Support for In-App WAF policies operations

examples/v2/application-security/CreateApplicationSecurityWafPolicy.ts

@@ -0,0 +1,47 @@
+/**
+ * Create a WAF Policy returns "Created" response
+ */
+
+import { client, v2 } from "@datadog/datadog-api-client";
+
+const configuration = client.createConfiguration();
+const apiInstance = new v2.ApplicationSecurityApi(configuration);
+
+const params: v2.ApplicationSecurityApiCreateApplicationSecurityWafPolicyRequest =
+  {
+    body: {
+      data: {
+        attributes: {
+          basedOn: "recommended",
+          description: "Policy applied to internal web applications.",
+          isDefault: false,
+          name: "Internal Network Policy",
+          protectionPresets: ["attack-tools"],
+          rules: [
+            {
+              blocking: false,
+              enabled: true,
+              id: "rasp-001-002",
+            },
+          ],
+          scope: [
+            {
+              env: "prod",
+              service: "billing-service",
+            },
+          ],
+          version: 0,
+        },
+        type: "policy",
+      },
+    },
+  };
+
+apiInstance
+  .createApplicationSecurityWafPolicy(params)
+  .then((data: v2.ApplicationSecurityPolicyResponse) => {
+    console.log(
+      "API called successfully. Returned data: " + JSON.stringify(data)
+    );
+  })
+  .catch((error: any) => console.error(error));

examples/v2/application-security/DeleteApplicationSecurityWafPolicy.ts

@@ -0,0 +1,22 @@
+/**
+ * Delete a WAF Policy returns "No Content" response
+ */
+
+import { client, v2 } from "@datadog/datadog-api-client";
+
+const configuration = client.createConfiguration();
+const apiInstance = new v2.ApplicationSecurityApi(configuration);
+
+const params: v2.ApplicationSecurityApiDeleteApplicationSecurityWafPolicyRequest =
+  {
+    policyId: "policy_id",
+  };
+
+apiInstance
+  .deleteApplicationSecurityWafPolicy(params)
+  .then((data: any) => {
+    console.log(
+      "API called successfully. Returned data: " + JSON.stringify(data)
+    );
+  })
+  .catch((error: any) => console.error(error));

examples/v2/application-security/GetApplicationSecurityWafPolicy.ts

@@ -0,0 +1,22 @@
+/**
+ * Get a WAF Policy returns "OK" response
+ */
+
+import { client, v2 } from "@datadog/datadog-api-client";
+
+const configuration = client.createConfiguration();
+const apiInstance = new v2.ApplicationSecurityApi(configuration);
+
+const params: v2.ApplicationSecurityApiGetApplicationSecurityWafPolicyRequest =
+  {
+    policyId: "policy_id",
+  };
+
+apiInstance
+  .getApplicationSecurityWafPolicy(params)
+  .then((data: v2.ApplicationSecurityPolicyResponse) => {
+    console.log(
+      "API called successfully. Returned data: " + JSON.stringify(data)
+    );
+  })
+  .catch((error: any) => console.error(error));

examples/v2/application-security/ListApplicationSecurityWAFPolicies.ts

@@ -0,0 +1,17 @@
+/**
+ * List all WAF policies returns "OK" response
+ */
+
+import { client, v2 } from "@datadog/datadog-api-client";
+
+const configuration = client.createConfiguration();
+const apiInstance = new v2.ApplicationSecurityApi(configuration);
+
+apiInstance
+  .listApplicationSecurityWAFPolicies()
+  .then((data: v2.ApplicationSecurityPolicyListResponse) => {
+    console.log(
+      "API called successfully. Returned data: " + JSON.stringify(data)
+    );
+  })
+  .catch((error: any) => console.error(error));

examples/v2/application-security/UpdateApplicationSecurityWafPolicy.ts

@@ -0,0 +1,47 @@
+/**
+ * Update a WAF Policy returns "OK" response
+ */
+
+import { client, v2 } from "@datadog/datadog-api-client";
+
+const configuration = client.createConfiguration();
+const apiInstance = new v2.ApplicationSecurityApi(configuration);
+
+const params: v2.ApplicationSecurityApiUpdateApplicationSecurityWafPolicyRequest =
+  {
+    body: {
+      data: {
+        attributes: {
+          description: "Policy applied to internal web applications.",
+          isDefault: false,
+          name: "Internal Network Policy",
+          protectionPresets: ["attack-tools"],
+          rules: [
+            {
+              blocking: false,
+              enabled: true,
+              id: "rasp-001-002",
+            },
+          ],
+          scope: [
+            {
+              env: "prod",
+              service: "billing-service",
+            },
+          ],
+          version: 0,
+        },
+        type: "policy",
+      },
+    },
+    policyId: "policy_id",
+  };
+
+apiInstance
+  .updateApplicationSecurityWafPolicy(params)
+  .then((data: v2.ApplicationSecurityPolicyResponse) => {
+    console.log(
+      "API called successfully. Returned data: " + JSON.stringify(data)
+    );
+  })
+  .catch((error: any) => console.error(error));

features/support/scenarios_model_mapping.ts

@@ -7308,6 +7308,41 @@ export const ScenariosModelMappings: {[key: string]: {[key: string]: any}} = {
             },
         "operationResponseType": "{}",
     },
+    "v2.ListApplicationSecurityWAFPolicies": {
+        "operationResponseType": "ApplicationSecurityPolicyListResponse",
+    },
+    "v2.CreateApplicationSecurityWafPolicy": {
+        "body": {
+            "type": "ApplicationSecurityPolicyCreateRequest",
+            "format": "",
+            },
+        "operationResponseType": "ApplicationSecurityPolicyResponse",
+    },
+    "v2.GetApplicationSecurityWafPolicy": {
+        "policyId": {
+            "type": "string",
+            "format": "",
+            },
+        "operationResponseType": "ApplicationSecurityPolicyResponse",
+    },
+    "v2.UpdateApplicationSecurityWafPolicy": {
+        "policyId": {
+            "type": "string",
+            "format": "",
+            },
+        "body": {
+            "type": "ApplicationSecurityPolicyUpdateRequest",
+            "format": "",
+            },
+        "operationResponseType": "ApplicationSecurityPolicyResponse",
+    },
+    "v2.DeleteApplicationSecurityWafPolicy": {
+        "policyId": {
+            "type": "string",
+            "format": "",
+            },
+        "operationResponseType": "{}",
+    },
     "v2.ListCSMThreatsAgentRules": {
         "policyId": {
             "type": "string",

features/v2/application_security.feature

@@ -13,6 +13,27 @@ Feature: Application Security
     And a valid "appKeyAuth" key in the system
     And an instance of "ApplicationSecurity" API
 
+  @generated @skip @team:DataDog/asm-backend
+  Scenario: Create a WAF Policy returns "Bad Request" response
+    Given new "CreateApplicationSecurityWafPolicy" request
+    And body with value {"data": {"attributes": {"basedOn": "recommended", "description": "Policy applied to internal web applications.", "isDefault": false, "name": "Internal Network Policy", "protectionPresets": ["attack-tools"], "rules": [{"blocking": false, "enabled": true, "id": "rasp-001-002"}], "scope": [{"env": "prod", "service": "billing-service"}], "version": 0}, "type": "policy"}}
+    When the request is sent
+    Then the response status is 400 Bad Request
+
+  @generated @skip @team:DataDog/asm-backend
+  Scenario: Create a WAF Policy returns "Concurrent Modification" response
+    Given new "CreateApplicationSecurityWafPolicy" request
+    And body with value {"data": {"attributes": {"basedOn": "recommended", "description": "Policy applied to internal web applications.", "isDefault": false, "name": "Internal Network Policy", "protectionPresets": ["attack-tools"], "rules": [{"blocking": false, "enabled": true, "id": "rasp-001-002"}], "scope": [{"env": "prod", "service": "billing-service"}], "version": 0}, "type": "policy"}}
+    When the request is sent
+    Then the response status is 409 Concurrent Modification
+
+  @generated @skip @team:DataDog/asm-backend
+  Scenario: Create a WAF Policy returns "Created" response
+    Given new "CreateApplicationSecurityWafPolicy" request
+    And body with value {"data": {"attributes": {"basedOn": "recommended", "description": "Policy applied to internal web applications.", "isDefault": false, "name": "Internal Network Policy", "protectionPresets": ["attack-tools"], "rules": [{"blocking": false, "enabled": true, "id": "rasp-001-002"}], "scope": [{"env": "prod", "service": "billing-service"}], "version": 0}, "type": "policy"}}
+    When the request is sent
+    Then the response status is 201 Created
+
   @generated @skip @team:DataDog/asm-backend
   Scenario: Create a WAF custom rule returns "Bad Request" response
     Given new "CreateApplicationSecurityWafCustomRule" request
@@ -84,6 +105,27 @@ Feature: Application Security
     When the request is sent
     Then the response status is 404 Not Found
 
+  @generated @skip @team:DataDog/asm-backend
+  Scenario: Delete a WAF Policy returns "Concurrent Modification" response
+    Given new "DeleteApplicationSecurityWafPolicy" request
+    And request contains "policy_id" parameter from "REPLACE.ME"
+    When the request is sent
+    Then the response status is 409 Concurrent Modification
+
+  @generated @skip @team:DataDog/asm-backend
+  Scenario: Delete a WAF Policy returns "No Content" response
+    Given new "DeleteApplicationSecurityWafPolicy" request
+    And request contains "policy_id" parameter from "REPLACE.ME"
+    When the request is sent
+    Then the response status is 204 No Content
+
+  @generated @skip @team:DataDog/asm-backend
+  Scenario: Delete a WAF Policy returns "Not Found" response
+    Given new "DeleteApplicationSecurityWafPolicy" request
+    And request contains "policy_id" parameter from "REPLACE.ME"
+    When the request is sent
+    Then the response status is 404 Not Found
+
   @generated @skip @team:DataDog/asm-backend
   Scenario: Delete a WAF exclusion filter returns "Concurrent Modification" response
     Given new "DeleteApplicationSecurityWafExclusionFilter" request
@@ -106,6 +148,13 @@ Feature: Application Security
     When the request is sent
     Then the response status is 204 OK
 
+  @generated @skip @team:DataDog/asm-backend
+  Scenario: Get a WAF Policy returns "OK" response
+    Given new "GetApplicationSecurityWafPolicy" request
+    And request contains "policy_id" parameter from "REPLACE.ME"
+    When the request is sent
+    Then the response status is 200 OK
+
   @generated @skip @team:DataDog/asm-backend
   Scenario: Get a WAF custom rule returns "OK" response
     Given new "GetApplicationSecurityWafCustomRule" request
@@ -140,6 +189,12 @@ Feature: Application Security
     When the request is sent
     Then the response status is 200 OK
 
+  @generated @skip @team:DataDog/asm-backend
+  Scenario: List all WAF policies returns "OK" response
+    Given new "ListApplicationSecurityWAFPolicies" request
+    When the request is sent
+    Then the response status is 200 OK
+
   @team:DataDog/asm-backend
   Scenario: Update a WAF Custom Rule returns "Bad Request" response
     Given there is a valid "custom_rule" in the system
@@ -174,6 +229,38 @@ Feature: Application Security
     When the request is sent
     Then the response status is 200 OK
 
+  @generated @skip @team:DataDog/asm-backend
+  Scenario: Update a WAF Policy returns "Bad Request" response
+    Given new "UpdateApplicationSecurityWafPolicy" request
+    And request contains "policy_id" parameter from "REPLACE.ME"
+    And body with value {"data": {"attributes": {"description": "Policy applied to internal web applications.", "isDefault": false, "name": "Internal Network Policy", "protectionPresets": ["attack-tools"], "rules": [{"blocking": false, "enabled": true, "id": "rasp-001-002"}], "scope": [{"env": "prod", "service": "billing-service"}], "version": 0}, "type": "policy"}}
+    When the request is sent
+    Then the response status is 400 Bad Request
+
+  @generated @skip @team:DataDog/asm-backend
+  Scenario: Update a WAF Policy returns "Concurrent Modification" response
+    Given new "UpdateApplicationSecurityWafPolicy" request
+    And request contains "policy_id" parameter from "REPLACE.ME"
+    And body with value {"data": {"attributes": {"description": "Policy applied to internal web applications.", "isDefault": false, "name": "Internal Network Policy", "protectionPresets": ["attack-tools"], "rules": [{"blocking": false, "enabled": true, "id": "rasp-001-002"}], "scope": [{"env": "prod", "service": "billing-service"}], "version": 0}, "type": "policy"}}
+    When the request is sent
+    Then the response status is 409 Concurrent Modification
+
+  @generated @skip @team:DataDog/asm-backend
+  Scenario: Update a WAF Policy returns "Not Found" response
+    Given new "UpdateApplicationSecurityWafPolicy" request
+    And request contains "policy_id" parameter from "REPLACE.ME"
+    And body with value {"data": {"attributes": {"description": "Policy applied to internal web applications.", "isDefault": false, "name": "Internal Network Policy", "protectionPresets": ["attack-tools"], "rules": [{"blocking": false, "enabled": true, "id": "rasp-001-002"}], "scope": [{"env": "prod", "service": "billing-service"}], "version": 0}, "type": "policy"}}
+    When the request is sent
+    Then the response status is 404 Not Found
+
+  @generated @skip @team:DataDog/asm-backend
+  Scenario: Update a WAF Policy returns "OK" response
+    Given new "UpdateApplicationSecurityWafPolicy" request
+    And request contains "policy_id" parameter from "REPLACE.ME"
+    And body with value {"data": {"attributes": {"description": "Policy applied to internal web applications.", "isDefault": false, "name": "Internal Network Policy", "protectionPresets": ["attack-tools"], "rules": [{"blocking": false, "enabled": true, "id": "rasp-001-002"}], "scope": [{"env": "prod", "service": "billing-service"}], "version": 0}, "type": "policy"}}
+    When the request is sent
+    Then the response status is 200 OK
+
   @team:DataDog/asm-backend
   Scenario: Update a WAF exclusion filter returns "Bad Request" response
     Given there is a valid "custom_rule" in the system

features/v2/given.json

@@ -693,6 +693,18 @@
     "tag": "Application Security",
     "operationId": "CreateApplicationSecurityWafExclusionFilter"
   },
+  {
+    "parameters": [
+      {
+        "name": "body",
+        "value": "{\n  \"data\": {\n    \"type\": \"policy\",\n    \"attributes\": {\n      \"name\": \"Test policy\",\n      \"description\": \"This is a test policy.\",\n      \"basedOn\": \"recommended\"\n    }\n  }\n}"
+      }
+    ],
+    "step": "there is a valid \"policy\" in the system",
+    "key": "policy",
+    "tag": "Application Security",
+    "operationId": "CreateApplicationSecurityWafPolicy"
+  },
   {
     "parameters": [
       {

features/v2/undo.json

@@ -2715,6 +2715,43 @@
       "type": "idempotent"
     }
   },
+  "ListApplicationSecurityWAFPolicies": {
+    "tag": "Application Security",
+    "undo": {
+      "type": "safe"
+    }
+  },
+  "CreateApplicationSecurityWafPolicy": {
+    "tag": "Application Security",
+    "undo": {
+      "operationId": "DeleteApplicationSecurityWafPolicy",
+      "parameters": [
+        {
+          "name": "policy_id",
+          "source": "data.id"
+        }
+      ],
+      "type": "unsafe"
+    }
+  },
+  "DeleteApplicationSecurityWafPolicy": {
+    "tag": "Application Security",
+    "undo": {
+      "type": "idempotent"
+    }
+  },
+  "GetApplicationSecurityWafPolicy": {
+    "tag": "Application Security",
+    "undo": {
+      "type": "safe"
+    }
+  },
+  "UpdateApplicationSecurityWafPolicy": {
+    "tag": "Application Security",
+    "undo": {
+      "type": "idempotent"
+    }
+  },
   "ListCSMThreatsAgentRules": {
     "tag": "CSM Threats",
     "undo": {