{"enabled":false,"query":"no:alert","rule_query":"type:(log_detection + OR signal_correlation OR workload_security OR application_security) ruleId:djg-ktx-ipq","severity":"decrease","tags":["env:production"],"version":1},"type":"critical_assets"}}' + headers: + Accept: + - application/json + Content-Type: + - application/json + method: PATCH + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/8fb467ae-b5c8-4bb1-822d-7648fe10a912 + response: + body: + encoding: UTF-8 + string: '{"data":{"id":"8fb467ae-b5c8-4bb1-822d-7648fe10a912","type":"critical_assets","attributes":{"creation_author_id":2320499,"creation_date":1768246897503,"creator":{"handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca","name":"CI + Account"},"enabled":false,"query":"no:alert","rule_query":"type:(log_detection + OR signal_correlation OR workload_security OR application_security) ruleId:djg-ktx-ipq","severity":"decrease","tags":["env:production"],"update_author_id":2320499,"update_date":1768246897863,"updater":{"handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca","name":"CI + Account"},"version":2}}}' + headers: + Content-Type: + - application/vnd.api+json + status: + code: 200 + message: OK +- recorded_at: Mon, 12 Jan 2026 19:41:37 GMT + request: + body: null + headers: + Accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/8fb467ae-b5c8-4bb1-822d-7648fe10a912 + response: + body: + encoding: UTF-8 + string: '' + headers: {} + status: + code: 204 + message: No Content +recorded_with: VCR 6.0.0 diff --git a/examples/v2/security-monitoring/CreateSecurityMonitoringCriticalAsset.rb b/examples/v2/security-monitoring/CreateSecurityMonitoringCriticalAsset.rb new file mode 100644 index 000000000000..00d1e6bf7a2a --- /dev/null +++ b/examples/v2/security-monitoring/CreateSecurityMonitoringCriticalAsset.rb @@ -0,0 +1,20 @@ +# Create a critical asset returns "OK" response + +require "datadog_api_client" +api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new + +body = DatadogAPIClient::V2::SecurityMonitoringCriticalAssetCreateRequest.new({ + data: DatadogAPIClient::V2::SecurityMonitoringCriticalAssetCreateData.new({ + type: DatadogAPIClient::V2::SecurityMonitoringCriticalAssetType::CRITICAL_ASSETS, + attributes: DatadogAPIClient::V2::SecurityMonitoringCriticalAssetCreateAttributes.new({ + query: "host:examplesecuritymonitoring", + rule_query: "type:(log_detection OR signal_correlation OR workload_security OR application_security) source:cloudtrail", + severity: DatadogAPIClient::V2::SecurityMonitoringCriticalAssetSeverity::DECREASE, + tags: [ + "team:security", + "env:test", + ], + }), + }), +}) +p api_instance.create_security_monitoring_critical_asset(body) diff --git a/examples/v2/security-monitoring/DeleteSecurityMonitoringCriticalAsset.rb b/examples/v2/security-monitoring/DeleteSecurityMonitoringCriticalAsset.rb new file mode 100644 index 000000000000..a80c01a0d49a --- /dev/null +++ b/examples/v2/security-monitoring/DeleteSecurityMonitoringCriticalAsset.rb @@ -0,0 +1,8 @@ +# Delete a critical asset returns "OK" response + +require "datadog_api_client" +api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new + +# there is a valid "critical_asset" in the system +CRITICAL_ASSET_DATA_ID = ENV["CRITICAL_ASSET_DATA_ID"] +api_instance.delete_security_monitoring_critical_asset(CRITICAL_ASSET_DATA_ID) diff --git a/examples/v2/security-monitoring/GetCriticalAssetsAffectingRule.rb b/examples/v2/security-monitoring/GetCriticalAssetsAffectingRule.rb new file mode 100644 index 000000000000..035c7b31b8c1 --- /dev/null +++ b/examples/v2/security-monitoring/GetCriticalAssetsAffectingRule.rb @@ -0,0 +1,8 @@ +# Get critical assets affecting a specific rule returns "OK" response + +require "datadog_api_client" +api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new + +# there is a valid "security_rule" in the system +SECURITY_RULE_ID = ENV["SECURITY_RULE_ID"] +p api_instance.get_critical_assets_affecting_rule(SECURITY_RULE_ID) diff --git a/examples/v2/security-monitoring/GetSecurityMonitoringCriticalAsset.rb b/examples/v2/security-monitoring/GetSecurityMonitoringCriticalAsset.rb new file mode 100644 index 000000000000..5d5db1dba142 --- /dev/null +++ b/examples/v2/security-monitoring/GetSecurityMonitoringCriticalAsset.rb @@ -0,0 +1,8 @@ +# Get a critical asset returns "OK" response + +require "datadog_api_client" +api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new + +# there is a valid "critical_asset" in the system +CRITICAL_ASSET_DATA_ID = ENV["CRITICAL_ASSET_DATA_ID"] +p api_instance.get_security_monitoring_critical_asset(CRITICAL_ASSET_DATA_ID) diff --git a/examples/v2/security-monitoring/ListSecurityMonitoringCriticalAssets.rb b/examples/v2/security-monitoring/ListSecurityMonitoringCriticalAssets.rb new file mode 100644 index 000000000000..b82c94baf89a --- /dev/null +++ b/examples/v2/security-monitoring/ListSecurityMonitoringCriticalAssets.rb @@ -0,0 +1,5 @@ +# Get all critical assets returns "OK" response + +require "datadog_api_client" +api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new +p api_instance.list_security_monitoring_critical_assets() diff --git a/examples/v2/security-monitoring/UpdateSecurityMonitoringCriticalAsset.rb b/examples/v2/security-monitoring/UpdateSecurityMonitoringCriticalAsset.rb new file mode 100644 index 000000000000..fc57b2c61b53 --- /dev/null +++ b/examples/v2/security-monitoring/UpdateSecurityMonitoringCriticalAsset.rb @@ -0,0 +1,24 @@ +# Update a critical asset returns "OK" response + +require "datadog_api_client" +api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new + +# there is a valid "critical_asset" in the system +CRITICAL_ASSET_DATA_ID = ENV["CRITICAL_ASSET_DATA_ID"] + +body = DatadogAPIClient::V2::SecurityMonitoringCriticalAssetUpdateRequest.new({ + data: DatadogAPIClient::V2::SecurityMonitoringCriticalAssetUpdateData.new({ + type: DatadogAPIClient::V2::SecurityMonitoringCriticalAssetType::CRITICAL_ASSETS, + attributes: DatadogAPIClient::V2::SecurityMonitoringCriticalAssetUpdateAttributes.new({ + enabled: false, + query: "no:alert", + rule_query: "type:(log_detection OR signal_correlation OR workload_security OR application_security) ruleId:djg-ktx-ipq", + severity: DatadogAPIClient::V2::SecurityMonitoringCriticalAssetSeverity::DECREASE, + tags: [ + "env:production", + ], + version: 1, + }), + }), +}) +p api_instance.update_security_monitoring_critical_asset(CRITICAL_ASSET_DATA_ID, body) diff --git a/features/scenarios_model_mapping.rb b/features/scenarios_model_mapping.rb index 50840f4f7593..3fcc52579413 100644 --- a/features/scenarios_model_mapping.rb +++ b/features/scenarios_model_mapping.rb @@ -1525,6 +1525,25 @@ "filter_operating_system_name" => "String", "filter_operating_system_version" => "String", }, + "v2.ListSecurityMonitoringCriticalAssets" => { + "query" => "String", + }, + "v2.CreateSecurityMonitoringCriticalAsset" => { + "body" => "SecurityMonitoringCriticalAssetCreateRequest", + }, + "v2.GetCriticalAssetsAffectingRule" => { + "rule_id" => "String", + }, + "v2.DeleteSecurityMonitoringCriticalAsset" => { + "critical_asset_id" => "String", + }, + "v2.GetSecurityMonitoringCriticalAsset" => { + "critical_asset_id" => "String", + }, + "v2.UpdateSecurityMonitoringCriticalAsset" => { + "critical_asset_id" => "String", + "body" => "SecurityMonitoringCriticalAssetUpdateRequest", + }, "v2.CreateSecurityFilter" => { "body" => "SecurityFilterCreateRequest", }, diff --git a/features/v2/given.json b/features/v2/given.json index aa08181879c7..1e4b1ff8268b 100644 --- a/features/v2/given.json +++ b/features/v2/given.json @@ -1007,6 +1007,18 @@ "tag": "CSM Threats", "operationId": "CreateCloudWorkloadSecurityAgentRule" }, + { + "parameters": [ + { + "name": "body", + "value": "{\n \"data\": {\n \"type\": \"critical_assets\",\n \"attributes\": {\n \"query\":\"security:monitoring\",\n \"severity\":\"medium\",\n \"rule_query\":\"source:k9\",\n \"tags\":[\"team:security\"]\n }\n }\n}" + } + ], + "step": "there is a valid \"critical_asset\" in the system", + "key": "critical_asset", + "tag": "Security Monitoring", + "operationId": "CreateSecurityMonitoringCriticalAsset" + }, { "parameters": [ { diff --git a/features/v2/security_monitoring.feature b/features/v2/security_monitoring.feature index a4954459e206..2a6c599c3060 100644 --- a/features/v2/security_monitoring.feature +++ b/features/v2/security_monitoring.feature @@ -293,6 +293,29 @@ Feature: Security Monitoring And the response "message" is equal to "ddd" And the response "options.complianceRuleOptions.resourceType" is equal to "gcp_compute_disk" + @skip @team:DataDog/k9-cloud-security-platform + Scenario: Create a critical asset returns "Bad Request" response + Given new "CreateSecurityMonitoringCriticalAsset" request + And body with value {"data": {"type": "critical_assets", "attributes": {"query": "host:test"}}} + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: Create a critical asset returns "Conflict" response + Given new "CreateSecurityMonitoringCriticalAsset" request + And body with value {"data": {"attributes": {"enabled": true, "query": "security:monitoring", "rule_query": "type:(log_detection OR signal_correlation OR workload_security OR application_security) source:cloudtrail", "severity": "increase", "tags": ["team:database", "source:cloudtrail"]}, "type": "critical_assets"}} + When the request is sent + Then the response status is 409 Conflict + + @skip-validation @team:DataDog/k9-cloud-security-platform + Scenario: Create a critical asset returns "OK" response + Given new "CreateSecurityMonitoringCriticalAsset" request + And body with value {"data": {"type": "critical_assets", "attributes": {"query": "host:{{ unique_lower_alnum }}", "rule_query": "type:(log_detection OR signal_correlation OR workload_security OR application_security) source:cloudtrail", "severity": "decrease", "tags": ["team:security", "env:test"]}}} + When the request is sent + Then the response status is 200 OK + And the response "data.type" is equal to "critical_assets" + And the response "data.attributes.severity" is equal to "decrease" + @team:DataDog/k9-cloud-security-platform Scenario: Create a custom framework returns "Bad Request" response Given new "CreateCustomFramework" request @@ -588,6 +611,21 @@ Feature: Security Monitoring When the request is sent Then the response status is 404 Not Found + @team:DataDog/k9-cloud-security-platform + Scenario: Delete a critical asset returns "Not Found" response + Given new "DeleteSecurityMonitoringCriticalAsset" request + And request contains "critical_asset_id" parameter with value "00000000-0000-0000-0000-000000000000" + When the request is sent + Then the response status is 404 Not Found + + @skip-validation @team:DataDog/k9-cloud-security-platform + Scenario: Delete a critical asset returns "OK" response + Given there is a valid "critical_asset" in the system + And new "DeleteSecurityMonitoringCriticalAsset" request + And request contains "critical_asset_id" parameter from "critical_asset.data.id" + When the request is sent + Then the response status is 204 OK + @team:DataDog/k9-cloud-security-platform Scenario: Delete a custom framework returns "Bad Request" response Given new "DeleteCustomFramework" request @@ -784,6 +822,23 @@ Feature: Security Monitoring And the response "name" is equal to "{{ unique }}_cloud" And the response "id" has the same value as "cloud_configuration_rule.id" + @team:DataDog/k9-cloud-security-platform + Scenario: Get a critical asset returns "Not Found" response + Given new "GetSecurityMonitoringCriticalAsset" request + And request contains "critical_asset_id" parameter with value "00000000-0000-0000-0000-000000000000" + When the request is sent + Then the response status is 404 Not Found + + @skip-validation @team:DataDog/k9-cloud-security-platform + Scenario: Get a critical asset returns "OK" response + Given new "GetSecurityMonitoringCriticalAsset" request + And there is a valid "critical_asset" in the system + And request contains "critical_asset_id" parameter from "critical_asset.data.id" + When the request is sent + Then the response status is 200 OK + And the response "data.attributes.rule_query" has the same value as "critical_asset.data.attributes.rule_query" + And the response "data.attributes.severity" is equal to "medium" + @team:DataDog/k9-cloud-security-platform Scenario: Get a custom framework returns "Bad Request" response Given new "GetCustomFramework" request @@ -1049,6 +1104,12 @@ Feature: Security Monitoring When the request is sent Then the response status is 200 OK + @team:DataDog/k9-cloud-security-platform + Scenario: Get all critical assets returns "OK" response + Given new "ListSecurityMonitoringCriticalAssets" request + When the request is sent + Then the response status is 200 OK + @team:DataDog/k9-cloud-security-platform Scenario: Get all security filters returns "OK" response Given new "ListSecurityFilters" request @@ -1063,6 +1124,21 @@ Feature: Security Monitoring When the request is sent Then the response status is 200 OK + @skip @team:DataDog/k9-cloud-security-platform + Scenario: Get critical assets affecting a specific rule returns "Not Found" response + Given new "GetCriticalAssetsAffectingRule" request + And request contains "rule_id" parameter with value "aaa-bbb-ccc-ddd" + When the request is sent + Then the response status is 404 Not Found + + @team:DataDog/k9-cloud-security-platform + Scenario: Get critical assets affecting a specific rule returns "OK" response + Given new "GetCriticalAssetsAffectingRule" request + And there is a valid "security_rule" in the system + And request contains "rule_id" parameter from "security_rule.id" + When the request is sent + Then the response status is 200 OK + @generated @skip @team:DataDog/cloud-security-posture-management Scenario: Get details of a signal-based notification rule returns "Bad Request" response Given new "GetSignalNotificationRule" request @@ -1678,6 +1754,43 @@ Feature: Security Monitoring And the response "name" is equal to "{{ unique }}_cloud_updated" And the response "id" has the same value as "cloud_configuration_rule.id" + @skip @team:DataDog/k9-cloud-security-platform + Scenario: Update a critical asset returns "Bad Request" response + Given new "UpdateSecurityMonitoringCriticalAsset" request + And request contains "critical_asset_id" parameter with value "00000000-0000-0000-0000-000000000000" + And body with value {"data": {"type": "critical_assets", "attributes": {"severity": "invalid_severity"}}} + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: Update a critical asset returns "Concurrent Modification" response + Given new "UpdateSecurityMonitoringCriticalAsset" request + And request contains "critical_asset_id" parameter from "REPLACE.ME" + And body with value {"data": {"attributes": {"enabled": true, "query": "security:monitoring", "rule_query": "type:log_detection source:cloudtrail", "severity": "increase", "tags": ["technique:T1110-brute-force", "source:cloudtrail"], "version": 1}, "type": "critical_assets"}} + When the request is sent + Then the response status is 409 Concurrent Modification + + @team:DataDog/k9-cloud-security-platform + Scenario: Update a critical asset returns "Not Found" response + Given new "UpdateSecurityMonitoringCriticalAsset" request + And request contains "critical_asset_id" parameter with value "00000000-0000-0000-0000-000000000001" + And body with value {"data": {"type": "critical_assets", "attributes": {"severity": "high"}}} + When the request is sent + Then the response status is 404 Not Found + + @skip-validation @team:DataDog/k9-cloud-security-platform + Scenario: Update a critical asset returns "OK" response + Given new "UpdateSecurityMonitoringCriticalAsset" request + And there is a valid "critical_asset" in the system + And request contains "critical_asset_id" parameter from "critical_asset.data.id" + And body with value {"data": {"type": "critical_assets", "attributes": {"enabled": false, "query": "no:alert", "rule_query": "type:(log_detection OR signal_correlation OR workload_security OR application_security) ruleId:djg-ktx-ipq", "severity": "decrease", "tags": ["env:production"], "version": 1}}} + When the request is sent + Then the response status is 200 OK + And the response "data.type" is equal to "critical_assets" + And the response "data.attributes.severity" is equal to "decrease" + And the response "data.attributes.enabled" is equal to false + And the response "data.attributes.version" is equal to 2 + @team:DataDog/k9-cloud-security-platform Scenario: Update a custom framework returns "Bad Request" response Given new "UpdateCustomFramework" request diff --git a/features/v2/undo.json b/features/v2/undo.json index b54378e93ba6..f1f207bc6256 100644 --- a/features/v2/undo.json +++ b/features/v2/undo.json @@ -3988,6 +3988,49 @@ "type": "idempotent" } }, + "ListSecurityMonitoringCriticalAssets": { + "tag": "Security Monitoring", + "undo": { + "type": "safe" + } + }, + "CreateSecurityMonitoringCriticalAsset": { + "tag": "Security Monitoring", + "undo": { + "operationId": "DeleteSecurityMonitoringCriticalAsset", + "parameters": [ + { + "name": "critical_asset_id", + "source": "data.id" + } + ], + "type": "unsafe" + } + }, + "GetCriticalAssetsAffectingRule": { + "tag": "Security Monitoring", + "undo": { + "type": "safe" + } + }, + "DeleteSecurityMonitoringCriticalAsset": { + "tag": "Security Monitoring", + "undo": { + "type": "idempotent" + } + }, + "GetSecurityMonitoringCriticalAsset": { + "tag": "Security Monitoring", + "undo": { + "type": "safe" + } + }, + "UpdateSecurityMonitoringCriticalAsset": { + "tag": "Security Monitoring", + "undo": { + "type": "idempotent" + } + }, "ListSecurityFilters": { "tag": "Security Monitoring", "undo": { diff --git a/lib/datadog_api_client/inflector.rb b/lib/datadog_api_client/inflector.rb index 163e609556aa..37b9e8499310 100644 --- a/lib/datadog_api_client/inflector.rb +++ b/lib/datadog_api_client/inflector.rb @@ -3995,6 +3995,18 @@ def overrides "v2.security_findings_search_request_page" => "SecurityFindingsSearchRequestPage", "v2.security_findings_sort" => "SecurityFindingsSort", "v2.security_findings_status" => "SecurityFindingsStatus", + "v2.security_monitoring_critical_asset" => "SecurityMonitoringCriticalAsset", + "v2.security_monitoring_critical_asset_attributes" => "SecurityMonitoringCriticalAssetAttributes", + "v2.security_monitoring_critical_asset_create_attributes" => "SecurityMonitoringCriticalAssetCreateAttributes", + "v2.security_monitoring_critical_asset_create_data" => "SecurityMonitoringCriticalAssetCreateData", + "v2.security_monitoring_critical_asset_create_request" => "SecurityMonitoringCriticalAssetCreateRequest", + "v2.security_monitoring_critical_asset_response" => "SecurityMonitoringCriticalAssetResponse", + "v2.security_monitoring_critical_asset_severity" => "SecurityMonitoringCriticalAssetSeverity", + "v2.security_monitoring_critical_assets_response" => "SecurityMonitoringCriticalAssetsResponse", + "v2.security_monitoring_critical_asset_type" => "SecurityMonitoringCriticalAssetType", + "v2.security_monitoring_critical_asset_update_attributes" => "SecurityMonitoringCriticalAssetUpdateAttributes", + "v2.security_monitoring_critical_asset_update_data" => "SecurityMonitoringCriticalAssetUpdateData", + "v2.security_monitoring_critical_asset_update_request" => "SecurityMonitoringCriticalAssetUpdateRequest", "v2.security_monitoring_filter" => "SecurityMonitoringFilter", "v2.security_monitoring_filter_action" => "SecurityMonitoringFilterAction", "v2.security_monitoring_list_rules_response" => "SecurityMonitoringListRulesResponse", diff --git a/lib/datadog_api_client/v2/api/security_monitoring_api.rb b/lib/datadog_api_client/v2/api/security_monitoring_api.rb index cb883b183712..5bc5f0e595e3 100644 --- a/lib/datadog_api_client/v2/api/security_monitoring_api.rb +++ b/lib/datadog_api_client/v2/api/security_monitoring_api.rb @@ -737,6 +737,73 @@ def create_security_filter_with_http_info(body, opts = {}) return data, status_code, headers end + # Create a critical asset. + # + # @see #create_security_monitoring_critical_asset_with_http_info + def create_security_monitoring_critical_asset(body, opts = {}) + data, _status_code, _headers = create_security_monitoring_critical_asset_with_http_info(body, opts) + data + end + + # Create a critical asset. + # + # Create a new critical asset. + # + # @param body [SecurityMonitoringCriticalAssetCreateRequest] The definition of the new critical asset. + # @param opts [Hash] the optional parameters + # @return [Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>] SecurityMonitoringCriticalAssetResponse data, response status code and response headers + def create_security_monitoring_critical_asset_with_http_info(body, opts = {}) + + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_security_monitoring_critical_asset ...' + end + # verify the required parameter 'body' is set + if @api_client.config.client_side_validation && body.nil? + fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_security_monitoring_critical_asset" + end + # resource path + local_var_path = '/api/v2/security_monitoring/configuration/critical_assets' + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:debug_body] || @api_client.object_to_http_body(body) + + # return_type + return_type = opts[:debug_return_type] || 'SecurityMonitoringCriticalAssetResponse' + + # auth_names + auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ] + + new_options = opts.merge( + :operation => :create_security_monitoring_critical_asset, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type, + :api_version => "V2" + ) + + data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options) + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_security_monitoring_critical_asset\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Create a detection rule. # # @see #create_security_monitoring_rule_with_http_info @@ -1140,6 +1207,71 @@ def delete_security_filter_with_http_info(security_filter_id, opts = {}) return data, status_code, headers end + # Delete a critical asset. + # + # @see #delete_security_monitoring_critical_asset_with_http_info + def delete_security_monitoring_critical_asset(critical_asset_id, opts = {}) + delete_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts) + nil + end + + # Delete a critical asset. + # + # Delete a specific critical asset. + # + # @param critical_asset_id [String] The ID of the critical asset. + # @param opts [Hash] the optional parameters + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def delete_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts = {}) + + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_security_monitoring_critical_asset ...' + end + # verify the required parameter 'critical_asset_id' is set + if @api_client.config.client_side_validation && critical_asset_id.nil? + fail ArgumentError, "Missing the required parameter 'critical_asset_id' when calling SecurityMonitoringAPI.delete_security_monitoring_critical_asset" + end + # resource path + local_var_path = '/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id}'.sub('{critical_asset_id}', CGI.escape(critical_asset_id.to_s).gsub('%2F', '/')) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['*/*']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:debug_body] + + # return_type + return_type = opts[:debug_return_type] + + # auth_names + auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ] + + new_options = opts.merge( + :operation => :delete_security_monitoring_critical_asset, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type, + :api_version => "V2" + ) + + data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options) + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_security_monitoring_critical_asset\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Delete an existing rule. # # @see #delete_security_monitoring_rule_with_http_info @@ -1755,6 +1887,71 @@ def edit_security_monitoring_signal_state_with_http_info(signal_id, body, opts = return data, status_code, headers end + # Get critical assets affecting a specific rule. + # + # @see #get_critical_assets_affecting_rule_with_http_info + def get_critical_assets_affecting_rule(rule_id, opts = {}) + data, _status_code, _headers = get_critical_assets_affecting_rule_with_http_info(rule_id, opts) + data + end + + # Get critical assets affecting a specific rule. + # + # Get the list of critical assets that affect a specific existing rule by the rule's ID. + # + # @param rule_id [String] The ID of the rule. + # @param opts [Hash] the optional parameters + # @return [Array<(SecurityMonitoringCriticalAssetsResponse, Integer, Hash)>] SecurityMonitoringCriticalAssetsResponse data, response status code and response headers + def get_critical_assets_affecting_rule_with_http_info(rule_id, opts = {}) + + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_critical_assets_affecting_rule ...' + end + # verify the required parameter 'rule_id' is set + if @api_client.config.client_side_validation && rule_id.nil? + fail ArgumentError, "Missing the required parameter 'rule_id' when calling SecurityMonitoringAPI.get_critical_assets_affecting_rule" + end + # resource path + local_var_path = '/api/v2/security_monitoring/configuration/critical_assets/rules/{rule_id}'.sub('{rule_id}', CGI.escape(rule_id.to_s).gsub('%2F', '/')) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:debug_body] + + # return_type + return_type = opts[:debug_return_type] || 'SecurityMonitoringCriticalAssetsResponse' + + # auth_names + auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ] + + new_options = opts.merge( + :operation => :get_critical_assets_affecting_rule, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type, + :api_version => "V2" + ) + + data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options) + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_critical_assets_affecting_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Get a custom framework. # # @see #get_custom_framework_with_http_info @@ -2266,6 +2463,71 @@ def get_security_filter_with_http_info(security_filter_id, opts = {}) return data, status_code, headers end + # Get a critical asset. + # + # @see #get_security_monitoring_critical_asset_with_http_info + def get_security_monitoring_critical_asset(critical_asset_id, opts = {}) + data, _status_code, _headers = get_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts) + data + end + + # Get a critical asset. + # + # Get the details of a specific critical asset. + # + # @param critical_asset_id [String] The ID of the critical asset. + # @param opts [Hash] the optional parameters + # @return [Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>] SecurityMonitoringCriticalAssetResponse data, response status code and response headers + def get_security_monitoring_critical_asset_with_http_info(critical_asset_id, opts = {}) + + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_critical_asset ...' + end + # verify the required parameter 'critical_asset_id' is set + if @api_client.config.client_side_validation && critical_asset_id.nil? + fail ArgumentError, "Missing the required parameter 'critical_asset_id' when calling SecurityMonitoringAPI.get_security_monitoring_critical_asset" + end + # resource path + local_var_path = '/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id}'.sub('{critical_asset_id}', CGI.escape(critical_asset_id.to_s).gsub('%2F', '/')) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:debug_body] + + # return_type + return_type = opts[:debug_return_type] || 'SecurityMonitoringCriticalAssetResponse' + + # auth_names + auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ] + + new_options = opts.merge( + :operation => :get_security_monitoring_critical_asset, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type, + :api_version => "V2" + ) + + data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options) + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_critical_asset\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Get a hist signal's details. # # @see #get_security_monitoring_histsignal_with_http_info @@ -3793,6 +4055,68 @@ def list_security_findings_with_pagination(opts = {}) end end + # Get all critical assets. + # + # @see #list_security_monitoring_critical_assets_with_http_info + def list_security_monitoring_critical_assets(opts = {}) + data, _status_code, _headers = list_security_monitoring_critical_assets_with_http_info(opts) + data + end + + # Get all critical assets. + # + # Get the list of all critical assets. + # + # @param opts [Hash] the optional parameters + # @option opts [String] :query Query string. + # @return [Array<(SecurityMonitoringCriticalAssetsResponse, Integer, Hash)>] SecurityMonitoringCriticalAssetsResponse data, response status code and response headers + def list_security_monitoring_critical_assets_with_http_info(opts = {}) + + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_monitoring_critical_assets ...' + end + # resource path + local_var_path = '/api/v2/security_monitoring/configuration/critical_assets' + + # query parameters + query_params = opts[:query_params] || {} + query_params[:'query'] = opts[:'query'] if !opts[:'query'].nil? + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:debug_body] + + # return_type + return_type = opts[:debug_return_type] || 'SecurityMonitoringCriticalAssetsResponse' + + # auth_names + auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ] + + new_options = opts.merge( + :operation => :list_security_monitoring_critical_assets, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type, + :api_version => "V2" + ) + + data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options) + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_monitoring_critical_assets\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List hist signals. # # @see #list_security_monitoring_histsignals_with_http_info @@ -5487,6 +5811,78 @@ def update_security_filter_with_http_info(security_filter_id, body, opts = {}) return data, status_code, headers end + # Update a critical asset. + # + # @see #update_security_monitoring_critical_asset_with_http_info + def update_security_monitoring_critical_asset(critical_asset_id, body, opts = {}) + data, _status_code, _headers = update_security_monitoring_critical_asset_with_http_info(critical_asset_id, body, opts) + data + end + + # Update a critical asset. + # + # Update a specific critical asset. + # + # @param critical_asset_id [String] The ID of the critical asset. + # @param body [SecurityMonitoringCriticalAssetUpdateRequest] New definition of the critical asset. Supports partial updates. + # @param opts [Hash] the optional parameters + # @return [Array<(SecurityMonitoringCriticalAssetResponse, Integer, Hash)>] SecurityMonitoringCriticalAssetResponse data, response status code and response headers + def update_security_monitoring_critical_asset_with_http_info(critical_asset_id, body, opts = {}) + + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_security_monitoring_critical_asset ...' + end + # verify the required parameter 'critical_asset_id' is set + if @api_client.config.client_side_validation && critical_asset_id.nil? + fail ArgumentError, "Missing the required parameter 'critical_asset_id' when calling SecurityMonitoringAPI.update_security_monitoring_critical_asset" + end + # verify the required parameter 'body' is set + if @api_client.config.client_side_validation && body.nil? + fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_security_monitoring_critical_asset" + end + # resource path + local_var_path = '/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id}'.sub('{critical_asset_id}', CGI.escape(critical_asset_id.to_s).gsub('%2F', '/')) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:debug_body] || @api_client.object_to_http_body(body) + + # return_type + return_type = opts[:debug_return_type] || 'SecurityMonitoringCriticalAssetResponse' + + # auth_names + auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ] + + new_options = opts.merge( + :operation => :update_security_monitoring_critical_asset, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type, + :api_version => "V2" + ) + + data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options) + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_security_monitoring_critical_asset\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Update an existing rule. # # @see #update_security_monitoring_rule_with_http_info diff --git a/lib/datadog_api_client/v2/models/security_monitoring_critical_asset.rb b/lib/datadog_api_client/v2/models/security_monitoring_critical_asset.rb new file mode 100644 index 000000000000..148e601435ed --- /dev/null +++ b/lib/datadog_api_client/v2/models/security_monitoring_critical_asset.rb @@ -0,0 +1,125 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # The critical asset's properties. + class SecurityMonitoringCriticalAsset + include BaseGenericModel + + # The attributes of the critical asset. + attr_accessor :attributes + + # The ID of the critical asset. + attr_accessor :id + + # The type of the resource. The value should always be `critical_assets`. + attr_accessor :type + + attr_accessor :additional_properties + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'attributes' => :'attributes', + :'id' => :'id', + :'type' => :'type' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'attributes' => :'SecurityMonitoringCriticalAssetAttributes', + :'id' => :'String', + :'type' => :'SecurityMonitoringCriticalAssetType' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::SecurityMonitoringCriticalAsset` initialize method" + end + + self.additional_properties = {} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + self.additional_properties[k.to_sym] = v + else + h[k.to_sym] = v + end + } + + if attributes.key?(:'attributes') + self.attributes = attributes[:'attributes'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Returns the object in the form of hash, with additionalProperties support. + # @return [Hash] Returns the object in the form of hash + # @!visibility private + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + self.additional_properties.each_pair do |attr, value| + hash[attr] = value + end + hash + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + attributes == o.attributes && + id == o.id && + type == o.type && + additional_properties == o.additional_properties + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [attributes, id, type, additional_properties].hash + end + end +end diff --git a/lib/datadog_api_client/v2/models/security_monitoring_critical_asset_attributes.rb b/lib/datadog_api_client/v2/models/security_monitoring_critical_asset_attributes.rb new file mode 100644 index 000000000000..f6032b273b94 --- /dev/null +++ b/lib/datadog_api_client/v2/models/security_monitoring_critical_asset_attributes.rb @@ -0,0 +1,235 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # The attributes of the critical asset. + class SecurityMonitoringCriticalAssetAttributes + include BaseGenericModel + + # ID of user who created the critical asset. + attr_accessor :creation_author_id + + # A Unix millisecond timestamp given the creation date of the critical asset. + attr_accessor :creation_date + + # A user. + attr_accessor :creator + + # Whether the critical asset is enabled. + attr_accessor :enabled + + # The query for the critical asset. It uses the same syntax as the queries to search signals in the Signals Explorer. + attr_accessor :query + + # The rule query of the critical asset, with the same syntax as the search bar for detection rules. This determines which rules this critical asset will apply to. + attr_accessor :rule_query + + # Severity associated with this critical asset. Either an explicit severity can be set, or the severity can be increased or decreased. + attr_accessor :severity + + # List of tags associated with the critical asset. + attr_accessor :tags + + # ID of user who updated the critical asset. + attr_accessor :update_author_id + + # A Unix millisecond timestamp given the update date of the critical asset. + attr_accessor :update_date + + # A user. + attr_accessor :updater + + # The version of the critical asset; it starts at 1, and is incremented at each update. + attr_reader :version + + attr_accessor :additional_properties + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'creation_author_id' => :'creation_author_id', + :'creation_date' => :'creation_date', + :'creator' => :'creator', + :'enabled' => :'enabled', + :'query' => :'query', + :'rule_query' => :'rule_query', + :'severity' => :'severity', + :'tags' => :'tags', + :'update_author_id' => :'update_author_id', + :'update_date' => :'update_date', + :'updater' => :'updater', + :'version' => :'version' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'creation_author_id' => :'Integer', + :'creation_date' => :'Integer', + :'creator' => :'SecurityMonitoringUser', + :'enabled' => :'Boolean', + :'query' => :'String', + :'rule_query' => :'String', + :'severity' => :'SecurityMonitoringCriticalAssetSeverity', + :'tags' => :'Array', + :'update_author_id' => :'Integer', + :'update_date' => :'Integer', + :'updater' => :'SecurityMonitoringUser', + :'version' => :'Integer' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::SecurityMonitoringCriticalAssetAttributes` initialize method" + end + + self.additional_properties = {} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + self.additional_properties[k.to_sym] = v + else + h[k.to_sym] = v + end + } + + if attributes.key?(:'creation_author_id') + self.creation_author_id = attributes[:'creation_author_id'] + end + + if attributes.key?(:'creation_date') + self.creation_date = attributes[:'creation_date'] + end + + if attributes.key?(:'creator') + self.creator = attributes[:'creator'] + end + + if attributes.key?(:'enabled') + self.enabled = attributes[:'enabled'] + end + + if attributes.key?(:'query') + self.query = attributes[:'query'] + end + + if attributes.key?(:'rule_query') + self.rule_query = attributes[:'rule_query'] + end + + if attributes.key?(:'severity') + self.severity = attributes[:'severity'] + end + + if attributes.key?(:'tags') + if (value = attributes[:'tags']).is_a?(Array) + self.tags = value + end + end + + if attributes.key?(:'update_author_id') + self.update_author_id = attributes[:'update_author_id'] + end + + if attributes.key?(:'update_date') + self.update_date = attributes[:'update_date'] + end + + if attributes.key?(:'updater') + self.updater = attributes[:'updater'] + end + + if attributes.key?(:'version') + self.version = attributes[:'version'] + end + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + # @!visibility private + def valid? + return false if !@version.nil? && @version > 2147483647 + true + end + + # Custom attribute writer method with validation + # @param version [Object] Object to be assigned + # @!visibility private + def version=(version) + if !version.nil? && version > 2147483647 + fail ArgumentError, 'invalid value for "version", must be smaller than or equal to 2147483647.' + end + @version = version + end + + # Returns the object in the form of hash, with additionalProperties support. + # @return [Hash] Returns the object in the form of hash + # @!visibility private + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + self.additional_properties.each_pair do |attr, value| + hash[attr] = value + end + hash + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + creation_author_id == o.creation_author_id && + creation_date == o.creation_date && + creator == o.creator && + enabled == o.enabled && + query == o.query && + rule_query == o.rule_query && + severity == o.severity && + tags == o.tags && + update_author_id == o.update_author_id && + update_date == o.update_date && + updater == o.updater && + version == o.version && + additional_properties == o.additional_properties + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [creation_author_id, creation_date, creator, enabled, query, rule_query, severity, tags, update_author_id, update_date, updater, version, additional_properties].hash + end + end +end diff --git a/lib/datadog_api_client/v2/models/security_monitoring_critical_asset_create_attributes.rb b/lib/datadog_api_client/v2/models/security_monitoring_critical_asset_create_attributes.rb new file mode 100644 index 000000000000..342d9edcf6fa --- /dev/null +++ b/lib/datadog_api_client/v2/models/security_monitoring_critical_asset_create_attributes.rb @@ -0,0 +1,187 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # Object containing the attributes of the critical asset to be created. + class SecurityMonitoringCriticalAssetCreateAttributes + include BaseGenericModel + + # Whether the critical asset is enabled. Defaults to `true` if not specified. + attr_accessor :enabled + + # The query for the critical asset. It uses the same syntax as the queries to search signals in the Signals Explorer. + attr_reader :query + + # The rule query of the critical asset, with the same syntax as the search bar for detection rules. This determines which rules this critical asset will apply to. + attr_reader :rule_query + + # Severity associated with this critical asset. Either an explicit severity can be set, or the severity can be increased or decreased. + attr_reader :severity + + # List of tags associated with the critical asset. + attr_accessor :tags + + attr_accessor :additional_properties + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'enabled' => :'enabled', + :'query' => :'query', + :'rule_query' => :'rule_query', + :'severity' => :'severity', + :'tags' => :'tags' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'enabled' => :'Boolean', + :'query' => :'String', + :'rule_query' => :'String', + :'severity' => :'SecurityMonitoringCriticalAssetSeverity', + :'tags' => :'Array' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::SecurityMonitoringCriticalAssetCreateAttributes` initialize method" + end + + self.additional_properties = {} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + self.additional_properties[k.to_sym] = v + else + h[k.to_sym] = v + end + } + + if attributes.key?(:'enabled') + self.enabled = attributes[:'enabled'] + end + + if attributes.key?(:'query') + self.query = attributes[:'query'] + end + + if attributes.key?(:'rule_query') + self.rule_query = attributes[:'rule_query'] + end + + if attributes.key?(:'severity') + self.severity = attributes[:'severity'] + end + + if attributes.key?(:'tags') + if (value = attributes[:'tags']).is_a?(Array) + self.tags = value + end + end + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + # @!visibility private + def valid? + return false if @query.nil? + return false if @rule_query.nil? + return false if @severity.nil? + true + end + + # Custom attribute writer method with validation + # @param query [Object] Object to be assigned + # @!visibility private + def query=(query) + if query.nil? + fail ArgumentError, 'invalid value for "query", query cannot be nil.' + end + @query = query + end + + # Custom attribute writer method with validation + # @param rule_query [Object] Object to be assigned + # @!visibility private + def rule_query=(rule_query) + if rule_query.nil? + fail ArgumentError, 'invalid value for "rule_query", rule_query cannot be nil.' + end + @rule_query = rule_query + end + + # Custom attribute writer method with validation + # @param severity [Object] Object to be assigned + # @!visibility private + def severity=(severity) + if severity.nil? + fail ArgumentError, 'invalid value for "severity", severity cannot be nil.' + end + @severity = severity + end + + # Returns the object in the form of hash, with additionalProperties support. + # @return [Hash] Returns the object in the form of hash + # @!visibility private + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + self.additional_properties.each_pair do |attr, value| + hash[attr] = value + end + hash + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + enabled == o.enabled && + query == o.query && + rule_query == o.rule_query && + severity == o.severity && + tags == o.tags && + additional_properties == o.additional_properties + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [enabled, query, rule_query, severity, tags, additional_properties].hash + end + end +end diff --git a/lib/datadog_api_client/v2/models/security_monitoring_critical_asset_create_data.rb b/lib/datadog_api_client/v2/models/security_monitoring_critical_asset_create_data.rb new file mode 100644 index 000000000000..71c3cc58f071 --- /dev/null +++ b/lib/datadog_api_client/v2/models/security_monitoring_critical_asset_create_data.rb @@ -0,0 +1,144 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # Object for a single critical asset. + class SecurityMonitoringCriticalAssetCreateData + include BaseGenericModel + + # Object containing the attributes of the critical asset to be created. + attr_reader :attributes + + # The type of the resource. The value should always be `critical_assets`. + attr_reader :type + + attr_accessor :additional_properties + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'attributes' => :'attributes', + :'type' => :'type' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'attributes' => :'SecurityMonitoringCriticalAssetCreateAttributes', + :'type' => :'SecurityMonitoringCriticalAssetType' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::SecurityMonitoringCriticalAssetCreateData` initialize method" + end + + self.additional_properties = {} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + self.additional_properties[k.to_sym] = v + else + h[k.to_sym] = v + end + } + + if attributes.key?(:'attributes') + self.attributes = attributes[:'attributes'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + # @!visibility private + def valid? + return false if @attributes.nil? + return false if @type.nil? + true + end + + # Custom attribute writer method with validation + # @param attributes [Object] Object to be assigned + # @!visibility private + def attributes=(attributes) + if attributes.nil? + fail ArgumentError, 'invalid value for "attributes", attributes cannot be nil.' + end + @attributes = attributes + end + + # Custom attribute writer method with validation + # @param type [Object] Object to be assigned + # @!visibility private + def type=(type) + if type.nil? + fail ArgumentError, 'invalid value for "type", type cannot be nil.' + end + @type = type + end + + # Returns the object in the form of hash, with additionalProperties support. + # @return [Hash] Returns the object in the form of hash + # @!visibility private + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + self.additional_properties.each_pair do |attr, value| + hash[attr] = value + end + hash + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + attributes == o.attributes && + type == o.type && + additional_properties == o.additional_properties + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [attributes, type, additional_properties].hash + end + end +end diff --git a/lib/datadog_api_client/v2/models/security_monitoring_critical_asset_create_request.rb b/lib/datadog_api_client/v2/models/security_monitoring_critical_asset_create_request.rb new file mode 100644 index 000000000000..f7093e1c897d --- /dev/null +++ b/lib/datadog_api_client/v2/models/security_monitoring_critical_asset_create_request.rb @@ -0,0 +1,123 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # Request object that includes the critical asset that you would like to create. + class SecurityMonitoringCriticalAssetCreateRequest + include BaseGenericModel + + # Object for a single critical asset. + attr_reader :data + + attr_accessor :additional_properties + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'data' => :'data' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'data' => :'SecurityMonitoringCriticalAssetCreateData' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::SecurityMonitoringCriticalAssetCreateRequest` initialize method" + end + + self.additional_properties = {} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + self.additional_properties[k.to_sym] = v + else + h[k.to_sym] = v + end + } + + if attributes.key?(:'data') + self.data = attributes[:'data'] + end + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + # @!visibility private + def valid? + return false if @data.nil? + true + end + + # Custom attribute writer method with validation + # @param data [Object] Object to be assigned + # @!visibility private + def data=(data) + if data.nil? + fail ArgumentError, 'invalid value for "data", data cannot be nil.' + end + @data = data + end + + # Returns the object in the form of hash, with additionalProperties support. + # @return [Hash] Returns the object in the form of hash + # @!visibility private + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + self.additional_properties.each_pair do |attr, value| + hash[attr] = value + end + hash + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + data == o.data && + additional_properties == o.additional_properties + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [data, additional_properties].hash + end + end +end diff --git a/lib/datadog_api_client/v2/models/security_monitoring_critical_asset_response.rb b/lib/datadog_api_client/v2/models/security_monitoring_critical_asset_response.rb new file mode 100644 index 000000000000..351d95ddf8a0 --- /dev/null +++ b/lib/datadog_api_client/v2/models/security_monitoring_critical_asset_response.rb @@ -0,0 +1,105 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # Response object containing a single critical asset. + class SecurityMonitoringCriticalAssetResponse + include BaseGenericModel + + # The critical asset's properties. + attr_accessor :data + + attr_accessor :additional_properties + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'data' => :'data' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'data' => :'SecurityMonitoringCriticalAsset' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::SecurityMonitoringCriticalAssetResponse` initialize method" + end + + self.additional_properties = {} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + self.additional_properties[k.to_sym] = v + else + h[k.to_sym] = v + end + } + + if attributes.key?(:'data') + self.data = attributes[:'data'] + end + end + + # Returns the object in the form of hash, with additionalProperties support. + # @return [Hash] Returns the object in the form of hash + # @!visibility private + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + self.additional_properties.each_pair do |attr, value| + hash[attr] = value + end + hash + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + data == o.data && + additional_properties == o.additional_properties + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [data, additional_properties].hash + end + end +end diff --git a/lib/datadog_api_client/v2/models/security_monitoring_critical_asset_severity.rb b/lib/datadog_api_client/v2/models/security_monitoring_critical_asset_severity.rb new file mode 100644 index 000000000000..e83bca5cd3c0 --- /dev/null +++ b/lib/datadog_api_client/v2/models/security_monitoring_critical_asset_severity.rb @@ -0,0 +1,32 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # Severity associated with this critical asset. Either an explicit severity can be set, or the severity can be increased or decreased. + class SecurityMonitoringCriticalAssetSeverity + include BaseEnumModel + + INFO = "info".freeze + LOW = "low".freeze + MEDIUM = "medium".freeze + HIGH = "high".freeze + CRITICAL = "critical".freeze + INCREASE = "increase".freeze + DECREASE = "decrease".freeze + end +end diff --git a/lib/datadog_api_client/v2/models/security_monitoring_critical_asset_type.rb b/lib/datadog_api_client/v2/models/security_monitoring_critical_asset_type.rb new file mode 100644 index 000000000000..3dc7541cbf20 --- /dev/null +++ b/lib/datadog_api_client/v2/models/security_monitoring_critical_asset_type.rb @@ -0,0 +1,26 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # The type of the resource. The value should always be `critical_assets`. + class SecurityMonitoringCriticalAssetType + include BaseEnumModel + + CRITICAL_ASSETS = "critical_assets".freeze + end +end diff --git a/lib/datadog_api_client/v2/models/security_monitoring_critical_asset_update_attributes.rb b/lib/datadog_api_client/v2/models/security_monitoring_critical_asset_update_attributes.rb new file mode 100644 index 000000000000..f9e19b6da5dc --- /dev/null +++ b/lib/datadog_api_client/v2/models/security_monitoring_critical_asset_update_attributes.rb @@ -0,0 +1,175 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # The critical asset properties to be updated. + class SecurityMonitoringCriticalAssetUpdateAttributes + include BaseGenericModel + + # Whether the critical asset is enabled. + attr_accessor :enabled + + # The query for the critical asset. It uses the same syntax as the queries to search signals in the Signals Explorer. + attr_accessor :query + + # The rule query of the critical asset, with the same syntax as the search bar for detection rules. This determines which rules this critical asset will apply to. + attr_accessor :rule_query + + # Severity associated with this critical asset. Either an explicit severity can be set, or the severity can be increased or decreased. + attr_accessor :severity + + # List of tags associated with the critical asset. + attr_accessor :tags + + # The version of the critical asset being updated. Used for optimistic locking to prevent concurrent modifications. + attr_reader :version + + attr_accessor :additional_properties + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'enabled' => :'enabled', + :'query' => :'query', + :'rule_query' => :'rule_query', + :'severity' => :'severity', + :'tags' => :'tags', + :'version' => :'version' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'enabled' => :'Boolean', + :'query' => :'String', + :'rule_query' => :'String', + :'severity' => :'SecurityMonitoringCriticalAssetSeverity', + :'tags' => :'Array', + :'version' => :'Integer' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::SecurityMonitoringCriticalAssetUpdateAttributes` initialize method" + end + + self.additional_properties = {} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + self.additional_properties[k.to_sym] = v + else + h[k.to_sym] = v + end + } + + if attributes.key?(:'enabled') + self.enabled = attributes[:'enabled'] + end + + if attributes.key?(:'query') + self.query = attributes[:'query'] + end + + if attributes.key?(:'rule_query') + self.rule_query = attributes[:'rule_query'] + end + + if attributes.key?(:'severity') + self.severity = attributes[:'severity'] + end + + if attributes.key?(:'tags') + if (value = attributes[:'tags']).is_a?(Array) + self.tags = value + end + end + + if attributes.key?(:'version') + self.version = attributes[:'version'] + end + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + # @!visibility private + def valid? + return false if !@version.nil? && @version > 2147483647 + true + end + + # Custom attribute writer method with validation + # @param version [Object] Object to be assigned + # @!visibility private + def version=(version) + if !version.nil? && version > 2147483647 + fail ArgumentError, 'invalid value for "version", must be smaller than or equal to 2147483647.' + end + @version = version + end + + # Returns the object in the form of hash, with additionalProperties support. + # @return [Hash] Returns the object in the form of hash + # @!visibility private + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + self.additional_properties.each_pair do |attr, value| + hash[attr] = value + end + hash + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + enabled == o.enabled && + query == o.query && + rule_query == o.rule_query && + severity == o.severity && + tags == o.tags && + version == o.version && + additional_properties == o.additional_properties + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [enabled, query, rule_query, severity, tags, version, additional_properties].hash + end + end +end diff --git a/lib/datadog_api_client/v2/models/security_monitoring_critical_asset_update_data.rb b/lib/datadog_api_client/v2/models/security_monitoring_critical_asset_update_data.rb new file mode 100644 index 000000000000..fd0cead25a79 --- /dev/null +++ b/lib/datadog_api_client/v2/models/security_monitoring_critical_asset_update_data.rb @@ -0,0 +1,144 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # The new critical asset properties; partial updates are supported. + class SecurityMonitoringCriticalAssetUpdateData + include BaseGenericModel + + # The critical asset properties to be updated. + attr_reader :attributes + + # The type of the resource. The value should always be `critical_assets`. + attr_reader :type + + attr_accessor :additional_properties + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'attributes' => :'attributes', + :'type' => :'type' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'attributes' => :'SecurityMonitoringCriticalAssetUpdateAttributes', + :'type' => :'SecurityMonitoringCriticalAssetType' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::SecurityMonitoringCriticalAssetUpdateData` initialize method" + end + + self.additional_properties = {} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + self.additional_properties[k.to_sym] = v + else + h[k.to_sym] = v + end + } + + if attributes.key?(:'attributes') + self.attributes = attributes[:'attributes'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + # @!visibility private + def valid? + return false if @attributes.nil? + return false if @type.nil? + true + end + + # Custom attribute writer method with validation + # @param attributes [Object] Object to be assigned + # @!visibility private + def attributes=(attributes) + if attributes.nil? + fail ArgumentError, 'invalid value for "attributes", attributes cannot be nil.' + end + @attributes = attributes + end + + # Custom attribute writer method with validation + # @param type [Object] Object to be assigned + # @!visibility private + def type=(type) + if type.nil? + fail ArgumentError, 'invalid value for "type", type cannot be nil.' + end + @type = type + end + + # Returns the object in the form of hash, with additionalProperties support. + # @return [Hash] Returns the object in the form of hash + # @!visibility private + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + self.additional_properties.each_pair do |attr, value| + hash[attr] = value + end + hash + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + attributes == o.attributes && + type == o.type && + additional_properties == o.additional_properties + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [attributes, type, additional_properties].hash + end + end +end diff --git a/lib/datadog_api_client/v2/models/security_monitoring_critical_asset_update_request.rb b/lib/datadog_api_client/v2/models/security_monitoring_critical_asset_update_request.rb new file mode 100644 index 000000000000..774caa31f54a --- /dev/null +++ b/lib/datadog_api_client/v2/models/security_monitoring_critical_asset_update_request.rb @@ -0,0 +1,123 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # Request object containing the fields to update on the critical asset. + class SecurityMonitoringCriticalAssetUpdateRequest + include BaseGenericModel + + # The new critical asset properties; partial updates are supported. + attr_reader :data + + attr_accessor :additional_properties + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'data' => :'data' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'data' => :'SecurityMonitoringCriticalAssetUpdateData' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::SecurityMonitoringCriticalAssetUpdateRequest` initialize method" + end + + self.additional_properties = {} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + self.additional_properties[k.to_sym] = v + else + h[k.to_sym] = v + end + } + + if attributes.key?(:'data') + self.data = attributes[:'data'] + end + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + # @!visibility private + def valid? + return false if @data.nil? + true + end + + # Custom attribute writer method with validation + # @param data [Object] Object to be assigned + # @!visibility private + def data=(data) + if data.nil? + fail ArgumentError, 'invalid value for "data", data cannot be nil.' + end + @data = data + end + + # Returns the object in the form of hash, with additionalProperties support. + # @return [Hash] Returns the object in the form of hash + # @!visibility private + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + self.additional_properties.each_pair do |attr, value| + hash[attr] = value + end + hash + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + data == o.data && + additional_properties == o.additional_properties + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [data, additional_properties].hash + end + end +end diff --git a/lib/datadog_api_client/v2/models/security_monitoring_critical_assets_response.rb b/lib/datadog_api_client/v2/models/security_monitoring_critical_assets_response.rb new file mode 100644 index 000000000000..0591f8e4f90e --- /dev/null +++ b/lib/datadog_api_client/v2/models/security_monitoring_critical_assets_response.rb @@ -0,0 +1,107 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # Response object containing the available critical assets. + class SecurityMonitoringCriticalAssetsResponse + include BaseGenericModel + + # A list of critical assets objects. + attr_accessor :data + + attr_accessor :additional_properties + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'data' => :'data' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'data' => :'Array' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::SecurityMonitoringCriticalAssetsResponse` initialize method" + end + + self.additional_properties = {} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + self.additional_properties[k.to_sym] = v + else + h[k.to_sym] = v + end + } + + if attributes.key?(:'data') + if (value = attributes[:'data']).is_a?(Array) + self.data = value + end + end + end + + # Returns the object in the form of hash, with additionalProperties support. + # @return [Hash] Returns the object in the form of hash + # @!visibility private + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + self.additional_properties.each_pair do |attr, value| + hash[attr] = value + end + hash + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + data == o.data && + additional_properties == o.additional_properties + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [data, additional_properties].hash + end + end +end