From bbf6c9f77dad85a42180dcbf51a2709371df40f0 Mon Sep 17 00:00:00 2001 From: "ci.datadog-api-spec" Date: Thu, 10 Apr 2025 18:01:56 +0000 Subject: [PATCH] Regenerate client from commit c0a45137 of spec repo --- .apigentools-info | 8 +++--- .generator/schemas/v2/openapi.yaml | 9 +++++++ ...cation-security-returns-OK-response.frozen | 2 +- ...plication-security-returns-OK-response.yml | 27 +++++++++---------- ...CreateSecurityMonitoringRule_1965169892.rb | 6 +++++ features/v2/security_monitoring.feature | 2 +- ...ity_monitoring_rule_case_action_options.rb | 16 ++++++++--- ...curity_monitoring_rule_case_action_type.rb | 1 + 8 files changed, 48 insertions(+), 23 deletions(-) diff --git a/.apigentools-info b/.apigentools-info index 764bb5129a12..87c7f7327b65 100644 --- a/.apigentools-info +++ b/.apigentools-info @@ -4,13 +4,13 @@ "spec_versions": { "v1": { "apigentools_version": "1.6.6", - "regenerated": "2025-04-10 11:41:57.737818", - "spec_repo_commit": "7f98e0a9" + "regenerated": "2025-04-10 18:01:24.451821", + "spec_repo_commit": "c0a45137" }, "v2": { "apigentools_version": "1.6.6", - "regenerated": "2025-04-10 11:41:57.752970", - "spec_repo_commit": "7f98e0a9" + "regenerated": "2025-04-10 18:01:24.467888", + "spec_repo_commit": "c0a45137" } } } \ No newline at end of file diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index cc558ab240bb..d2075b54e4c5 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -27215,6 +27215,7 @@ components: $ref: '#/components/schemas/SecurityMonitoringRuleCaseActionType' type: object SecurityMonitoringRuleCaseActionOptions: + additionalProperties: {} description: Options for the rule action properties: duration: @@ -27223,16 +27224,24 @@ components: format: int64 minimum: 0 type: integer + userBehaviorName: + $ref: '#/components/schemas/SecurityMonitoringRuleCaseActionOptionsUserBehaviorName' type: object + SecurityMonitoringRuleCaseActionOptionsUserBehaviorName: + description: Used with the case action of type 'user_behavior'. The value specified + in this field is applied as a risk tag to all users affected by the rule. + type: string SecurityMonitoringRuleCaseActionType: description: The action type. enum: - block_ip - block_user + - user_behavior type: string x-enum-varnames: - BLOCK_IP - BLOCK_USER + - USER_BEHAVIOR SecurityMonitoringRuleCaseCreate: description: Case when signal is generated. properties: diff --git a/cassettes/features/v2/security_monitoring/Create-a-detection-rule-with-type-application-security-returns-OK-response.frozen b/cassettes/features/v2/security_monitoring/Create-a-detection-rule-with-type-application-security-returns-OK-response.frozen index 7a935c1425be..3dfeb208e887 100644 --- a/cassettes/features/v2/security_monitoring/Create-a-detection-rule-with-type-application-security-returns-OK-response.frozen +++ b/cassettes/features/v2/security_monitoring/Create-a-detection-rule-with-type-application-security-returns-OK-response.frozen @@ -1 +1 @@ -2025-02-06T16:50:39.787Z \ No newline at end of file +2025-04-09T15:02:05.047Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Create-a-detection-rule-with-type-application-security-returns-OK-response.yml b/cassettes/features/v2/security_monitoring/Create-a-detection-rule-with-type-application-security-returns-OK-response.yml index 054e6d146bf6..d9b09c59971d 100644 --- a/cassettes/features/v2/security_monitoring/Create-a-detection-rule-with-type-application-security-returns-OK-response.yml +++ b/cassettes/features/v2/security_monitoring/Create-a-detection-rule-with-type-application-security-returns-OK-response.yml @@ -1,11 +1,11 @@ http_interactions: -- recorded_at: Thu, 06 Feb 2025 16:50:39 GMT +- recorded_at: Wed, 09 Apr 2025 15:02:05 GMT request: body: encoding: UTF-8 - string: '{"cases":[{"actions":[{"options":{"duration":900},"type":"block_ip"}],"condition":"a + string: '{"cases":[{"actions":[{"options":{"duration":900},"type":"block_ip"},{"options":{"userBehaviorName":"behavior"},"type":"user_behavior"}],"condition":"a > 100000","name":"","notifications":[],"status":"info"}],"filters":[],"groupSignalsBy":["service"],"isEnabled":true,"message":"Test - rule","name":"Test-Create_a_detection_rule_with_type_application_security_returns_OK_response-1738860639_appsec_rule","options":{"detectionMethod":"threshold","evaluationWindow":900,"keepAlive":3600,"maxSignalDuration":86400},"queries":[{"aggregation":"count","distinctFields":[],"groupByFields":["service","@http.client_ip"],"query":"@appsec.security_activity:business_logic.users.login.failure"}],"tags":[],"type":"application_security"}' + rule","name":"Test-Create_a_detection_rule_with_type_application_security_returns_OK_response-1744210925_appsec_rule","options":{"detectionMethod":"threshold","evaluationWindow":900,"keepAlive":3600,"maxSignalDuration":86400},"queries":[{"aggregation":"count","distinctFields":[],"groupByFields":["service","@http.client_ip"],"query":"@appsec.security_activity:business_logic.users.login.failure"}],"tags":[],"type":"application_security"}' headers: Accept: - application/json @@ -16,31 +16,30 @@ http_interactions: response: body: encoding: UTF-8 - string: '{"name":"Test-Create_a_detection_rule_with_type_application_security_returns_OK_response-1738860639_appsec_rule","createdAt":1738860640426,"isDefault":false,"isPartner":false,"isEnabled":true,"isBeta":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"@appsec.security_activity:business_logic.users.login.failure","groupByFields":["service","@http.client_ip"],"hasOptionalGroupByFields":false,"distinctFields":[],"aggregation":"count","name":"","dataSource":"app_sec_spans"}],"options":{"evaluationWindow":900,"detectionMethod":"threshold","maxSignalDuration":86400,"keepAlive":3600},"cases":[{"name":"","status":"info","notifications":[],"condition":"a - \u003e 100000","actions":[{"type":"block_ip","options":{"duration":900}}]}],"message":"Test - rule","tags":[],"hasExtendedTitle":false,"type":"application_security","filters":[],"version":1,"id":"rfn-h2v-udr","blocking":true,"groupSignalsBy":["service"],"casesActions":[[{"type":"block_ip","options":{"duration":900}}]],"dependencies":["business_logic.users.login.failure"],"metadata":{"entities":null,"sources":null},"creator":{"handle":"","name":""},"updater":{"handle":"","name":""}}' + string: '{"name":"Test-Create_a_detection_rule_with_type_application_security_returns_OK_response-1744210925_appsec_rule","createdAt":1744210925675,"isDefault":false,"isPartner":false,"isEnabled":true,"isBeta":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"@appsec.security_activity:business_logic.users.login.failure","groupByFields":["service","@http.client_ip"],"hasOptionalGroupByFields":false,"distinctFields":[],"aggregation":"count","name":"","dataSource":"app_sec_spans"}],"options":{"evaluationWindow":900,"detectionMethod":"threshold","maxSignalDuration":86400,"keepAlive":3600},"cases":[{"name":"","status":"info","notifications":[],"condition":"a + \u003e 100000","actions":[{"type":"block_ip","options":{"duration":900}},{"type":"user_behavior","options":{"userBehaviorName":"behavior"}}]}],"message":"Test + rule","tags":[],"hasExtendedTitle":false,"type":"application_security","filters":[],"version":1,"id":"lfr-zxg-fyc","blocking":true,"groupSignalsBy":["service"],"dependencies":["business_logic.users.login.failure"],"metadata":{"entities":null,"sources":null},"creationAuthorId":2320499,"creator":{"handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca","name":"CI + Account"},"updater":{"handle":"","name":""}}' headers: Content-Type: - application/json status: code: 200 message: OK -- recorded_at: Thu, 06 Feb 2025 16:50:39 GMT +- recorded_at: Wed, 09 Apr 2025 15:02:05 GMT request: body: null headers: Accept: - '*/*' method: DELETE - uri: https://api.datadoghq.com/api/v2/security_monitoring/rules/rfn-h2v-udr + uri: https://api.datadoghq.com/api/v2/security_monitoring/rules/lfr-zxg-fyc response: body: encoding: UTF-8 - string: '{"status":"404","title":"Not Found"}' - headers: - Content-Type: - - application/json + string: '' + headers: {} status: - code: 404 - message: Not Found + code: 204 + message: No Content recorded_with: VCR 6.0.0 diff --git a/examples/v2/security-monitoring/CreateSecurityMonitoringRule_1965169892.rb b/examples/v2/security-monitoring/CreateSecurityMonitoringRule_1965169892.rb index 2dc963adfc2f..93047938b2bc 100644 --- a/examples/v2/security-monitoring/CreateSecurityMonitoringRule_1965169892.rb +++ b/examples/v2/security-monitoring/CreateSecurityMonitoringRule_1965169892.rb @@ -31,6 +31,12 @@ duration: 900, }), }), + DatadogAPIClient::V2::SecurityMonitoringRuleCaseAction.new({ + type: DatadogAPIClient::V2::SecurityMonitoringRuleCaseActionType::USER_BEHAVIOR, + options: DatadogAPIClient::V2::SecurityMonitoringRuleCaseActionOptions.new({ + user_behavior_name: "behavior", + }), + }), ], }), ], diff --git a/features/v2/security_monitoring.feature b/features/v2/security_monitoring.feature index f30d22b3aa1f..1d7b0efc0cc7 100644 --- a/features/v2/security_monitoring.feature +++ b/features/v2/security_monitoring.feature @@ -203,7 +203,7 @@ Feature: Security Monitoring @skip-validation @team:DataDog/k9-cloud-security-platform Scenario: Create a detection rule with type 'application_security 'returns "OK" response Given new "CreateSecurityMonitoringRule" request - And body with value {"type":"application_security","name":"{{unique}}_appsec_rule","queries":[{"query":"@appsec.security_activity:business_logic.users.login.failure","aggregation":"count","groupByFields":["service","@http.client_ip"],"distinctFields":[]}],"filters":[],"cases":[{"name":"","status":"info","notifications":[],"condition":"a > 100000","actions":[{"type":"block_ip","options":{"duration":900}}]}],"options":{"keepAlive":3600,"maxSignalDuration":86400,"evaluationWindow":900,"detectionMethod":"threshold"},"isEnabled":true,"message":"Test rule","tags":[],"groupSignalsBy":["service"]} + And body with value {"type":"application_security","name":"{{unique}}_appsec_rule","queries":[{"query":"@appsec.security_activity:business_logic.users.login.failure","aggregation":"count","groupByFields":["service","@http.client_ip"],"distinctFields":[]}],"filters":[],"cases":[{"name":"","status":"info","notifications":[],"condition":"a > 100000","actions":[{"type":"block_ip","options":{"duration":900}}, {"type":"user_behavior","options":{"userBehaviorName":"behavior"}}]}],"options":{"keepAlive":3600,"maxSignalDuration":86400,"evaluationWindow":900,"detectionMethod":"threshold"},"isEnabled":true,"message":"Test rule","tags":[],"groupSignalsBy":["service"]} When the request is sent Then the response status is 200 OK And the response "name" is equal to "{{ unique }}_appsec_rule" diff --git a/lib/datadog_api_client/v2/models/security_monitoring_rule_case_action_options.rb b/lib/datadog_api_client/v2/models/security_monitoring_rule_case_action_options.rb index 72d3a85bd6dd..848bf9466286 100644 --- a/lib/datadog_api_client/v2/models/security_monitoring_rule_case_action_options.rb +++ b/lib/datadog_api_client/v2/models/security_monitoring_rule_case_action_options.rb @@ -24,13 +24,17 @@ class SecurityMonitoringRuleCaseActionOptions # Duration of the action in seconds. 0 indicates no expiration. attr_reader :duration + # Used with the case action of type 'user_behavior'. The value specified in this field is applied as a risk tag to all users affected by the rule. + attr_accessor :user_behavior_name + attr_accessor :additional_properties # Attribute mapping from ruby-style variable name to JSON key. # @!visibility private def self.attribute_map { - :'duration' => :'duration' + :'duration' => :'duration', + :'user_behavior_name' => :'userBehaviorName' } end @@ -38,7 +42,8 @@ def self.attribute_map # @!visibility private def self.openapi_types { - :'duration' => :'Integer' + :'duration' => :'Integer', + :'user_behavior_name' => :'String' } end @@ -63,6 +68,10 @@ def initialize(attributes = {}) if attributes.key?(:'duration') self.duration = attributes[:'duration'] end + + if attributes.key?(:'user_behavior_name') + self.user_behavior_name = attributes[:'user_behavior_name'] + end end # Check to see if the all the properties in the model are valid @@ -110,6 +119,7 @@ def ==(o) return true if self.equal?(o) self.class == o.class && duration == o.duration && + user_behavior_name == o.user_behavior_name && additional_properties == o.additional_properties end @@ -117,7 +127,7 @@ def ==(o) # @return [Integer] Hash code # @!visibility private def hash - [duration, additional_properties].hash + [duration, user_behavior_name, additional_properties].hash end end end diff --git a/lib/datadog_api_client/v2/models/security_monitoring_rule_case_action_type.rb b/lib/datadog_api_client/v2/models/security_monitoring_rule_case_action_type.rb index f55ab3c361ef..5bf450359fc1 100644 --- a/lib/datadog_api_client/v2/models/security_monitoring_rule_case_action_type.rb +++ b/lib/datadog_api_client/v2/models/security_monitoring_rule_case_action_type.rb @@ -23,5 +23,6 @@ class SecurityMonitoringRuleCaseActionType BLOCK_IP = "block_ip".freeze BLOCK_USER = "block_user".freeze + USER_BEHAVIOR = "user_behavior".freeze end end