@@ -148,6 +148,14 @@ components:
148148 required: false
149149 schema:
150150 $ref: '#/components/schemas/ApplicationKeysSort'
151+ ApplicationSecurityExclusionFilterID:
152+ description: The identifier of the exclusion filter.
153+ example: 3b5-v82-ns6
154+ in: path
155+ name: exclusion_filter_id
156+ required: true
157+ schema:
158+ type: string
151159 ArchiveID:
152160 description: The ID of the archive.
153161 in: path
@@ -2193,6 +2201,170 @@ components:
21932201 type: string
21942202 x-enum-varnames:
21952203 - APPLICATION_KEYS
2204+ ApplicationSecurityExclusionFilterAttributes:
2205+ description: Attributes describing an Application Security exclusion filter.
2206+ properties:
2207+ description:
2208+ description: A description for the exclusion filter.
2209+ example: Exclude false positives on a path
2210+ type: string
2211+ enabled:
2212+ description: Indicates whether the exclusion filter is enabled.
2213+ example: true
2214+ type: boolean
2215+ event_query:
2216+ description: The event query matched by the legacy exclusion filter.
2217+ readOnly: true
2218+ type: string
2219+ ip_list:
2220+ description: The client IP addresses matched by the exclusion filter (CIDR
2221+ notation is supported).
2222+ items:
2223+ example: 198.51.100.72
2224+ type: string
2225+ type: array
2226+ on_match:
2227+ $ref: '#/components/schemas/ApplicationSecurityExclusionFilterOnMatch'
2228+ parameters:
2229+ description: A list of parameters matched by the exclusion filter in the
2230+ HTTP query string and HTTP request body. Nested parameters can be matched
2231+ by joining fields with a dot character.
2232+ items:
2233+ example: list.search.query
2234+ type: string
2235+ type: array
2236+ path_glob:
2237+ description: The HTTP path glob expression matched by the exclusion filter.
2238+ example: /accounts/*
2239+ type: string
2240+ rules_target:
2241+ description: The WAF rules targeted by the exclusion filter.
2242+ items:
2243+ $ref: '#/components/schemas/ApplicationSecurityExclusionFilterRulesTarget'
2244+ type: array
2245+ scope:
2246+ description: The services where the exclusion filter is deployed.
2247+ items:
2248+ $ref: '#/components/schemas/ApplicationSecurityExclusionFilterScope'
2249+ type: array
2250+ required:
2251+ - description
2252+ - enabled
2253+ type: object
2254+ ApplicationSecurityExclusionFilterID:
2255+ description: The identifier of the exclusion filter.
2256+ example: 3dd-0uc-h1s
2257+ readOnly: true
2258+ type: string
2259+ ApplicationSecurityExclusionFilterMetadata:
2260+ description: Extra information about the exclusion filter.
2261+ properties:
2262+ added_at:
2263+ description: The creation date of the exclusion filter.
2264+ format: date-time
2265+ type: string
2266+ added_by:
2267+ description: The handle of the user who created the exclusion filter.
2268+ type: string
2269+ modified_at:
2270+ description: The last modification date of the exclusion filter.
2271+ format: date-time
2272+ type: string
2273+ modified_by:
2274+ description: The handle of the user who last modified the exclusion filter.
2275+ type: string
2276+ readOnly: true
2277+ type: object
2278+ ApplicationSecurityExclusionFilterOnMatch:
2279+ description: The action taken when the exclusion filter matches. When set to
2280+ `monitor`, security traces are emitted but the requests are not blocked. By
2281+ default, security traces are not emitted and the requests are not blocked.
2282+ enum:
2283+ - monitor
2284+ type: string
2285+ x-enum-varnames:
2286+ - MONITOR
2287+ ApplicationSecurityExclusionFilterRequest:
2288+ description: Request object for a single Application Security exclusion filter.
2289+ properties:
2290+ data:
2291+ $ref: '#/components/schemas/ApplicationSecurityExclusionFilterResource'
2292+ required:
2293+ - data
2294+ type: object
2295+ ApplicationSecurityExclusionFilterResource:
2296+ description: A JSON:API resource for an Application Security exclusion filter.
2297+ properties:
2298+ attributes:
2299+ $ref: '#/components/schemas/ApplicationSecurityExclusionFilterAttributes'
2300+ id:
2301+ $ref: '#/components/schemas/ApplicationSecurityExclusionFilterID'
2302+ meta:
2303+ $ref: '#/components/schemas/ApplicationSecurityExclusionFilterMetadata'
2304+ type:
2305+ $ref: '#/components/schemas/ApplicationSecurityExclusionFilterType'
2306+ required:
2307+ - type
2308+ - attributes
2309+ type: object
2310+ ApplicationSecurityExclusionFilterResponse:
2311+ description: Response object for a single Application Security exclusion filter.
2312+ properties:
2313+ data:
2314+ $ref: '#/components/schemas/ApplicationSecurityExclusionFilterResource'
2315+ type: object
2316+ ApplicationSecurityExclusionFilterRulesTarget:
2317+ description: Target WAF rules based either on an identifier or tags.
2318+ properties:
2319+ rule_id:
2320+ description: Target a single WAF rule based on its identifier.
2321+ example: dog-913-009
2322+ type: string
2323+ tags:
2324+ $ref: '#/components/schemas/ApplicationSecurityExclusionFilterRulesTargetTags'
2325+ type: object
2326+ ApplicationSecurityExclusionFilterRulesTargetTags:
2327+ description: Target multiple WAF rules based on their tags.
2328+ properties:
2329+ category:
2330+ description: The category of the targeted WAF rules.
2331+ example: attack_attempt
2332+ type: string
2333+ type:
2334+ description: The type of the targeted WAF rules.
2335+ example: lfi
2336+ type: string
2337+ type: object
2338+ ApplicationSecurityExclusionFilterScope:
2339+ description: Deploy on services based on their environment and/or service name.
2340+ properties:
2341+ env:
2342+ description: Deploy on this environment.
2343+ example: www
2344+ type: string
2345+ service:
2346+ description: Deploy on this service.
2347+ example: prod
2348+ type: string
2349+ type: object
2350+ ApplicationSecurityExclusionFilterType:
2351+ default: exclusion_filter
2352+ description: Type of the resource. The value should always be `exclusion_filter`.
2353+ enum:
2354+ - exclusion_filter
2355+ example: exclusion_filter
2356+ type: string
2357+ x-enum-varnames:
2358+ - EXCLUSION_FILTER
2359+ ApplicationSecurityExclusionFiltersResponse:
2360+ description: Response object for multiple Application Security exclusion filters.
2361+ properties:
2362+ data:
2363+ description: A list of Application Security exclusion filter.
2364+ items:
2365+ $ref: '#/components/schemas/ApplicationSecurityExclusionFilterResource'
2366+ type: array
2367+ type: object
21962368 AppsSortField:
21972369 description: The field and direction to sort apps by
21982370 enum:
@@ -43263,6 +43435,161 @@ paths:
4326343435 operator: OR
4326443436 permissions:
4326543437 - timeseries_query
43438+ /api/v2/remote_config/products/asm/waf/exclusion_filters:
43439+ get:
43440+ description: Retrieve a list of Application Security exclusion filters.
43441+ operationId: ListApplicationSecurityExclusionFilters
43442+ responses:
43443+ '200':
43444+ content:
43445+ application/json:
43446+ schema:
43447+ $ref: '#/components/schemas/ApplicationSecurityExclusionFiltersResponse'
43448+ description: OK
43449+ '403':
43450+ $ref: '#/components/responses/NotAuthorizedResponse'
43451+ '429':
43452+ $ref: '#/components/responses/TooManyRequestsResponse'
43453+ summary: List all Application Security exclusion filters
43454+ tags:
43455+ - Application Security
43456+ x-permission:
43457+ operator: AND
43458+ permissions:
43459+ - appsec_protect_read
43460+ x-terraform-resource: appsec_exclusion_filter
43461+ post:
43462+ description: 'Create a new Application Security exclusion filter with the given
43463+ parameters.
43464+
43465+
43466+ A request matched by an exclusion filter will be ignored by the Application
43467+ Security product.
43468+
43469+ Go to https://app.datadoghq.com/security/appsec/passlist to review existing
43470+ exclusion filters (also called passlist entries).'
43471+ operationId: CreateApplicationSecurityExclusionFilter
43472+ requestBody:
43473+ content:
43474+ application/json:
43475+ schema:
43476+ $ref: '#/components/schemas/ApplicationSecurityExclusionFilterRequest'
43477+ description: The definition of the new exclusion filter.
43478+ required: true
43479+ responses:
43480+ '200':
43481+ content:
43482+ application/json:
43483+ schema:
43484+ $ref: '#/components/schemas/ApplicationSecurityExclusionFilterResponse'
43485+ description: OK
43486+ '400':
43487+ $ref: '#/components/responses/BadRequestResponse'
43488+ '403':
43489+ $ref: '#/components/responses/NotAuthorizedResponse'
43490+ '409':
43491+ $ref: '#/components/responses/ConflictResponse'
43492+ '429':
43493+ $ref: '#/components/responses/TooManyRequestsResponse'
43494+ summary: Create an Application Security exclusion filter
43495+ tags:
43496+ - Application Security
43497+ x-codegen-request-body-name: body
43498+ x-permission:
43499+ operator: AND
43500+ permissions:
43501+ - appsec_protect_write
43502+ x-terraform-resource: appsec_exclusion_filter
43503+ /api/v2/remote_config/products/asm/waf/exclusion_filters/{exclusion_filter_id}:
43504+ delete:
43505+ description: Delete a specific Application Security exclusion filter using its
43506+ identifier.
43507+ operationId: DeleteApplicationSecurityExclusionFilter
43508+ parameters:
43509+ - $ref: '#/components/parameters/ApplicationSecurityExclusionFilterID'
43510+ responses:
43511+ '204':
43512+ description: OK
43513+ '403':
43514+ $ref: '#/components/responses/NotAuthorizedResponse'
43515+ '404':
43516+ $ref: '#/components/responses/NotFoundResponse'
43517+ '429':
43518+ $ref: '#/components/responses/TooManyRequestsResponse'
43519+ summary: Delete an Application Security exclusion filter
43520+ tags:
43521+ - Application Security
43522+ x-permission:
43523+ operator: AND
43524+ permissions:
43525+ - appsec_protect_write
43526+ x-terraform-resource: appsec_exclusion_filter
43527+ get:
43528+ description: Retrieve a specific Application Security exclusion filter using
43529+ its identifier.
43530+ operationId: GetApplicationSecurityExclusionFilter
43531+ parameters:
43532+ - $ref: '#/components/parameters/ApplicationSecurityExclusionFilterID'
43533+ responses:
43534+ '200':
43535+ content:
43536+ application/json:
43537+ schema:
43538+ $ref: '#/components/schemas/ApplicationSecurityExclusionFilterResponse'
43539+ description: OK
43540+ '403':
43541+ $ref: '#/components/responses/NotAuthorizedResponse'
43542+ '429':
43543+ $ref: '#/components/responses/TooManyRequestsResponse'
43544+ summary: Get an Application Security exclusion filter
43545+ tags:
43546+ - Application Security
43547+ x-permission:
43548+ operator: AND
43549+ permissions:
43550+ - appsec_protect_read
43551+ x-terraform-resource: appsec_exclusion_filter
43552+ put:
43553+ description: 'Update a specific Application Security exclusion filter using
43554+ its identifier.
43555+
43556+ Returns the exclusion filter object when the request is successful.'
43557+ operationId: UpdateApplicationSecurityExclusionFilter
43558+ parameters:
43559+ - $ref: '#/components/parameters/ApplicationSecurityExclusionFilterID'
43560+ requestBody:
43561+ content:
43562+ application/json:
43563+ schema:
43564+ $ref: '#/components/schemas/ApplicationSecurityExclusionFilterRequest'
43565+ description: The exclusion filter to update.
43566+ required: true
43567+ responses:
43568+ '200':
43569+ content:
43570+ application/json:
43571+ schema:
43572+ $ref: '#/components/schemas/ApplicationSecurityExclusionFilterResponse'
43573+ description: OK
43574+ '400':
43575+ $ref: '#/components/responses/BadRequestResponse'
43576+ '403':
43577+ $ref: '#/components/responses/NotAuthorizedResponse'
43578+ '404':
43579+ $ref: '#/components/responses/NotFoundResponse'
43580+ '409':
43581+ $ref: '#/components/responses/ConcurrentModificationResponse'
43582+ '429':
43583+ $ref: '#/components/responses/TooManyRequestsResponse'
43584+ summary: Update an Application Security exclusion filter
43585+ tags:
43586+ - Application Security
43587+ x-codegen-request-body-name: body
43588+ x-permission:
43589+ operator: AND
43590+ permissions:
43591+ - appsec_protect_write
43592+ x-terraform-resource: appsec_exclusion_filter
4326643593 /api/v2/remote_config/products/cws/agent_rules:
4326743594 get:
4326843595 description: Get the list of Cloud Security Management Threats Agent rules.
@@ -51326,6 +51653,22 @@ tags:
5132651653 are built to accelerate remediation at scale. These API endpoints allow you to
5132751654 create, read, update, delete, and publish apps.
5132851655 name: App Builder
51656+ - description: '[Datadog Application Security](https://docs.datadoghq.com/security/application_security/)
51657+ provides protection against
51658+
51659+ application-level attacks that aim to exploit code-level vulnerabilities,
51660+
51661+ such as Server-Side-Request-Forgery (SSRF), SQL injection, Log4Shell, and
51662+
51663+ Reflected Cross-Site-Scripting (XSS). You can monitor and protect apps
51664+
51665+ hosted directly on a server, Docker, Kubernetes, Amazon ECS, and (for
51666+
51667+ supported languages) AWS Fargate.'
51668+ externalDocs:
51669+ description: Find out more at
51670+ url: https://docs.datadoghq.com/security/application_security/
51671+ name: Application Security
5132951672- description: Search your Audit Logs events over HTTP.
5133051673 name: Audit
5133151674- description: '[The AuthN Mappings API](https://docs.datadoghq.com/account_management/authn_mapping/?tab=example)
0 commit comments