DataDog · api-clients-generation-pipeline · Aug 30, 2025
@@ -63779,6 +63779,65 @@ paths:
       tags:
       - Security Monitoring
       x-codegen-request-body-name: body
+  /api/v2/security_monitoring/configuration/suppressions/rules:
+    post:
+      description: Get the list of suppressions that would affect a rule.
+      operationId: GetSuppressionsAffectingFutureRule
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/SecurityMonitoringRuleCreatePayload'
+        required: true
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/SecurityMonitoringSuppressionsResponse'
+          description: OK
+        '400':
+          $ref: '#/components/responses/BadRequestResponse'
+        '403':
+          $ref: '#/components/responses/NotAuthorizedResponse'
+        '429':
+          $ref: '#/components/responses/TooManyRequestsResponse'
+      security:
+      - apiKeyAuth: []
+        appKeyAuth: []
+      - AuthZ:
+        - security_monitoring_suppressions_read
+      summary: Get suppressions affecting future rule
+      tags:
+      - Security Monitoring
+  /api/v2/security_monitoring/configuration/suppressions/rules/{rule_id}:
+    get:
+      description: Get the list of suppressions that affect a specific existing rule
+        by its ID.
+      operationId: GetSuppressionsAffectingRule
+      parameters:
+      - $ref: '#/components/parameters/SecurityMonitoringRuleID'
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/SecurityMonitoringSuppressionsResponse'
+          description: OK
+        '403':
+          $ref: '#/components/responses/NotAuthorizedResponse'
+        '404':
+          $ref: '#/components/responses/NotFoundResponse'
+        '429':
+          $ref: '#/components/responses/TooManyRequestsResponse'
+      security:
+      - apiKeyAuth: []
+        appKeyAuth: []
+      - AuthZ:
+        - security_monitoring_suppressions_read
+      summary: Get suppressions affecting a specific rule
+      tags:
+      - Security Monitoring
   /api/v2/security_monitoring/configuration/suppressions/{suppression_id}:
     delete:
       description: Delete a specific suppression rule.

@@ -0,0 +1,62 @@
+"""
+Get suppressions affecting future rule returns "OK" response
+"""
+
+from datadog_api_client import ApiClient, Configuration
+from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi
+from datadog_api_client.v2.model.security_monitoring_rule_case_create import SecurityMonitoringRuleCaseCreate
+from datadog_api_client.v2.model.security_monitoring_rule_evaluation_window import (
+    SecurityMonitoringRuleEvaluationWindow,
+)
+from datadog_api_client.v2.model.security_monitoring_rule_keep_alive import SecurityMonitoringRuleKeepAlive
+from datadog_api_client.v2.model.security_monitoring_rule_max_signal_duration import (
+    SecurityMonitoringRuleMaxSignalDuration,
+)
+from datadog_api_client.v2.model.security_monitoring_rule_options import SecurityMonitoringRuleOptions
+from datadog_api_client.v2.model.security_monitoring_rule_query_aggregation import (
+    SecurityMonitoringRuleQueryAggregation,
+)
+from datadog_api_client.v2.model.security_monitoring_rule_severity import SecurityMonitoringRuleSeverity
+from datadog_api_client.v2.model.security_monitoring_rule_type_create import SecurityMonitoringRuleTypeCreate
+from datadog_api_client.v2.model.security_monitoring_standard_rule_create_payload import (
+    SecurityMonitoringStandardRuleCreatePayload,
+)
+from datadog_api_client.v2.model.security_monitoring_standard_rule_query import SecurityMonitoringStandardRuleQuery
+
+body = SecurityMonitoringStandardRuleCreatePayload(
+    name="Example-Security-Monitoring",
+    queries=[
+        SecurityMonitoringStandardRuleQuery(
+            query="@test:true",
+            aggregation=SecurityMonitoringRuleQueryAggregation.COUNT,
+            group_by_fields=[],
+            distinct_fields=[],
+            metrics=[],
+        ),
+    ],
+    filters=[],
+    cases=[
+        SecurityMonitoringRuleCaseCreate(
+            name="",
+            status=SecurityMonitoringRuleSeverity.INFO,
+            condition="a > 0",
+            notifications=[],
+        ),
+    ],
+    options=SecurityMonitoringRuleOptions(
+        evaluation_window=SecurityMonitoringRuleEvaluationWindow.FIFTEEN_MINUTES,
+        keep_alive=SecurityMonitoringRuleKeepAlive.ONE_HOUR,
+        max_signal_duration=SecurityMonitoringRuleMaxSignalDuration.ONE_DAY,
+    ),
+    message="Test rule",
+    tags=[],
+    is_enabled=True,
+    type=SecurityMonitoringRuleTypeCreate.LOG_DETECTION,
+)
+
+configuration = Configuration()
+with ApiClient(configuration) as api_client:
+    api_instance = SecurityMonitoringApi(api_client)
+    response = api_instance.get_suppressions_affecting_future_rule(body=body)
+
+    print(response)
@@ -0,0 +1,19 @@
+"""
+Get suppressions affecting a specific rule returns "OK" response
+"""
+
+from os import environ
+from datadog_api_client import ApiClient, Configuration
+from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi
+
+# there is a valid "security_rule" in the system
+SECURITY_RULE_ID = environ["SECURITY_RULE_ID"]
+
+configuration = Configuration()
+with ApiClient(configuration) as api_client:
+    api_instance = SecurityMonitoringApi(api_client)
+    response = api_instance.get_suppressions_affecting_rule(
+        rule_id=SECURITY_RULE_ID,
+    )
+
+    print(response)
@@ -59,11 +59,6 @@
 from datadog_api_client.v2.model.security_monitoring_suppression_create_request import (
     SecurityMonitoringSuppressionCreateRequest,
 )
-from datadog_api_client.v2.model.security_monitoring_suppression_update_request import (
-    SecurityMonitoringSuppressionUpdateRequest,
-)
-from datadog_api_client.v2.model.security_monitoring_list_rules_response import SecurityMonitoringListRulesResponse
-from datadog_api_client.v2.model.security_monitoring_rule_response import SecurityMonitoringRuleResponse
 from datadog_api_client.v2.model.security_monitoring_rule_create_payload import SecurityMonitoringRuleCreatePayload
 from datadog_api_client.v2.model.security_monitoring_standard_rule_create_payload import (
     SecurityMonitoringStandardRuleCreatePayload,
@@ -72,6 +67,11 @@
     SecurityMonitoringSignalRuleCreatePayload,
 )
 from datadog_api_client.v2.model.cloud_configuration_rule_create_payload import CloudConfigurationRuleCreatePayload
+from datadog_api_client.v2.model.security_monitoring_suppression_update_request import (
+    SecurityMonitoringSuppressionUpdateRequest,
+)
+from datadog_api_client.v2.model.security_monitoring_list_rules_response import SecurityMonitoringListRulesResponse
+from datadog_api_client.v2.model.security_monitoring_rule_response import SecurityMonitoringRuleResponse
 from datadog_api_client.v2.model.security_monitoring_rule_convert_response import SecurityMonitoringRuleConvertResponse
 from datadog_api_client.v2.model.security_monitoring_rule_convert_payload import SecurityMonitoringRuleConvertPayload
 from datadog_api_client.v2.model.security_monitoring_standard_rule_payload import SecurityMonitoringStandardRulePayload
@@ -880,6 +880,49 @@ def __init__(self, api_client=None):
             api_client=api_client,
         )
 
+        self._get_suppressions_affecting_future_rule_endpoint = _Endpoint(
+            settings={
+                "response_type": (SecurityMonitoringSuppressionsResponse,),
+                "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"],
+                "endpoint_path": "/api/v2/security_monitoring/configuration/suppressions/rules",
+                "operation_id": "get_suppressions_affecting_future_rule",
+                "http_method": "POST",
+                "version": "v2",
+            },
+            params_map={
+                "body": {
+                    "required": True,
+                    "openapi_types": (SecurityMonitoringRuleCreatePayload,),
+                    "location": "body",
+                },
+            },
+            headers_map={"accept": ["application/json"], "content_type": ["application/json"]},
+            api_client=api_client,
+        )
+
+        self._get_suppressions_affecting_rule_endpoint = _Endpoint(
+            settings={
+                "response_type": (SecurityMonitoringSuppressionsResponse,),
+                "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"],
+                "endpoint_path": "/api/v2/security_monitoring/configuration/suppressions/rules/{rule_id}",
+                "operation_id": "get_suppressions_affecting_rule",
+                "http_method": "GET",
+                "version": "v2",
+            },
+            params_map={
+                "rule_id": {
+                    "required": True,
+                    "openapi_types": (str,),
+                    "attribute": "rule_id",
+                    "location": "path",
+                },
+            },
+            headers_map={
+                "accept": ["application/json"],
+            },
+            api_client=api_client,
+        )
+
         self._get_vulnerability_notification_rule_endpoint = _Endpoint(
             settings={
                 "response_type": (NotificationRuleResponse,),
@@ -2504,6 +2547,44 @@ def get_signal_notification_rules(
         kwargs: Dict[str, Any] = {}
         return self._get_signal_notification_rules_endpoint.call_with_http_info(**kwargs)
 
+    def get_suppressions_affecting_future_rule(
+        self,
+        body: Union[
+            SecurityMonitoringRuleCreatePayload,
+            SecurityMonitoringStandardRuleCreatePayload,
+            SecurityMonitoringSignalRuleCreatePayload,
+            CloudConfigurationRuleCreatePayload,
+        ],
+    ) -> SecurityMonitoringSuppressionsResponse:
+        """Get suppressions affecting future rule.
+
+        Get the list of suppressions that would affect a rule.
+
+        :type body: SecurityMonitoringRuleCreatePayload
+        :rtype: SecurityMonitoringSuppressionsResponse
+        """
+        kwargs: Dict[str, Any] = {}
+        kwargs["body"] = body
+
+        return self._get_suppressions_affecting_future_rule_endpoint.call_with_http_info(**kwargs)
+
+    def get_suppressions_affecting_rule(
+        self,
+        rule_id: str,
+    ) -> SecurityMonitoringSuppressionsResponse:
+        """Get suppressions affecting a specific rule.
+
+        Get the list of suppressions that affect a specific existing rule by its ID.
+
+        :param rule_id: The ID of the rule.
+        :type rule_id: str
+        :rtype: SecurityMonitoringSuppressionsResponse
+        """
+        kwargs: Dict[str, Any] = {}
+        kwargs["rule_id"] = rule_id
+
+        return self._get_suppressions_affecting_rule_endpoint.call_with_http_info(**kwargs)
+
     def get_vulnerability_notification_rule(
         self,
         id: str,

@@ -0,0 +1 @@
+2025-08-30T15:29:04.687Z
@@ -0,0 +1,18 @@
+interactions:
+- request:
+    body: null
+    headers:
+      accept:
+      - application/json
+    method: GET
+    uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/rules/aaa-bbb-ccc-ddd
+  response:
+    body:
+      string: '{"errors":["not_found(Threat detection rule not found: aaa-bbb-ccc-ddd)"]}'
+    headers:
+      content-type:
+      - application/json
+    status:
+      code: 404
+      message: Not Found
+version: 1
@@ -0,0 +1 @@
+2025-08-30T11:40:50.061Z
@@ -0,0 +1,52 @@
+interactions:
+- request:
+    body: '{"cases":[{"condition":"a > 0","name":"","notifications":[],"status":"info"}],"filters":[],"isEnabled":true,"message":"Test
+      rule","name":"Test-Get_suppressions_affecting_a_specific_rule_returns_OK_response-1756554050","options":{"evaluationWindow":900,"keepAlive":3600,"maxSignalDuration":86400},"queries":[{"aggregation":"count","distinctFields":[],"groupByFields":[],"metrics":[],"query":"@test:true"}],"tags":[],"type":"log_detection"}'
+    headers:
+      accept:
+      - application/json
+      content-type:
+      - application/json
+    method: POST
+    uri: https://api.datadoghq.com/api/v2/security_monitoring/rules
+  response:
+    body:
+      string: '{"name":"Test-Get_suppressions_affecting_a_specific_rule_returns_OK_response-1756554050","createdAt":1756554050604,"isDefault":false,"isPartner":false,"isEnabled":true,"isBeta":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"@test:true","groupByFields":[],"hasOptionalGroupByFields":false,"distinctFields":[],"aggregation":"count","name":"","dataSource":"logs"}],"options":{"evaluationWindow":900,"detectionMethod":"threshold","maxSignalDuration":86400,"keepAlive":3600},"cases":[{"name":"","status":"info","notifications":[],"condition":"a
+        \u003e 0"}],"message":"Test rule","tags":[],"hasExtendedTitle":false,"type":"log_detection","filters":[],"version":1,"id":"wrh-hm6-4zf","blocking":false,"metadata":{"entities":null,"sources":null},"creationAuthorId":1445416,"creator":{"handle":"[email protected]","name":"frog"},"updater":{"handle":"","name":""}}'
+    headers:
+      content-type:
+      - application/json
+    status:
+      code: 200
+      message: OK
+- request:
+    body: null
+    headers:
+      accept:
+      - application/json
+    method: GET
+    uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/rules/wrh-hm6-4zf
+  response:
+    body:
+      string: '{"data":[]}'
+    headers:
+      content-type:
+      - application/vnd.api+json
+    status:
+      code: 200
+      message: OK
+- request:
+    body: null
+    headers:
+      accept:
+      - '*/*'
+    method: DELETE
+    uri: https://api.datadoghq.com/api/v2/security_monitoring/rules/wrh-hm6-4zf
+  response:
+    body:
+      string: ''
+    headers: {}
+    status:
+      code: 204
+      message: No Content
+version: 1
@@ -0,0 +1 @@
+2025-08-30T15:29:48.867Z
@@ -0,0 +1,20 @@
+interactions:
+- request:
+    body: '{"invalid_key":"invalid_value"}'
+    headers:
+      accept:
+      - application/json
+      content-type:
+      - application/json
+    method: POST
+    uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/rules
+  response:
+    body:
+      string: '{"errors":["invalid_argument(Invalid rule configuration)"]}'
+    headers:
+      content-type:
+      - application/json
+    status:
+      code: 400
+      message: Bad Request
+version: 1
@@ -0,0 +1 @@
+2025-08-30T15:30:01.229Z
@@ -0,0 +1,21 @@
+interactions:
+- request:
+    body: '{"cases":[{"condition":"a > 0","name":"","notifications":[],"status":"info"}],"filters":[],"isEnabled":true,"message":"Test
+      rule","name":"Test-Get_suppressions_affecting_future_rule_returns_OK_response-1756567801","options":{"evaluationWindow":900,"keepAlive":3600,"maxSignalDuration":86400},"queries":[{"aggregation":"count","distinctFields":[],"groupByFields":[],"metrics":[],"query":"@test:true"}],"tags":[],"type":"log_detection"}'
+    headers:
+      accept:
+      - application/json
+      content-type:
+      - application/json
+    method: POST
+    uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/rules
+  response:
+    body:
+      string: '{"data":[]}'
+    headers:
+      content-type:
+      - application/vnd.api+json
+    status:
+      code: 200
+      message: OK
+version: 1