diff --git a/.apigentools-info b/.apigentools-info index 54da6ec2570e..726060c0fe64 100644 --- a/.apigentools-info +++ b/.apigentools-info @@ -4,13 +4,13 @@ "spec_versions": { "v1": { "apigentools_version": "1.6.6", - "regenerated": "2025-01-23 22:24:33.345379", - "spec_repo_commit": "6a31fa8c" + "regenerated": "2025-01-24 15:02:22.197138", + "spec_repo_commit": "582cdbd4" }, "v2": { "apigentools_version": "1.6.6", - "regenerated": "2025-01-23 22:24:33.360838", - "spec_repo_commit": "6a31fa8c" + "regenerated": "2025-01-24 15:02:22.212155", + "spec_repo_commit": "582cdbd4" } } } \ No newline at end of file diff --git a/.generator/schemas/v1/openapi.yaml b/.generator/schemas/v1/openapi.yaml index d19602bb8e40..2c7c126ce50d 100644 --- a/.generator/schemas/v1/openapi.yaml +++ b/.generator/schemas/v1/openapi.yaml @@ -23747,6 +23747,10 @@ components: security_monitoring_filters_write: Create, edit, and delete Security Filters. security_monitoring_findings_read: View a list of findings that include both misconfigurations and identity risks. + security_monitoring_notification_profiles_read: View Rule Security Notification + rules. + security_monitoring_notification_profiles_write: Create, edit, and delete + Security Notification rules. security_monitoring_rules_read: Read Detection Rules. security_monitoring_rules_write: Create and edit Detection Rules. security_monitoring_signals_read: View Security Signals. diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index 1f5214bdc2aa..c8e2261b218a 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -794,6 +794,17 @@ components: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found + NotificationRulesList: + content: + application/json: + schema: + properties: + data: + items: + $ref: '#/components/schemas/NotificationRule' + type: array + type: object + description: The list of notification rules. PreconditionFailedResponse: content: application/json: @@ -836,6 +847,13 @@ components: schema: $ref: '#/components/schemas/APIErrorResponse' description: Unauthorized + UnprocessableEntityResponse: + content: + application/json: + schema: + $ref: '#/components/schemas/JSONAPIErrorResponse' + description: The server cannot process the request because it contains invalid + data. schemas: APIErrorResponse: description: API error response. @@ -7403,6 +7421,42 @@ components: meta: $ref: '#/components/schemas/DataDeletionResponseMeta' type: object + CreateNotificationRuleParameters: + description: Body of the notification rule create request. + properties: + data: + $ref: '#/components/schemas/CreateNotificationRuleParametersData' + type: object + CreateNotificationRuleParametersData: + description: 'Data of the notification rule create request: the rule type, and + the rule attributes. All fields are required.' + properties: + attributes: + $ref: '#/components/schemas/CreateNotificationRuleParametersDataAttributes' + type: + $ref: '#/components/schemas/NotificationRulesType' + required: + - attributes + - type + type: object + CreateNotificationRuleParametersDataAttributes: + description: Attributes of the notification rule create request. + properties: + enabled: + $ref: '#/components/schemas/Enabled' + name: + $ref: '#/components/schemas/RuleName' + selectors: + $ref: '#/components/schemas/Selectors' + targets: + $ref: '#/components/schemas/Targets' + time_aggregation: + $ref: '#/components/schemas/TimeAggregation' + required: + - selectors + - name + - targets + type: object CreateOpenAPIResponse: description: Response for `CreateOpenAPI` operation. properties: @@ -9115,6 +9169,11 @@ components: type: number type: array type: object + Date: + description: Date as Unix timestamp in milliseconds. + example: 1722439510282 + format: int64 + type: integer DeleteAppResponse: description: The definition of `DeleteAppResponse` object. properties: @@ -10297,6 +10356,10 @@ components: - score - severity type: object + Enabled: + description: Field used to enable or disable the rule. + example: true + type: boolean EntityAttributes: description: Entity attributes. properties: @@ -13245,6 +13308,10 @@ components: - APP_SEC_HOST_COUNT - OBSERVABILITY_PIPELINES_BYTES_PROCESSSED - LAMBDA_TRACED_INVOCATIONS_COUNT + ID: + description: The ID of a notification rule. + example: aaa-bbb-ccc + type: string IPAllowlistAttributes: description: Attributes of the IP allowlist. properties: @@ -19407,6 +19474,84 @@ components: meta: $ref: '#/components/schemas/MonthlyCostAttributionMeta' type: object + NotificationRule: + description: 'Notification rules allow full control over notifications generated + by the various Datadog security products. + + They allow users to define the conditions under which a notification should + be generated (based on rule severities, + + rule types, rule tags, and so on), and the targets to notify. + + A notification rule is composed of a rule ID, a rule type, and the rule attributes. + All fields are required. + + ' + properties: + attributes: + $ref: '#/components/schemas/NotificationRuleAttributes' + id: + $ref: '#/components/schemas/ID' + type: + $ref: '#/components/schemas/NotificationRulesType' + required: + - attributes + - id + - type + type: object + NotificationRuleAttributes: + description: Attributes of the notification rule. + properties: + created_at: + $ref: '#/components/schemas/Date' + created_by: + $ref: '#/components/schemas/RuleUser' + enabled: + $ref: '#/components/schemas/Enabled' + modified_at: + $ref: '#/components/schemas/Date' + modified_by: + $ref: '#/components/schemas/RuleUser' + name: + $ref: '#/components/schemas/RuleName' + selectors: + $ref: '#/components/schemas/Selectors' + targets: + $ref: '#/components/schemas/Targets' + time_aggregation: + $ref: '#/components/schemas/TimeAggregation' + version: + $ref: '#/components/schemas/Version' + required: + - created_at + - created_by + - enabled + - modified_at + - modified_by + - name + - selectors + - targets + - version + type: object + NotificationRuleQuery: + description: The query is composed of one or several key:value pairs, which + can be used to filter security issues on tags and attributes. + example: (source:production_service OR env:prod) + type: string + NotificationRuleResponse: + description: Response object which includes a notification rule. + properties: + data: + $ref: '#/components/schemas/NotificationRule' + type: object + NotificationRulesType: + description: The rule type associated to notification rules. + enum: + - notification_rules + example: notification_rules + type: string + x-enum-varnames: + - NOTIFICATION_RULES NullableRelationshipToUser: description: Relationship to user. nullable: true @@ -20260,6 +20405,44 @@ components: $ref: '#/components/schemas/ApplicationKeyResponseIncludedItem' type: array type: object + PatchNotificationRuleParameters: + description: Body of the notification rule patch request. + properties: + data: + $ref: '#/components/schemas/PatchNotificationRuleParametersData' + type: object + PatchNotificationRuleParametersData: + description: 'Data of the notification rule patch request: the rule ID, the + rule type, and the rule attributes. All fields are required.' + properties: + attributes: + $ref: '#/components/schemas/PatchNotificationRuleParametersDataAttributes' + id: + $ref: '#/components/schemas/ID' + type: + $ref: '#/components/schemas/NotificationRulesType' + required: + - attributes + - id + - type + type: object + PatchNotificationRuleParametersDataAttributes: + description: Attributes of the notification rule patch request. It is required + to update the version of the rule when patching it. + properties: + enabled: + $ref: '#/components/schemas/Enabled' + name: + $ref: '#/components/schemas/RuleName' + selectors: + $ref: '#/components/schemas/Selectors' + targets: + $ref: '#/components/schemas/Targets' + time_aggregation: + $ref: '#/components/schemas/TimeAggregation' + version: + $ref: '#/components/schemas/Version' + type: object Permission: description: Permission object. properties: @@ -22941,12 +23124,34 @@ components: description: The unique ID for a scorecard rule. example: q8MQxk8TCqrHnWkx type: string + RuleName: + description: Name of the notification rule. + example: Rule 1 + type: string RuleOutcomeRelationships: description: The JSON:API relationship to a scorecard rule. properties: rule: $ref: '#/components/schemas/RelationshipToOutcome' type: object + RuleSeverity: + description: Severity of a security rule. + enum: + - critical + - high + - medium + - low + - unknown + - info + example: critical + type: string + x-enum-varnames: + - CRITICAL + - HIGH + - MEDIUM + - LOW + - UNKNOWN + - INFO RuleType: default: rule description: The JSON:API type for scorecard rules. @@ -22956,6 +23161,69 @@ components: type: string x-enum-varnames: - RULE + RuleTypes: + description: Security rule types used to filter signals and vulnerabilities + generating notifications. + example: + - misconfiguration + - attack_path + items: + $ref: '#/components/schemas/RuleTypesItems' + type: array + RuleTypesItems: + description: 'Security rule types which can be used in notification rules. + + Signal-based notification rules can filter signals based on rule types application_security, + log_detection, + + workload_security, signal_correlation, cloud_configuration and infrastructure_configuration. + + Vulnerability-based notification rules can filter vulnerabilities based on + rule types application_code_vulnerability, + + application_library_vulnerability, attack_path, container_image_vulnerability, + identity_risk, misconfiguration, and api_security.' + enum: + - application_security + - log_detection + - workload_security + - signal_correlation + - cloud_configuration + - infrastructure_configuration + - application_code_vulnerability + - application_library_vulnerability + - attack_path + - container_image_vulnerability + - identity_risk + - misconfiguration + - api_security + type: string + x-enum-varnames: + - APPLICATION_SECURITY + - LOG_DETECTION + - WORKLOAD_SECURITY + - SIGNAL_CORRELATION + - CLOUD_CONFIGURATION + - INFRASTRUCTURE_CONFIGURATION + - APPLICATION_CODE_VULNERABILITY + - APPLICATION_LIBRARY_VULNERABILITY + - ATTACK_PATH + - CONTAINER_IMAGE_VULNERABILITY + - IDENTITY_RISK + - MISCONFIGURATION + - API_SECURITY + RuleUser: + description: User creating or modifying a rule. + properties: + handle: + description: The user handle. + example: john.doe@domain.com + type: string + name: + description: The user name. + example: John Doe + type: string + type: object RumMetricCompute: description: The compute rule to compute the rum-based metric. properties: @@ -25873,6 +26141,29 @@ components: nullable: true type: string type: object + Selectors: + description: 'Selectors are used to filter security issues for which notifications + should be generated. + + Users can specify rule severities, rule types, a query to filter security + issues on tags and attributes, and the trigger source. + + Only the trigger_source field is required.' + properties: + query: + $ref: '#/components/schemas/NotificationRuleQuery' + rule_types: + $ref: '#/components/schemas/RuleTypes' + severities: + description: The security rules severities to consider. + items: + $ref: '#/components/schemas/RuleSeverity' + type: array + trigger_source: + $ref: '#/components/schemas/TriggerSource' + required: + - trigger_source + type: object SensitiveDataScannerConfigRequest: description: Group reorder request. properties: @@ -28565,6 +28856,20 @@ components: description: Tag associated with your event. type: string type: array + Targets: + description: 'List of recipients to notify when a notification rule is triggered. + Many different target types are supported, + + such as email addresses, Slack channels, and PagerDuty services. + + The appropriate integrations need to be properly configured to send notifications + to the specified targets.' + example: + - '@john.doe@email.com' + items: + description: Recipients to notify. + type: string + type: array Team: description: A team properties: @@ -29141,6 +29446,22 @@ components: description: Offset type. type: string type: object + TimeAggregation: + description: 'Time aggregation period (in seconds) is used to aggregate the + results of the notification rule evaluation. + + Results are aggregated over a selected time frame using a rolling window, + which updates with each new evaluation. + + Notifications are only sent for new issues discovered during the window. + + Time aggregation is only available for vulnerability-based notification rules. + When omitted or set to 0, no aggregation + + is done.' + example: 86400 + format: int64 + type: integer TimeseriesFormulaQueryRequest: description: A request wrapper around a single timeseries query to be executed. properties: @@ -29333,6 +29654,20 @@ components: type: string x-enum-varnames: - SECRET + TriggerSource: + description: 'The type of security issues on which the rule applies. Notification + rules based on security signals need to use the trigger source "security_signals", + + while notification rules based on security vulnerabilities need to use the + trigger source "security_findings".' + enum: + - security_findings + - security_signals + example: security_findings + type: string + x-enum-varnames: + - SECURITY_FINDINGS + - SECURITY_SIGNALS Unit: description: Object containing the metric unit family, scale factor, name, and short name. @@ -30258,6 +30593,12 @@ components: type: string x-enum-varnames: - USERS + Version: + description: Version of the notification rule. It is updated when the rule is + modified. + example: 1 + format: int64 + type: integer VulnerabilitiesType: description: The JSON:API type. enum: @@ -30849,6 +31190,10 @@ components: security_monitoring_filters_write: Create, edit, and delete Security Filters. security_monitoring_findings_read: View a list of findings that include both misconfigurations and identity risks. + security_monitoring_notification_profiles_read: View Rule Security Notification + rules. + security_monitoring_notification_profiles_write: Create, edit, and delete + Security Notification rules. security_monitoring_rules_read: Read Detection Rules. security_monitoring_rules_write: Create and edit Detection Rules. security_monitoring_signals_read: View Security Signals. @@ -43576,6 +43921,188 @@ paths: x-unstable: '**Note**: This endpoint is a private preview. If you are interested in accessing this API, please [fill out this form](https://forms.gle/kMYC1sDr6WDUBDsx9).' + /api/v2/security/signals/notification_rules: + get: + description: Returns the list of notification rules for security signals. + operationId: GetSignalNotificationRules + responses: + '200': + $ref: '#/components/responses/NotificationRulesList' + '403': + $ref: '#/components/responses/ForbiddenResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_notification_profiles_read + summary: Get the list of signal-based rules + tags: + - Security Monitoring + x-permission: + operator: OR + permissions: + - security_monitoring_notification_profiles_read + post: + description: Create a new notification rule for security signals and return + the created rule. + operationId: CreateSignalNotificationRule + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CreateNotificationRuleParameters' + description: 'The body of the create notification rule request is composed + of the rule type and the rule attributes: + + the rule name, the selectors, the notification targets, and the rule enabled + status. + + ' + required: true + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationRuleResponse' + description: Successfully created the notification rule. + '400': + $ref: '#/components/responses/BadRequestResponse' + '403': + $ref: '#/components/responses/ForbiddenResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_notification_profiles_write + summary: Create a new signal-based rule + tags: + - Security Monitoring + x-codegen-request-body-name: body + x-permission: + operator: OR + permissions: + - security_monitoring_notification_profiles_write + /api/v2/security/signals/notification_rules/{id}: + delete: + description: Delete a notification rule for security signals. + operationId: DeleteSignalNotificationRule + parameters: + - description: ID of the notification rule. + in: path + name: id + required: true + schema: + type: string + responses: + '204': + description: Rule successfully deleted. + '403': + $ref: '#/components/responses/ForbiddenResponse' + '404': + $ref: '#/components/responses/NotFoundResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_notification_profiles_write + summary: Delete a signal-based rule + tags: + - Security Monitoring + x-permission: + operator: OR + permissions: + - security_monitoring_notification_profiles_write + get: + description: Get the details of a notification rule for security signals. + operationId: GetSignalNotificationRule + parameters: + - description: ID of the notification rule. + in: path + name: id + required: true + schema: + type: string + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationRuleResponse' + description: Notification rule details. + '400': + $ref: '#/components/responses/BadRequestResponse' + '403': + $ref: '#/components/responses/ForbiddenResponse' + '404': + $ref: '#/components/responses/NotFoundResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_notification_profiles_read + summary: Get details of a signal-based rule + tags: + - Security Monitoring + x-permission: + operator: OR + permissions: + - security_monitoring_notification_profiles_read + patch: + description: Partially update the notification rule. All fields are optional; + if a field is not provided, it is not updated. + operationId: PatchSignalNotificationRule + parameters: + - description: ID of the notification rule. + in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchNotificationRuleParameters' + required: true + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationRuleResponse' + description: Notification rule successfully patched. + '400': + $ref: '#/components/responses/BadRequestResponse' + '403': + $ref: '#/components/responses/ForbiddenResponse' + '404': + $ref: '#/components/responses/NotFoundResponse' + '422': + $ref: '#/components/responses/UnprocessableEntityResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_notification_profiles_write + summary: Patch a signal-based rule + tags: + - Security Monitoring + x-codegen-request-body-name: body + x-permission: + operator: OR + permissions: + - security_monitoring_notification_profiles_write /api/v2/security/vulnerabilities: get: description: "Get a list of vulnerabilities.\n\n### Pagination\n\nPagination @@ -43955,6 +44482,188 @@ paths: x-unstable: '**Note**: This endpoint is a private preview. If you are interested in accessing this API, please [fill out this form](https://forms.gle/kMYC1sDr6WDUBDsx9).' + /api/v2/security/vulnerabilities/notification_rules: + get: + description: Returns the list of notification rules for security vulnerabilities. + operationId: GetVulnerabilityNotificationRules + responses: + '200': + $ref: '#/components/responses/NotificationRulesList' + '403': + $ref: '#/components/responses/ForbiddenResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_notification_profiles_read + summary: Get the list of vulnerability-based rules + tags: + - Security Monitoring + x-permission: + operator: OR + permissions: + - security_monitoring_notification_profiles_read + post: + description: Create a new notification rule for security vulnerabilities and + return the created rule. + operationId: CreateVulnerabilityNotificationRule + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CreateNotificationRuleParameters' + description: 'The body of the create notification rule request is composed + of the rule type and the rule attributes: + + the rule name, the selectors, the notification targets, and the rule enabled + status. + + ' + required: true + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationRuleResponse' + description: Successfully created the notification rule. + '400': + $ref: '#/components/responses/BadRequestResponse' + '403': + $ref: '#/components/responses/ForbiddenResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_notification_profiles_write + summary: Create a new vulnerability-based rule + tags: + - Security Monitoring + x-codegen-request-body-name: body + x-permission: + operator: OR + permissions: + - security_monitoring_notification_profiles_write + /api/v2/security/vulnerabilities/notification_rules/{id}: + delete: + description: Delete a notification rule for security vulnerabilities. + operationId: DeleteVulnerabilityNotificationRule + parameters: + - description: ID of the notification rule. + in: path + name: id + required: true + schema: + type: string + responses: + '204': + description: Rule successfully deleted. + '403': + $ref: '#/components/responses/ForbiddenResponse' + '404': + $ref: '#/components/responses/NotFoundResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_notification_profiles_write + summary: Delete a vulnerability-based rule + tags: + - Security Monitoring + x-permission: + operator: OR + permissions: + - security_monitoring_notification_profiles_write + get: + description: Get the details of a notification rule for security vulnerabilities. + operationId: GetVulnerabilityNotificationRule + parameters: + - description: ID of the notification rule. + in: path + name: id + required: true + schema: + type: string + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationRuleResponse' + description: Notification rule details. + '400': + $ref: '#/components/responses/BadRequestResponse' + '403': + $ref: '#/components/responses/ForbiddenResponse' + '404': + $ref: '#/components/responses/NotFoundResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_notification_profiles_read + summary: Get details of a vulnerability-based rule + tags: + - Security Monitoring + x-permission: + operator: OR + permissions: + - security_monitoring_notification_profiles_read + patch: + description: Partially update the notification rule. All fields are optional; + if a field is not provided, it is not updated. + operationId: PatchVulnerabilityNotificationRule + parameters: + - description: ID of the notification rule. + in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchNotificationRuleParameters' + required: true + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationRuleResponse' + description: Notification rule successfully patched. + '400': + $ref: '#/components/responses/BadRequestResponse' + '403': + $ref: '#/components/responses/ForbiddenResponse' + '404': + $ref: '#/components/responses/NotFoundResponse' + '422': + $ref: '#/components/responses/UnprocessableEntityResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_notification_profiles_write + summary: Patch a vulnerability-based rule + tags: + - Security Monitoring + x-codegen-request-body-name: body + x-permission: + operator: OR + permissions: + - security_monitoring_notification_profiles_write /api/v2/security_monitoring/cloud_workload_security/agent_rules: get: description: Get the list of Agent rules. diff --git a/cassettes/features/v2/security_monitoring/Create-a-new-signal-based-rule-returns-Successfully-created-the-notification-rule-response.frozen b/cassettes/features/v2/security_monitoring/Create-a-new-signal-based-rule-returns-Successfully-created-the-notification-rule-response.frozen new file mode 100644 index 000000000000..b05034048436 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Create-a-new-signal-based-rule-returns-Successfully-created-the-notification-rule-response.frozen @@ -0,0 +1 @@ +2025-01-23T10:35:59.157Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Create-a-new-signal-based-rule-returns-Successfully-created-the-notification-rule-response.yml b/cassettes/features/v2/security_monitoring/Create-a-new-signal-based-rule-returns-Successfully-created-the-notification-rule-response.yml new file mode 100644 index 000000000000..3ccdcced409b --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Create-a-new-signal-based-rule-returns-Successfully-created-the-notification-rule-response.yml @@ -0,0 +1,44 @@ +http_interactions: +- recorded_at: Thu, 23 Jan 2025 10:35:59 GMT + request: + body: + encoding: UTF-8 + string: '{"data":{"attributes":{"enabled":true,"name":"Rule 1","selectors":{"query":"(source:production_service + OR env:prod)","rule_types":["misconfiguration","attack_path"],"severities":["critical"],"trigger_source":"security_findings"},"targets":["@john.doe@email.com"],"time_aggregation":86400},"type":"notification_rules"}}' + headers: + Accept: + - application/json + Content-Type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules + response: + body: + encoding: UTF-8 + string: '{"data":{"id":"xen-2ux-w4q","type":"notification_rules","attributes":{"created_at":1737628559636,"created_by":{"name":"CI + Account","handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca"},"enabled":true,"modified_at":1737628559636,"modified_by":{"name":"CI + Account","handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca"},"name":"Rule 1","selectors":{"severities":["critical"],"rule_types":["misconfiguration","attack_path"],"query":"(source:production_service + OR env:prod)","trigger_source":"security_findings"},"targets":["@john.doe@email.com"],"time_aggregation":86400,"version":1}}}' + headers: + Content-Type: + - application/vnd.api+json + status: + code: 201 + message: Created +- recorded_at: Thu, 23 Jan 2025 10:35:59 GMT + request: + body: null + headers: + Accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules/xen-2ux-w4q + response: + body: + encoding: UTF-8 + string: '' + headers: {} + status: + code: 204 + message: No Content +recorded_with: VCR 6.0.0 diff --git a/cassettes/features/v2/security_monitoring/Create-a-new-vulnerability-based-rule-returns-Successfully-created-the-notification-rule-response.frozen b/cassettes/features/v2/security_monitoring/Create-a-new-vulnerability-based-rule-returns-Successfully-created-the-notification-rule-response.frozen new file mode 100644 index 000000000000..4df775f84841 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Create-a-new-vulnerability-based-rule-returns-Successfully-created-the-notification-rule-response.frozen @@ -0,0 +1 @@ +2025-01-23T10:35:59.776Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Create-a-new-vulnerability-based-rule-returns-Successfully-created-the-notification-rule-response.yml b/cassettes/features/v2/security_monitoring/Create-a-new-vulnerability-based-rule-returns-Successfully-created-the-notification-rule-response.yml new file mode 100644 index 000000000000..640ed0a5bb24 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Create-a-new-vulnerability-based-rule-returns-Successfully-created-the-notification-rule-response.yml @@ -0,0 +1,44 @@ +http_interactions: +- recorded_at: Thu, 23 Jan 2025 10:35:59 GMT + request: + body: + encoding: UTF-8 + string: '{"data":{"attributes":{"enabled":true,"name":"Rule 1","selectors":{"query":"(source:production_service + OR env:prod)","rule_types":["misconfiguration","attack_path"],"severities":["critical"],"trigger_source":"security_findings"},"targets":["@john.doe@email.com"],"time_aggregation":86400},"type":"notification_rules"}}' + headers: + Accept: + - application/json + Content-Type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules + response: + body: + encoding: UTF-8 + string: '{"data":{"id":"757-rvr-pnu","type":"notification_rules","attributes":{"created_at":1737628559864,"created_by":{"name":"CI + Account","handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca"},"enabled":true,"modified_at":1737628559864,"modified_by":{"name":"CI + Account","handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca"},"name":"Rule 1","selectors":{"severities":["critical"],"rule_types":["misconfiguration","attack_path"],"query":"(source:production_service + OR env:prod)","trigger_source":"security_findings"},"targets":["@john.doe@email.com"],"time_aggregation":86400,"version":1}}}' + headers: + Content-Type: + - application/vnd.api+json + status: + code: 201 + message: Created +- recorded_at: Thu, 23 Jan 2025 10:35:59 GMT + request: + body: null + headers: + Accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/757-rvr-pnu + response: + body: + encoding: UTF-8 + string: '' + headers: {} + status: + code: 204 + message: No Content +recorded_with: VCR 6.0.0 diff --git a/cassettes/features/v2/security_monitoring/Delete-a-signal-based-rule-returns-Not-Found-response.frozen b/cassettes/features/v2/security_monitoring/Delete-a-signal-based-rule-returns-Not-Found-response.frozen new file mode 100644 index 000000000000..5ed3da996916 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Delete-a-signal-based-rule-returns-Not-Found-response.frozen @@ -0,0 +1 @@ +2025-01-22T09:50:04.605Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Delete-a-signal-based-rule-returns-Not-Found-response.yml b/cassettes/features/v2/security_monitoring/Delete-a-signal-based-rule-returns-Not-Found-response.yml new file mode 100644 index 000000000000..1b44af9eed4f --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Delete-a-signal-based-rule-returns-Not-Found-response.yml @@ -0,0 +1,21 @@ +http_interactions: +- recorded_at: Wed, 22 Jan 2025 09:50:04 GMT + request: + body: null + headers: + Accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules/000-000-000 + response: + body: + encoding: UTF-8 + string: '{"errors":["not_found(Notification rule with id ''000-000-000'' not + found)"]}' + headers: + Content-Type: + - application/json + status: + code: 404 + message: Not Found +recorded_with: VCR 6.0.0 diff --git a/cassettes/features/v2/security_monitoring/Delete-a-signal-based-rule-returns-Rule-successfully-deleted-response.frozen b/cassettes/features/v2/security_monitoring/Delete-a-signal-based-rule-returns-Rule-successfully-deleted-response.frozen new file mode 100644 index 000000000000..5b9cab2f5f91 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Delete-a-signal-based-rule-returns-Rule-successfully-deleted-response.frozen @@ -0,0 +1 @@ +2025-01-22T09:50:05.107Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Delete-a-signal-based-rule-returns-Rule-successfully-deleted-response.yml b/cassettes/features/v2/security_monitoring/Delete-a-signal-based-rule-returns-Rule-successfully-deleted-response.yml new file mode 100644 index 000000000000..1b147f46e1aa --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Delete-a-signal-based-rule-returns-Rule-successfully-deleted-response.yml @@ -0,0 +1,59 @@ +http_interactions: +- recorded_at: Wed, 22 Jan 2025 09:50:05 GMT + request: + body: + encoding: UTF-8 + string: '{"data":{"attributes":{"enabled":true,"name":"Test-Delete_a_signal_based_rule_returns_Rule_successfully_deleted_response-1737539405","selectors":{"query":"env:test","rule_types":["signal_correlation"],"severities":["critical"],"trigger_source":"security_signals"},"targets":["@email@email.com"]},"type":"notification_rules"}}' + headers: + Accept: + - application/json + Content-Type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules + response: + body: + encoding: UTF-8 + string: '{"data":{"id":"ukc-0jn-maf","type":"notification_rules","attributes":{"created_at":1737539405540,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1737539405540,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Delete_a_signal_based_rule_returns_Rule_successfully_deleted_response-1737539405","selectors":{"severities":["critical"],"rule_types":["signal_correlation"],"query":"env:test","trigger_source":"security_signals"},"targets":["@email@email.com"],"time_aggregation":0,"version":1}}}' + headers: + Content-Type: + - application/vnd.api+json + status: + code: 201 + message: Created +- recorded_at: Wed, 22 Jan 2025 09:50:05 GMT + request: + body: null + headers: + Accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules/ukc-0jn-maf + response: + body: + encoding: UTF-8 + string: '' + headers: {} + status: + code: 204 + message: No Content +- recorded_at: Wed, 22 Jan 2025 09:50:05 GMT + request: + body: null + headers: + Accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules/ukc-0jn-maf + response: + body: + encoding: UTF-8 + string: '{"errors":["not_found(Notification rule with id ''ukc-0jn-maf'' not + found)"]}' + headers: + Content-Type: + - application/json + status: + code: 404 + message: Not Found +recorded_with: VCR 6.0.0 diff --git a/cassettes/features/v2/security_monitoring/Delete-a-vulnerability-based-rule-returns-Not-Found-response.frozen b/cassettes/features/v2/security_monitoring/Delete-a-vulnerability-based-rule-returns-Not-Found-response.frozen new file mode 100644 index 000000000000..31d1497fde4d --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Delete-a-vulnerability-based-rule-returns-Not-Found-response.frozen @@ -0,0 +1 @@ +2025-01-22T09:50:08.134Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Delete-a-vulnerability-based-rule-returns-Not-Found-response.yml b/cassettes/features/v2/security_monitoring/Delete-a-vulnerability-based-rule-returns-Not-Found-response.yml new file mode 100644 index 000000000000..dafa10f00db0 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Delete-a-vulnerability-based-rule-returns-Not-Found-response.yml @@ -0,0 +1,21 @@ +http_interactions: +- recorded_at: Wed, 22 Jan 2025 09:50:08 GMT + request: + body: null + headers: + Accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/000-000-000 + response: + body: + encoding: UTF-8 + string: '{"errors":["not_found(Notification rule with id ''000-000-000'' not + found)"]}' + headers: + Content-Type: + - application/json + status: + code: 404 + message: Not Found +recorded_with: VCR 6.0.0 diff --git a/cassettes/features/v2/security_monitoring/Delete-a-vulnerability-based-rule-returns-Rule-successfully-deleted-response.frozen b/cassettes/features/v2/security_monitoring/Delete-a-vulnerability-based-rule-returns-Rule-successfully-deleted-response.frozen new file mode 100644 index 000000000000..f80fa5308978 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Delete-a-vulnerability-based-rule-returns-Rule-successfully-deleted-response.frozen @@ -0,0 +1 @@ +2025-01-22T09:50:08.640Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Delete-a-vulnerability-based-rule-returns-Rule-successfully-deleted-response.yml b/cassettes/features/v2/security_monitoring/Delete-a-vulnerability-based-rule-returns-Rule-successfully-deleted-response.yml new file mode 100644 index 000000000000..3ba2f53118af --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Delete-a-vulnerability-based-rule-returns-Rule-successfully-deleted-response.yml @@ -0,0 +1,59 @@ +http_interactions: +- recorded_at: Wed, 22 Jan 2025 09:50:08 GMT + request: + body: + encoding: UTF-8 + string: '{"data":{"attributes":{"enabled":true,"name":"Test-Delete_a_vulnerability_based_rule_returns_Rule_successfully_deleted_response-1737539408","selectors":{"query":"env:test","rule_types":["misconfiguration","attack_path"],"severities":["critical"],"trigger_source":"security_findings"},"targets":["@email@email.com"],"time_aggregation":86400},"type":"notification_rules"}}' + headers: + Accept: + - application/json + Content-Type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules + response: + body: + encoding: UTF-8 + string: '{"data":{"id":"qip-ygy-7ke","type":"notification_rules","attributes":{"created_at":1737539409090,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1737539409090,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Delete_a_vulnerability_based_rule_returns_Rule_successfully_deleted_response-1737539408","selectors":{"severities":["critical"],"rule_types":["misconfiguration","attack_path"],"query":"env:test","trigger_source":"security_findings"},"targets":["@email@email.com"],"time_aggregation":86400,"version":1}}}' + headers: + Content-Type: + - application/vnd.api+json + status: + code: 201 + message: Created +- recorded_at: Wed, 22 Jan 2025 09:50:08 GMT + request: + body: null + headers: + Accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/qip-ygy-7ke + response: + body: + encoding: UTF-8 + string: '' + headers: {} + status: + code: 204 + message: No Content +- recorded_at: Wed, 22 Jan 2025 09:50:08 GMT + request: + body: null + headers: + Accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/qip-ygy-7ke + response: + body: + encoding: UTF-8 + string: '{"errors":["not_found(Notification rule with id ''qip-ygy-7ke'' not + found)"]}' + headers: + Content-Type: + - application/json + status: + code: 404 + message: Not Found +recorded_with: VCR 6.0.0 diff --git a/cassettes/features/v2/security_monitoring/Get-details-of-a-signal-based-rule-returns-Not-Found-response.frozen b/cassettes/features/v2/security_monitoring/Get-details-of-a-signal-based-rule-returns-Not-Found-response.frozen new file mode 100644 index 000000000000..6d4de62a52ae --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Get-details-of-a-signal-based-rule-returns-Not-Found-response.frozen @@ -0,0 +1 @@ +2025-01-22T09:50:23.414Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Get-details-of-a-signal-based-rule-returns-Not-Found-response.yml b/cassettes/features/v2/security_monitoring/Get-details-of-a-signal-based-rule-returns-Not-Found-response.yml new file mode 100644 index 000000000000..78ad59d865b1 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Get-details-of-a-signal-based-rule-returns-Not-Found-response.yml @@ -0,0 +1,21 @@ +http_interactions: +- recorded_at: Wed, 22 Jan 2025 09:50:23 GMT + request: + body: null + headers: + Accept: + - application/json + method: GET + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules/000-000-000 + response: + body: + encoding: UTF-8 + string: '{"errors":["not_found(Notification rule with id ''000-000-000'' not + found)"]}' + headers: + Content-Type: + - application/json + status: + code: 404 + message: Not Found +recorded_with: VCR 6.0.0 diff --git a/cassettes/features/v2/security_monitoring/Get-details-of-a-signal-based-rule-returns-Notification-rule-details-response.frozen b/cassettes/features/v2/security_monitoring/Get-details-of-a-signal-based-rule-returns-Notification-rule-details-response.frozen new file mode 100644 index 000000000000..fe7b63784cc9 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Get-details-of-a-signal-based-rule-returns-Notification-rule-details-response.frozen @@ -0,0 +1 @@ +2025-01-22T09:50:23.939Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Get-details-of-a-signal-based-rule-returns-Notification-rule-details-response.yml b/cassettes/features/v2/security_monitoring/Get-details-of-a-signal-based-rule-returns-Notification-rule-details-response.yml new file mode 100644 index 000000000000..55e3278a8c21 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Get-details-of-a-signal-based-rule-returns-Notification-rule-details-response.yml @@ -0,0 +1,58 @@ +http_interactions: +- recorded_at: Wed, 22 Jan 2025 09:50:23 GMT + request: + body: + encoding: UTF-8 + string: '{"data":{"attributes":{"enabled":true,"name":"Test-Get_details_of_a_signal_based_rule_returns_Notification_rule_details_response-1737539423","selectors":{"query":"env:test","rule_types":["signal_correlation"],"severities":["critical"],"trigger_source":"security_signals"},"targets":["@email@email.com"]},"type":"notification_rules"}}' + headers: + Accept: + - application/json + Content-Type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules + response: + body: + encoding: UTF-8 + string: '{"data":{"id":"t8x-amt-d52","type":"notification_rules","attributes":{"created_at":1737539424372,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1737539424372,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Get_details_of_a_signal_based_rule_returns_Notification_rule_details_response-1737539423","selectors":{"severities":["critical"],"rule_types":["signal_correlation"],"query":"env:test","trigger_source":"security_signals"},"targets":["@email@email.com"],"time_aggregation":0,"version":1}}}' + headers: + Content-Type: + - application/vnd.api+json + status: + code: 201 + message: Created +- recorded_at: Wed, 22 Jan 2025 09:50:23 GMT + request: + body: null + headers: + Accept: + - application/json + method: GET + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules/t8x-amt-d52 + response: + body: + encoding: UTF-8 + string: '{"data":{"id":"t8x-amt-d52","type":"notification_rules","attributes":{"created_at":1737539424372,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1737539424372,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Get_details_of_a_signal_based_rule_returns_Notification_rule_details_response-1737539423","selectors":{"severities":["critical"],"rule_types":["signal_correlation"],"query":"env:test","trigger_source":"security_signals"},"targets":["@email@email.com"],"time_aggregation":0,"version":1}}}' + headers: + Content-Type: + - application/vnd.api+json + status: + code: 200 + message: OK +- recorded_at: Wed, 22 Jan 2025 09:50:23 GMT + request: + body: null + headers: + Accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules/t8x-amt-d52 + response: + body: + encoding: UTF-8 + string: '' + headers: {} + status: + code: 204 + message: No Content +recorded_with: VCR 6.0.0 diff --git a/cassettes/features/v2/security_monitoring/Get-details-of-a-vulnerability-based-rule-returns-Not-Found-response.frozen b/cassettes/features/v2/security_monitoring/Get-details-of-a-vulnerability-based-rule-returns-Not-Found-response.frozen new file mode 100644 index 000000000000..d1e8767198e7 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Get-details-of-a-vulnerability-based-rule-returns-Not-Found-response.frozen @@ -0,0 +1 @@ +2025-01-22T09:50:25.480Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Get-details-of-a-vulnerability-based-rule-returns-Not-Found-response.yml b/cassettes/features/v2/security_monitoring/Get-details-of-a-vulnerability-based-rule-returns-Not-Found-response.yml new file mode 100644 index 000000000000..4e7fc543f396 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Get-details-of-a-vulnerability-based-rule-returns-Not-Found-response.yml @@ -0,0 +1,21 @@ +http_interactions: +- recorded_at: Wed, 22 Jan 2025 09:50:25 GMT + request: + body: null + headers: + Accept: + - application/json + method: GET + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/000-000-000 + response: + body: + encoding: UTF-8 + string: '{"errors":["not_found(Notification rule with id ''000-000-000'' not + found)"]}' + headers: + Content-Type: + - application/json + status: + code: 404 + message: Not Found +recorded_with: VCR 6.0.0 diff --git a/cassettes/features/v2/security_monitoring/Get-details-of-a-vulnerability-based-rule-returns-Notification-rule-details-response.frozen b/cassettes/features/v2/security_monitoring/Get-details-of-a-vulnerability-based-rule-returns-Notification-rule-details-response.frozen new file mode 100644 index 000000000000..1aed5057f557 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Get-details-of-a-vulnerability-based-rule-returns-Notification-rule-details-response.frozen @@ -0,0 +1 @@ +2025-01-22T09:50:25.988Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Get-details-of-a-vulnerability-based-rule-returns-Notification-rule-details-response.yml b/cassettes/features/v2/security_monitoring/Get-details-of-a-vulnerability-based-rule-returns-Notification-rule-details-response.yml new file mode 100644 index 000000000000..b996356b6980 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Get-details-of-a-vulnerability-based-rule-returns-Notification-rule-details-response.yml @@ -0,0 +1,58 @@ +http_interactions: +- recorded_at: Wed, 22 Jan 2025 09:50:25 GMT + request: + body: + encoding: UTF-8 + string: '{"data":{"attributes":{"enabled":true,"name":"Test-Get_details_of_a_vulnerability_based_rule_returns_Notification_rule_details_response-1737539425","selectors":{"query":"env:test","rule_types":["misconfiguration","attack_path"],"severities":["critical"],"trigger_source":"security_findings"},"targets":["@email@email.com"],"time_aggregation":86400},"type":"notification_rules"}}' + headers: + Accept: + - application/json + Content-Type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules + response: + body: + encoding: UTF-8 + string: '{"data":{"id":"aqq-x71-k2h","type":"notification_rules","attributes":{"created_at":1737539426417,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1737539426417,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Get_details_of_a_vulnerability_based_rule_returns_Notification_rule_details_response-1737539425","selectors":{"severities":["critical"],"rule_types":["misconfiguration","attack_path"],"query":"env:test","trigger_source":"security_findings"},"targets":["@email@email.com"],"time_aggregation":86400,"version":1}}}' + headers: + Content-Type: + - application/vnd.api+json + status: + code: 201 + message: Created +- recorded_at: Wed, 22 Jan 2025 09:50:25 GMT + request: + body: null + headers: + Accept: + - application/json + method: GET + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/aqq-x71-k2h + response: + body: + encoding: UTF-8 + string: '{"data":{"id":"aqq-x71-k2h","type":"notification_rules","attributes":{"created_at":1737539426417,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1737539426417,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Get_details_of_a_vulnerability_based_rule_returns_Notification_rule_details_response-1737539425","selectors":{"severities":["critical"],"rule_types":["misconfiguration","attack_path"],"query":"env:test","trigger_source":"security_findings"},"targets":["@email@email.com"],"time_aggregation":86400,"version":1}}}' + headers: + Content-Type: + - application/vnd.api+json + status: + code: 200 + message: OK +- recorded_at: Wed, 22 Jan 2025 09:50:25 GMT + request: + body: null + headers: + Accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/aqq-x71-k2h + response: + body: + encoding: UTF-8 + string: '' + headers: {} + status: + code: 204 + message: No Content +recorded_with: VCR 6.0.0 diff --git a/cassettes/features/v2/security_monitoring/Get-the-list-of-signal-based-rules-returns-The-list-of-notification-rules-response.frozen b/cassettes/features/v2/security_monitoring/Get-the-list-of-signal-based-rules-returns-The-list-of-notification-rules-response.frozen new file mode 100644 index 000000000000..3f0d8fa07667 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Get-the-list-of-signal-based-rules-returns-The-list-of-notification-rules-response.frozen @@ -0,0 +1 @@ +2025-01-23T10:36:01.381Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Get-the-list-of-signal-based-rules-returns-The-list-of-notification-rules-response.yml b/cassettes/features/v2/security_monitoring/Get-the-list-of-signal-based-rules-returns-The-list-of-notification-rules-response.yml new file mode 100644 index 000000000000..482d2465d929 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Get-the-list-of-signal-based-rules-returns-The-list-of-notification-rules-response.yml @@ -0,0 +1,71 @@ +http_interactions: +- recorded_at: Thu, 23 Jan 2025 10:36:01 GMT + request: + body: + encoding: UTF-8 + string: '{"data":{"attributes":{"enabled":true,"name":"Test-Get_the_list_of_signal_based_rules_returns_The_list_of_notification_rules_response-1737628561","selectors":{"query":"env:test","rule_types":["signal_correlation"],"severities":["critical"],"trigger_source":"security_signals"},"targets":["@email@email.com"]},"type":"notification_rules"}}' + headers: + Accept: + - application/json + Content-Type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules + response: + body: + encoding: UTF-8 + string: '{"data":{"id":"wt5-y8s-3fa","type":"notification_rules","attributes":{"created_at":1737628561456,"created_by":{"name":"CI + Account","handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca"},"enabled":true,"modified_at":1737628561456,"modified_by":{"name":"CI + Account","handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca"},"name":"Test-Get_the_list_of_signal_based_rules_returns_The_list_of_notification_rules_response-1737628561","selectors":{"severities":["critical"],"rule_types":["signal_correlation"],"query":"env:test","trigger_source":"security_signals"},"targets":["@email@email.com"],"time_aggregation":0,"version":1}}}' + headers: + Content-Type: + - application/vnd.api+json + status: + code: 201 + message: Created +- recorded_at: Thu, 23 Jan 2025 10:36:01 GMT + request: + body: null + headers: + Accept: + - application/json + method: GET + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules + response: + body: + encoding: UTF-8 + string: '{"data":[{"id":"hwk-zqh-vg4","type":"notification_rules","attributes":{"created_at":1699905830776,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-List_notification_profiles_returns_OK_response-1699905830","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"","trigger_source":"security_signals"},"targets":["test"],"time_aggregation":0,"version":2}},{"id":"fsm-4am-ozw","type":"notification_rules","attributes":{"created_at":1699905832107,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Update_a_notification_profile_returns_OK_response-1699905832","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"","trigger_source":"security_signals"},"targets":["test"],"time_aggregation":0,"version":2}},{"id":"px4-xrb-b9v","type":"notification_rules","attributes":{"created_at":1699905992485,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Create_a_notification_profile_returns_OK_response-1699905992","selectors":{"severities":["high"],"rule_types":["application_security","log_detection"],"query":"(env:\"prod\" + OR @env:\"prod\") AND (test:\"123\" OR @test:\"123\")","trigger_source":"security_signals"},"targets":["@slack-test"],"time_aggregation":0,"version":2}},{"id":"ukt-yim-ouw","type":"notification_rules","attributes":{"created_at":1699905996937,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Get_notification_profile_by_ID_returns_OK_response-1699905996","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"","trigger_source":"security_signals"},"targets":["test"],"time_aggregation":0,"version":2}},{"id":"tpj-yqn-fcw","type":"notification_rules","attributes":{"created_at":1699905997240,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-List_notification_profiles_returns_OK_response-1699905997","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"","trigger_source":"security_signals"},"targets":["test"],"time_aggregation":0,"version":2}},{"id":"tv9-9dw-fbd","type":"notification_rules","attributes":{"created_at":1699905998529,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Update_a_notification_profile_returns_OK_response-1699905998","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"","trigger_source":"security_signals"},"targets":["test"],"time_aggregation":0,"version":2}},{"id":"pdt-i8z-vcs","type":"notification_rules","attributes":{"created_at":1699906082093,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Create_a_notification_profile_returns_OK_response-1699906081","selectors":{"severities":["high"],"rule_types":["application_security","log_detection"],"query":"(env:\"prod\" + OR @env:\"prod\") AND (test:\"123\" OR @test:\"123\")","trigger_source":"security_signals"},"targets":["@slack-test"],"time_aggregation":0,"version":2}},{"id":"tlb-cvk-wup","type":"notification_rules","attributes":{"created_at":1699906087769,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Get_notification_profile_by_ID_returns_OK_response-1699906087","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"","trigger_source":"security_signals"},"targets":["test"],"time_aggregation":0,"version":2}},{"id":"sqp-oih-tp8","type":"notification_rules","attributes":{"created_at":1699906088050,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-List_notification_profiles_returns_OK_response-1699906087","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"","trigger_source":"security_signals"},"targets":["test"],"time_aggregation":0,"version":2}},{"id":"zll-nff-pbx","type":"notification_rules","attributes":{"created_at":1699906089134,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Update_a_notification_profile_returns_OK_response-1699906089","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"","trigger_source":"security_signals"},"targets":["test"],"time_aggregation":0,"version":2}},{"id":"4u9-ooz-fwf","type":"notification_rules","attributes":{"created_at":1699906572841,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Create_a_notification_profile_returns_OK_response-1699906572","selectors":{"severities":["high"],"rule_types":["application_security","log_detection"],"query":"(env:\"prod\" + OR @env:\"prod\") AND (test:\"123\" OR @test:\"123\")","trigger_source":"security_signals"},"targets":["@slack-test"],"time_aggregation":0,"version":2}},{"id":"lny-xec-2r7","type":"notification_rules","attributes":{"created_at":1699906577427,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Get_notification_profile_by_ID_returns_OK_response-1699906577","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"","trigger_source":"security_signals"},"targets":["test"],"time_aggregation":0,"version":2}},{"id":"qfa-6nt-wn2","type":"notification_rules","attributes":{"created_at":1699906577706,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-List_notification_profiles_returns_OK_response-1699906577","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"","trigger_source":"security_signals"},"targets":["test"],"time_aggregation":0,"version":2}},{"id":"zcr-tja-rut","type":"notification_rules","attributes":{"created_at":1699906578815,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Update_a_notification_profile_returns_OK_response-1699906578","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"","trigger_source":"security_signals"},"targets":["test"],"time_aggregation":0,"version":3}},{"id":"rca-ogs-ckx","type":"notification_rules","attributes":{"created_at":1699906789206,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Create_a_notification_profile_returns_OK_response-1699906789","selectors":{"severities":["high"],"rule_types":["application_security","log_detection"],"query":"(env:\"prod\" + OR @env:\"prod\") AND (test:\"123\" OR @test:\"123\")","trigger_source":"security_signals"},"targets":["@slack-test"],"time_aggregation":0,"version":2}},{"id":"dis-abp-grp","type":"notification_rules","attributes":{"created_at":1699906793874,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Get_notification_profile_by_ID_returns_OK_response-1699906793","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"","trigger_source":"security_signals"},"targets":["test"],"time_aggregation":0,"version":2}},{"id":"n5i-avj-8br","type":"notification_rules","attributes":{"created_at":1699906794201,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-List_notification_profiles_returns_OK_response-1699906794","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"","trigger_source":"security_signals"},"targets":["test"],"time_aggregation":0,"version":2}},{"id":"wct-cix-3ay","type":"notification_rules","attributes":{"created_at":1699906795311,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":false,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Update_a_notification_profile_returns_OK_response-1699906795","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"","trigger_source":"security_signals"},"targets":["test2"],"time_aggregation":0,"version":3}},{"id":"pyf-t6u-dxp","type":"notification_rules","attributes":{"created_at":1699907487559,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Create_a_notification_profile_returns_OK_response-1699907487","selectors":{"severities":["high"],"rule_types":["application_security","log_detection"],"query":"(env:\"prod\" + OR @env:\"prod\") AND (test:\"123\" OR @test:\"123\")","trigger_source":"security_signals"},"targets":["@slack-test"],"time_aggregation":0,"version":2}},{"id":"vwj-uew-mas","type":"notification_rules","attributes":{"created_at":1699907492243,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Get_notification_profile_by_ID_returns_OK_response-1699907492","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"","trigger_source":"security_signals"},"targets":["test"],"time_aggregation":0,"version":2}},{"id":"a1y-ysu-rvw","type":"notification_rules","attributes":{"created_at":1699907492600,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-List_notification_profiles_returns_OK_response-1699907492","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"","trigger_source":"security_signals"},"targets":["test"],"time_aggregation":0,"version":2}},{"id":"kq1-edx-tkt","type":"notification_rules","attributes":{"created_at":1699907493778,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":false,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Update_a_notification_profile_returns_OK_response-1699907493","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"","trigger_source":"security_signals"},"targets":["test2"],"time_aggregation":0,"version":3}},{"id":"4i4-raj-t0a","type":"notification_rules","attributes":{"created_at":1699908569876,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Create_a_notification_profile_returns_OK_response-1699908569","selectors":{"severities":["high"],"rule_types":["application_security","log_detection"],"query":"(env:\"prod\" + OR @env:\"prod\") AND (test:\"123\" OR @test:\"123\")","trigger_source":"security_signals"},"targets":["@slack-test"],"time_aggregation":0,"version":2}},{"id":"ncy-2zl-jge","type":"notification_rules","attributes":{"created_at":1699908575238,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Get_notification_profile_by_ID_returns_OK_response-1699908575","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"(fim:\"true\" + OR @fim:\"true\")","trigger_source":"security_signals"},"targets":["test"],"time_aggregation":0,"version":2}},{"id":"tiq-glx-quq","type":"notification_rules","attributes":{"created_at":1699908575600,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-List_notification_profiles_returns_OK_response-1699908575","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"(fim:\"true\" + OR @fim:\"true\")","trigger_source":"security_signals"},"targets":["test"],"time_aggregation":0,"version":2}},{"id":"ue7-0sv-du1","type":"notification_rules","attributes":{"created_at":1699908576920,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":false,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Update_a_notification_profile_returns_OK_response-1699908576","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"(fim:\"true\" + OR @fim:\"true\")","trigger_source":"security_signals"},"targets":["test2"],"time_aggregation":0,"version":3}},{"id":"wt5-y8s-3fa","type":"notification_rules","attributes":{"created_at":1737628561456,"created_by":{"name":"CI + Account","handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca"},"enabled":true,"modified_at":1737628561456,"modified_by":{"name":"CI + Account","handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca"},"name":"Test-Get_the_list_of_signal_based_rules_returns_The_list_of_notification_rules_response-1737628561","selectors":{"severities":["critical"],"rule_types":["signal_correlation"],"query":"env:test","trigger_source":"security_signals"},"targets":["@email@email.com"],"time_aggregation":0,"version":1}}]}' + headers: + Content-Type: + - application/vnd.api+json + status: + code: 200 + message: OK +- recorded_at: Thu, 23 Jan 2025 10:36:01 GMT + request: + body: null + headers: + Accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules/wt5-y8s-3fa + response: + body: + encoding: UTF-8 + string: '' + headers: {} + status: + code: 204 + message: No Content +recorded_with: VCR 6.0.0 diff --git a/cassettes/features/v2/security_monitoring/Get-the-list-of-vulnerability-based-rules-returns-The-list-of-notification-rules-response.frozen b/cassettes/features/v2/security_monitoring/Get-the-list-of-vulnerability-based-rules-returns-The-list-of-notification-rules-response.frozen new file mode 100644 index 000000000000..1c559ecb18a0 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Get-the-list-of-vulnerability-based-rules-returns-The-list-of-notification-rules-response.frozen @@ -0,0 +1 @@ +2025-01-23T10:36:01.893Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Get-the-list-of-vulnerability-based-rules-returns-The-list-of-notification-rules-response.yml b/cassettes/features/v2/security_monitoring/Get-the-list-of-vulnerability-based-rules-returns-The-list-of-notification-rules-response.yml new file mode 100644 index 000000000000..39ee69059829 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Get-the-list-of-vulnerability-based-rules-returns-The-list-of-notification-rules-response.yml @@ -0,0 +1,62 @@ +http_interactions: +- recorded_at: Thu, 23 Jan 2025 10:36:01 GMT + request: + body: + encoding: UTF-8 + string: '{"data":{"attributes":{"enabled":true,"name":"Test-Get_the_list_of_vulnerability_based_rules_returns_The_list_of_notification_rules_response-1737628561","selectors":{"query":"env:test","rule_types":["misconfiguration","attack_path"],"severities":["critical"],"trigger_source":"security_findings"},"targets":["@email@email.com"],"time_aggregation":86400},"type":"notification_rules"}}' + headers: + Accept: + - application/json + Content-Type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules + response: + body: + encoding: UTF-8 + string: '{"data":{"id":"hrp-9cl-j7q","type":"notification_rules","attributes":{"created_at":1737628561955,"created_by":{"name":"CI + Account","handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca"},"enabled":true,"modified_at":1737628561955,"modified_by":{"name":"CI + Account","handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca"},"name":"Test-Get_the_list_of_vulnerability_based_rules_returns_The_list_of_notification_rules_response-1737628561","selectors":{"severities":["critical"],"rule_types":["misconfiguration","attack_path"],"query":"env:test","trigger_source":"security_findings"},"targets":["@email@email.com"],"time_aggregation":86400,"version":1}}}' + headers: + Content-Type: + - application/vnd.api+json + status: + code: 201 + message: Created +- recorded_at: Thu, 23 Jan 2025 10:36:01 GMT + request: + body: null + headers: + Accept: + - application/json + method: GET + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules + response: + body: + encoding: UTF-8 + string: '{"data":[{"id":"hrp-9cl-j7q","type":"notification_rules","attributes":{"created_at":1737628561955,"created_by":{"name":"CI + Account","handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca"},"enabled":true,"modified_at":1737628561955,"modified_by":{"name":"CI + Account","handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca"},"name":"Test-Get_the_list_of_vulnerability_based_rules_returns_The_list_of_notification_rules_response-1737628561","selectors":{"severities":["critical"],"rule_types":["misconfiguration","attack_path"],"query":"env:test","trigger_source":"security_findings"},"targets":["@email@email.com"],"time_aggregation":86400,"version":1}}]}' + headers: + Content-Type: + - application/vnd.api+json + status: + code: 200 + message: OK +- recorded_at: Thu, 23 Jan 2025 10:36:01 GMT + request: + body: null + headers: + Accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/hrp-9cl-j7q + response: + body: + encoding: UTF-8 + string: '' + headers: {} + status: + code: 204 + message: No Content +recorded_with: VCR 6.0.0 diff --git a/cassettes/features/v2/security_monitoring/Patch-a-signal-based-rule-returns-Bad-Request-response.frozen b/cassettes/features/v2/security_monitoring/Patch-a-signal-based-rule-returns-Bad-Request-response.frozen new file mode 100644 index 000000000000..50ebef7d3817 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Patch-a-signal-based-rule-returns-Bad-Request-response.frozen @@ -0,0 +1 @@ +2025-01-22T09:50:35.238Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Patch-a-signal-based-rule-returns-Bad-Request-response.yml b/cassettes/features/v2/security_monitoring/Patch-a-signal-based-rule-returns-Bad-Request-response.yml new file mode 100644 index 000000000000..29b29cb95fa6 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Patch-a-signal-based-rule-returns-Bad-Request-response.yml @@ -0,0 +1,65 @@ +http_interactions: +- recorded_at: Wed, 22 Jan 2025 09:50:35 GMT + request: + body: + encoding: UTF-8 + string: '{"data":{"attributes":{"enabled":true,"name":"Test-Patch_a_signal_based_rule_returns_Bad_Request_response-1737539435","selectors":{"query":"env:test","rule_types":["signal_correlation"],"severities":["critical"],"trigger_source":"security_signals"},"targets":["@email@email.com"]},"type":"notification_rules"}}' + headers: + Accept: + - application/json + Content-Type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules + response: + body: + encoding: UTF-8 + string: '{"data":{"id":"urx-vcd-58d","type":"notification_rules","attributes":{"created_at":1737539435658,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1737539435658,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Patch_a_signal_based_rule_returns_Bad_Request_response-1737539435","selectors":{"severities":["critical"],"rule_types":["signal_correlation"],"query":"env:test","trigger_source":"security_signals"},"targets":["@email@email.com"],"time_aggregation":0,"version":1}}}' + headers: + Content-Type: + - application/vnd.api+json + status: + code: 201 + message: Created +- recorded_at: Wed, 22 Jan 2025 09:50:35 GMT + request: + body: + encoding: UTF-8 + string: '{"data":{"attributes":{"enabled":true,"name":"Rule 1","selectors":{"query":"(source:production_service + OR env:prod)","rule_types":["misconfiguration","attack_path"],"severities":["critical"],"trigger_source":"security_findings"},"targets":["@john.doe@email.com"],"time_aggregation":86400},"id":"aaa-bbb-ccc","type":"notification_rules"}}' + headers: + Accept: + - application/json + Content-Type: + - application/json + method: PATCH + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules/urx-vcd-58d + response: + body: + encoding: UTF-8 + string: '{"errors":["input_validation_error(Field ''data.attributes.version'' + is invalid: Specify the notification rule version to update, it cannot be + 0.)"]}' + headers: + Content-Type: + - application/json + status: + code: 400 + message: Bad Request +- recorded_at: Wed, 22 Jan 2025 09:50:35 GMT + request: + body: null + headers: + Accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules/urx-vcd-58d + response: + body: + encoding: UTF-8 + string: '' + headers: {} + status: + code: 204 + message: No Content +recorded_with: VCR 6.0.0 diff --git a/cassettes/features/v2/security_monitoring/Patch-a-signal-based-rule-returns-Not-Found-response.frozen b/cassettes/features/v2/security_monitoring/Patch-a-signal-based-rule-returns-Not-Found-response.frozen new file mode 100644 index 000000000000..cbf78aceabd7 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Patch-a-signal-based-rule-returns-Not-Found-response.frozen @@ -0,0 +1 @@ +2025-01-22T09:50:36.599Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Patch-a-signal-based-rule-returns-Not-Found-response.yml b/cassettes/features/v2/security_monitoring/Patch-a-signal-based-rule-returns-Not-Found-response.yml new file mode 100644 index 000000000000..1ddd1441fa2c --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Patch-a-signal-based-rule-returns-Not-Found-response.yml @@ -0,0 +1,26 @@ +http_interactions: +- recorded_at: Wed, 22 Jan 2025 09:50:36 GMT + request: + body: + encoding: UTF-8 + string: '{"data":{"attributes":{"enabled":true,"name":"Rule 1","selectors":{"query":"(source:production_service + OR env:prod)","rule_types":["misconfiguration","attack_path"],"severities":["critical"],"trigger_source":"security_findings"},"targets":["@john.doe@email.com"],"time_aggregation":86400,"version":1},"id":"aaa-bbb-ccc","type":"notification_rules"}}' + headers: + Accept: + - application/json + Content-Type: + - application/json + method: PATCH + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules/000-000-000 + response: + body: + encoding: UTF-8 + string: '{"errors":["not_found(Notification rule with id ''000-000-000'' not + found)"]}' + headers: + Content-Type: + - application/json + status: + code: 404 + message: Not Found +recorded_with: VCR 6.0.0 diff --git a/cassettes/features/v2/security_monitoring/Patch-a-signal-based-rule-returns-Notification-rule-successfully-patched-response.frozen b/cassettes/features/v2/security_monitoring/Patch-a-signal-based-rule-returns-Notification-rule-successfully-patched-response.frozen new file mode 100644 index 000000000000..dbfecb7971fb --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Patch-a-signal-based-rule-returns-Notification-rule-successfully-patched-response.frozen @@ -0,0 +1 @@ +2025-01-22T09:50:37.086Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Patch-a-signal-based-rule-returns-Notification-rule-successfully-patched-response.yml b/cassettes/features/v2/security_monitoring/Patch-a-signal-based-rule-returns-Notification-rule-successfully-patched-response.yml new file mode 100644 index 000000000000..37855d7559b8 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Patch-a-signal-based-rule-returns-Notification-rule-successfully-patched-response.yml @@ -0,0 +1,65 @@ +http_interactions: +- recorded_at: Wed, 22 Jan 2025 09:50:37 GMT + request: + body: + encoding: UTF-8 + string: '{"data":{"attributes":{"enabled":true,"name":"Test-Patch_a_signal_based_rule_returns_Notification_rule_successfully_patched_response-1737539437","selectors":{"query":"env:test","rule_types":["signal_correlation"],"severities":["critical"],"trigger_source":"security_signals"},"targets":["@email@email.com"]},"type":"notification_rules"}}' + headers: + Accept: + - application/json + Content-Type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules + response: + body: + encoding: UTF-8 + string: '{"data":{"id":"h6x-nyx-fkm","type":"notification_rules","attributes":{"created_at":1737539437401,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1737539437401,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Patch_a_signal_based_rule_returns_Notification_rule_successfully_patched_response-1737539437","selectors":{"severities":["critical"],"rule_types":["signal_correlation"],"query":"env:test","trigger_source":"security_signals"},"targets":["@email@email.com"],"time_aggregation":0,"version":1}}}' + headers: + Content-Type: + - application/vnd.api+json + status: + code: 201 + message: Created +- recorded_at: Wed, 22 Jan 2025 09:50:37 GMT + request: + body: + encoding: UTF-8 + string: '{"data":{"attributes":{"enabled":true,"name":"Rule 1","selectors":{"query":"(source:production_service + OR env:prod)","rule_types":["misconfiguration","attack_path"],"severities":["critical"],"trigger_source":"security_findings"},"targets":["@john.doe@email.com"],"time_aggregation":86400,"version":1},"id":"aaa-bbb-ccc","type":"notification_rules"}}' + headers: + Accept: + - application/json + Content-Type: + - application/json + method: PATCH + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules/h6x-nyx-fkm + response: + body: + encoding: UTF-8 + string: '{"data":{"id":"h6x-nyx-fkm","type":"notification_rules","attributes":{"created_at":1737539437401,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1737539437810,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Rule + 1","selectors":{"severities":["critical"],"rule_types":["misconfiguration","attack_path"],"query":"(source:production_service + OR env:prod)","trigger_source":"security_findings"},"targets":["@john.doe@email.com"],"time_aggregation":86400,"version":2}}}' + headers: + Content-Type: + - application/vnd.api+json + status: + code: 200 + message: OK +- recorded_at: Wed, 22 Jan 2025 09:50:37 GMT + request: + body: null + headers: + Accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules/h6x-nyx-fkm + response: + body: + encoding: UTF-8 + string: '' + headers: {} + status: + code: 204 + message: No Content +recorded_with: VCR 6.0.0 diff --git a/cassettes/features/v2/security_monitoring/Patch-a-vulnerability-based-rule-returns-Bad-Request-response.frozen b/cassettes/features/v2/security_monitoring/Patch-a-vulnerability-based-rule-returns-Bad-Request-response.frozen new file mode 100644 index 000000000000..fcdc31ed0f06 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Patch-a-vulnerability-based-rule-returns-Bad-Request-response.frozen @@ -0,0 +1 @@ +2025-01-22T09:50:38.399Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Patch-a-vulnerability-based-rule-returns-Bad-Request-response.yml b/cassettes/features/v2/security_monitoring/Patch-a-vulnerability-based-rule-returns-Bad-Request-response.yml new file mode 100644 index 000000000000..6314b949f23d --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Patch-a-vulnerability-based-rule-returns-Bad-Request-response.yml @@ -0,0 +1,65 @@ +http_interactions: +- recorded_at: Wed, 22 Jan 2025 09:50:38 GMT + request: + body: + encoding: UTF-8 + string: '{"data":{"attributes":{"enabled":true,"name":"Test-Patch_a_vulnerability_based_rule_returns_Bad_Request_response-1737539438","selectors":{"query":"env:test","rule_types":["misconfiguration","attack_path"],"severities":["critical"],"trigger_source":"security_findings"},"targets":["@email@email.com"],"time_aggregation":86400},"type":"notification_rules"}}' + headers: + Accept: + - application/json + Content-Type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules + response: + body: + encoding: UTF-8 + string: '{"data":{"id":"ks5-ywq-grp","type":"notification_rules","attributes":{"created_at":1737539438831,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1737539438831,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Patch_a_vulnerability_based_rule_returns_Bad_Request_response-1737539438","selectors":{"severities":["critical"],"rule_types":["misconfiguration","attack_path"],"query":"env:test","trigger_source":"security_findings"},"targets":["@email@email.com"],"time_aggregation":86400,"version":1}}}' + headers: + Content-Type: + - application/vnd.api+json + status: + code: 201 + message: Created +- recorded_at: Wed, 22 Jan 2025 09:50:38 GMT + request: + body: + encoding: UTF-8 + string: '{"data":{"attributes":{"enabled":true,"name":"Rule 1","selectors":{"query":"(source:production_service + OR env:prod)","rule_types":["misconfiguration","attack_path"],"severities":["critical"],"trigger_source":"security_findings"},"targets":["@john.doe@email.com"],"time_aggregation":86400},"id":"aaa-bbb-ccc","type":"notification_rules"}}' + headers: + Accept: + - application/json + Content-Type: + - application/json + method: PATCH + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/ks5-ywq-grp + response: + body: + encoding: UTF-8 + string: '{"errors":["input_validation_error(Field ''data.attributes.version'' + is invalid: Specify the notification rule version to update, it cannot be + 0.)"]}' + headers: + Content-Type: + - application/json + status: + code: 400 + message: Bad Request +- recorded_at: Wed, 22 Jan 2025 09:50:38 GMT + request: + body: null + headers: + Accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/ks5-ywq-grp + response: + body: + encoding: UTF-8 + string: '' + headers: {} + status: + code: 204 + message: No Content +recorded_with: VCR 6.0.0 diff --git a/cassettes/features/v2/security_monitoring/Patch-a-vulnerability-based-rule-returns-Not-Found-response.frozen b/cassettes/features/v2/security_monitoring/Patch-a-vulnerability-based-rule-returns-Not-Found-response.frozen new file mode 100644 index 000000000000..f24abb9c921c --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Patch-a-vulnerability-based-rule-returns-Not-Found-response.frozen @@ -0,0 +1 @@ +2025-01-22T09:50:39.942Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Patch-a-vulnerability-based-rule-returns-Not-Found-response.yml b/cassettes/features/v2/security_monitoring/Patch-a-vulnerability-based-rule-returns-Not-Found-response.yml new file mode 100644 index 000000000000..e671f68d12aa --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Patch-a-vulnerability-based-rule-returns-Not-Found-response.yml @@ -0,0 +1,26 @@ +http_interactions: +- recorded_at: Wed, 22 Jan 2025 09:50:39 GMT + request: + body: + encoding: UTF-8 + string: '{"data":{"attributes":{"enabled":true,"name":"Rule 1","selectors":{"query":"(source:production_service + OR env:prod)","rule_types":["misconfiguration","attack_path"],"severities":["critical"],"trigger_source":"security_findings"},"targets":["@john.doe@email.com"],"time_aggregation":86400,"version":1},"id":"aaa-bbb-ccc","type":"notification_rules"}}' + headers: + Accept: + - application/json + Content-Type: + - application/json + method: PATCH + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/000-000-000 + response: + body: + encoding: UTF-8 + string: '{"errors":["not_found(Notification rule with id ''000-000-000'' not + found)"]}' + headers: + Content-Type: + - application/json + status: + code: 404 + message: Not Found +recorded_with: VCR 6.0.0 diff --git a/cassettes/features/v2/security_monitoring/Patch-a-vulnerability-based-rule-returns-Notification-rule-successfully-patched-response.frozen b/cassettes/features/v2/security_monitoring/Patch-a-vulnerability-based-rule-returns-Notification-rule-successfully-patched-response.frozen new file mode 100644 index 000000000000..e2e97276a9e5 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Patch-a-vulnerability-based-rule-returns-Notification-rule-successfully-patched-response.frozen @@ -0,0 +1 @@ +2025-01-22T09:50:40.442Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Patch-a-vulnerability-based-rule-returns-Notification-rule-successfully-patched-response.yml b/cassettes/features/v2/security_monitoring/Patch-a-vulnerability-based-rule-returns-Notification-rule-successfully-patched-response.yml new file mode 100644 index 000000000000..2accd84f1f2c --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Patch-a-vulnerability-based-rule-returns-Notification-rule-successfully-patched-response.yml @@ -0,0 +1,65 @@ +http_interactions: +- recorded_at: Wed, 22 Jan 2025 09:50:40 GMT + request: + body: + encoding: UTF-8 + string: '{"data":{"attributes":{"enabled":true,"name":"Test-Patch_a_vulnerability_based_rule_returns_Notification_rule_successfully_patched_response-1737539440","selectors":{"query":"env:test","rule_types":["misconfiguration","attack_path"],"severities":["critical"],"trigger_source":"security_findings"},"targets":["@email@email.com"],"time_aggregation":86400},"type":"notification_rules"}}' + headers: + Accept: + - application/json + Content-Type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules + response: + body: + encoding: UTF-8 + string: '{"data":{"id":"a40-xl3-95h","type":"notification_rules","attributes":{"created_at":1737539440872,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1737539440872,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Patch_a_vulnerability_based_rule_returns_Notification_rule_successfully_patched_response-1737539440","selectors":{"severities":["critical"],"rule_types":["misconfiguration","attack_path"],"query":"env:test","trigger_source":"security_findings"},"targets":["@email@email.com"],"time_aggregation":86400,"version":1}}}' + headers: + Content-Type: + - application/vnd.api+json + status: + code: 201 + message: Created +- recorded_at: Wed, 22 Jan 2025 09:50:40 GMT + request: + body: + encoding: UTF-8 + string: '{"data":{"attributes":{"enabled":true,"name":"Rule 1","selectors":{"query":"(source:production_service + OR env:prod)","rule_types":["misconfiguration","attack_path"],"severities":["critical"],"trigger_source":"security_findings"},"targets":["@john.doe@email.com"],"time_aggregation":86400,"version":1},"id":"aaa-bbb-ccc","type":"notification_rules"}}' + headers: + Accept: + - application/json + Content-Type: + - application/json + method: PATCH + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/a40-xl3-95h + response: + body: + encoding: UTF-8 + string: '{"data":{"id":"a40-xl3-95h","type":"notification_rules","attributes":{"created_at":1737539440872,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1737539441254,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Rule + 1","selectors":{"severities":["critical"],"rule_types":["misconfiguration","attack_path"],"query":"(source:production_service + OR env:prod)","trigger_source":"security_findings"},"targets":["@john.doe@email.com"],"time_aggregation":86400,"version":2}}}' + headers: + Content-Type: + - application/vnd.api+json + status: + code: 200 + message: OK +- recorded_at: Wed, 22 Jan 2025 09:50:40 GMT + request: + body: null + headers: + Accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/a40-xl3-95h + response: + body: + encoding: UTF-8 + string: '' + headers: {} + status: + code: 204 + message: No Content +recorded_with: VCR 6.0.0 diff --git a/examples/v2/security-monitoring/CreateSignalNotificationRule.rb b/examples/v2/security-monitoring/CreateSignalNotificationRule.rb new file mode 100644 index 000000000000..3bbec720128f --- /dev/null +++ b/examples/v2/security-monitoring/CreateSignalNotificationRule.rb @@ -0,0 +1,30 @@ +# Create a new signal-based rule returns "Successfully created the notification rule." response + +require "datadog_api_client" +api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new + +body = DatadogAPIClient::V2::CreateNotificationRuleParameters.new({ + data: DatadogAPIClient::V2::CreateNotificationRuleParametersData.new({ + attributes: DatadogAPIClient::V2::CreateNotificationRuleParametersDataAttributes.new({ + enabled: true, + name: "Rule 1", + selectors: DatadogAPIClient::V2::Selectors.new({ + query: "(source:production_service OR env:prod)", + rule_types: [ + DatadogAPIClient::V2::RuleTypesItems::MISCONFIGURATION, + DatadogAPIClient::V2::RuleTypesItems::ATTACK_PATH, + ], + severities: [ + DatadogAPIClient::V2::RuleSeverity::CRITICAL, + ], + trigger_source: DatadogAPIClient::V2::TriggerSource::SECURITY_FINDINGS, + }), + targets: [ + "@john.doe@email.com", + ], + time_aggregation: 86400, + }), + type: DatadogAPIClient::V2::NotificationRulesType::NOTIFICATION_RULES, + }), +}) +p api_instance.create_signal_notification_rule(body) diff --git a/examples/v2/security-monitoring/CreateVulnerabilityNotificationRule.rb b/examples/v2/security-monitoring/CreateVulnerabilityNotificationRule.rb new file mode 100644 index 000000000000..f5a2c1dfc4c1 --- /dev/null +++ b/examples/v2/security-monitoring/CreateVulnerabilityNotificationRule.rb @@ -0,0 +1,30 @@ +# Create a new vulnerability-based rule returns "Successfully created the notification rule." response + +require "datadog_api_client" +api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new + +body = DatadogAPIClient::V2::CreateNotificationRuleParameters.new({ + data: DatadogAPIClient::V2::CreateNotificationRuleParametersData.new({ + attributes: DatadogAPIClient::V2::CreateNotificationRuleParametersDataAttributes.new({ + enabled: true, + name: "Rule 1", + selectors: DatadogAPIClient::V2::Selectors.new({ + query: "(source:production_service OR env:prod)", + rule_types: [ + DatadogAPIClient::V2::RuleTypesItems::MISCONFIGURATION, + DatadogAPIClient::V2::RuleTypesItems::ATTACK_PATH, + ], + severities: [ + DatadogAPIClient::V2::RuleSeverity::CRITICAL, + ], + trigger_source: DatadogAPIClient::V2::TriggerSource::SECURITY_FINDINGS, + }), + targets: [ + "@john.doe@email.com", + ], + time_aggregation: 86400, + }), + type: DatadogAPIClient::V2::NotificationRulesType::NOTIFICATION_RULES, + }), +}) +p api_instance.create_vulnerability_notification_rule(body) diff --git a/examples/v2/security-monitoring/DeleteSignalNotificationRule.rb b/examples/v2/security-monitoring/DeleteSignalNotificationRule.rb new file mode 100644 index 000000000000..6233ad969e5f --- /dev/null +++ b/examples/v2/security-monitoring/DeleteSignalNotificationRule.rb @@ -0,0 +1,8 @@ +# Delete a signal-based rule returns "Rule successfully deleted." response + +require "datadog_api_client" +api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new + +# there is a valid "valid_signal_notification_rule" in the system +VALID_SIGNAL_NOTIFICATION_RULE_DATA_ID = ENV["VALID_SIGNAL_NOTIFICATION_RULE_DATA_ID"] +api_instance.delete_signal_notification_rule(VALID_SIGNAL_NOTIFICATION_RULE_DATA_ID) diff --git a/examples/v2/security-monitoring/DeleteVulnerabilityNotificationRule.rb b/examples/v2/security-monitoring/DeleteVulnerabilityNotificationRule.rb new file mode 100644 index 000000000000..4295969f9a92 --- /dev/null +++ b/examples/v2/security-monitoring/DeleteVulnerabilityNotificationRule.rb @@ -0,0 +1,8 @@ +# Delete a vulnerability-based rule returns "Rule successfully deleted." response + +require "datadog_api_client" +api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new + +# there is a valid "valid_vulnerability_notification_rule" in the system +VALID_VULNERABILITY_NOTIFICATION_RULE_DATA_ID = ENV["VALID_VULNERABILITY_NOTIFICATION_RULE_DATA_ID"] +api_instance.delete_vulnerability_notification_rule(VALID_VULNERABILITY_NOTIFICATION_RULE_DATA_ID) diff --git a/examples/v2/security-monitoring/GetSignalNotificationRule.rb b/examples/v2/security-monitoring/GetSignalNotificationRule.rb new file mode 100644 index 000000000000..67d058aa714d --- /dev/null +++ b/examples/v2/security-monitoring/GetSignalNotificationRule.rb @@ -0,0 +1,8 @@ +# Get details of a signal-based rule returns "Notification rule details." response + +require "datadog_api_client" +api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new + +# there is a valid "valid_signal_notification_rule" in the system +VALID_SIGNAL_NOTIFICATION_RULE_DATA_ID = ENV["VALID_SIGNAL_NOTIFICATION_RULE_DATA_ID"] +p api_instance.get_signal_notification_rule(VALID_SIGNAL_NOTIFICATION_RULE_DATA_ID) diff --git a/examples/v2/security-monitoring/GetSignalNotificationRules.rb b/examples/v2/security-monitoring/GetSignalNotificationRules.rb new file mode 100644 index 000000000000..fafcfb271d46 --- /dev/null +++ b/examples/v2/security-monitoring/GetSignalNotificationRules.rb @@ -0,0 +1,5 @@ +# Get the list of signal-based rules returns "The list of notification rules." response + +require "datadog_api_client" +api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new +p api_instance.get_signal_notification_rules() diff --git a/examples/v2/security-monitoring/GetVulnerabilityNotificationRule.rb b/examples/v2/security-monitoring/GetVulnerabilityNotificationRule.rb new file mode 100644 index 000000000000..a8737d37f25b --- /dev/null +++ b/examples/v2/security-monitoring/GetVulnerabilityNotificationRule.rb @@ -0,0 +1,8 @@ +# Get details of a vulnerability-based rule returns "Notification rule details." response + +require "datadog_api_client" +api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new + +# there is a valid "valid_vulnerability_notification_rule" in the system +VALID_VULNERABILITY_NOTIFICATION_RULE_DATA_ID = ENV["VALID_VULNERABILITY_NOTIFICATION_RULE_DATA_ID"] +p api_instance.get_vulnerability_notification_rule(VALID_VULNERABILITY_NOTIFICATION_RULE_DATA_ID) diff --git a/examples/v2/security-monitoring/GetVulnerabilityNotificationRules.rb b/examples/v2/security-monitoring/GetVulnerabilityNotificationRules.rb new file mode 100644 index 000000000000..4d020f98d53d --- /dev/null +++ b/examples/v2/security-monitoring/GetVulnerabilityNotificationRules.rb @@ -0,0 +1,5 @@ +# Get the list of vulnerability-based rules returns "The list of notification rules." response + +require "datadog_api_client" +api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new +p api_instance.get_vulnerability_notification_rules() diff --git a/examples/v2/security-monitoring/PatchSignalNotificationRule.rb b/examples/v2/security-monitoring/PatchSignalNotificationRule.rb new file mode 100644 index 000000000000..6f1491de13d8 --- /dev/null +++ b/examples/v2/security-monitoring/PatchSignalNotificationRule.rb @@ -0,0 +1,35 @@ +# Patch a signal-based rule returns "Notification rule successfully patched." response + +require "datadog_api_client" +api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new + +# there is a valid "valid_signal_notification_rule" in the system +VALID_SIGNAL_NOTIFICATION_RULE_DATA_ID = ENV["VALID_SIGNAL_NOTIFICATION_RULE_DATA_ID"] + +body = DatadogAPIClient::V2::PatchNotificationRuleParameters.new({ + data: DatadogAPIClient::V2::PatchNotificationRuleParametersData.new({ + attributes: DatadogAPIClient::V2::PatchNotificationRuleParametersDataAttributes.new({ + enabled: true, + name: "Rule 1", + selectors: DatadogAPIClient::V2::Selectors.new({ + query: "(source:production_service OR env:prod)", + rule_types: [ + DatadogAPIClient::V2::RuleTypesItems::MISCONFIGURATION, + DatadogAPIClient::V2::RuleTypesItems::ATTACK_PATH, + ], + severities: [ + DatadogAPIClient::V2::RuleSeverity::CRITICAL, + ], + trigger_source: DatadogAPIClient::V2::TriggerSource::SECURITY_FINDINGS, + }), + targets: [ + "@john.doe@email.com", + ], + time_aggregation: 86400, + version: 1, + }), + id: VALID_SIGNAL_NOTIFICATION_RULE_DATA_ID, + type: DatadogAPIClient::V2::NotificationRulesType::NOTIFICATION_RULES, + }), +}) +p api_instance.patch_signal_notification_rule(VALID_SIGNAL_NOTIFICATION_RULE_DATA_ID, body) diff --git a/examples/v2/security-monitoring/PatchVulnerabilityNotificationRule.rb b/examples/v2/security-monitoring/PatchVulnerabilityNotificationRule.rb new file mode 100644 index 000000000000..a114d83a01c9 --- /dev/null +++ b/examples/v2/security-monitoring/PatchVulnerabilityNotificationRule.rb @@ -0,0 +1,35 @@ +# Patch a vulnerability-based rule returns "Notification rule successfully patched." response + +require "datadog_api_client" +api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new + +# there is a valid "valid_vulnerability_notification_rule" in the system +VALID_VULNERABILITY_NOTIFICATION_RULE_DATA_ID = ENV["VALID_VULNERABILITY_NOTIFICATION_RULE_DATA_ID"] + +body = DatadogAPIClient::V2::PatchNotificationRuleParameters.new({ + data: DatadogAPIClient::V2::PatchNotificationRuleParametersData.new({ + attributes: DatadogAPIClient::V2::PatchNotificationRuleParametersDataAttributes.new({ + enabled: true, + name: "Rule 1", + selectors: DatadogAPIClient::V2::Selectors.new({ + query: "(source:production_service OR env:prod)", + rule_types: [ + DatadogAPIClient::V2::RuleTypesItems::MISCONFIGURATION, + DatadogAPIClient::V2::RuleTypesItems::ATTACK_PATH, + ], + severities: [ + DatadogAPIClient::V2::RuleSeverity::CRITICAL, + ], + trigger_source: DatadogAPIClient::V2::TriggerSource::SECURITY_FINDINGS, + }), + targets: [ + "@john.doe@email.com", + ], + time_aggregation: 86400, + version: 1, + }), + id: VALID_VULNERABILITY_NOTIFICATION_RULE_DATA_ID, + type: DatadogAPIClient::V2::NotificationRulesType::NOTIFICATION_RULES, + }), +}) +p api_instance.patch_vulnerability_notification_rule(VALID_VULNERABILITY_NOTIFICATION_RULE_DATA_ID, body) diff --git a/features/scenarios_model_mapping.rb b/features/scenarios_model_mapping.rb index 46ed47ef5118..f67b3e6f3df9 100644 --- a/features/scenarios_model_mapping.rb +++ b/features/scenarios_model_mapping.rb @@ -1834,6 +1834,19 @@ "filter_asset_name" => "String", "filter_repo_digest" => "String", }, + "v2.CreateSignalNotificationRule" => { + "body" => "CreateNotificationRuleParameters", + }, + "v2.DeleteSignalNotificationRule" => { + "id" => "String", + }, + "v2.GetSignalNotificationRule" => { + "id" => "String", + }, + "v2.PatchSignalNotificationRule" => { + "id" => "String", + "body" => "PatchNotificationRuleParameters", + }, "v2.ListVulnerabilities" => { "page_token" => "String", "page_number" => "Integer", @@ -1876,6 +1889,19 @@ "filter_asset_operating_system_name" => "String", "filter_asset_operating_system_version" => "String", }, + "v2.CreateVulnerabilityNotificationRule" => { + "body" => "CreateNotificationRuleParameters", + }, + "v2.DeleteVulnerabilityNotificationRule" => { + "id" => "String", + }, + "v2.GetVulnerabilityNotificationRule" => { + "id" => "String", + }, + "v2.PatchVulnerabilityNotificationRule" => { + "id" => "String", + "body" => "PatchNotificationRuleParameters", + }, "v2.CreateSecurityFilter" => { "body" => "SecurityFilterCreateRequest", }, diff --git a/features/v2/given.json b/features/v2/given.json index e5c2cbcc488a..a4729ae0c583 100644 --- a/features/v2/given.json +++ b/features/v2/given.json @@ -547,6 +547,30 @@ "tag": "Service Scorecards", "operationId": "CreateScorecardRule" }, + { + "parameters": [ + { + "name": "body", + "value": "{\n \"data\": {\n \"type\": \"notification_rules\",\n \"attributes\": {\n \"name\": \"{{ unique }}\",\n \"selectors\": {\n \"rule_types\": [\"signal_correlation\"],\n \"trigger_source\": \"security_signals\",\n \"severities\": [\"critical\"],\n \"query\": \"env:test\"\n },\n \"targets\": [\"@email@email.com\"],\n \"enabled\": true\n }\n }\n}" + } + ], + "step": "there is a valid \"valid_signal_notification_rule\" in the system", + "key": "valid_signal_notification_rule", + "tag": "Security Monitoring", + "operationId": "CreateSignalNotificationRule" + }, + { + "parameters": [ + { + "name": "body", + "value": "{\n \"data\": {\n \"type\": \"notification_rules\",\n \"attributes\": {\n \"name\": \"{{ unique }}\",\n \"selectors\": {\n \"rule_types\": [\"misconfiguration\", \"attack_path\"],\n \"trigger_source\": \"security_findings\",\n \"severities\": [\"critical\"],\n \"query\": \"env:test\"\n },\n \"time_aggregation\": 86400,\n \"targets\": [\"@email@email.com\"],\n \"enabled\": true\n }\n }\n}" + } + ], + "step": "there is a valid \"valid_vulnerability_notification_rule\" in the system", + "key": "valid_vulnerability_notification_rule", + "tag": "Security Monitoring", + "operationId": "CreateVulnerabilityNotificationRule" + }, { "parameters": [ { diff --git a/features/v2/security_monitoring.feature b/features/v2/security_monitoring.feature index 5a2330a8f352..a82f2a3dcd83 100644 --- a/features/v2/security_monitoring.feature +++ b/features/v2/security_monitoring.feature @@ -235,6 +235,34 @@ Feature: Security Monitoring And the response "message" is equal to "Test rule" And the response "isEnabled" is equal to true + @generated @skip @team:DataDog/cloud-security-posture-management + Scenario: Create a new signal-based rule returns "Bad Request" response + Given new "CreateSignalNotificationRule" request + And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400}, "type": "notification_rules"}} + When the request is sent + Then the response status is 400 Bad Request + + @team:DataDog/cloud-security-posture-management + Scenario: Create a new signal-based rule returns "Successfully created the notification rule." response + Given new "CreateSignalNotificationRule" request + And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400}, "type": "notification_rules"}} + When the request is sent + Then the response status is 201 Successfully created the notification rule. + + @generated @skip @team:DataDog/cloud-security-posture-management + Scenario: Create a new vulnerability-based rule returns "Bad Request" response + Given new "CreateVulnerabilityNotificationRule" request + And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400}, "type": "notification_rules"}} + When the request is sent + Then the response status is 400 Bad Request + + @team:DataDog/cloud-security-posture-management + Scenario: Create a new vulnerability-based rule returns "Successfully created the notification rule." response + Given new "CreateVulnerabilityNotificationRule" request + And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400}, "type": "notification_rules"}} + When the request is sent + Then the response status is 201 Successfully created the notification rule. + @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Create a security filter returns "Bad Request" response Given new "CreateSecurityFilter" request @@ -325,6 +353,21 @@ Feature: Security Monitoring When the request is sent Then the response status is 204 OK + @team:DataDog/cloud-security-posture-management + Scenario: Delete a signal-based rule returns "Not Found" response + Given new "DeleteSignalNotificationRule" request + And request contains "id" parameter with value "000-000-000" + When the request is sent + Then the response status is 404 Not Found + + @team:DataDog/cloud-security-posture-management + Scenario: Delete a signal-based rule returns "Rule successfully deleted." response + Given there is a valid "valid_signal_notification_rule" in the system + And new "DeleteSignalNotificationRule" request + And request contains "id" parameter from "valid_signal_notification_rule.data.id" + When the request is sent + Then the response status is 204 Rule successfully deleted. + @skip @team:DataDog/k9-cloud-security-platform Scenario: Delete a suppression rule returns "Not Found" response Given new "DeleteSecurityMonitoringSuppression" request @@ -340,6 +383,21 @@ Feature: Security Monitoring When the request is sent Then the response status is 204 OK + @team:DataDog/cloud-security-posture-management + Scenario: Delete a vulnerability-based rule returns "Not Found" response + Given new "DeleteVulnerabilityNotificationRule" request + And request contains "id" parameter with value "000-000-000" + When the request is sent + Then the response status is 404 Not Found + + @team:DataDog/cloud-security-posture-management + Scenario: Delete a vulnerability-based rule returns "Rule successfully deleted." response + Given there is a valid "valid_vulnerability_notification_rule" in the system + And new "DeleteVulnerabilityNotificationRule" request + And request contains "id" parameter from "valid_vulnerability_notification_rule.data.id" + When the request is sent + Then the response status is 204 Rule successfully deleted. + @team:DataDog/k9-cloud-security-platform Scenario: Delete an existing job returns "Bad Request" response Given operation "DeleteHistoricalJob" enabled @@ -599,6 +657,64 @@ Feature: Security Monitoring When the request is sent Then the response status is 200 OK + @generated @skip @team:DataDog/cloud-security-posture-management + Scenario: Get details of a signal-based rule returns "Bad Request" response + Given new "GetSignalNotificationRule" request + And request contains "id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 400 Bad Request + + @team:DataDog/cloud-security-posture-management + Scenario: Get details of a signal-based rule returns "Not Found" response + Given new "GetSignalNotificationRule" request + And request contains "id" parameter with value "000-000-000" + When the request is sent + Then the response status is 404 Not Found + + @team:DataDog/cloud-security-posture-management + Scenario: Get details of a signal-based rule returns "Notification rule details." response + Given there is a valid "valid_signal_notification_rule" in the system + And new "GetSignalNotificationRule" request + And request contains "id" parameter from "valid_signal_notification_rule.data.id" + When the request is sent + Then the response status is 200 Notification rule details. + + @generated @skip @team:DataDog/cloud-security-posture-management + Scenario: Get details of a vulnerability-based rule returns "Bad Request" response + Given new "GetVulnerabilityNotificationRule" request + And request contains "id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 400 Bad Request + + @team:DataDog/cloud-security-posture-management + Scenario: Get details of a vulnerability-based rule returns "Not Found" response + Given new "GetVulnerabilityNotificationRule" request + And request contains "id" parameter with value "000-000-000" + When the request is sent + Then the response status is 404 Not Found + + @team:DataDog/cloud-security-posture-management + Scenario: Get details of a vulnerability-based rule returns "Notification rule details." response + Given there is a valid "valid_vulnerability_notification_rule" in the system + And new "GetVulnerabilityNotificationRule" request + And request contains "id" parameter from "valid_vulnerability_notification_rule.data.id" + When the request is sent + Then the response status is 200 Notification rule details. + + @team:DataDog/cloud-security-posture-management + Scenario: Get the list of signal-based rules returns "The list of notification rules." response + Given there is a valid "valid_signal_notification_rule" in the system + And new "GetSignalNotificationRules" request + When the request is sent + Then the response status is 200 The list of notification rules. + + @team:DataDog/cloud-security-posture-management + Scenario: Get the list of vulnerability-based rules returns "The list of notification rules." response + Given there is a valid "valid_vulnerability_notification_rule" in the system + And new "GetVulnerabilityNotificationRules" request + When the request is sent + Then the response status is 200 The list of notification rules. + @generated @skip @team:DataDog/cloud-security-posture-management Scenario: List findings returns "Bad Request: The server cannot process the request due to invalid syntax in the request." response Given operation "ListFindings" enabled @@ -773,6 +889,74 @@ Feature: Security Monitoring When the request is sent Then the response status is 200 OK + @team:DataDog/cloud-security-posture-management + Scenario: Patch a signal-based rule returns "Bad Request" response + Given new "PatchSignalNotificationRule" request + And there is a valid "valid_signal_notification_rule" in the system + And request contains "id" parameter from "valid_signal_notification_rule.data.id" + And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400}, "id": "aaa-bbb-ccc", "type": "notification_rules"}} + When the request is sent + Then the response status is 400 Bad Request + + @team:DataDog/cloud-security-posture-management + Scenario: Patch a signal-based rule returns "Not Found" response + Given new "PatchSignalNotificationRule" request + And request contains "id" parameter with value "000-000-000" + And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400, "version": 1}, "id": "aaa-bbb-ccc", "type": "notification_rules"}} + When the request is sent + Then the response status is 404 Not Found + + @team:DataDog/cloud-security-posture-management + Scenario: Patch a signal-based rule returns "Notification rule successfully patched." response + Given new "PatchSignalNotificationRule" request + And there is a valid "valid_signal_notification_rule" in the system + And request contains "id" parameter from "valid_signal_notification_rule.data.id" + And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400, "version": 1}, "id": "aaa-bbb-ccc", "type": "notification_rules"}} + When the request is sent + Then the response status is 200 Notification rule successfully patched. + + @generated @skip @team:DataDog/cloud-security-posture-management + Scenario: Patch a signal-based rule returns "The server cannot process the request because it contains invalid data." response + Given new "PatchSignalNotificationRule" request + And request contains "id" parameter from "REPLACE.ME" + And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400, "version": 1}, "id": "aaa-bbb-ccc", "type": "notification_rules"}} + When the request is sent + Then the response status is 422 The server cannot process the request because it contains invalid data. + + @team:DataDog/cloud-security-posture-management + Scenario: Patch a vulnerability-based rule returns "Bad Request" response + Given new "PatchVulnerabilityNotificationRule" request + And there is a valid "valid_vulnerability_notification_rule" in the system + And request contains "id" parameter from "valid_vulnerability_notification_rule.data.id" + And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400}, "id": "aaa-bbb-ccc", "type": "notification_rules"}} + When the request is sent + Then the response status is 400 Bad Request + + @team:DataDog/cloud-security-posture-management + Scenario: Patch a vulnerability-based rule returns "Not Found" response + Given new "PatchVulnerabilityNotificationRule" request + And request contains "id" parameter with value "000-000-000" + And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400, "version": 1}, "id": "aaa-bbb-ccc", "type": "notification_rules"}} + When the request is sent + Then the response status is 404 Not Found + + @team:DataDog/cloud-security-posture-management + Scenario: Patch a vulnerability-based rule returns "Notification rule successfully patched." response + Given new "PatchVulnerabilityNotificationRule" request + And there is a valid "valid_vulnerability_notification_rule" in the system + And request contains "id" parameter from "valid_vulnerability_notification_rule.data.id" + And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400, "version": 1}, "id": "aaa-bbb-ccc", "type": "notification_rules"}} + When the request is sent + Then the response status is 200 Notification rule successfully patched. + + @generated @skip @team:DataDog/cloud-security-posture-management + Scenario: Patch a vulnerability-based rule returns "The server cannot process the request because it contains invalid data." response + Given new "PatchVulnerabilityNotificationRule" request + And request contains "id" parameter from "REPLACE.ME" + And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400, "version": 1}, "id": "aaa-bbb-ccc", "type": "notification_rules"}} + When the request is sent + Then the response status is 422 The server cannot process the request because it contains invalid data. + @team:DataDog/k9-cloud-security-platform Scenario: Run a historical job returns "Bad Request" response Given operation "RunHistoricalJob" enabled diff --git a/features/v2/undo.json b/features/v2/undo.json index a195ddc9e5e8..d8ddf129a0ea 100644 --- a/features/v2/undo.json +++ b/features/v2/undo.json @@ -2067,12 +2067,86 @@ "type": "safe" } }, + "GetSignalNotificationRules": { + "tag": "Security Monitoring", + "undo": { + "type": "safe" + } + }, + "CreateSignalNotificationRule": { + "tag": "Security Monitoring", + "undo": { + "operationId": "DeleteSignalNotificationRule", + "parameters": [ + { + "name": "id", + "source": "data.id" + } + ], + "type": "unsafe" + } + }, + "DeleteSignalNotificationRule": { + "tag": "Security Monitoring", + "undo": { + "type": "idempotent" + } + }, + "GetSignalNotificationRule": { + "tag": "Security Monitoring", + "undo": { + "type": "safe" + } + }, + "PatchSignalNotificationRule": { + "tag": "Security Monitoring", + "undo": { + "type": "idempotent" + } + }, "ListVulnerabilities": { "tag": "Security Monitoring", "undo": { "type": "safe" } }, + "GetVulnerabilityNotificationRules": { + "tag": "Security Monitoring", + "undo": { + "type": "safe" + } + }, + "CreateVulnerabilityNotificationRule": { + "tag": "Security Monitoring", + "undo": { + "operationId": "DeleteVulnerabilityNotificationRule", + "parameters": [ + { + "name": "id", + "source": "data.id" + } + ], + "type": "unsafe" + } + }, + "DeleteVulnerabilityNotificationRule": { + "tag": "Security Monitoring", + "undo": { + "type": "idempotent" + } + }, + "GetVulnerabilityNotificationRule": { + "tag": "Security Monitoring", + "undo": { + "type": "safe" + } + }, + "PatchVulnerabilityNotificationRule": { + "tag": "Security Monitoring", + "undo": { + "type": "idempotent" + } + }, "ListCloudWorkloadSecurityAgentRules": { "tag": "CSM Threats", "undo": { diff --git a/lib/datadog_api_client/inflector.rb b/lib/datadog_api_client/inflector.rb index cc10b35d49c5..d4e456aa40c2 100644 --- a/lib/datadog_api_client/inflector.rb +++ b/lib/datadog_api_client/inflector.rb @@ -1317,6 +1317,9 @@ def overrides "v2.create_data_deletion_request_body_data" => "CreateDataDeletionRequestBodyData", "v2.create_data_deletion_request_body_data_type" => "CreateDataDeletionRequestBodyDataType", "v2.create_data_deletion_response_body" => "CreateDataDeletionResponseBody", + "v2.create_notification_rule_parameters" => "CreateNotificationRuleParameters", + "v2.create_notification_rule_parameters_data" => "CreateNotificationRuleParametersData", + "v2.create_notification_rule_parameters_data_attributes" => "CreateNotificationRuleParametersDataAttributes", "v2.create_open_api_response" => "CreateOpenAPIResponse", "v2.create_open_api_response_attributes" => "CreateOpenAPIResponseAttributes", "v2.create_open_api_response_data" => "CreateOpenAPIResponseData", @@ -2098,6 +2101,10 @@ def overrides "v2.monthly_cost_attribution_response" => "MonthlyCostAttributionResponse", "v2.ms_teams_integration_metadata" => "MSTeamsIntegrationMetadata", "v2.ms_teams_integration_metadata_teams_item" => "MSTeamsIntegrationMetadataTeamsItem", + "v2.notification_rule" => "NotificationRule", + "v2.notification_rule_attributes" => "NotificationRuleAttributes", + "v2.notification_rule_response" => "NotificationRuleResponse", + "v2.notification_rules_type" => "NotificationRulesType", "v2.nullable_relationship_to_user" => "NullableRelationshipToUser", "v2.nullable_relationship_to_user_data" => "NullableRelationshipToUserData", "v2.nullable_user_relationship" => "NullableUserRelationship", @@ -2162,6 +2169,9 @@ def overrides "v2.partial_application_key" => "PartialApplicationKey", "v2.partial_application_key_attributes" => "PartialApplicationKeyAttributes", "v2.partial_application_key_response" => "PartialApplicationKeyResponse", + "v2.patch_notification_rule_parameters" => "PatchNotificationRuleParameters", + "v2.patch_notification_rule_parameters_data" => "PatchNotificationRuleParametersData", + "v2.patch_notification_rule_parameters_data_attributes" => "PatchNotificationRuleParametersDataAttributes", "v2.permission" => "Permission", "v2.permission_attributes" => "PermissionAttributes", "v2.permissions_response" => "PermissionsResponse", @@ -2296,7 +2306,10 @@ def overrides "v2.role_update_response_data" => "RoleUpdateResponseData", "v2.rule_attributes" => "RuleAttributes", "v2.rule_outcome_relationships" => "RuleOutcomeRelationships", + "v2.rule_severity" => "RuleSeverity", "v2.rule_type" => "RuleType", + "v2.rule_types_items" => "RuleTypesItems", + "v2.rule_user" => "RuleUser", "v2.rum_aggregate_bucket_value" => "RUMAggregateBucketValue", "v2.rum_aggregate_bucket_value_timeseries_point" => "RUMAggregateBucketValueTimeseriesPoint", "v2.rum_aggregate_request" => "RUMAggregateRequest", @@ -2503,6 +2516,7 @@ def overrides "v2.security_monitoring_third_party_rule_case_create" => "SecurityMonitoringThirdPartyRuleCaseCreate", "v2.security_monitoring_triage_user" => "SecurityMonitoringTriageUser", "v2.security_monitoring_user" => "SecurityMonitoringUser", + "v2.selectors" => "Selectors", "v2.sensitive_data_scanner_config_request" => "SensitiveDataScannerConfigRequest", "v2.sensitive_data_scanner_configuration" => "SensitiveDataScannerConfiguration", "v2.sensitive_data_scanner_configuration_data" => "SensitiveDataScannerConfigurationData", @@ -2743,6 +2757,7 @@ def overrides "v2.timeseries_response_attributes" => "TimeseriesResponseAttributes", "v2.timeseries_response_series" => "TimeseriesResponseSeries", "v2.token_type" => "TokenType", + "v2.trigger_source" => "TriggerSource", "v2.unit" => "Unit", "v2.update_action_connection_request" => "UpdateActionConnectionRequest", "v2.update_action_connection_response" => "UpdateActionConnectionResponse", diff --git a/lib/datadog_api_client/v2/api/security_monitoring_api.rb b/lib/datadog_api_client/v2/api/security_monitoring_api.rb index bf386e290def..ae449a2d9868 100644 --- a/lib/datadog_api_client/v2/api/security_monitoring_api.rb +++ b/lib/datadog_api_client/v2/api/security_monitoring_api.rb @@ -505,6 +505,140 @@ def create_security_monitoring_suppression_with_http_info(body, opts = {}) return data, status_code, headers end + # Create a new signal-based rule. + # + # @see #create_signal_notification_rule_with_http_info + def create_signal_notification_rule(body, opts = {}) + data, _status_code, _headers = create_signal_notification_rule_with_http_info(body, opts) + data + end + + # Create a new signal-based rule. + # + # Create a new notification rule for security signals and return the created rule. + # + # @param body [CreateNotificationRuleParameters] The body of the create notification rule request is composed of the rule type and the rule attributes: the rule name, the selectors, the notification targets, and the rule enabled status. + # @param opts [Hash] the optional parameters + # @return [Array<(NotificationRuleResponse, Integer, Hash)>] NotificationRuleResponse data, response status code and response headers + def create_signal_notification_rule_with_http_info(body, opts = {}) + + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_signal_notification_rule ...' + end + # verify the required parameter 'body' is set + if @api_client.config.client_side_validation && body.nil? + fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_signal_notification_rule" + end + # resource path + local_var_path = '/api/v2/security/signals/notification_rules' + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:debug_body] || @api_client.object_to_http_body(body) + + # return_type + return_type = opts[:debug_return_type] || 'NotificationRuleResponse' + + # auth_names + auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ] + + new_options = opts.merge( + :operation => :create_signal_notification_rule, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type, + :api_version => "V2" + ) + + data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options) + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_signal_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + + # Create a new vulnerability-based rule. + # + # @see #create_vulnerability_notification_rule_with_http_info + def create_vulnerability_notification_rule(body, opts = {}) + data, _status_code, _headers = create_vulnerability_notification_rule_with_http_info(body, opts) + data + end + + # Create a new vulnerability-based rule. + # + # Create a new notification rule for security vulnerabilities and return the created rule. + # + # @param body [CreateNotificationRuleParameters] The body of the create notification rule request is composed of the rule type and the rule attributes: the rule name, the selectors, the notification targets, and the rule enabled status. + # @param opts [Hash] the optional parameters + # @return [Array<(NotificationRuleResponse, Integer, Hash)>] NotificationRuleResponse data, response status code and response headers + def create_vulnerability_notification_rule_with_http_info(body, opts = {}) + + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_vulnerability_notification_rule ...' + end + # verify the required parameter 'body' is set + if @api_client.config.client_side_validation && body.nil? + fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_vulnerability_notification_rule" + end + # resource path + local_var_path = '/api/v2/security/vulnerabilities/notification_rules' + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:debug_body] || @api_client.object_to_http_body(body) + + # return_type + return_type = opts[:debug_return_type] || 'NotificationRuleResponse' + + # auth_names + auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ] + + new_options = opts.merge( + :operation => :create_vulnerability_notification_rule, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type, + :api_version => "V2" + ) + + data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options) + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_vulnerability_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Delete an existing job. # # @see #delete_historical_job_with_http_info @@ -771,6 +905,136 @@ def delete_security_monitoring_suppression_with_http_info(suppression_id, opts = return data, status_code, headers end + # Delete a signal-based rule. + # + # @see #delete_signal_notification_rule_with_http_info + def delete_signal_notification_rule(id, opts = {}) + delete_signal_notification_rule_with_http_info(id, opts) + nil + end + + # Delete a signal-based rule. + # + # Delete a notification rule for security signals. + # + # @param id [String] ID of the notification rule. + # @param opts [Hash] the optional parameters + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def delete_signal_notification_rule_with_http_info(id, opts = {}) + + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_signal_notification_rule ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling SecurityMonitoringAPI.delete_signal_notification_rule" + end + # resource path + local_var_path = '/api/v2/security/signals/notification_rules/{id}'.sub('{id}', CGI.escape(id.to_s).gsub('%2F', '/')) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['*/*']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:debug_body] + + # return_type + return_type = opts[:debug_return_type] + + # auth_names + auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ] + + new_options = opts.merge( + :operation => :delete_signal_notification_rule, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type, + :api_version => "V2" + ) + + data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options) + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_signal_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + + # Delete a vulnerability-based rule. + # + # @see #delete_vulnerability_notification_rule_with_http_info + def delete_vulnerability_notification_rule(id, opts = {}) + delete_vulnerability_notification_rule_with_http_info(id, opts) + nil + end + + # Delete a vulnerability-based rule. + # + # Delete a notification rule for security vulnerabilities. + # + # @param id [String] ID of the notification rule. + # @param opts [Hash] the optional parameters + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def delete_vulnerability_notification_rule_with_http_info(id, opts = {}) + + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_vulnerability_notification_rule ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling SecurityMonitoringAPI.delete_vulnerability_notification_rule" + end + # resource path + local_var_path = '/api/v2/security/vulnerabilities/notification_rules/{id}'.sub('{id}', CGI.escape(id.to_s).gsub('%2F', '/')) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['*/*']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:debug_body] + + # return_type + return_type = opts[:debug_return_type] + + # auth_names + auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ] + + new_options = opts.merge( + :operation => :delete_vulnerability_notification_rule, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type, + :api_version => "V2" + ) + + data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options) + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_vulnerability_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Modify the triage assignee of a security signal. # # @see #edit_security_monitoring_signal_assignee_with_http_info @@ -1482,6 +1746,256 @@ def get_security_monitoring_suppression_with_http_info(suppression_id, opts = {} return data, status_code, headers end + # Get details of a signal-based rule. + # + # @see #get_signal_notification_rule_with_http_info + def get_signal_notification_rule(id, opts = {}) + data, _status_code, _headers = get_signal_notification_rule_with_http_info(id, opts) + data + end + + # Get details of a signal-based rule. + # + # Get the details of a notification rule for security signals. + # + # @param id [String] ID of the notification rule. + # @param opts [Hash] the optional parameters + # @return [Array<(NotificationRuleResponse, Integer, Hash)>] NotificationRuleResponse data, response status code and response headers + def get_signal_notification_rule_with_http_info(id, opts = {}) + + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_signal_notification_rule ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling SecurityMonitoringAPI.get_signal_notification_rule" + end + # resource path + local_var_path = '/api/v2/security/signals/notification_rules/{id}'.sub('{id}', CGI.escape(id.to_s).gsub('%2F', '/')) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:debug_body] + + # return_type + return_type = opts[:debug_return_type] || 'NotificationRuleResponse' + + # auth_names + auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ] + + new_options = opts.merge( + :operation => :get_signal_notification_rule, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type, + :api_version => "V2" + ) + + data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options) + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_signal_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + + # Get the list of signal-based rules. + # + # @see #get_signal_notification_rules_with_http_info + def get_signal_notification_rules(opts = {}) + data, _status_code, _headers = get_signal_notification_rules_with_http_info(opts) + data + end + + # Get the list of signal-based rules. + # + # Returns the list of notification rules for security signals. + # + # @param opts [Hash] the optional parameters + # @return [Array<(Object, Integer, Hash)>] Object data, response status code and response headers + def get_signal_notification_rules_with_http_info(opts = {}) + + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_signal_notification_rules ...' + end + # resource path + local_var_path = '/api/v2/security/signals/notification_rules' + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:debug_body] + + # return_type + return_type = opts[:debug_return_type] || 'Object' + + # auth_names + auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ] + + new_options = opts.merge( + :operation => :get_signal_notification_rules, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type, + :api_version => "V2" + ) + + data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options) + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_signal_notification_rules\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + + # Get details of a vulnerability-based rule. + # + # @see #get_vulnerability_notification_rule_with_http_info + def get_vulnerability_notification_rule(id, opts = {}) + data, _status_code, _headers = get_vulnerability_notification_rule_with_http_info(id, opts) + data + end + + # Get details of a vulnerability-based rule. + # + # Get the details of a notification rule for security vulnerabilities. + # + # @param id [String] ID of the notification rule. + # @param opts [Hash] the optional parameters + # @return [Array<(NotificationRuleResponse, Integer, Hash)>] NotificationRuleResponse data, response status code and response headers + def get_vulnerability_notification_rule_with_http_info(id, opts = {}) + + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_vulnerability_notification_rule ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling SecurityMonitoringAPI.get_vulnerability_notification_rule" + end + # resource path + local_var_path = '/api/v2/security/vulnerabilities/notification_rules/{id}'.sub('{id}', CGI.escape(id.to_s).gsub('%2F', '/')) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:debug_body] + + # return_type + return_type = opts[:debug_return_type] || 'NotificationRuleResponse' + + # auth_names + auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ] + + new_options = opts.merge( + :operation => :get_vulnerability_notification_rule, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type, + :api_version => "V2" + ) + + data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options) + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_vulnerability_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + + # Get the list of vulnerability-based rules. + # + # @see #get_vulnerability_notification_rules_with_http_info + def get_vulnerability_notification_rules(opts = {}) + data, _status_code, _headers = get_vulnerability_notification_rules_with_http_info(opts) + data + end + + # Get the list of vulnerability-based rules. + # + # Returns the list of notification rules for security vulnerabilities. + # + # @param opts [Hash] the optional parameters + # @return [Array<(Object, Integer, Hash)>] Object data, response status code and response headers + def get_vulnerability_notification_rules_with_http_info(opts = {}) + + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_vulnerability_notification_rules ...' + end + # resource path + local_var_path = '/api/v2/security/vulnerabilities/notification_rules' + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:debug_body] + + # return_type + return_type = opts[:debug_return_type] || 'Object' + + # auth_names + auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ] + + new_options = opts.merge( + :operation => :get_vulnerability_notification_rules, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type, + :api_version => "V2" + ) + + data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options) + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_vulnerability_notification_rules\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List findings. # # @see #list_findings_with_http_info @@ -2475,6 +2989,150 @@ def mute_findings_with_http_info(body, opts = {}) return data, status_code, headers end + # Patch a signal-based rule. + # + # @see #patch_signal_notification_rule_with_http_info + def patch_signal_notification_rule(id, body, opts = {}) + data, _status_code, _headers = patch_signal_notification_rule_with_http_info(id, body, opts) + data + end + + # Patch a signal-based rule. + # + # Partially update the notification rule. All fields are optional; if a field is not provided, it is not updated. + # + # @param id [String] ID of the notification rule. + # @param body [PatchNotificationRuleParameters] + # @param opts [Hash] the optional parameters + # @return [Array<(NotificationRuleResponse, Integer, Hash)>] NotificationRuleResponse data, response status code and response headers + def patch_signal_notification_rule_with_http_info(id, body, opts = {}) + + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.patch_signal_notification_rule ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling SecurityMonitoringAPI.patch_signal_notification_rule" + end + # verify the required parameter 'body' is set + if @api_client.config.client_side_validation && body.nil? + fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.patch_signal_notification_rule" + end + # resource path + local_var_path = '/api/v2/security/signals/notification_rules/{id}'.sub('{id}', CGI.escape(id.to_s).gsub('%2F', '/')) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:debug_body] || @api_client.object_to_http_body(body) + + # return_type + return_type = opts[:debug_return_type] || 'NotificationRuleResponse' + + # auth_names + auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ] + + new_options = opts.merge( + :operation => :patch_signal_notification_rule, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type, + :api_version => "V2" + ) + + data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options) + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SecurityMonitoringAPI#patch_signal_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + + # Patch a vulnerability-based rule. + # + # @see #patch_vulnerability_notification_rule_with_http_info + def patch_vulnerability_notification_rule(id, body, opts = {}) + data, _status_code, _headers = patch_vulnerability_notification_rule_with_http_info(id, body, opts) + data + end + + # Patch a vulnerability-based rule. + # + # Partially update the notification rule. All fields are optional; if a field is not provided, it is not updated. + # + # @param id [String] ID of the notification rule. + # @param body [PatchNotificationRuleParameters] + # @param opts [Hash] the optional parameters + # @return [Array<(NotificationRuleResponse, Integer, Hash)>] NotificationRuleResponse data, response status code and response headers + def patch_vulnerability_notification_rule_with_http_info(id, body, opts = {}) + + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.patch_vulnerability_notification_rule ...' + end + # verify the required parameter 'id' is set + if @api_client.config.client_side_validation && id.nil? + fail ArgumentError, "Missing the required parameter 'id' when calling SecurityMonitoringAPI.patch_vulnerability_notification_rule" + end + # verify the required parameter 'body' is set + if @api_client.config.client_side_validation && body.nil? + fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.patch_vulnerability_notification_rule" + end + # resource path + local_var_path = '/api/v2/security/vulnerabilities/notification_rules/{id}'.sub('{id}', CGI.escape(id.to_s).gsub('%2F', '/')) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:debug_body] || @api_client.object_to_http_body(body) + + # return_type + return_type = opts[:debug_return_type] || 'NotificationRuleResponse' + + # auth_names + auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ] + + new_options = opts.merge( + :operation => :patch_vulnerability_notification_rule, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type, + :api_version => "V2" + ) + + data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options) + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SecurityMonitoringAPI#patch_vulnerability_notification_rule\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Run a historical job. # # @see #run_historical_job_with_http_info diff --git a/lib/datadog_api_client/v2/models/create_notification_rule_parameters.rb b/lib/datadog_api_client/v2/models/create_notification_rule_parameters.rb new file mode 100644 index 000000000000..25b031fe64fd --- /dev/null +++ b/lib/datadog_api_client/v2/models/create_notification_rule_parameters.rb @@ -0,0 +1,105 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # Body of the notification rule create request. + class CreateNotificationRuleParameters + include BaseGenericModel + + # Data of the notification rule create request: the rule type, and the rule attributes. All fields are required. + attr_accessor :data + + attr_accessor :additional_properties + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'data' => :'data' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'data' => :'CreateNotificationRuleParametersData' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::CreateNotificationRuleParameters` initialize method" + end + + self.additional_properties = {} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + self.additional_properties[k.to_sym] = v + else + h[k.to_sym] = v + end + } + + if attributes.key?(:'data') + self.data = attributes[:'data'] + end + end + + # Returns the object in the form of hash, with additionalProperties support. + # @return [Hash] Returns the object in the form of hash + # @!visibility private + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + self.additional_properties.each_pair do |attr, value| + hash[attr] = value + end + hash + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + data == o.data && + additional_properties == o.additional_properties + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [data, additional_properties].hash + end + end +end diff --git a/lib/datadog_api_client/v2/models/create_notification_rule_parameters_data.rb b/lib/datadog_api_client/v2/models/create_notification_rule_parameters_data.rb new file mode 100644 index 000000000000..81d5f96151d8 --- /dev/null +++ b/lib/datadog_api_client/v2/models/create_notification_rule_parameters_data.rb @@ -0,0 +1,144 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # Data of the notification rule create request: the rule type, and the rule attributes. All fields are required. + class CreateNotificationRuleParametersData + include BaseGenericModel + + # Attributes of the notification rule create request. + attr_reader :attributes + + # The rule type associated to notification rules. + attr_reader :type + + attr_accessor :additional_properties + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'attributes' => :'attributes', + :'type' => :'type' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'attributes' => :'CreateNotificationRuleParametersDataAttributes', + :'type' => :'NotificationRulesType' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::CreateNotificationRuleParametersData` initialize method" + end + + self.additional_properties = {} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + self.additional_properties[k.to_sym] = v + else + h[k.to_sym] = v + end + } + + if attributes.key?(:'attributes') + self.attributes = attributes[:'attributes'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + # @!visibility private + def valid? + return false if @attributes.nil? + return false if @type.nil? + true + end + + # Custom attribute writer method with validation + # @param attributes [Object] Object to be assigned + # @!visibility private + def attributes=(attributes) + if attributes.nil? + fail ArgumentError, 'invalid value for "attributes", attributes cannot be nil.' + end + @attributes = attributes + end + + # Custom attribute writer method with validation + # @param type [Object] Object to be assigned + # @!visibility private + def type=(type) + if type.nil? + fail ArgumentError, 'invalid value for "type", type cannot be nil.' + end + @type = type + end + + # Returns the object in the form of hash, with additionalProperties support. + # @return [Hash] Returns the object in the form of hash + # @!visibility private + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + self.additional_properties.each_pair do |attr, value| + hash[attr] = value + end + hash + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + attributes == o.attributes && + type == o.type && + additional_properties == o.additional_properties + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [attributes, type, additional_properties].hash + end + end +end diff --git a/lib/datadog_api_client/v2/models/create_notification_rule_parameters_data_attributes.rb b/lib/datadog_api_client/v2/models/create_notification_rule_parameters_data_attributes.rb new file mode 100644 index 000000000000..2c532b40b073 --- /dev/null +++ b/lib/datadog_api_client/v2/models/create_notification_rule_parameters_data_attributes.rb @@ -0,0 +1,195 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # Attributes of the notification rule create request. + class CreateNotificationRuleParametersDataAttributes + include BaseGenericModel + + # Field used to enable or disable the rule. + attr_accessor :enabled + + # Name of the notification rule. + attr_reader :name + + # Selectors are used to filter security issues for which notifications should be generated. + # Users can specify rule severities, rule types, a query to filter security issues on tags and attributes, and the trigger source. + # Only the trigger_source field is required. + attr_reader :selectors + + # List of recipients to notify when a notification rule is triggered. Many different target types are supported, + # such as email addresses, Slack channels, and PagerDuty services. + # The appropriate integrations need to be properly configured to send notifications to the specified targets. + attr_reader :targets + + # Time aggregation period (in seconds) is used to aggregate the results of the notification rule evaluation. + # Results are aggregated over a selected time frame using a rolling window, which updates with each new evaluation. + # Notifications are only sent for new issues discovered during the window. + # Time aggregation is only available for vulnerability-based notification rules. When omitted or set to 0, no aggregation + # is done. + attr_accessor :time_aggregation + + attr_accessor :additional_properties + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'enabled' => :'enabled', + :'name' => :'name', + :'selectors' => :'selectors', + :'targets' => :'targets', + :'time_aggregation' => :'time_aggregation' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'enabled' => :'Boolean', + :'name' => :'String', + :'selectors' => :'Selectors', + :'targets' => :'Array', + :'time_aggregation' => :'Integer' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::CreateNotificationRuleParametersDataAttributes` initialize method" + end + + self.additional_properties = {} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + self.additional_properties[k.to_sym] = v + else + h[k.to_sym] = v + end + } + + if attributes.key?(:'enabled') + self.enabled = attributes[:'enabled'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'selectors') + self.selectors = attributes[:'selectors'] + end + + if attributes.key?(:'targets') + if (value = attributes[:'targets']).is_a?(Array) + self.targets = value + end + end + + if attributes.key?(:'time_aggregation') + self.time_aggregation = attributes[:'time_aggregation'] + end + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + # @!visibility private + def valid? + return false if @name.nil? + return false if @selectors.nil? + return false if @targets.nil? + true + end + + # Custom attribute writer method with validation + # @param name [Object] Object to be assigned + # @!visibility private + def name=(name) + if name.nil? + fail ArgumentError, 'invalid value for "name", name cannot be nil.' + end + @name = name + end + + # Custom attribute writer method with validation + # @param selectors [Object] Object to be assigned + # @!visibility private + def selectors=(selectors) + if selectors.nil? + fail ArgumentError, 'invalid value for "selectors", selectors cannot be nil.' + end + @selectors = selectors + end + + # Custom attribute writer method with validation + # @param targets [Object] Object to be assigned + # @!visibility private + def targets=(targets) + if targets.nil? + fail ArgumentError, 'invalid value for "targets", targets cannot be nil.' + end + @targets = targets + end + + # Returns the object in the form of hash, with additionalProperties support. + # @return [Hash] Returns the object in the form of hash + # @!visibility private + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + self.additional_properties.each_pair do |attr, value| + hash[attr] = value + end + hash + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + enabled == o.enabled && + name == o.name && + selectors == o.selectors && + targets == o.targets && + time_aggregation == o.time_aggregation && + additional_properties == o.additional_properties + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [enabled, name, selectors, targets, time_aggregation, additional_properties].hash + end + end +end diff --git a/lib/datadog_api_client/v2/models/notification_rule.rb b/lib/datadog_api_client/v2/models/notification_rule.rb new file mode 100644 index 000000000000..64695f67fec2 --- /dev/null +++ b/lib/datadog_api_client/v2/models/notification_rule.rb @@ -0,0 +1,168 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # Notification rules allow full control over notifications generated by the various Datadog security products. + # They allow users to define the conditions under which a notification should be generated (based on rule severities, + # rule types, rule tags, and so on), and the targets to notify. + # A notification rule is composed of a rule ID, a rule type, and the rule attributes. All fields are required. + class NotificationRule + include BaseGenericModel + + # Attributes of the notification rule. + attr_reader :attributes + + # The ID of a notification rule. + attr_reader :id + + # The rule type associated to notification rules. + attr_reader :type + + attr_accessor :additional_properties + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'attributes' => :'attributes', + :'id' => :'id', + :'type' => :'type' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'attributes' => :'NotificationRuleAttributes', + :'id' => :'String', + :'type' => :'NotificationRulesType' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::NotificationRule` initialize method" + end + + self.additional_properties = {} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + self.additional_properties[k.to_sym] = v + else + h[k.to_sym] = v + end + } + + if attributes.key?(:'attributes') + self.attributes = attributes[:'attributes'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + # @!visibility private + def valid? + return false if @attributes.nil? + return false if @id.nil? + return false if @type.nil? + true + end + + # Custom attribute writer method with validation + # @param attributes [Object] Object to be assigned + # @!visibility private + def attributes=(attributes) + if attributes.nil? + fail ArgumentError, 'invalid value for "attributes", attributes cannot be nil.' + end + @attributes = attributes + end + + # Custom attribute writer method with validation + # @param id [Object] Object to be assigned + # @!visibility private + def id=(id) + if id.nil? + fail ArgumentError, 'invalid value for "id", id cannot be nil.' + end + @id = id + end + + # Custom attribute writer method with validation + # @param type [Object] Object to be assigned + # @!visibility private + def type=(type) + if type.nil? + fail ArgumentError, 'invalid value for "type", type cannot be nil.' + end + @type = type + end + + # Returns the object in the form of hash, with additionalProperties support. + # @return [Hash] Returns the object in the form of hash + # @!visibility private + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + self.additional_properties.each_pair do |attr, value| + hash[attr] = value + end + hash + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + attributes == o.attributes && + id == o.id && + type == o.type && + additional_properties == o.additional_properties + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [attributes, id, type, additional_properties].hash + end + end +end diff --git a/lib/datadog_api_client/v2/models/notification_rule_attributes.rb b/lib/datadog_api_client/v2/models/notification_rule_attributes.rb new file mode 100644 index 000000000000..24b706db5e3f --- /dev/null +++ b/lib/datadog_api_client/v2/models/notification_rule_attributes.rb @@ -0,0 +1,311 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # Attributes of the notification rule. + class NotificationRuleAttributes + include BaseGenericModel + + # Date as Unix timestamp in milliseconds. + attr_reader :created_at + + # User creating or modifying a rule. + attr_reader :created_by + + # Field used to enable or disable the rule. + attr_reader :enabled + + # Date as Unix timestamp in milliseconds. + attr_reader :modified_at + + # User creating or modifying a rule. + attr_reader :modified_by + + # Name of the notification rule. + attr_reader :name + + # Selectors are used to filter security issues for which notifications should be generated. + # Users can specify rule severities, rule types, a query to filter security issues on tags and attributes, and the trigger source. + # Only the trigger_source field is required. + attr_reader :selectors + + # List of recipients to notify when a notification rule is triggered. Many different target types are supported, + # such as email addresses, Slack channels, and PagerDuty services. + # The appropriate integrations need to be properly configured to send notifications to the specified targets. + attr_reader :targets + + # Time aggregation period (in seconds) is used to aggregate the results of the notification rule evaluation. + # Results are aggregated over a selected time frame using a rolling window, which updates with each new evaluation. + # Notifications are only sent for new issues discovered during the window. + # Time aggregation is only available for vulnerability-based notification rules. When omitted or set to 0, no aggregation + # is done. + attr_accessor :time_aggregation + + # Version of the notification rule. It is updated when the rule is modified. + attr_reader :version + + attr_accessor :additional_properties + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'created_at' => :'created_at', + :'created_by' => :'created_by', + :'enabled' => :'enabled', + :'modified_at' => :'modified_at', + :'modified_by' => :'modified_by', + :'name' => :'name', + :'selectors' => :'selectors', + :'targets' => :'targets', + :'time_aggregation' => :'time_aggregation', + :'version' => :'version' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'created_at' => :'Integer', + :'created_by' => :'RuleUser', + :'enabled' => :'Boolean', + :'modified_at' => :'Integer', + :'modified_by' => :'RuleUser', + :'name' => :'String', + :'selectors' => :'Selectors', + :'targets' => :'Array', + :'time_aggregation' => :'Integer', + :'version' => :'Integer' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::NotificationRuleAttributes` initialize method" + end + + self.additional_properties = {} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + self.additional_properties[k.to_sym] = v + else + h[k.to_sym] = v + end + } + + if attributes.key?(:'created_at') + self.created_at = attributes[:'created_at'] + end + + if attributes.key?(:'created_by') + self.created_by = attributes[:'created_by'] + end + + if attributes.key?(:'enabled') + self.enabled = attributes[:'enabled'] + end + + if attributes.key?(:'modified_at') + self.modified_at = attributes[:'modified_at'] + end + + if attributes.key?(:'modified_by') + self.modified_by = attributes[:'modified_by'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'selectors') + self.selectors = attributes[:'selectors'] + end + + if attributes.key?(:'targets') + if (value = attributes[:'targets']).is_a?(Array) + self.targets = value + end + end + + if attributes.key?(:'time_aggregation') + self.time_aggregation = attributes[:'time_aggregation'] + end + + if attributes.key?(:'version') + self.version = attributes[:'version'] + end + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + # @!visibility private + def valid? + return false if @created_at.nil? + return false if @created_by.nil? + return false if @enabled.nil? + return false if @modified_at.nil? + return false if @modified_by.nil? + return false if @name.nil? + return false if @selectors.nil? + return false if @targets.nil? + return false if @version.nil? + true + end + + # Custom attribute writer method with validation + # @param created_at [Object] Object to be assigned + # @!visibility private + def created_at=(created_at) + if created_at.nil? + fail ArgumentError, 'invalid value for "created_at", created_at cannot be nil.' + end + @created_at = created_at + end + + # Custom attribute writer method with validation + # @param created_by [Object] Object to be assigned + # @!visibility private + def created_by=(created_by) + if created_by.nil? + fail ArgumentError, 'invalid value for "created_by", created_by cannot be nil.' + end + @created_by = created_by + end + + # Custom attribute writer method with validation + # @param enabled [Object] Object to be assigned + # @!visibility private + def enabled=(enabled) + if enabled.nil? + fail ArgumentError, 'invalid value for "enabled", enabled cannot be nil.' + end + @enabled = enabled + end + + # Custom attribute writer method with validation + # @param modified_at [Object] Object to be assigned + # @!visibility private + def modified_at=(modified_at) + if modified_at.nil? + fail ArgumentError, 'invalid value for "modified_at", modified_at cannot be nil.' + end + @modified_at = modified_at + end + + # Custom attribute writer method with validation + # @param modified_by [Object] Object to be assigned + # @!visibility private + def modified_by=(modified_by) + if modified_by.nil? + fail ArgumentError, 'invalid value for "modified_by", modified_by cannot be nil.' + end + @modified_by = modified_by + end + + # Custom attribute writer method with validation + # @param name [Object] Object to be assigned + # @!visibility private + def name=(name) + if name.nil? + fail ArgumentError, 'invalid value for "name", name cannot be nil.' + end + @name = name + end + + # Custom attribute writer method with validation + # @param selectors [Object] Object to be assigned + # @!visibility private + def selectors=(selectors) + if selectors.nil? + fail ArgumentError, 'invalid value for "selectors", selectors cannot be nil.' + end + @selectors = selectors + end + + # Custom attribute writer method with validation + # @param targets [Object] Object to be assigned + # @!visibility private + def targets=(targets) + if targets.nil? + fail ArgumentError, 'invalid value for "targets", targets cannot be nil.' + end + @targets = targets + end + + # Custom attribute writer method with validation + # @param version [Object] Object to be assigned + # @!visibility private + def version=(version) + if version.nil? + fail ArgumentError, 'invalid value for "version", version cannot be nil.' + end + @version = version + end + + # Returns the object in the form of hash, with additionalProperties support. + # @return [Hash] Returns the object in the form of hash + # @!visibility private + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + self.additional_properties.each_pair do |attr, value| + hash[attr] = value + end + hash + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + created_at == o.created_at && + created_by == o.created_by && + enabled == o.enabled && + modified_at == o.modified_at && + modified_by == o.modified_by && + name == o.name && + selectors == o.selectors && + targets == o.targets && + time_aggregation == o.time_aggregation && + version == o.version && + additional_properties == o.additional_properties + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [created_at, created_by, enabled, modified_at, modified_by, name, selectors, targets, time_aggregation, version, additional_properties].hash + end + end +end diff --git a/lib/datadog_api_client/v2/models/notification_rule_response.rb b/lib/datadog_api_client/v2/models/notification_rule_response.rb new file mode 100644 index 000000000000..c43ae8ea3f2f --- /dev/null +++ b/lib/datadog_api_client/v2/models/notification_rule_response.rb @@ -0,0 +1,109 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # Response object which includes a notification rule. + class NotificationRuleResponse + include BaseGenericModel + + # Notification rules allow full control over notifications generated by the various Datadog security products. + # They allow users to define the conditions under which a notification should be generated (based on rule severities, + # rule types, rule tags, and so on), and the targets to notify. + # A notification rule is composed of a rule ID, a rule type, and the rule attributes. All fields are required. + # + attr_accessor :data + + attr_accessor :additional_properties + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'data' => :'data' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'data' => :'NotificationRule' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::NotificationRuleResponse` initialize method" + end + + self.additional_properties = {} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + self.additional_properties[k.to_sym] = v + else + h[k.to_sym] = v + end + } + + if attributes.key?(:'data') + self.data = attributes[:'data'] + end + end + + # Returns the object in the form of hash, with additionalProperties support. + # @return [Hash] Returns the object in the form of hash + # @!visibility private + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + self.additional_properties.each_pair do |attr, value| + hash[attr] = value + end + hash + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + data == o.data && + additional_properties == o.additional_properties + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [data, additional_properties].hash + end + end +end diff --git a/lib/datadog_api_client/v2/models/notification_rules_type.rb b/lib/datadog_api_client/v2/models/notification_rules_type.rb new file mode 100644 index 000000000000..8b573b624a3a --- /dev/null +++ b/lib/datadog_api_client/v2/models/notification_rules_type.rb @@ -0,0 +1,26 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # The rule type associated to notification rules. + class NotificationRulesType + include BaseEnumModel + + NOTIFICATION_RULES = "notification_rules".freeze + end +end diff --git a/lib/datadog_api_client/v2/models/patch_notification_rule_parameters.rb b/lib/datadog_api_client/v2/models/patch_notification_rule_parameters.rb new file mode 100644 index 000000000000..acae0fa86e0b --- /dev/null +++ b/lib/datadog_api_client/v2/models/patch_notification_rule_parameters.rb @@ -0,0 +1,105 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # Body of the notification rule patch request. + class PatchNotificationRuleParameters + include BaseGenericModel + + # Data of the notification rule patch request: the rule ID, the rule type, and the rule attributes. All fields are required. + attr_accessor :data + + attr_accessor :additional_properties + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'data' => :'data' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'data' => :'PatchNotificationRuleParametersData' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::PatchNotificationRuleParameters` initialize method" + end + + self.additional_properties = {} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + self.additional_properties[k.to_sym] = v + else + h[k.to_sym] = v + end + } + + if attributes.key?(:'data') + self.data = attributes[:'data'] + end + end + + # Returns the object in the form of hash, with additionalProperties support. + # @return [Hash] Returns the object in the form of hash + # @!visibility private + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + self.additional_properties.each_pair do |attr, value| + hash[attr] = value + end + hash + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + data == o.data && + additional_properties == o.additional_properties + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [data, additional_properties].hash + end + end +end diff --git a/lib/datadog_api_client/v2/models/patch_notification_rule_parameters_data.rb b/lib/datadog_api_client/v2/models/patch_notification_rule_parameters_data.rb new file mode 100644 index 000000000000..ecb9cf046246 --- /dev/null +++ b/lib/datadog_api_client/v2/models/patch_notification_rule_parameters_data.rb @@ -0,0 +1,165 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # Data of the notification rule patch request: the rule ID, the rule type, and the rule attributes. All fields are required. + class PatchNotificationRuleParametersData + include BaseGenericModel + + # Attributes of the notification rule patch request. It is required to update the version of the rule when patching it. + attr_reader :attributes + + # The ID of a notification rule. + attr_reader :id + + # The rule type associated to notification rules. + attr_reader :type + + attr_accessor :additional_properties + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'attributes' => :'attributes', + :'id' => :'id', + :'type' => :'type' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'attributes' => :'PatchNotificationRuleParametersDataAttributes', + :'id' => :'String', + :'type' => :'NotificationRulesType' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::PatchNotificationRuleParametersData` initialize method" + end + + self.additional_properties = {} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + self.additional_properties[k.to_sym] = v + else + h[k.to_sym] = v + end + } + + if attributes.key?(:'attributes') + self.attributes = attributes[:'attributes'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + # @!visibility private + def valid? + return false if @attributes.nil? + return false if @id.nil? + return false if @type.nil? + true + end + + # Custom attribute writer method with validation + # @param attributes [Object] Object to be assigned + # @!visibility private + def attributes=(attributes) + if attributes.nil? + fail ArgumentError, 'invalid value for "attributes", attributes cannot be nil.' + end + @attributes = attributes + end + + # Custom attribute writer method with validation + # @param id [Object] Object to be assigned + # @!visibility private + def id=(id) + if id.nil? + fail ArgumentError, 'invalid value for "id", id cannot be nil.' + end + @id = id + end + + # Custom attribute writer method with validation + # @param type [Object] Object to be assigned + # @!visibility private + def type=(type) + if type.nil? + fail ArgumentError, 'invalid value for "type", type cannot be nil.' + end + @type = type + end + + # Returns the object in the form of hash, with additionalProperties support. + # @return [Hash] Returns the object in the form of hash + # @!visibility private + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + self.additional_properties.each_pair do |attr, value| + hash[attr] = value + end + hash + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + attributes == o.attributes && + id == o.id && + type == o.type && + additional_properties == o.additional_properties + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [attributes, id, type, additional_properties].hash + end + end +end diff --git a/lib/datadog_api_client/v2/models/patch_notification_rule_parameters_data_attributes.rb b/lib/datadog_api_client/v2/models/patch_notification_rule_parameters_data_attributes.rb new file mode 100644 index 000000000000..52208cdc5d69 --- /dev/null +++ b/lib/datadog_api_client/v2/models/patch_notification_rule_parameters_data_attributes.rb @@ -0,0 +1,165 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # Attributes of the notification rule patch request. It is required to update the version of the rule when patching it. + class PatchNotificationRuleParametersDataAttributes + include BaseGenericModel + + # Field used to enable or disable the rule. + attr_accessor :enabled + + # Name of the notification rule. + attr_accessor :name + + # Selectors are used to filter security issues for which notifications should be generated. + # Users can specify rule severities, rule types, a query to filter security issues on tags and attributes, and the trigger source. + # Only the trigger_source field is required. + attr_accessor :selectors + + # List of recipients to notify when a notification rule is triggered. Many different target types are supported, + # such as email addresses, Slack channels, and PagerDuty services. + # The appropriate integrations need to be properly configured to send notifications to the specified targets. + attr_accessor :targets + + # Time aggregation period (in seconds) is used to aggregate the results of the notification rule evaluation. + # Results are aggregated over a selected time frame using a rolling window, which updates with each new evaluation. + # Notifications are only sent for new issues discovered during the window. + # Time aggregation is only available for vulnerability-based notification rules. When omitted or set to 0, no aggregation + # is done. + attr_accessor :time_aggregation + + # Version of the notification rule. It is updated when the rule is modified. + attr_accessor :version + + attr_accessor :additional_properties + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'enabled' => :'enabled', + :'name' => :'name', + :'selectors' => :'selectors', + :'targets' => :'targets', + :'time_aggregation' => :'time_aggregation', + :'version' => :'version' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'enabled' => :'Boolean', + :'name' => :'String', + :'selectors' => :'Selectors', + :'targets' => :'Array', + :'time_aggregation' => :'Integer', + :'version' => :'Integer' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::PatchNotificationRuleParametersDataAttributes` initialize method" + end + + self.additional_properties = {} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + self.additional_properties[k.to_sym] = v + else + h[k.to_sym] = v + end + } + + if attributes.key?(:'enabled') + self.enabled = attributes[:'enabled'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'selectors') + self.selectors = attributes[:'selectors'] + end + + if attributes.key?(:'targets') + if (value = attributes[:'targets']).is_a?(Array) + self.targets = value + end + end + + if attributes.key?(:'time_aggregation') + self.time_aggregation = attributes[:'time_aggregation'] + end + + if attributes.key?(:'version') + self.version = attributes[:'version'] + end + end + + # Returns the object in the form of hash, with additionalProperties support. + # @return [Hash] Returns the object in the form of hash + # @!visibility private + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + self.additional_properties.each_pair do |attr, value| + hash[attr] = value + end + hash + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + enabled == o.enabled && + name == o.name && + selectors == o.selectors && + targets == o.targets && + time_aggregation == o.time_aggregation && + version == o.version && + additional_properties == o.additional_properties + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [enabled, name, selectors, targets, time_aggregation, version, additional_properties].hash + end + end +end diff --git a/lib/datadog_api_client/v2/models/rule_severity.rb b/lib/datadog_api_client/v2/models/rule_severity.rb new file mode 100644 index 000000000000..54e6c688c381 --- /dev/null +++ b/lib/datadog_api_client/v2/models/rule_severity.rb @@ -0,0 +1,31 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # Severity of a security rule. + class RuleSeverity + include BaseEnumModel + + CRITICAL = "critical".freeze + HIGH = "high".freeze + MEDIUM = "medium".freeze + LOW = "low".freeze + UNKNOWN = "unknown".freeze + INFO = "info".freeze + end +end diff --git a/lib/datadog_api_client/v2/models/rule_types_items.rb b/lib/datadog_api_client/v2/models/rule_types_items.rb new file mode 100644 index 000000000000..176a0656cb77 --- /dev/null +++ b/lib/datadog_api_client/v2/models/rule_types_items.rb @@ -0,0 +1,42 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # Security rule types which can be used in notification rules. + # Signal-based notification rules can filter signals based on rule types application_security, log_detection, + # workload_security, signal_correlation, cloud_configuration and infrastructure_configuration. + # Vulnerability-based notification rules can filter vulnerabilities based on rule types application_code_vulnerability, + # application_library_vulnerability, attack_path, container_image_vulnerability, identity_risk, misconfiguration, and api_security. + class RuleTypesItems + include BaseEnumModel + + APPLICATION_SECURITY = "application_security".freeze + LOG_DETECTION = "log_detection".freeze + WORKLOAD_SECURITY = "workload_security".freeze + SIGNAL_CORRELATION = "signal_correlation".freeze + CLOUD_CONFIGURATION = "cloud_configuration".freeze + INFRASTRUCTURE_CONFIGURATION = "infrastructure_configuration".freeze + APPLICATION_CODE_VULNERABILITY = "application_code_vulnerability".freeze + APPLICATION_LIBRARY_VULNERABILITY = "application_library_vulnerability".freeze + ATTACK_PATH = "attack_path".freeze + CONTAINER_IMAGE_VULNERABILITY = "container_image_vulnerability".freeze + IDENTITY_RISK = "identity_risk".freeze + MISCONFIGURATION = "misconfiguration".freeze + API_SECURITY = "api_security".freeze + end +end diff --git a/lib/datadog_api_client/v2/models/rule_user.rb b/lib/datadog_api_client/v2/models/rule_user.rb new file mode 100644 index 000000000000..a7a373b524a5 --- /dev/null +++ b/lib/datadog_api_client/v2/models/rule_user.rb @@ -0,0 +1,115 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # User creating or modifying a rule. + class RuleUser + include BaseGenericModel + + # The user handle. + attr_accessor :handle + + # The user name. + attr_accessor :name + + attr_accessor :additional_properties + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'handle' => :'handle', + :'name' => :'name' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'handle' => :'String', + :'name' => :'String' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::RuleUser` initialize method" + end + + self.additional_properties = {} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + self.additional_properties[k.to_sym] = v + else + h[k.to_sym] = v + end + } + + if attributes.key?(:'handle') + self.handle = attributes[:'handle'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Returns the object in the form of hash, with additionalProperties support. + # @return [Hash] Returns the object in the form of hash + # @!visibility private + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + self.additional_properties.each_pair do |attr, value| + hash[attr] = value + end + hash + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + handle == o.handle && + name == o.name && + additional_properties == o.additional_properties + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [handle, name, additional_properties].hash + end + end +end diff --git a/lib/datadog_api_client/v2/models/selectors.rb b/lib/datadog_api_client/v2/models/selectors.rb new file mode 100644 index 000000000000..51af78770769 --- /dev/null +++ b/lib/datadog_api_client/v2/models/selectors.rb @@ -0,0 +1,160 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # Selectors are used to filter security issues for which notifications should be generated. + # Users can specify rule severities, rule types, a query to filter security issues on tags and attributes, and the trigger source. + # Only the trigger_source field is required. + class Selectors + include BaseGenericModel + + # The query is composed of one or several key:value pairs, which can be used to filter security issues on tags and attributes. + attr_accessor :query + + # Security rule types used to filter signals and vulnerabilities generating notifications. + attr_accessor :rule_types + + # The security rules severities to consider. + attr_accessor :severities + + # The type of security issues on which the rule applies. Notification rules based on security signals need to use the trigger source "security_signals", + # while notification rules based on security vulnerabilities need to use the trigger source "security_findings". + attr_reader :trigger_source + + attr_accessor :additional_properties + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'query' => :'query', + :'rule_types' => :'rule_types', + :'severities' => :'severities', + :'trigger_source' => :'trigger_source' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'query' => :'String', + :'rule_types' => :'Array', + :'severities' => :'Array', + :'trigger_source' => :'TriggerSource' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::Selectors` initialize method" + end + + self.additional_properties = {} + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + self.additional_properties[k.to_sym] = v + else + h[k.to_sym] = v + end + } + + if attributes.key?(:'query') + self.query = attributes[:'query'] + end + + if attributes.key?(:'rule_types') + if (value = attributes[:'rule_types']).is_a?(Array) + self.rule_types = value + end + end + + if attributes.key?(:'severities') + if (value = attributes[:'severities']).is_a?(Array) + self.severities = value + end + end + + if attributes.key?(:'trigger_source') + self.trigger_source = attributes[:'trigger_source'] + end + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + # @!visibility private + def valid? + return false if @trigger_source.nil? + true + end + + # Custom attribute writer method with validation + # @param trigger_source [Object] Object to be assigned + # @!visibility private + def trigger_source=(trigger_source) + if trigger_source.nil? + fail ArgumentError, 'invalid value for "trigger_source", trigger_source cannot be nil.' + end + @trigger_source = trigger_source + end + + # Returns the object in the form of hash, with additionalProperties support. + # @return [Hash] Returns the object in the form of hash + # @!visibility private + def to_hash + hash = {} + self.class.attribute_map.each_pair do |attr, param| + value = self.send(attr) + if value.nil? + is_nullable = self.class.openapi_nullable.include?(attr) + next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}")) + end + + hash[param] = _to_hash(value) + end + self.additional_properties.each_pair do |attr, value| + hash[attr] = value + end + hash + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + query == o.query && + rule_types == o.rule_types && + severities == o.severities && + trigger_source == o.trigger_source && + additional_properties == o.additional_properties + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [query, rule_types, severities, trigger_source, additional_properties].hash + end + end +end diff --git a/lib/datadog_api_client/v2/models/trigger_source.rb b/lib/datadog_api_client/v2/models/trigger_source.rb new file mode 100644 index 000000000000..f7e401802e26 --- /dev/null +++ b/lib/datadog_api_client/v2/models/trigger_source.rb @@ -0,0 +1,28 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # The type of security issues on which the rule applies. Notification rules based on security signals need to use the trigger source "security_signals", + # while notification rules based on security vulnerabilities need to use the trigger source "security_findings". + class TriggerSource + include BaseEnumModel + + SECURITY_FINDINGS = "security_findings".freeze + SECURITY_SIGNALS = "security_signals".freeze + end +end