Add vulnerability type to Findings API (#1855)

Co-authored-by: ci.datadog-api-spec <[email protected]>

Author: api-clients-generation-pipeline[bot]

.apigentools-info

@@ -4,13 +4,13 @@
     "spec_versions": {
         "v1": {
             "apigentools_version": "1.6.6",
-            "regenerated": "2024-10-08 14:16:04.703854",
-            "spec_repo_commit": "eb227ded"
+            "regenerated": "2024-10-09 13:48:28.712891",
+            "spec_repo_commit": "a458c3a4"
         },
         "v2": {
             "apigentools_version": "1.6.6",
-            "regenerated": "2024-10-08 14:16:04.718725",
-            "spec_repo_commit": "eb227ded"
+            "regenerated": "2024-10-09 13:48:28.732891",
+            "spec_repo_commit": "a458c3a4"
         }
     }
 }

.generator/schemas/v2/openapi.yaml

@@ -9230,6 +9230,8 @@ components:
           $ref: '#/components/schemas/FindingStatus'
         tags:
           $ref: '#/components/schemas/FindingTags'
+        vulnerability_type:
+          $ref: '#/components/schemas/FindingVulnerabilityType'
       type: object
     FindingEvaluation:
       description: The evaluation of the finding.
@@ -9363,6 +9365,20 @@ components:
       type: string
       x-enum-varnames:
       - FINDING
+    FindingVulnerabilityType:
+      description: The vulnerability type of the finding.
+      enum:
+      - misconfiguration
+      - attack_path
+      - identity_risk
+      - api_security
+      example: misconfiguration
+      type: string
+      x-enum-varnames:
+      - MISCONFIGURATION
+      - ATTACK_PATH
+      - IDENTITY_RISK
+      - API_SECURITY
     FormulaLimit:
       description: 'Message for specifying limits to the number of values returned
         by a query.
@@ -34377,6 +34393,17 @@ paths:
         required: false
         schema:
           $ref: '#/components/schemas/FindingStatus'
+      - description: Return findings that match the selected vulnerability types (repeatable).
+        example:
+        - misconfiguration
+        explode: true
+        in: query
+        name: filter[vulnerability_type]
+        required: false
+        schema:
+          items:
+            $ref: '#/components/schemas/FindingVulnerabilityType'
+          type: array
       responses:
         '200':
           content:

features/support/scenarios_model_mapping.ts

@@ -4758,6 +4758,10 @@ export const ScenariosModelMappings: {[key: string]: {[key: string]: any}} = {
             "type": "FindingStatus",
             "format": "",
             },
+        "filterVulnerabilityType": {
+            "type": "Array<FindingVulnerabilityType>",
+            "format": "",
+            },
         "operationResponseType": "ListFindingsResponse",
     },
     "v2.MuteFindings": {

packages/datadog-api-client-v2/apis/SecurityMonitoringApi.ts

@@ -22,6 +22,7 @@ import { BulkMuteFindingsResponse } from "../models/BulkMuteFindingsResponse";
 import { Finding } from "../models/Finding";
 import { FindingEvaluation } from "../models/FindingEvaluation";
 import { FindingStatus } from "../models/FindingStatus";
+import { FindingVulnerabilityType } from "../models/FindingVulnerabilityType";
 import { GetFindingResponse } from "../models/GetFindingResponse";
 import { JSONAPIErrorResponse } from "../models/JSONAPIErrorResponse";
 import { ListFindingsResponse } from "../models/ListFindingsResponse";
@@ -767,6 +768,7 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory {
     filterDiscoveryTimestamp?: string,
     filterEvaluation?: FindingEvaluation,
     filterStatus?: FindingStatus,
+    filterVulnerabilityType?: Array<FindingVulnerabilityType>,
     _options?: Configuration
   ): Promise<RequestContext> {
     const _config = _options || this.configuration;
@@ -859,6 +861,16 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory {
         ObjectSerializer.serialize(filterStatus, "FindingStatus", "")
       );
     }
+    if (filterVulnerabilityType !== undefined) {
+      requestContext.setQueryParam(
+        "filter[vulnerability_type]",
+        ObjectSerializer.serialize(
+          filterVulnerabilityType,
+          "Array<FindingVulnerabilityType>",
+          ""
+        )
+      );
+    }
 
     // Apply auth methods
     applySecurityAuthentication(_config, requestContext, [
@@ -3456,6 +3468,11 @@ export interface SecurityMonitoringApiListFindingsRequest {
    * @type FindingStatus
    */
   filterStatus?: FindingStatus;
+  /**
+   * Return findings that match the selected vulnerability types (repeatable).
+   * @type Array<FindingVulnerabilityType>
+   */
+  filterVulnerabilityType?: Array<FindingVulnerabilityType>;
 }
 
 export interface SecurityMonitoringApiListSecurityMonitoringRulesRequest {
@@ -4033,6 +4050,7 @@ export class SecurityMonitoringApi {
       param.filterDiscoveryTimestamp,
       param.filterEvaluation,
       param.filterStatus,
+      param.filterVulnerabilityType,
       options
     );
     return requestContextPromise.then((requestContext) => {
@@ -4070,6 +4088,7 @@ export class SecurityMonitoringApi {
         param.filterDiscoveryTimestamp,
         param.filterEvaluation,
         param.filterStatus,
+        param.filterVulnerabilityType,
         options
       );
       const responseContext = await this.configuration.httpApi.send(

packages/datadog-api-client-v2/index.ts

@@ -1078,6 +1078,7 @@ export { FindingMuteReason } from "./models/FindingMuteReason";
 export { FindingRule } from "./models/FindingRule";
 export { FindingStatus } from "./models/FindingStatus";
 export { FindingType } from "./models/FindingType";
+export { FindingVulnerabilityType } from "./models/FindingVulnerabilityType";
 export { FormulaLimit } from "./models/FormulaLimit";
 export { FullAPIKey } from "./models/FullAPIKey";
 export { FullAPIKeyAttributes } from "./models/FullAPIKeyAttributes";

packages/datadog-api-client-v2/models/FindingAttributes.ts

@@ -7,6 +7,7 @@ import { FindingEvaluation } from "./FindingEvaluation";
 import { FindingMute } from "./FindingMute";
 import { FindingRule } from "./FindingRule";
 import { FindingStatus } from "./FindingStatus";
+import { FindingVulnerabilityType } from "./FindingVulnerabilityType";
 
 import { AttributeTypeMap } from "../../datadog-api-client-common/util";
 
@@ -50,6 +51,10 @@ export class FindingAttributes {
    * The tags associated with this finding.
    */
   "tags"?: Array<string>;
+  /**
+   * The vulnerability type of the finding.
+   */
+  "vulnerabilityType"?: FindingVulnerabilityType;
 
   /**
    * A container for additional, undeclared properties.
@@ -105,6 +110,10 @@ export class FindingAttributes {
       baseName: "tags",
       type: "Array<string>",
     },
+    vulnerabilityType: {
+      baseName: "vulnerability_type",
+      type: "FindingVulnerabilityType",
+    },
     additionalProperties: {
       baseName: "additionalProperties",
       type: "any",

packages/datadog-api-client-v2/models/FindingVulnerabilityType.ts

@@ -0,0 +1,22 @@
+/**
+ * Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License.
+ * This product includes software developed at Datadog (https://www.datadoghq.com/).
+ * Copyright 2020-Present Datadog, Inc.
+ */
+
+import { UnparsedObject } from "../../datadog-api-client-common/util";
+
+/**
+ * The vulnerability type of the finding.
+ */
+
+export type FindingVulnerabilityType =
+  | typeof MISCONFIGURATION
+  | typeof ATTACK_PATH
+  | typeof IDENTITY_RISK
+  | typeof API_SECURITY
+  | UnparsedObject;
+export const MISCONFIGURATION = "misconfiguration";
+export const ATTACK_PATH = "attack_path";
+export const IDENTITY_RISK = "identity_risk";
+export const API_SECURITY = "api_security";

packages/datadog-api-client-v2/models/ObjectSerializer.ts

@@ -1474,6 +1474,12 @@ const enumsMap: { [key: string]: any[] } = {
   ],
   FindingStatus: ["critical", "high", "medium", "low", "info"],
   FindingType: ["finding"],
+  FindingVulnerabilityType: [
+    "misconfiguration",
+    "attack_path",
+    "identity_risk",
+    "api_security",
+  ],
   GCPSTSDelegateAccountType: ["gcp_sts_delegate"],
   GCPServiceAccountType: ["gcp_service_account"],
   GetTeamMembershipsSort: [