diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index a0d181216789..bbbf3bfc986d 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -20370,6 +20370,266 @@ components: - ASSIGNEE - CASE - TEAM_OWNERS + GetMultipleRulesetsRequest: + description: The definition of `GetMultipleRulesetsRequest` object. + properties: + data: + $ref: '#/components/schemas/GetMultipleRulesetsRequestData' + type: object + GetMultipleRulesetsRequestData: + description: The definition of `GetMultipleRulesetsRequestData` object. + properties: + attributes: + $ref: '#/components/schemas/GetMultipleRulesetsRequestDataAttributes' + id: + description: The `GetMultipleRulesetsRequestData` `id`. + type: string + type: + $ref: '#/components/schemas/GetMultipleRulesetsRequestDataType' + required: + - type + type: object + GetMultipleRulesetsRequestDataAttributes: + description: The definition of `GetMultipleRulesetsRequestDataAttributes` object. + properties: + include_testing_rules: + description: The `attributes` `include_testing_rules`. + type: boolean + include_tests: + description: The `attributes` `include_tests`. + type: boolean + rulesets: + description: The `attributes` `rulesets`. + items: + type: string + type: array + type: object + GetMultipleRulesetsRequestDataType: + default: get_multiple_rulesets_request + description: Get multiple rulesets request resource type. + enum: + - get_multiple_rulesets_request + example: get_multiple_rulesets_request + type: string + x-enum-varnames: + - GET_MULTIPLE_RULESETS_REQUEST + GetMultipleRulesetsResponse: + description: The definition of `GetMultipleRulesetsResponse` object. + properties: + data: + $ref: '#/components/schemas/GetMultipleRulesetsResponseData' + type: object + GetMultipleRulesetsResponseData: + description: The definition of `GetMultipleRulesetsResponseData` object. + properties: + attributes: + $ref: '#/components/schemas/GetMultipleRulesetsResponseDataAttributes' + id: + description: The `GetMultipleRulesetsResponseData` `id`. + type: string + type: + $ref: '#/components/schemas/GetMultipleRulesetsResponseDataType' + required: + - type + type: object + GetMultipleRulesetsResponseDataAttributes: + description: The definition of `GetMultipleRulesetsResponseDataAttributes` object. + properties: + rulesets: + description: The `attributes` `rulesets`. + items: + $ref: '#/components/schemas/GetMultipleRulesetsResponseDataAttributesRulesetsItems' + type: array + type: object + GetMultipleRulesetsResponseDataAttributesRulesetsItems: + description: The definition of `GetMultipleRulesetsResponseDataAttributesRulesetsItems` + object. + properties: + data: + $ref: '#/components/schemas/GetMultipleRulesetsResponseDataAttributesRulesetsItemsData' + description: + description: The `items` `description`. + type: string + name: + description: The `items` `name`. + type: string + rules: + description: The `items` `rules`. + items: + $ref: '#/components/schemas/GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItems' + type: array + short_description: + description: The `items` `short_description`. + type: string + required: + - data + type: object + GetMultipleRulesetsResponseDataAttributesRulesetsItemsData: + description: The definition of `GetMultipleRulesetsResponseDataAttributesRulesetsItemsData` + object. + properties: + id: + description: The `data` `id`. + type: string + type: + $ref: '#/components/schemas/GetMultipleRulesetsResponseDataAttributesRulesetsItemsDataType' + required: + - type + type: object + GetMultipleRulesetsResponseDataAttributesRulesetsItemsDataType: + default: rulesets + description: Rulesets resource type. + enum: + - rulesets + example: rulesets + type: string + x-enum-varnames: + - RULESETS + GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItems: + description: The definition of `GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItems` + object. + properties: + arguments: + description: The `items` `arguments`. + items: + $ref: '#/components/schemas/GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsArgumentsItems' + type: array + category: + description: The `items` `category`. + type: string + checksum: + description: The `items` `checksum`. + type: string + code: + description: The `items` `code`. + type: string + created_at: + description: The `items` `created_at`. + format: date-time + type: string + created_by: + description: The `items` `created_by`. + type: string + cve: + description: The `items` `cve`. + type: string + cwe: + description: The `items` `cwe`. + type: string + data: + $ref: '#/components/schemas/GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsData' + description: + description: The `items` `description`. + type: string + documentation_url: + description: The `items` `documentation_url`. + type: string + entity_checked: + description: The `items` `entity_checked`. + type: string + is_published: + description: The `items` `is_published`. + type: boolean + is_testing: + description: The `items` `is_testing`. + type: boolean + language: + description: The `items` `language`. + type: string + last_updated_at: + description: The `items` `last_updated_at`. + format: date-time + type: string + last_updated_by: + description: The `items` `last_updated_by`. + type: string + name: + description: The `items` `name`. + type: string + regex: + description: The `items` `regex`. + type: string + severity: + description: The `items` `severity`. + type: string + short_description: + description: The `items` `short_description`. + type: string + should_use_ai_fix: + description: The `items` `should_use_ai_fix`. + type: boolean + tests: + description: The `items` `tests`. + items: + $ref: '#/components/schemas/GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsTestsItems' + type: array + tree_sitter_query: + description: The `items` `tree_sitter_query`. + type: string + type: + description: The `items` `type`. + type: string + required: + - data + type: object + GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsArgumentsItems: + description: The definition of `GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsArgumentsItems` + object. + properties: + description: + description: The `items` `description`. + type: string + name: + description: The `items` `name`. + type: string + type: object + GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsData: + description: The definition of `GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsData` + object. + properties: + id: + description: The `data` `id`. + type: string + type: + $ref: '#/components/schemas/GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsDataType' + required: + - type + type: object + GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsDataType: + default: rules + description: Rules resource type. + enum: + - rules + example: rules + type: string + x-enum-varnames: + - RULES + GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsTestsItems: + description: The definition of `GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsTestsItems` + object. + properties: + annotation_count: + description: The `items` `annotation_count`. + format: int64 + maximum: 65535 + minimum: 0 + type: integer + code: + description: The `items` `code`. + type: string + filename: + description: The `items` `filename`. + type: string + type: object + GetMultipleRulesetsResponseDataType: + default: get_multiple_rulesets_response + description: Get multiple rulesets response resource type. + enum: + - get_multiple_rulesets_response + example: get_multiple_rulesets_response + type: string + x-enum-varnames: + - GET_MULTIPLE_RULESETS_RESPONSE GetResourceEvaluationFiltersResponse: description: The definition of `GetResourceEvaluationFiltersResponse` object. properties: @@ -40993,6 +41253,146 @@ components: - ISSUE_ASSIGNEE - ISSUE_CASE - ISSUE_TEAM_OWNERS + SecretRuleArray: + description: The definition of `SecretRuleArray` object. + properties: + data: + description: The `SecretRuleArray` `data`. + items: + $ref: '#/components/schemas/SecretRuleData' + type: array + required: + - data + type: object + SecretRuleData: + description: The definition of `SecretRuleData` object. + properties: + attributes: + $ref: '#/components/schemas/SecretRuleDataAttributes' + id: + description: The `SecretRuleData` `id`. + type: string + type: + $ref: '#/components/schemas/SecretRuleDataType' + required: + - type + type: object + SecretRuleDataAttributes: + description: The definition of `SecretRuleDataAttributes` object. + properties: + default_included_keywords: + description: The `attributes` `default_included_keywords`. + items: + type: string + type: array + description: + description: The `attributes` `description`. + type: string + license: + description: The `attributes` `license`. + type: string + match_validation: + $ref: '#/components/schemas/SecretRuleDataAttributesMatchValidation' + name: + description: The `attributes` `name`. + type: string + pattern: + description: The `attributes` `pattern`. + type: string + priority: + description: The `attributes` `priority`. + type: string + sds_id: + description: The `attributes` `sds_id`. + type: string + validators: + description: The `attributes` `validators`. + items: + type: string + type: array + type: object + SecretRuleDataAttributesMatchValidation: + description: The definition of `SecretRuleDataAttributesMatchValidation` object. + properties: + endpoint: + description: The `match_validation` `endpoint`. + type: string + hosts: + description: The `match_validation` `hosts`. + items: + type: string + type: array + http_method: + description: The `match_validation` `http_method`. + type: string + invalid_http_status_code: + description: The `match_validation` `invalid_http_status_code`. + items: + $ref: '#/components/schemas/SecretRuleDataAttributesMatchValidationInvalidHttpStatusCodeItems' + type: array + request_headers: + additionalProperties: + type: string + description: The `match_validation` `request_headers`. + type: object + timeout_seconds: + description: The `match_validation` `timeout_seconds`. + format: int64 + maximum: 1.8446744073709552e+19 + minimum: 0 + type: integer + type: + description: The `match_validation` `type`. + type: string + valid_http_status_code: + description: The `match_validation` `valid_http_status_code`. + items: + $ref: '#/components/schemas/SecretRuleDataAttributesMatchValidationValidHttpStatusCodeItems' + type: array + type: object + SecretRuleDataAttributesMatchValidationInvalidHttpStatusCodeItems: + description: The definition of `SecretRuleDataAttributesMatchValidationInvalidHttpStatusCodeItems` + object. + properties: + end: + description: The `items` `end`. + format: int64 + maximum: 1.8446744073709552e+19 + minimum: 0 + type: integer + start: + description: The `items` `start`. + format: int64 + maximum: 1.8446744073709552e+19 + minimum: 0 + type: integer + type: object + SecretRuleDataAttributesMatchValidationValidHttpStatusCodeItems: + description: The definition of `SecretRuleDataAttributesMatchValidationValidHttpStatusCodeItems` + object. + properties: + end: + description: The `items` `end`. + format: int64 + maximum: 1.8446744073709552e+19 + minimum: 0 + type: integer + start: + description: The `items` `start`. + format: int64 + maximum: 1.8446744073709552e+19 + minimum: 0 + type: integer + type: object + SecretRuleDataType: + default: secret_rule + description: Secret rule resource type. + enum: + - secret_rule + example: secret_rule + type: string + x-enum-varnames: + - SECRET_RULE SecurityFilter: description: The security filter's properties. properties: @@ -73498,6 +73898,57 @@ paths: cursorPath: meta.page.after limitParam: body.data.attributes.page.limit resultsPath: data + /api/v2/static-analysis/rulesets: + post: + description: Get rules for multiple rulesets in batch. + operationId: ListMultipleRulesets + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GetMultipleRulesetsRequest' + required: true + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/GetMultipleRulesetsResponse' + description: OK + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - AuthZ: + - code_analysis_read + - apiKeyAuth: [] + appKeyAuth: [] + summary: Ruleset get multiple + tags: + - Security Monitoring + x-unstable: '**Note**: This endpoint may be subject to changes.' + /api/v2/static-analysis/secrets/rules: + get: + description: Returns list of Secrets rules with ID, Pattern, Description, Priority, + and SDS ID + operationId: GetSecretsRules + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SecretRuleArray' + description: OK + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - AuthZ: + - code_analysis_read + - apiKeyAuth: [] + appKeyAuth: [] + summary: Returns list of Secrets rules + tags: + - Security Monitoring + x-unstable: '**Note**: This endpoint may be subject to changes.' /api/v2/synthetics/settings/on_demand_concurrency_cap: get: description: Get the on-demand concurrency cap. diff --git a/features/v2/security_monitoring.feature b/features/v2/security_monitoring.feature index f4eab41ff04f..add99fc443b4 100644 --- a/features/v2/security_monitoring.feature +++ b/features/v2/security_monitoring.feature @@ -5,13 +5,13 @@ Feature: Security Monitoring information. Background: - Given a valid "apiKeyAuth" key in the system - And a valid "appKeyAuth" key in the system - And an instance of "SecurityMonitoring" API + Given an instance of "SecurityMonitoring" API @team:DataDog/k9-cloud-security-platform Scenario: Cancel a historical job returns "Bad Request" response - Given operation "CancelHistoricalJob" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "CancelHistoricalJob" enabled And new "CancelHistoricalJob" request And request contains "job_id" parameter with value "inva-lid" When the request is sent @@ -19,7 +19,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Cancel a historical job returns "Conflict" response - Given operation "CancelHistoricalJob" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "CancelHistoricalJob" enabled And new "CancelHistoricalJob" request And request contains "job_id" parameter from "REPLACE.ME" When the request is sent @@ -27,7 +29,9 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-security-platform Scenario: Cancel a historical job returns "Not Found" response - Given operation "CancelHistoricalJob" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "CancelHistoricalJob" enabled And new "CancelHistoricalJob" request And request contains "job_id" parameter with value "8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93" When the request is sent @@ -35,7 +39,9 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-security-platform Scenario: Cancel a historical job returns "OK" response - Given operation "CancelHistoricalJob" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "CancelHistoricalJob" enabled And operation "RunHistoricalJob" enabled And new "CancelHistoricalJob" request And there is a valid "historical_job" in the system @@ -45,7 +51,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Change the related incidents of a security signal returns "Bad Request" response - Given new "EditSecurityMonitoringSignalIncidents" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "EditSecurityMonitoringSignalIncidents" request And request contains "signal_id" parameter from "REPLACE.ME" And body with value {"data": {"attributes": {"incident_ids": [2066]}}} When the request is sent @@ -53,7 +61,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Change the related incidents of a security signal returns "Not Found" response - Given new "EditSecurityMonitoringSignalIncidents" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "EditSecurityMonitoringSignalIncidents" request And request contains "signal_id" parameter from "REPLACE.ME" And body with value {"data": {"attributes": {"incident_ids": [2066]}}} When the request is sent @@ -61,7 +71,9 @@ Feature: Security Monitoring @replay-only @team:DataDog/k9-cloud-security-platform Scenario: Change the related incidents of a security signal returns "OK" response - Given new "EditSecurityMonitoringSignalIncidents" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "EditSecurityMonitoringSignalIncidents" request And request contains "signal_id" parameter with value "AQAAAYG1bl5K4HuUewAAAABBWUcxYmw1S0FBQmt2RmhRN0V4ZUVnQUE" And body with value {"data": {"attributes": {"incident_ids": [2066]}}} When the request is sent @@ -69,7 +81,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Change the triage state of a security signal returns "Bad Request" response - Given new "EditSecurityMonitoringSignalState" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "EditSecurityMonitoringSignalState" request And request contains "signal_id" parameter from "REPLACE.ME" And body with value {"data": {"attributes": {"archive_reason": "none", "state": "open"}, "type": "signal_metadata"}} When the request is sent @@ -77,7 +91,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Change the triage state of a security signal returns "Not Found" response - Given new "EditSecurityMonitoringSignalState" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "EditSecurityMonitoringSignalState" request And request contains "signal_id" parameter from "REPLACE.ME" And body with value {"data": {"attributes": {"archive_reason": "none", "state": "open"}, "type": "signal_metadata"}} When the request is sent @@ -85,7 +101,9 @@ Feature: Security Monitoring @replay-only @team:DataDog/k9-cloud-security-platform Scenario: Change the triage state of a security signal returns "OK" response - Given new "EditSecurityMonitoringSignalState" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "EditSecurityMonitoringSignalState" request And request contains "signal_id" parameter with value "AQAAAYG1bl5K4HuUewAAAABBWUcxYmw1S0FBQmt2RmhRN0V4ZUVnQUE" And body with value {"data": {"attributes": {"archive_reason": "none", "state": "open"}}} When the request is sent @@ -93,7 +111,9 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-security-platform Scenario: Convert a job result to a signal returns "Bad Request" response - Given operation "ConvertJobResultToSignal" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "ConvertJobResultToSignal" enabled And new "ConvertJobResultToSignal" request And body with value {"data": {"attributes": {"jobResultIds": [""], "notifications": [""], "signalMessage": "A large number of failed login attempts.", "signalSeverity": "critical"}, "type": "historicalDetectionsJobResultSignalConversion"}} When the request is sent @@ -101,7 +121,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Convert a job result to a signal returns "Not Found" response - Given operation "ConvertJobResultToSignal" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "ConvertJobResultToSignal" enabled And new "ConvertJobResultToSignal" request And body with value {"data": {"attributes": {"jobResultIds": [""], "notifications": [""], "signalMessage": "A large number of failed login attempts.", "signalSeverity": "critical"}, "type": "historicalDetectionsJobResultSignalConversion"}} When the request is sent @@ -109,7 +131,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Convert a job result to a signal returns "OK" response - Given operation "ConvertJobResultToSignal" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "ConvertJobResultToSignal" enabled And new "ConvertJobResultToSignal" request And body with value {"data": {"attributes": {"jobResultIds": [""], "notifications": [""], "signalMessage": "A large number of failed login attempts.", "signalSeverity": "critical"}, "type": "historicalDetectionsJobResultSignalConversion"}} When the request is sent @@ -117,21 +141,27 @@ Feature: Security Monitoring @skip @team:DataDog/k9-cloud-security-platform Scenario: Convert a rule from JSON to Terraform returns "Bad Request" response - Given new "ConvertSecurityMonitoringRuleFromJSONToTerraform" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "ConvertSecurityMonitoringRuleFromJSONToTerraform" request And body with value {"name":"{{ unique }}", "queries":[{"query":"@test:true","aggregation":"count","groupByFields":[],"distinctFields":[],"metric":""}],"filters":[],"cases":[{"name":"","status":"info","condition":"a > 0","notifications":[]}],"options":{"evaluationWindow":900,"keepAlive":3600,"maxSignalDuration":86400},"message":"Test rule","tags":[],"isEnabled":true, "type":"log_detection"} When the request is sent Then the response status is 400 Bad Request @skip @team:DataDog/k9-cloud-security-platform Scenario: Convert a rule from JSON to Terraform returns "Not Found" response - Given new "ConvertSecurityMonitoringRuleFromJSONToTerraform" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "ConvertSecurityMonitoringRuleFromJSONToTerraform" request And body with value {"name":"{{ unique }}", "queries":[{"query":"@test:true","aggregation":"count","groupByFields":[],"distinctFields":[],"metric":""}],"filters":[],"cases":[{"name":"","status":"info","condition":"a > 0","notifications":[]}],"options":{"evaluationWindow":900,"keepAlive":3600,"maxSignalDuration":86400},"message":"Test rule","tags":[],"isEnabled":true, "type":"log_detection"} When the request is sent Then the response status is 404 Not Found @team:DataDog/k9-cloud-security-platform Scenario: Convert a rule from JSON to Terraform returns "OK" response - Given new "ConvertSecurityMonitoringRuleFromJSONToTerraform" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "ConvertSecurityMonitoringRuleFromJSONToTerraform" request And body with value {"name":"_{{ unique_hash }}", "queries":[{"query":"@test:true","aggregation":"count","groupByFields":[],"distinctFields":[],"metric":""}],"filters":[],"cases":[{"name":"","status":"info","condition":"a > 0","notifications":[]}],"options":{"evaluationWindow":900,"keepAlive":3600,"maxSignalDuration":86400},"message":"Test rule","tags":[],"isEnabled":true, "type":"log_detection"} When the request is sent Then the response status is 200 OK @@ -139,21 +169,27 @@ Feature: Security Monitoring @skip @team:DataDog/k9-cloud-security-platform Scenario: Convert an existing rule from JSON to Terraform returns "Bad Request" response - Given new "ConvertExistingSecurityMonitoringRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "ConvertExistingSecurityMonitoringRule" request And request contains "rule_id" parameter from "REPLACE.ME" When the request is sent Then the response status is 400 Bad Request @skip @team:DataDog/k9-cloud-security-platform Scenario: Convert an existing rule from JSON to Terraform returns "Not Found" response - Given new "ConvertExistingSecurityMonitoringRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "ConvertExistingSecurityMonitoringRule" request And request contains "rule_id" parameter from "REPLACE.ME" When the request is sent Then the response status is 404 Not Found @team:DataDog/k9-cloud-security-platform Scenario: Convert an existing rule from JSON to Terraform returns "OK" response - Given new "ConvertExistingSecurityMonitoringRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "ConvertExistingSecurityMonitoringRule" request And there is a valid "security_rule_hash" in the system And request contains "rule_id" parameter from "security_rule_hash.id" When the request is sent @@ -162,7 +198,9 @@ Feature: Security Monitoring @skip-validation @team:DataDog/k9-cloud-security-platform Scenario: Create a cloud_configuration rule returns "OK" response - Given new "CreateSecurityMonitoringRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "CreateSecurityMonitoringRule" request And body with value {"type":"cloud_configuration","name":"{{ unique }}_cloud","isEnabled":false,"cases":[{"status":"info","notifications":["channel"]}],"options":{"complianceRuleOptions":{"resourceType":"gcp_compute_disk","complexRule": false,"regoRule":{"policy":"package datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_disk"]}}},"message":"ddd","tags":["my:tag"],"complianceSignalOptions":{"userActivationStatus":true,"userGroupByFields":["@account_id"]},"filters":[{"action":"require","query":"resource_id:helo*"},{"action":"suppress","query":"control:helo*"}]} When the request is sent Then the response status is 200 OK @@ -173,14 +211,18 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-security-platform Scenario: Create a custom framework returns "Bad Request" response - Given new "CreateCustomFramework" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "CreateCustomFramework" request And body with value {"data":{"type":"custom_framework","attributes":{"name":"name","handle":"","version":"10","icon_url":"test-url","requirements":[{"name":"requirement","controls":[{"name":"control","rules_id":["def-000-be9"]}]}]}}} When the request is sent Then the response status is 400 Bad Request @replay-only @skip-terraform-config @team:DataDog/k9-cloud-security-platform Scenario: Create a custom framework returns "Conflict" response - Given there is a valid "custom_framework" in the system + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And there is a valid "custom_framework" in the system And new "CreateCustomFramework" request And body with value {"data":{"type":"custom_framework","attributes":{"name":"name","handle":"create-framework-new","version":"10","icon_url":"test-url","requirements":[{"name":"requirement","controls":[{"name":"control","rules_id":["def-000-be9"]}]}]}}} When the request is sent @@ -188,21 +230,27 @@ Feature: Security Monitoring @replay-only @skip-terraform-config @team:DataDog/k9-cloud-security-platform Scenario: Create a custom framework returns "OK" response - Given new "CreateCustomFramework" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "CreateCustomFramework" request And body with value {"data":{"type":"custom_framework","attributes":{"name":"name","handle":"create-framework-new","version":"10","icon_url":"test-url","requirements":[{"name":"requirement","controls":[{"name":"control","rules_id":["def-000-be9"]}]}]}}} When the request is sent Then the response status is 200 OK @skip @team:DataDog/k9-cloud-security-platform Scenario: Create a detection rule returns "Bad Request" response - Given new "CreateSecurityMonitoringRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "CreateSecurityMonitoringRule" request And body with value {"name":"{{ unique }}", "queries":[{"query":""}],"cases":[{"status":"info"}],"options":{},"message":"Test rule","tags":[],"isEnabled":true} When the request is sent Then the response status is 400 Bad Request @skip-validation @team:DataDog/k9-cloud-security-platform Scenario: Create a detection rule returns "OK" response - Given new "CreateSecurityMonitoringRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "CreateSecurityMonitoringRule" request And body with value {"name":"{{ unique }}", "queries":[{"query":"@test:true","aggregation":"count","groupByFields":[],"distinctFields":[],"metric":""}],"filters":[],"cases":[{"name":"","status":"info","condition":"a > 0","notifications":[]}],"options":{"evaluationWindow":900,"keepAlive":3600,"maxSignalDuration":86400},"message":"Test rule","tags":[],"isEnabled":true, "type":"log_detection", "referenceTables":[{"tableName": "synthetics_test_reference_table_dont_delete", "columnName": "value", "logFieldPath":"testtag", "checkPresence":true, "ruleQueryName":"a"}]} When the request is sent Then the response status is 200 OK @@ -213,7 +261,9 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-security-platform Scenario: Create a detection rule with detection method 'sequence_detection' returns "OK" response - Given new "CreateSecurityMonitoringRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "CreateSecurityMonitoringRule" request And body with value {"name":"{{ unique }}","type":"log_detection","isEnabled":true,"queries":[{"aggregation":"count","dataSource":"logs","distinctFields":[],"groupByFields":[],"hasOptionalGroupByFields":false,"name":"","query":"service:logs-rule-reducer source:paul test2"},{"aggregation":"count","dataSource":"logs","distinctFields":[],"groupByFields":[],"hasOptionalGroupByFields":false,"name":"","query":"service:logs-rule-reducer source:paul test1"}],"cases":[{"name":"","status":"info","notifications":[],"condition":"step_b > 0"}],"message":"Logs and signals asdf","options":{"detectionMethod":"sequence_detection","evaluationWindow":0,"keepAlive":300,"maxSignalDuration":600,"sequenceDetectionOptions":{"stepTransitions":[{"child":"step_b","evaluationWindow":900,"parent":"step_a"}],"steps":[{"condition":"a > 0","evaluationWindow":60,"name":"step_a"},{"condition":"b > 0","evaluationWindow":60,"name":"step_b"}]}},"tags":[]} When the request is sent Then the response status is 200 OK @@ -223,7 +273,9 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-security-platform Scenario: Create a detection rule with detection method 'third_party' returns "OK" response - Given new "CreateSecurityMonitoringRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "CreateSecurityMonitoringRule" request And body with value {"name":"{{ unique }}","type":"log_detection","isEnabled":true,"thirdPartyCases":[{"query":"status:error","name":"high","status":"high"},{"query":"status:info","name":"low","status":"low"}],"queries":[],"cases":[],"message":"This is a third party rule","options":{"detectionMethod":"third_party","keepAlive":0,"maxSignalDuration":600,"thirdPartyRuleOptions":{"defaultStatus":"info","rootQueries":[{"query":"source:guardduty @details.alertType:*EC2*", "groupByFields":["instance-id"]},{"query":"source:guardduty", "groupByFields":[]}]}}} When the request is sent Then the response status is 200 OK @@ -234,7 +286,9 @@ Feature: Security Monitoring @skip-validation @team:DataDog/k9-cloud-security-platform Scenario: Create a detection rule with type 'application_security 'returns "OK" response - Given new "CreateSecurityMonitoringRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "CreateSecurityMonitoringRule" request And body with value {"type":"application_security","name":"{{unique}}_appsec_rule","queries":[{"query":"@appsec.security_activity:business_logic.users.login.failure","aggregation":"count","groupByFields":["service","@http.client_ip"],"distinctFields":[]}],"filters":[],"cases":[{"name":"","status":"info","notifications":[],"condition":"a > 100000","actions":[{"type":"block_ip","options":{"duration":900}}, {"type":"user_behavior","options":{"userBehaviorName":"behavior"}}, {"type":"flag_ip","options":{"flaggedIPType":"FLAGGED"}}]}],"options":{"keepAlive":3600,"maxSignalDuration":86400,"evaluationWindow":900,"detectionMethod":"threshold"},"isEnabled":true,"message":"Test rule","tags":[],"groupSignalsBy":["service"]} When the request is sent Then the response status is 200 OK @@ -244,7 +298,9 @@ Feature: Security Monitoring @skip-validation @team:DataDog/k9-cloud-security-platform Scenario: Create a detection rule with type 'impossible_travel' returns "OK" response - Given new "CreateSecurityMonitoringRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "CreateSecurityMonitoringRule" request And body with value {"queries":[{"aggregation":"geo_data","groupByFields":["@usr.id"],"distinctFields":[],"metric":"@network.client.geoip","query":"*"}],"cases":[{"name":"","status":"info","notifications":[]}],"hasExtendedTitle":true,"message":"test","isEnabled":true,"options":{"maxSignalDuration":86400,"evaluationWindow":900,"keepAlive":3600,"detectionMethod":"impossible_travel","impossibleTravelOptions":{"baselineUserLocations":false}},"name":"{{ unique }}","type":"log_detection","tags":[],"filters":[]} When the request is sent Then the response status is 200 OK @@ -255,7 +311,9 @@ Feature: Security Monitoring @skip-validation @team:DataDog/k9-cloud-security-platform Scenario: Create a detection rule with type 'signal_correlation' returns "OK" response - Given there is a valid "security_rule" in the system + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And there is a valid "security_rule" in the system And there is a valid "security_rule_bis" in the system And new "CreateSecurityMonitoringRule" request And body with value {"name":"{{ unique }}_signal_rule", "queries":[{"ruleId":"{{ security_rule.id }}","aggregation":"event_count","correlatedByFields":["host"],"correlatedQueryIndex":1}, {"ruleId":"{{ security_rule_bis.id }}","aggregation":"event_count","correlatedByFields":["host"]}],"filters":[],"cases":[{"name":"","status":"info","condition":"a > 0 && b > 0","notifications":[]}],"options":{"evaluationWindow":900,"keepAlive":3600,"maxSignalDuration":86400},"message":"Test signal correlation rule","tags":[],"isEnabled":true, "type": "signal_correlation"} @@ -268,7 +326,9 @@ Feature: Security Monitoring @skip-validation @team:DataDog/k9-cloud-security-platform Scenario: Create a detection rule with type 'workload_security' returns "OK" response - Given new "CreateSecurityMonitoringRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "CreateSecurityMonitoringRule" request And body with value {"name":"{{ unique }}", "queries":[{"query":"@test:true","aggregation":"count","groupByFields":[],"distinctFields":[],"metric":""}],"filters":[],"cases":[{"name":"","status":"info","condition":"a > 0","notifications":[]}],"options":{"evaluationWindow":900,"keepAlive":3600,"maxSignalDuration":86400},"message":"Test rule","tags":[],"isEnabled":true, "type": "workload_security"} When the request is sent Then the response status is 200 OK @@ -279,35 +339,45 @@ Feature: Security Monitoring @generated @skip @team:DataDog/cloud-security-posture-management Scenario: Create a new signal-based notification rule returns "Bad Request" response - Given new "CreateSignalNotificationRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "CreateSignalNotificationRule" request And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400}, "type": "notification_rules"}} When the request is sent Then the response status is 400 Bad Request @team:DataDog/cloud-security-posture-management Scenario: Create a new signal-based notification rule returns "Successfully created the notification rule." response - Given new "CreateSignalNotificationRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "CreateSignalNotificationRule" request And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400}, "type": "notification_rules"}} When the request is sent Then the response status is 201 Successfully created the notification rule. @generated @skip @team:DataDog/cloud-security-posture-management Scenario: Create a new vulnerability-based notification rule returns "Bad Request" response - Given new "CreateVulnerabilityNotificationRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "CreateVulnerabilityNotificationRule" request And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400}, "type": "notification_rules"}} When the request is sent Then the response status is 400 Bad Request @team:DataDog/cloud-security-posture-management Scenario: Create a new vulnerability-based notification rule returns "Successfully created the notification rule." response - Given new "CreateVulnerabilityNotificationRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "CreateVulnerabilityNotificationRule" request And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400}, "type": "notification_rules"}} When the request is sent Then the response status is 201 Successfully created the notification rule. @team:DataDog/k9-cloud-security-platform Scenario: Create a scheduled detection rule returns "OK" response - Given new "CreateSecurityMonitoringRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "CreateSecurityMonitoringRule" request And body with value {"name":"{{ unique }}", "queries":[{"query":"@test:true","aggregation":"count","groupByFields":[],"distinctFields":[],"index":"main"}],"filters":[],"cases":[{"name":"","status":"info","condition":"a > 0","notifications":[]}],"options":{"evaluationWindow":900,"keepAlive":3600,"maxSignalDuration":86400},"message":"Test rule","tags":[],"isEnabled":true, "type":"log_detection", "schedulingOptions": {"rrule": "FREQ=HOURLY;INTERVAL=2;", "start": "2025-06-18T12:00:00", "timezone": "Europe/Paris"}} When the request is sent Then the response status is 200 OK @@ -318,28 +388,36 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-security-platform Scenario: Create a scheduled rule without rrule returns "Bad Request" response - Given new "CreateSecurityMonitoringRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "CreateSecurityMonitoringRule" request And body with value {"name":"{{ unique }}", "queries":[{"query":"@test:true","aggregation":"count","groupByFields":[],"distinctFields":[],"index":"main"}],"filters":[],"cases":[{"name":"","status":"info","condition":"a > 0","notifications":[]}],"options":{"evaluationWindow":900,"keepAlive":3600,"maxSignalDuration":86400},"message":"Test rule","tags":[],"isEnabled":true, "type":"log_detection", "schedulingOptions": {"start": "2025-06-18T12:00:00", "timezone": "Europe/Paris"}} When the request is sent Then the response status is 400 Bad Request @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Create a security filter returns "Bad Request" response - Given new "CreateSecurityFilter" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "CreateSecurityFilter" request And body with value {"data": {"attributes": {"exclusion_filters": [{"name": "Exclude staging", "query": "source:staging"}], "filtered_data_type": "logs", "is_enabled": true, "name": "Custom security filter", "query": "service:api"}, "type": "security_filters"}} When the request is sent Then the response status is 400 Bad Request @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Create a security filter returns "Conflict" response - Given new "CreateSecurityFilter" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "CreateSecurityFilter" request And body with value {"data": {"attributes": {"exclusion_filters": [{"name": "Exclude staging", "query": "source:staging"}], "filtered_data_type": "logs", "is_enabled": true, "name": "Custom security filter", "query": "service:api"}, "type": "security_filters"}} When the request is sent Then the response status is 409 Conflict @team:DataDog/k9-cloud-security-platform Scenario: Create a security filter returns "OK" response - Given new "CreateSecurityFilter" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "CreateSecurityFilter" request And body with value {"data": {"attributes": {"exclusion_filters": [{"name": "Exclude staging", "query": "source:staging"}], "filtered_data_type": "logs", "is_enabled": true, "name": "{{ unique }}", "query": "service:{{ unique_alnum }}"}, "type": "security_filters"}} When the request is sent Then the response status is 200 OK @@ -351,21 +429,27 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Create a suppression rule returns "Bad Request" response - Given new "CreateSecurityMonitoringSuppression" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "CreateSecurityMonitoringSuppression" request And body with value {"data": {"attributes": {"data_exclusion_query": "source:cloudtrail account_id:12345", "description": "This rule suppresses low-severity signals in staging environments.", "enabled": true, "expiration_date": 1703187336000, "name": "Custom suppression", "rule_query": "type:log_detection source:cloudtrail", "start_date": 1703187336000, "suppression_query": "env:staging status:low"}, "type": "suppressions"}} When the request is sent Then the response status is 400 Bad Request @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Create a suppression rule returns "Conflict" response - Given new "CreateSecurityMonitoringSuppression" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "CreateSecurityMonitoringSuppression" request And body with value {"data": {"attributes": {"data_exclusion_query": "source:cloudtrail account_id:12345", "description": "This rule suppresses low-severity signals in staging environments.", "enabled": true, "expiration_date": 1703187336000, "name": "Custom suppression", "rule_query": "type:log_detection source:cloudtrail", "start_date": 1703187336000, "suppression_query": "env:staging status:low"}, "type": "suppressions"}} When the request is sent Then the response status is 409 Conflict @skip-validation @team:DataDog/k9-cloud-security-platform Scenario: Create a suppression rule returns "OK" response - Given new "CreateSecurityMonitoringSuppression" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "CreateSecurityMonitoringSuppression" request And body with value {"data": {"attributes": {"description": "This rule suppresses low-severity signals in staging environments.", "enabled": true, "start_date": {{ timestamp('now + 10d') }}000, "expiration_date": {{ timestamp('now + 21d') }}000, "name": "{{ unique }}", "rule_query": "type:log_detection source:cloudtrail", "suppression_query": "env:staging status:low"}, "type": "suppressions"}} When the request is sent Then the response status is 200 OK @@ -375,7 +459,9 @@ Feature: Security Monitoring @skip-validation @team:DataDog/k9-cloud-security-platform Scenario: Create a suppression rule with an exclusion query returns "OK" response - Given new "CreateSecurityMonitoringSuppression" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "CreateSecurityMonitoringSuppression" request And body with value {"data": {"attributes": {"description": "This rule suppresses low-severity signals in staging environments.", "enabled": true, "start_date": {{ timestamp('now + 10d') }}000, "expiration_date": {{ timestamp('now + 21d') }}000, "name": "{{ unique }}", "rule_query": "type:log_detection source:cloudtrail", "data_exclusion_query": "account_id:12345"}, "type": "suppressions"}} When the request is sent Then the response status is 200 OK @@ -386,7 +472,9 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-security-platform Scenario: Delete a custom framework returns "Bad Request" response - Given new "DeleteCustomFramework" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "DeleteCustomFramework" request And request contains "handle" parameter with value "handle-does-not-exist" And request contains "version" parameter with value "version-does-not-exist" When the request is sent @@ -394,7 +482,9 @@ Feature: Security Monitoring @replay-only @team:DataDog/k9-cloud-security-platform Scenario: Delete a custom framework returns "OK" response - Given there is a valid "custom_framework" in the system + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And there is a valid "custom_framework" in the system And new "DeleteCustomFramework" request And request contains "handle" parameter with value "create-framework-new" And request contains "version" parameter with value "10" @@ -403,14 +493,18 @@ Feature: Security Monitoring @skip @team:DataDog/k9-cloud-security-platform Scenario: Delete a non existing rule returns "Not Found" response - Given new "DeleteSecurityMonitoringRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "DeleteSecurityMonitoringRule" request And request contains "rule_id" parameter with value "ThisRuleIdProbablyDoesntExist" When the request is sent Then the response status is 404 Not Found @skip-validation @team:DataDog/k9-cloud-security-platform Scenario: Delete a security filter returns "No Content" response - Given there is a valid "security_filter" in the system + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And there is a valid "security_filter" in the system And new "DeleteSecurityFilter" request And request contains "security_filter_id" parameter from "security_filter.data.id" When the request is sent @@ -418,28 +512,36 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Delete a security filter returns "Not Found" response - Given new "DeleteSecurityFilter" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "DeleteSecurityFilter" request And request contains "security_filter_id" parameter from "REPLACE.ME" When the request is sent Then the response status is 404 Not Found @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Delete a security filter returns "OK" response - Given new "DeleteSecurityFilter" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "DeleteSecurityFilter" request And request contains "security_filter_id" parameter from "REPLACE.ME" When the request is sent Then the response status is 204 OK @team:DataDog/cloud-security-posture-management Scenario: Delete a signal-based notification rule returns "Not Found" response - Given new "DeleteSignalNotificationRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "DeleteSignalNotificationRule" request And request contains "id" parameter with value "000-000-000" When the request is sent Then the response status is 404 Not Found @team:DataDog/cloud-security-posture-management Scenario: Delete a signal-based notification rule returns "Rule successfully deleted." response - Given there is a valid "valid_signal_notification_rule" in the system + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And there is a valid "valid_signal_notification_rule" in the system And new "DeleteSignalNotificationRule" request And request contains "id" parameter from "valid_signal_notification_rule.data.id" When the request is sent @@ -447,14 +549,18 @@ Feature: Security Monitoring @skip @team:DataDog/k9-cloud-security-platform Scenario: Delete a suppression rule returns "Not Found" response - Given new "DeleteSecurityMonitoringSuppression" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "DeleteSecurityMonitoringSuppression" request And request contains "suppression_id" parameter with value "does-not-exist" When the request is sent Then the response status is 404 Not Found @skip-validation @team:DataDog/k9-cloud-security-platform Scenario: Delete a suppression rule returns "OK" response - Given there is a valid "suppression" in the system + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And there is a valid "suppression" in the system And new "DeleteSecurityMonitoringSuppression" request And request contains "suppression_id" parameter from "suppression.data.id" When the request is sent @@ -462,14 +568,18 @@ Feature: Security Monitoring @team:DataDog/cloud-security-posture-management Scenario: Delete a vulnerability-based notification rule returns "Not Found" response - Given new "DeleteVulnerabilityNotificationRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "DeleteVulnerabilityNotificationRule" request And request contains "id" parameter with value "000-000-000" When the request is sent Then the response status is 404 Not Found @team:DataDog/cloud-security-posture-management Scenario: Delete a vulnerability-based notification rule returns "Rule successfully deleted." response - Given there is a valid "valid_vulnerability_notification_rule" in the system + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And there is a valid "valid_vulnerability_notification_rule" in the system And new "DeleteVulnerabilityNotificationRule" request And request contains "id" parameter from "valid_vulnerability_notification_rule.data.id" When the request is sent @@ -477,7 +587,9 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-security-platform Scenario: Delete an existing job returns "Bad Request" response - Given operation "DeleteHistoricalJob" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "DeleteHistoricalJob" enabled And new "DeleteHistoricalJob" request And request contains "job_id" parameter with value "inva-lid" When the request is sent @@ -485,7 +597,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Delete an existing job returns "Conflict" response - Given operation "DeleteHistoricalJob" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "DeleteHistoricalJob" enabled And new "DeleteHistoricalJob" request And request contains "job_id" parameter from "REPLACE.ME" When the request is sent @@ -493,7 +607,9 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-security-platform Scenario: Delete an existing job returns "Not Found" response - Given operation "DeleteHistoricalJob" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "DeleteHistoricalJob" enabled And new "DeleteHistoricalJob" request And request contains "job_id" parameter with value "8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93" When the request is sent @@ -501,7 +617,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Delete an existing job returns "OK" response - Given operation "DeleteHistoricalJob" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "DeleteHistoricalJob" enabled And new "DeleteHistoricalJob" request And request contains "job_id" parameter from "REPLACE.ME" When the request is sent @@ -509,14 +627,18 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Delete an existing rule returns "Not Found" response - Given new "DeleteSecurityMonitoringRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "DeleteSecurityMonitoringRule" request And request contains "rule_id" parameter from "REPLACE.ME" When the request is sent Then the response status is 404 Not Found @skip-validation @team:DataDog/k9-cloud-security-platform Scenario: Delete an existing rule returns "OK" response - Given there is a valid "security_rule" in the system + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And there is a valid "security_rule" in the system And new "DeleteSecurityMonitoringRule" request And request contains "rule_id" parameter from "security_rule.id" When the request is sent @@ -524,7 +646,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/asm-vm Scenario: Get SBOM returns "Bad request: The server cannot process the request due to invalid syntax in the request." response - Given operation "GetSBOM" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "GetSBOM" enabled And new "GetSBOM" request And request contains "asset_type" parameter from "REPLACE.ME" And request contains "filter[asset_name]" parameter from "REPLACE.ME" @@ -533,7 +657,9 @@ Feature: Security Monitoring @team:DataDog/asm-vm Scenario: Get SBOM returns "Not found: asset not found" response - Given operation "GetSBOM" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "GetSBOM" enabled And new "GetSBOM" request And request contains "asset_type" parameter with value "Host" And request contains "filter[asset_name]" parameter with value "unknown-host" @@ -542,7 +668,9 @@ Feature: Security Monitoring @skip @team:DataDog/asm-vm Scenario: Get SBOM returns "OK" response - Given operation "GetSBOM" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "GetSBOM" enabled And new "GetSBOM" request And request contains "asset_type" parameter with value "Repository" And request contains "filter[asset_name]" parameter with value "github.com/datadog/datadog-agent" @@ -551,7 +679,9 @@ Feature: Security Monitoring @skip-validation @team:DataDog/k9-cloud-security-platform Scenario: Get a cloud configuration rule's details returns "OK" response - Given there is a valid "cloud_configuration_rule" in the system + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And there is a valid "cloud_configuration_rule" in the system And new "GetSecurityMonitoringRule" request And request contains "rule_id" parameter from "cloud_configuration_rule.id" When the request is sent @@ -561,7 +691,9 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-security-platform Scenario: Get a custom framework returns "Bad Request" response - Given new "GetCustomFramework" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "GetCustomFramework" request And request contains "handle" parameter with value "frame-does-not-exist" And request contains "version" parameter with value "frame-does-not-exist" When the request is sent @@ -569,7 +701,9 @@ Feature: Security Monitoring @replay-only @team:DataDog/k9-cloud-security-platform Scenario: Get a custom framework returns "OK" response - Given there is a valid "custom_framework" in the system + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And there is a valid "custom_framework" in the system And new "GetCustomFramework" request And request contains "handle" parameter with value "create-framework-new" And request contains "version" parameter with value "10" @@ -578,7 +712,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/cloud-security-posture-management Scenario: Get a finding returns "Bad Request: The server cannot process the request due to invalid syntax in the request." response - Given operation "GetFinding" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "GetFinding" enabled And new "GetFinding" request And request contains "finding_id" parameter from "REPLACE.ME" When the request is sent @@ -586,7 +722,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/cloud-security-posture-management Scenario: Get a finding returns "Not Found: The requested finding cannot be found." response - Given operation "GetFinding" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "GetFinding" enabled And new "GetFinding" request And request contains "finding_id" parameter from "REPLACE.ME" When the request is sent @@ -594,7 +732,9 @@ Feature: Security Monitoring @replay-only @team:DataDog/cloud-security-posture-management Scenario: Get a finding returns "OK" response - Given operation "GetFinding" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "GetFinding" enabled And new "GetFinding" request And request contains "finding_id" parameter with value "AgAAAYd59gjghzF52gAAAAAAAAAYAAAAAEFZZDU5Z2pnQUFCRTRvV1lFeEo4SlFBQQAAACQAAAAAMDE4NzdhMDEtMDRiYS00NTZlLWFmMzMtNTIxNmNkNjVlNDMz" When the request is sent @@ -603,7 +743,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Get a hist signal's details returns "Bad Request" response - Given operation "GetSecurityMonitoringHistsignal" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "GetSecurityMonitoringHistsignal" enabled And new "GetSecurityMonitoringHistsignal" request And request contains "histsignal_id" parameter from "REPLACE.ME" When the request is sent @@ -611,7 +753,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Get a hist signal's details returns "Not Found" response - Given operation "GetSecurityMonitoringHistsignal" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "GetSecurityMonitoringHistsignal" enabled And new "GetSecurityMonitoringHistsignal" request And request contains "histsignal_id" parameter from "REPLACE.ME" When the request is sent @@ -619,7 +763,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Get a hist signal's details returns "OK" response - Given operation "GetSecurityMonitoringHistsignal" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "GetSecurityMonitoringHistsignal" enabled And new "GetSecurityMonitoringHistsignal" request And request contains "histsignal_id" parameter from "REPLACE.ME" When the request is sent @@ -627,7 +773,9 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-security-platform Scenario: Get a job's details returns "Bad Request" response - Given operation "GetHistoricalJob" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "GetHistoricalJob" enabled And new "GetHistoricalJob" request And request contains "job_id" parameter with value "inva-lid" When the request is sent @@ -635,7 +783,9 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-security-platform Scenario: Get a job's details returns "Not Found" response - Given operation "GetHistoricalJob" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "GetHistoricalJob" enabled And new "GetHistoricalJob" request And request contains "job_id" parameter with value "8e2a37fb-b0c8-4761-a7f0-0a8d6a98ba93" When the request is sent @@ -643,7 +793,9 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-security-platform Scenario: Get a job's details returns "OK" response - Given operation "GetHistoricalJob" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "GetHistoricalJob" enabled And operation "RunHistoricalJob" enabled And new "GetHistoricalJob" request And there is a valid "historical_job" in the system @@ -653,7 +805,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Get a job's hist signals returns "Bad Request" response - Given operation "GetSecurityMonitoringHistsignalsByJobId" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "GetSecurityMonitoringHistsignalsByJobId" enabled And new "GetSecurityMonitoringHistsignalsByJobId" request And request contains "job_id" parameter from "REPLACE.ME" When the request is sent @@ -661,7 +815,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Get a job's hist signals returns "Not Found" response - Given operation "GetSecurityMonitoringHistsignalsByJobId" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "GetSecurityMonitoringHistsignalsByJobId" enabled And new "GetSecurityMonitoringHistsignalsByJobId" request And request contains "job_id" parameter from "REPLACE.ME" When the request is sent @@ -669,7 +825,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Get a job's hist signals returns "OK" response - Given operation "GetSecurityMonitoringHistsignalsByJobId" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "GetSecurityMonitoringHistsignalsByJobId" enabled And new "GetSecurityMonitoringHistsignalsByJobId" request And request contains "job_id" parameter from "REPLACE.ME" When the request is sent @@ -677,21 +835,27 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Get a list of security signals returns "Bad Request" response - Given new "SearchSecurityMonitoringSignals" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "SearchSecurityMonitoringSignals" request And body with value {"filter": {"from": "2019-01-02T09:42:36.320Z", "query": "security:attack status:high", "to": "2019-01-03T09:42:36.320Z"}, "page": {"cursor": "eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ==", "limit": 25}, "sort": "timestamp"} When the request is sent Then the response status is 400 Bad Request @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Get a list of security signals returns "OK" response - Given new "SearchSecurityMonitoringSignals" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "SearchSecurityMonitoringSignals" request And body with value {"filter": {"from": "2019-01-02T09:42:36.320Z", "query": "security:attack status:high", "to": "2019-01-03T09:42:36.320Z"}, "page": {"cursor": "eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ==", "limit": 25}, "sort": "timestamp"} When the request is sent Then the response status is 200 OK @replay-only @skip-validation @team:DataDog/k9-cloud-security-platform @with-pagination Scenario: Get a list of security signals returns "OK" response with pagination - Given new "SearchSecurityMonitoringSignals" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "SearchSecurityMonitoringSignals" request And body with value {"filter": {"from": "{{ timeISO("now-15m") }}", "query": "security:attack status:high", "to": "{{ timeISO("now") }}"}, "page": {"limit": 2}, "sort": "timestamp"} When the request with pagination is sent Then the response status is 200 OK @@ -699,19 +863,25 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Get a quick list of security signals returns "Bad Request" response - Given new "ListSecurityMonitoringSignals" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "ListSecurityMonitoringSignals" request When the request is sent Then the response status is 400 Bad Request @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Get a quick list of security signals returns "OK" response - Given new "ListSecurityMonitoringSignals" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "ListSecurityMonitoringSignals" request When the request is sent Then the response status is 200 OK @replay-only @skip-validation @team:DataDog/k9-cloud-security-platform @with-pagination Scenario: Get a quick list of security signals returns "OK" response with pagination - Given new "ListSecurityMonitoringSignals" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "ListSecurityMonitoringSignals" request And request contains "page[limit]" parameter with value 2 When the request with pagination is sent Then the response status is 200 OK @@ -719,14 +889,18 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-security-platform Scenario: Get a rule's details returns "Not Found" response - Given new "GetSecurityMonitoringRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "GetSecurityMonitoringRule" request And request contains "rule_id" parameter with value "abcde-12345" When the request is sent Then the response status is 404 Not Found @skip-validation @team:DataDog/k9-cloud-security-platform Scenario: Get a rule's details returns "OK" response - Given new "GetSecurityMonitoringRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "GetSecurityMonitoringRule" request And there is a valid "security_rule" in the system And request contains "rule_id" parameter from "security_rule.id" When the request is sent @@ -736,7 +910,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Get a rule's version history returns "Bad Request" response - Given operation "GetRuleVersionHistory" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "GetRuleVersionHistory" enabled And new "GetRuleVersionHistory" request And request contains "rule_id" parameter from "REPLACE.ME" When the request is sent @@ -744,7 +920,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Get a rule's version history returns "Not Found" response - Given operation "GetRuleVersionHistory" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "GetRuleVersionHistory" enabled And new "GetRuleVersionHistory" request And request contains "rule_id" parameter from "REPLACE.ME" When the request is sent @@ -752,7 +930,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Get a rule's version history returns "OK" response - Given operation "GetRuleVersionHistory" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "GetRuleVersionHistory" enabled And new "GetRuleVersionHistory" request And request contains "rule_id" parameter from "REPLACE.ME" When the request is sent @@ -760,14 +940,18 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Get a security filter returns "Not Found" response - Given new "GetSecurityFilter" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "GetSecurityFilter" request And request contains "security_filter_id" parameter from "REPLACE.ME" When the request is sent Then the response status is 404 Not Found @team:DataDog/k9-cloud-security-platform Scenario: Get a security filter returns "OK" response - Given there is a valid "security_filter" in the system + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And there is a valid "security_filter" in the system And new "GetSecurityFilter" request And request contains "security_filter_id" parameter from "security_filter.data.id" When the request is sent @@ -780,28 +964,36 @@ Feature: Security Monitoring @replay-only @team:DataDog/k9-cloud-security-platform Scenario: Get a signal's details returns "Not Found" response - Given new "GetSecurityMonitoringSignal" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "GetSecurityMonitoringSignal" request And request contains "signal_id" parameter with value "AQAAAYNqUBVU4-rffwAAAABBWU5xVUJWVUFBQjJBd3ptCL3QUEm3nt2" When the request is sent Then the response status is 404 Not Found @replay-only @team:DataDog/k9-cloud-security-platform Scenario: Get a signal's details returns "OK" response - Given new "GetSecurityMonitoringSignal" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "GetSecurityMonitoringSignal" request And request contains "signal_id" parameter with value "AQAAAYNqUBVU4-rffwAAAABBWU5xVUJWVUFBQjJBd3ptMDdQUnF3QUE" When the request is sent Then the response status is 200 OK @skip-validation @team:DataDog/k9-cloud-security-platform Scenario: Get a suppression rule returns "Not Found" response - Given new "GetSecurityMonitoringSuppression" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "GetSecurityMonitoringSuppression" request And request contains "suppression_id" parameter with value "this-does-not-exist" When the request is sent Then the response status is 404 Not Found @skip-validation @team:DataDog/k9-cloud-security-platform Scenario: Get a suppression rule returns "OK" response - Given new "GetSecurityMonitoringSuppression" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "GetSecurityMonitoringSuppression" request And there is a valid "suppression" in the system And request contains "suppression_id" parameter from "suppression.data.id" When the request is sent @@ -811,7 +1003,9 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-security-platform Scenario: Get all security filters returns "OK" response - Given new "ListSecurityFilters" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "ListSecurityFilters" request When the request is sent Then the response status is 200 OK And the response "data" has item with field "attributes.filtered_data_type" with value "logs" @@ -819,27 +1013,35 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Get all suppression rules returns "OK" response - Given new "ListSecurityMonitoringSuppressions" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "ListSecurityMonitoringSuppressions" request When the request is sent Then the response status is 200 OK @generated @skip @team:DataDog/cloud-security-posture-management Scenario: Get details of a signal-based notification rule returns "Bad Request" response - Given new "GetSignalNotificationRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "GetSignalNotificationRule" request And request contains "id" parameter from "REPLACE.ME" When the request is sent Then the response status is 400 Bad Request @team:DataDog/cloud-security-posture-management Scenario: Get details of a signal-based notification rule returns "Not Found" response - Given new "GetSignalNotificationRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "GetSignalNotificationRule" request And request contains "id" parameter with value "000-000-000" When the request is sent Then the response status is 404 Not Found @team:DataDog/cloud-security-posture-management Scenario: Get details of a signal-based notification rule returns "Notification rule details." response - Given there is a valid "valid_signal_notification_rule" in the system + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And there is a valid "valid_signal_notification_rule" in the system And new "GetSignalNotificationRule" request And request contains "id" parameter from "valid_signal_notification_rule.data.id" When the request is sent @@ -847,21 +1049,27 @@ Feature: Security Monitoring @generated @skip @team:DataDog/cloud-security-posture-management Scenario: Get details of a vulnerability notification rule returns "Bad Request" response - Given new "GetVulnerabilityNotificationRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "GetVulnerabilityNotificationRule" request And request contains "id" parameter from "REPLACE.ME" When the request is sent Then the response status is 400 Bad Request @team:DataDog/cloud-security-posture-management Scenario: Get details of a vulnerability notification rule returns "Not Found" response - Given new "GetVulnerabilityNotificationRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "GetVulnerabilityNotificationRule" request And request contains "id" parameter with value "000-000-000" When the request is sent Then the response status is 404 Not Found @team:DataDog/cloud-security-posture-management Scenario: Get details of a vulnerability notification rule returns "Notification rule details." response - Given there is a valid "valid_vulnerability_notification_rule" in the system + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And there is a valid "valid_vulnerability_notification_rule" in the system And new "GetVulnerabilityNotificationRule" request And request contains "id" parameter from "valid_vulnerability_notification_rule.data.id" When the request is sent @@ -869,7 +1077,9 @@ Feature: Security Monitoring @skip-go @skip-java @skip-ruby @team:DataDog/k9-cloud-security-platform Scenario: Get rule version history returns "OK" response - Given operation "GetRuleVersionHistory" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "GetRuleVersionHistory" enabled And new "GetRuleVersionHistory" request And there is a valid "security_rule" in the system And request contains "rule_id" parameter from "security_rule.id" @@ -882,14 +1092,18 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-security-platform Scenario: Get suppressions affecting a specific rule returns "Not Found" response - Given new "GetSuppressionsAffectingRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "GetSuppressionsAffectingRule" request And request contains "rule_id" parameter with value "aaa-bbb-ccc-ddd" When the request is sent Then the response status is 404 Not Found @team:DataDog/k9-cloud-security-platform Scenario: Get suppressions affecting a specific rule returns "OK" response - Given new "GetSuppressionsAffectingRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "GetSuppressionsAffectingRule" request And there is a valid "security_rule" in the system And request contains "rule_id" parameter from "security_rule.id" When the request is sent @@ -897,42 +1111,54 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-security-platform Scenario: Get suppressions affecting future rule returns "Bad Request" response - Given new "GetSuppressionsAffectingFutureRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "GetSuppressionsAffectingFutureRule" request And body with value {"invalid_key":"invalid_value"} When the request is sent Then the response status is 400 Bad Request @team:DataDog/k9-cloud-security-platform Scenario: Get suppressions affecting future rule returns "OK" response - Given new "GetSuppressionsAffectingFutureRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "GetSuppressionsAffectingFutureRule" request And body from file "security_monitoring_future_rule_suppression_payload.json" When the request is sent Then the response status is 200 OK @team:DataDog/cloud-security-posture-management Scenario: Get the list of signal-based notification rules returns "The list of notification rules." response - Given there is a valid "valid_signal_notification_rule" in the system + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And there is a valid "valid_signal_notification_rule" in the system And new "GetSignalNotificationRules" request When the request is sent Then the response status is 200 The list of notification rules. @team:DataDog/cloud-security-posture-management Scenario: Get the list of vulnerability notification rules returns "The list of notification rules." response - Given there is a valid "valid_vulnerability_notification_rule" in the system + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And there is a valid "valid_vulnerability_notification_rule" in the system And new "GetVulnerabilityNotificationRules" request When the request is sent Then the response status is 200 The list of notification rules. @generated @skip @team:DataDog/asm-vm Scenario: List assets SBOMs returns "Bad request: The server cannot process the request due to invalid syntax in the request." response - Given operation "ListAssetsSBOMs" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "ListAssetsSBOMs" enabled And new "ListAssetsSBOMs" request When the request is sent Then the response status is 400 Bad request: The server cannot process the request due to invalid syntax in the request. @team:DataDog/asm-vm Scenario: List assets SBOMs returns "Not found: There is no request associated with the provided token." response - Given operation "ListAssetsSBOMs" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "ListAssetsSBOMs" enabled And new "ListAssetsSBOMs" request And request contains "page[token]" parameter with value "unknown" And request contains "page[number]" parameter with value 1 @@ -941,14 +1167,18 @@ Feature: Security Monitoring @generated @skip @team:DataDog/asm-vm Scenario: List assets SBOMs returns "Not found: asset not found" response - Given operation "ListAssetsSBOMs" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "ListAssetsSBOMs" enabled And new "ListAssetsSBOMs" request When the request is sent Then the response status is 404 Not found: asset not found @team:DataDog/asm-vm Scenario: List assets SBOMs returns "OK" response - Given operation "ListAssetsSBOMs" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "ListAssetsSBOMs" enabled And new "ListAssetsSBOMs" request And request contains "filter[package_name]" parameter with value "pandas" And request contains "filter[asset_type]" parameter with value "Service" @@ -957,21 +1187,27 @@ Feature: Security Monitoring @generated @skip @team:DataDog/cloud-security-posture-management Scenario: List findings returns "Bad Request: The server cannot process the request due to invalid syntax in the request." response - Given operation "ListFindings" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "ListFindings" enabled And new "ListFindings" request When the request is sent Then the response status is 400 Bad Request: The server cannot process the request due to invalid syntax in the request. @generated @skip @team:DataDog/cloud-security-posture-management Scenario: List findings returns "Not Found: The requested finding cannot be found." response - Given operation "ListFindings" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "ListFindings" enabled And new "ListFindings" request When the request is sent Then the response status is 404 Not Found: The requested finding cannot be found. @replay-only @team:DataDog/cloud-security-posture-management Scenario: List findings returns "OK" response - Given operation "ListFindings" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "ListFindings" enabled And new "ListFindings" request When the request is sent Then the response status is 200 OK @@ -979,7 +1215,9 @@ Feature: Security Monitoring @team:DataDog/cloud-security-posture-management Scenario: List findings returns "OK" response with details - Given operation "ListFindings" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "ListFindings" enabled And new "ListFindings" request And request contains "detailed_findings" parameter with value true When the request is sent @@ -987,14 +1225,18 @@ Feature: Security Monitoring @generated @skip @team:DataDog/cloud-security-posture-management @with-pagination Scenario: List findings returns "OK" response with pagination - Given operation "ListFindings" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "ListFindings" enabled And new "ListFindings" request When the request with pagination is sent Then the response status is 200 OK @skip-terraform-config @team:DataDog/cloud-security-posture-management Scenario: List findings with detection_type query param returns "OK" response - Given operation "ListFindings" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "ListFindings" enabled And new "ListFindings" request And request contains "filter[vulnerability_type]" parameter with value ["misconfiguration", "attack_path"] When the request is sent @@ -1002,35 +1244,45 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: List hist signals returns "Bad Request" response - Given operation "ListSecurityMonitoringHistsignals" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "ListSecurityMonitoringHistsignals" enabled And new "ListSecurityMonitoringHistsignals" request When the request is sent Then the response status is 400 Bad Request @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: List hist signals returns "Not Found" response - Given operation "ListSecurityMonitoringHistsignals" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "ListSecurityMonitoringHistsignals" enabled And new "ListSecurityMonitoringHistsignals" request When the request is sent Then the response status is 404 Not Found @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: List hist signals returns "OK" response - Given operation "ListSecurityMonitoringHistsignals" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "ListSecurityMonitoringHistsignals" enabled And new "ListSecurityMonitoringHistsignals" request When the request is sent Then the response status is 200 OK @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: List historical jobs returns "Bad Request" response - Given operation "ListHistoricalJobs" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "ListHistoricalJobs" enabled And new "ListHistoricalJobs" request When the request is sent Then the response status is 400 Bad Request @team:DataDog/k9-cloud-security-platform Scenario: List historical jobs returns "OK" response - Given operation "ListHistoricalJobs" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "ListHistoricalJobs" enabled And operation "RunHistoricalJob" enabled And new "ListHistoricalJobs" request And there is a valid "historical_job" in the system @@ -1040,14 +1292,18 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-security-platform Scenario: List resource filters returns "Bad Request" response - Given new "GetResourceEvaluationFilters" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "GetResourceEvaluationFilters" request And request contains "account_id" parameter with value "123456789" When the request is sent Then the response status is 400 Bad Request @team:DataDog/k9-cloud-security-platform Scenario: List resource filters returns "OK" response - Given new "GetResourceEvaluationFilters" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "GetResourceEvaluationFilters" request And request contains "cloud_provider" parameter with value "aws" And request contains "account_id" parameter with value "123456789" When the request is sent @@ -1055,26 +1311,34 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: List rules returns "Bad Request" response - Given new "ListSecurityMonitoringRules" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "ListSecurityMonitoringRules" request When the request is sent Then the response status is 400 Bad Request @skip-validation @team:DataDog/k9-cloud-security-platform Scenario: List rules returns "OK" response - Given new "ListSecurityMonitoringRules" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "ListSecurityMonitoringRules" request When the request is sent Then the response status is 200 OK @generated @skip @team:DataDog/asm-vm Scenario: List vulnerabilities returns "Bad request: The server cannot process the request due to invalid syntax in the request." response - Given operation "ListVulnerabilities" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "ListVulnerabilities" enabled And new "ListVulnerabilities" request When the request is sent Then the response status is 400 Bad request: The server cannot process the request due to invalid syntax in the request. @team:DataDog/asm-vm Scenario: List vulnerabilities returns "Not found: There is no request associated with the provided token." response - Given operation "ListVulnerabilities" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "ListVulnerabilities" enabled And new "ListVulnerabilities" request And request contains "page[token]" parameter with value "unknown" And request contains "page[number]" parameter with value 1 @@ -1083,7 +1347,9 @@ Feature: Security Monitoring @team:DataDog/asm-vm Scenario: List vulnerabilities returns "OK" response - Given operation "ListVulnerabilities" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "ListVulnerabilities" enabled And new "ListVulnerabilities" request And request contains "filter[cvss.base.severity]" parameter with value "High" And request contains "filter[asset.type]" parameter with value "Service" @@ -1093,14 +1359,18 @@ Feature: Security Monitoring @generated @skip @team:DataDog/asm-vm Scenario: List vulnerable assets returns "Bad request: The server cannot process the request due to invalid syntax in the request." response - Given operation "ListVulnerableAssets" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "ListVulnerableAssets" enabled And new "ListVulnerableAssets" request When the request is sent Then the response status is 400 Bad request: The server cannot process the request due to invalid syntax in the request. @team:DataDog/asm-vm Scenario: List vulnerable assets returns "Not found: There is no request associated with the provided token." response - Given operation "ListVulnerableAssets" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "ListVulnerableAssets" enabled And new "ListVulnerableAssets" request And request contains "page[token]" parameter with value "unknown" And request contains "page[number]" parameter with value 1 @@ -1109,7 +1379,9 @@ Feature: Security Monitoring @team:DataDog/asm-vm Scenario: List vulnerable assets returns "OK" response - Given operation "ListVulnerableAssets" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "ListVulnerableAssets" enabled And new "ListVulnerableAssets" request And request contains "filter[type]" parameter with value "Host" And request contains "filter[repository_url]" parameter with value "github.com/datadog/dd-go" @@ -1119,7 +1391,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Modify the triage assignee of a security signal returns "Bad Request" response - Given new "EditSecurityMonitoringSignalAssignee" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "EditSecurityMonitoringSignalAssignee" request And request contains "signal_id" parameter from "REPLACE.ME" And body with value {"data": {"attributes": {"assignee": {"name": null, "uuid": "773b045d-ccf8-4808-bd3b-955ef6a8c940"}}}} When the request is sent @@ -1127,7 +1401,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Modify the triage assignee of a security signal returns "Not Found" response - Given new "EditSecurityMonitoringSignalAssignee" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "EditSecurityMonitoringSignalAssignee" request And request contains "signal_id" parameter from "REPLACE.ME" And body with value {"data": {"attributes": {"assignee": {"name": null, "uuid": "773b045d-ccf8-4808-bd3b-955ef6a8c940"}}}} When the request is sent @@ -1135,7 +1411,9 @@ Feature: Security Monitoring @replay-only @team:DataDog/k9-cloud-security-platform Scenario: Modify the triage assignee of a security signal returns "OK" response - Given new "EditSecurityMonitoringSignalAssignee" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "EditSecurityMonitoringSignalAssignee" request And request contains "signal_id" parameter with value "AQAAAYG1bl5K4HuUewAAAABBWUcxYmw1S0FBQmt2RmhRN0V4ZUVnQUE" And body with value {"data": {"attributes": {"assignee": {"uuid": ""}}}} When the request is sent @@ -1143,7 +1421,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/cloud-security-posture-management Scenario: Mute or unmute a batch of findings returns "Bad Request: The server cannot process the request due to invalid syntax in the request." response - Given operation "MuteFindings" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "MuteFindings" enabled And new "MuteFindings" request And body with value {"data": {"attributes": {"mute": {"expiration_date": 1778721573794, "muted": true, "reason": "ACCEPTED_RISK"}}, "id": "dbe5f567-192b-4404-b908-29b70e1c9f76", "meta": {"findings": [{"finding_id": "ZGVmLTAwcC1pZXJ-aS0wZjhjNjMyZDNmMzRlZTgzNw=="}]}, "type": "finding"}} When the request is sent @@ -1151,7 +1431,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/cloud-security-posture-management Scenario: Mute or unmute a batch of findings returns "Invalid Request: The server understands the request syntax but cannot process it due to invalid data." response - Given operation "MuteFindings" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "MuteFindings" enabled And new "MuteFindings" request And body with value {"data": {"attributes": {"mute": {"expiration_date": 1778721573794, "muted": true, "reason": "ACCEPTED_RISK"}}, "id": "dbe5f567-192b-4404-b908-29b70e1c9f76", "meta": {"findings": [{"finding_id": "ZGVmLTAwcC1pZXJ-aS0wZjhjNjMyZDNmMzRlZTgzNw=="}]}, "type": "finding"}} When the request is sent @@ -1159,7 +1441,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/cloud-security-posture-management Scenario: Mute or unmute a batch of findings returns "Not Found: The requested finding cannot be found." response - Given operation "MuteFindings" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "MuteFindings" enabled And new "MuteFindings" request And body with value {"data": {"attributes": {"mute": {"expiration_date": 1778721573794, "muted": true, "reason": "ACCEPTED_RISK"}}, "id": "dbe5f567-192b-4404-b908-29b70e1c9f76", "meta": {"findings": [{"finding_id": "ZGVmLTAwcC1pZXJ-aS0wZjhjNjMyZDNmMzRlZTgzNw=="}]}, "type": "finding"}} When the request is sent @@ -1167,7 +1451,9 @@ Feature: Security Monitoring @replay-only @team:DataDog/cloud-security-posture-management Scenario: Mute or unmute a batch of findings returns "OK" response - Given operation "MuteFindings" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "MuteFindings" enabled And new "MuteFindings" request And body with value {"data": {"attributes": {"mute": {"expiration_date": 1778721573794, "muted": true, "reason": "ACCEPTED_RISK"}}, "id": "dbe5f567-192b-4404-b908-29b70e1c9f76", "meta": {"findings":[{"finding_id": "ZGVmLTAwcC1pZXJ-aS0wZjhjNjMyZDNmMzRlZTgzNw=="}]}, "type": "finding"}} When the request is sent @@ -1175,7 +1461,9 @@ Feature: Security Monitoring @team:DataDog/cloud-security-posture-management Scenario: Patch a signal-based notification rule returns "Bad Request" response - Given new "PatchSignalNotificationRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "PatchSignalNotificationRule" request And there is a valid "valid_signal_notification_rule" in the system And request contains "id" parameter from "valid_signal_notification_rule.data.id" And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400}, "id": "aaa-bbb-ccc", "type": "notification_rules"}} @@ -1184,7 +1472,9 @@ Feature: Security Monitoring @team:DataDog/cloud-security-posture-management Scenario: Patch a signal-based notification rule returns "Not Found" response - Given new "PatchSignalNotificationRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "PatchSignalNotificationRule" request And request contains "id" parameter with value "000-000-000" And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400, "version": 1}, "id": "aaa-bbb-ccc", "type": "notification_rules"}} When the request is sent @@ -1192,7 +1482,9 @@ Feature: Security Monitoring @team:DataDog/cloud-security-posture-management Scenario: Patch a signal-based notification rule returns "Notification rule successfully patched." response - Given new "PatchSignalNotificationRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "PatchSignalNotificationRule" request And there is a valid "valid_signal_notification_rule" in the system And request contains "id" parameter from "valid_signal_notification_rule.data.id" And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400, "version": 1}, "id": "aaa-bbb-ccc", "type": "notification_rules"}} @@ -1201,7 +1493,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/cloud-security-posture-management Scenario: Patch a signal-based notification rule returns "The server cannot process the request because it contains invalid data." response - Given new "PatchSignalNotificationRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "PatchSignalNotificationRule" request And request contains "id" parameter from "REPLACE.ME" And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400, "version": 1}, "id": "aaa-bbb-ccc", "type": "notification_rules"}} When the request is sent @@ -1209,7 +1503,9 @@ Feature: Security Monitoring @team:DataDog/cloud-security-posture-management Scenario: Patch a vulnerability-based notification rule returns "Bad Request" response - Given new "PatchVulnerabilityNotificationRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "PatchVulnerabilityNotificationRule" request And there is a valid "valid_vulnerability_notification_rule" in the system And request contains "id" parameter from "valid_vulnerability_notification_rule.data.id" And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400}, "id": "aaa-bbb-ccc", "type": "notification_rules"}} @@ -1218,7 +1514,9 @@ Feature: Security Monitoring @team:DataDog/cloud-security-posture-management Scenario: Patch a vulnerability-based notification rule returns "Not Found" response - Given new "PatchVulnerabilityNotificationRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "PatchVulnerabilityNotificationRule" request And request contains "id" parameter with value "000-000-000" And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400, "version": 1}, "id": "aaa-bbb-ccc", "type": "notification_rules"}} When the request is sent @@ -1226,7 +1524,9 @@ Feature: Security Monitoring @team:DataDog/cloud-security-posture-management Scenario: Patch a vulnerability-based notification rule returns "Notification rule successfully patched." response - Given new "PatchVulnerabilityNotificationRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "PatchVulnerabilityNotificationRule" request And there is a valid "valid_vulnerability_notification_rule" in the system And request contains "id" parameter from "valid_vulnerability_notification_rule.data.id" And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400, "version": 1}, "id": "aaa-bbb-ccc", "type": "notification_rules"}} @@ -1235,15 +1535,34 @@ Feature: Security Monitoring @generated @skip @team:DataDog/cloud-security-posture-management Scenario: Patch a vulnerability-based notification rule returns "The server cannot process the request because it contains invalid data." response - Given new "PatchVulnerabilityNotificationRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "PatchVulnerabilityNotificationRule" request And request contains "id" parameter from "REPLACE.ME" And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400, "version": 1}, "id": "aaa-bbb-ccc", "type": "notification_rules"}} When the request is sent Then the response status is 422 The server cannot process the request because it contains invalid data. + @generated @skip @team:DataDog/asm-vm + Scenario: Returns list of Secrets rules returns "OK" response + Given operation "GetSecretsRules" enabled + And new "GetSecretsRules" request + When the request is sent + Then the response status is 200 OK + + @generated @skip @team:DataDog/asm-vm + Scenario: Ruleset get multiple returns "OK" response + Given operation "ListMultipleRulesets" enabled + And new "ListMultipleRulesets" request + And body with value {"data": {"attributes": {"rulesets": []}, "type": "get_multiple_rulesets_request"}} + When the request is sent + Then the response status is 200 OK + @team:DataDog/k9-cloud-security-platform Scenario: Run a historical job returns "Bad Request" response - Given operation "RunHistoricalJob" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "RunHistoricalJob" enabled And new "RunHistoricalJob" request And body with value {"data":{"type":"historicalDetectionsJobCreate","attributes":{"jobDefinition":{"type":"log_detection","name":"Excessive number of failed attempts.","queries":[{"query":"source:non_existing_src_weekend","aggregation":"count","groupByFields":[],"distinctFields":[]}],"cases":[{"name":"Condition 1","status":"info","notifications":[],"condition":"a > 1"}],"options":{"keepAlive":3600,"maxSignalDuration":86400,"evaluationWindow":900},"message":"A large number of failed login attempts.","tags":[],"from":1730387522611,"to":1730391122611,"index":"non_existing_index"}}}} When the request is sent @@ -1251,7 +1570,9 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-security-platform Scenario: Run a historical job returns "Not Found" response - Given operation "RunHistoricalJob" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "RunHistoricalJob" enabled And new "RunHistoricalJob" request And body with value {"data": { "type": "historicalDetectionsJobCreate", "attributes": {"fromRule": {"from": 1730201035064, "id": "non-existng", "index": "main", "notifications": [], "to": 1730204635115}}}} When the request is sent @@ -1259,7 +1580,9 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-security-platform Scenario: Run a historical job returns "Status created" response - Given operation "RunHistoricalJob" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "RunHistoricalJob" enabled And new "RunHistoricalJob" request And body with value {"data":{"type":"historicalDetectionsJobCreate","attributes":{"jobDefinition":{"type":"log_detection","name":"Excessive number of failed attempts.","queries":[{"query":"source:non_existing_src_weekend","aggregation":"count","groupByFields":[],"distinctFields":[]}],"cases":[{"name":"Condition 1","status":"info","notifications":[],"condition":"a > 1"}],"options":{"keepAlive":3600,"maxSignalDuration":86400,"evaluationWindow":900},"message":"A large number of failed login attempts.","tags":[],"from":1730387522611,"to":1730387532611,"index":"main"}}}} When the request is sent @@ -1267,7 +1590,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Search hist signals returns "Bad Request" response - Given operation "SearchSecurityMonitoringHistsignals" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "SearchSecurityMonitoringHistsignals" enabled And new "SearchSecurityMonitoringHistsignals" request And body with value {"filter": {"from": "2019-01-02T09:42:36.320Z", "query": "security:attack status:high", "to": "2019-01-03T09:42:36.320Z"}, "page": {"cursor": "eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ==", "limit": 25}, "sort": "timestamp"} When the request is sent @@ -1275,7 +1600,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Search hist signals returns "Not Found" response - Given operation "SearchSecurityMonitoringHistsignals" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "SearchSecurityMonitoringHistsignals" enabled And new "SearchSecurityMonitoringHistsignals" request And body with value {"filter": {"from": "2019-01-02T09:42:36.320Z", "query": "security:attack status:high", "to": "2019-01-03T09:42:36.320Z"}, "page": {"cursor": "eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ==", "limit": 25}, "sort": "timestamp"} When the request is sent @@ -1283,7 +1610,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Search hist signals returns "OK" response - Given operation "SearchSecurityMonitoringHistsignals" enabled + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And operation "SearchSecurityMonitoringHistsignals" enabled And new "SearchSecurityMonitoringHistsignals" request And body with value {"filter": {"from": "2019-01-02T09:42:36.320Z", "query": "security:attack status:high", "to": "2019-01-03T09:42:36.320Z"}, "page": {"cursor": "eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ==", "limit": 25}, "sort": "timestamp"} When the request is sent @@ -1291,21 +1620,27 @@ Feature: Security Monitoring @skip @team:DataDog/k9-cloud-security-platform Scenario: Test a rule returns "Bad Request" response - Given new "TestSecurityMonitoringRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "TestSecurityMonitoringRule" request And body with value {"rule": {"cases": [], "filters": [{"action": "require"}], "hasExtendedTitle": true, "isEnabled": true, "message": "", "name": "My security monitoring rule.", "options": {"decreaseCriticalityBasedOnEnv": false, "detectionMethod": "threshold", "evaluationWindow": 0, "hardcodedEvaluatorType": "log4shell", "impossibleTravelOptions": {"baselineUserLocations": true}, "keepAlive": 0, "maxSignalDuration": 0, "newValueOptions": {"forgetAfter": 1, "learningDuration": 0, "learningMethod": "duration", "learningThreshold": 0}, "thirdPartyRuleOptions": {"defaultNotifications": [], "defaultStatus": "critical", "rootQueries": [{"groupByFields": [], "query": "source:cloudtrail"}]}}, "queries": [], "tags": ["env:prod", "team:security"], "thirdPartyCases": [], "type": "application_security"}, "ruleQueryPayloads": [{"expectedResult": true, "index": 0, "payload": {"ddsource": "nginx", "ddtags": "env:staging,version:5.1", "hostname": "i-012345678", "message": "2019-11-19T14:37:58,995 INFO [process.name][20081] Hello World", "service": "payment"}}]} When the request is sent Then the response status is 400 Bad Request @skip @team:DataDog/k9-cloud-security-platform Scenario: Test a rule returns "Not Found" response - Given new "TestSecurityMonitoringRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "TestSecurityMonitoringRule" request And body with value {"rule": {"cases": [], "filters": [{"action": "require"}], "hasExtendedTitle": true, "isEnabled": true, "message": "", "name": "My security monitoring rule.", "options": {"decreaseCriticalityBasedOnEnv": false, "detectionMethod": "threshold", "evaluationWindow": 0, "hardcodedEvaluatorType": "log4shell", "impossibleTravelOptions": {"baselineUserLocations": true}, "keepAlive": 0, "maxSignalDuration": 0, "newValueOptions": {"forgetAfter": 1, "learningDuration": 0, "learningMethod": "duration", "learningThreshold": 0}, "thirdPartyRuleOptions": {"defaultNotifications": [], "defaultStatus": "critical", "rootQueries": [{"groupByFields": [], "query": "source:cloudtrail"}]}}, "queries": [], "tags": ["env:prod", "team:security"], "thirdPartyCases": [], "type": "application_security"}, "ruleQueryPayloads": [{"expectedResult": true, "index": 0, "payload": {"ddsource": "nginx", "ddtags": "env:staging,version:5.1", "hostname": "i-012345678", "message": "2019-11-19T14:37:58,995 INFO [process.name][20081] Hello World", "service": "payment"}}]} When the request is sent Then the response status is 404 Not Found @skip-go @skip-java @skip-ruby @skip-typescript @team:DataDog/k9-cloud-security-platform Scenario: Test a rule returns "OK" response - Given new "TestSecurityMonitoringRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "TestSecurityMonitoringRule" request And body with value {"rule": {"cases": [{"name": "","status": "info","notifications": [],"condition": "a > 0"}],"hasExtendedTitle": true,"isEnabled": true,"message": "My security monitoring rule message.","name": "My security monitoring rule.","options": {"decreaseCriticalityBasedOnEnv": false,"detectionMethod": "threshold","evaluationWindow": 0,"keepAlive": 0,"maxSignalDuration": 0},"queries": [{"query": "source:source_here","groupByFields": ["@userIdentity.assumed_role"],"distinctFields": [],"aggregation": "count","name": ""}],"tags": ["env:prod", "team:security"],"type": "log_detection"}, "ruleQueryPayloads": [{"expectedResult": true,"index": 0,"payload": {"ddsource": "source_here","ddtags": "env:staging,version:5.1","hostname": "i-012345678","message": "2019-11-19T14:37:58,995 INFO [process.name][20081] Hello World","service": "payment","userIdentity": {"assumed_role" : "fake assumed_role"}}}]} When the request is sent Then the response status is 200 OK @@ -1313,7 +1648,9 @@ Feature: Security Monitoring @skip @team:DataDog/k9-cloud-security-platform Scenario: Test an existing rule returns "Bad Request" response - Given new "TestExistingSecurityMonitoringRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "TestExistingSecurityMonitoringRule" request And request contains "rule_id" parameter from "REPLACE.ME" And body with value {"ruleQueryPayloads": [{"expectedResult": true, "index": 0, "payload": {"ddsource": "nginx", "ddtags": "env:staging,version:5.1", "hostname": "i-012345678", "message": "2019-11-19T14:37:58,995 INFO [process.name][20081] Hello World", "service": "payment"}}]} When the request is sent @@ -1321,7 +1658,9 @@ Feature: Security Monitoring @skip @team:DataDog/k9-cloud-security-platform Scenario: Test an existing rule returns "Not Found" response - Given new "TestExistingSecurityMonitoringRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "TestExistingSecurityMonitoringRule" request And request contains "rule_id" parameter from "REPLACE.ME" And body with value {"ruleQueryPayloads": [{"expectedResult": true, "index": 0, "payload": {"ddsource": "nginx", "ddtags": "env:staging,version:5.1", "hostname": "i-012345678", "message": "2019-11-19T14:37:58,995 INFO [process.name][20081] Hello World", "service": "payment"}}]} When the request is sent @@ -1329,7 +1668,9 @@ Feature: Security Monitoring @skip @team:DataDog/k9-cloud-security-platform Scenario: Test an existing rule returns "OK" response - Given new "TestExistingSecurityMonitoringRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "TestExistingSecurityMonitoringRule" request And request contains "rule_id" parameter from "REPLACE.ME" And body with value {"ruleQueryPayloads": [{"expectedResult": true, "index": 0, "payload": {"ddsource": "nginx", "ddtags": "env:staging,version:5.1", "hostname": "i-012345678", "message": "2019-11-19T14:37:58,995 INFO [process.name][20081] Hello World", "service": "payment"}}]} When the request is sent @@ -1337,7 +1678,9 @@ Feature: Security Monitoring @skip-validation @team:DataDog/k9-cloud-security-platform Scenario: Update a cloud configuration rule's details returns "OK" response - Given new "UpdateSecurityMonitoringRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "UpdateSecurityMonitoringRule" request And there is a valid "cloud_configuration_rule" in the system And request contains "rule_id" parameter from "cloud_configuration_rule.id" And body with value {"name":"{{ unique }}_cloud_updated","isEnabled":false,"cases":[{"status":"info","notifications":[]}],"options":{"complianceRuleOptions":{"resourceType":"gcp_compute_disk", "regoRule":{"policy":"package datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_disk"]}}},"message":"ddd","tags":[],"complianceSignalOptions":{"userActivationStatus":false,"userGroupByFields":[]}} @@ -1348,7 +1691,9 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-security-platform Scenario: Update a custom framework returns "Bad Request" response - Given new "UpdateCustomFramework" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "UpdateCustomFramework" request And request contains "handle" parameter with value "create-framework-new" And request contains "version" parameter with value "10" And body with value {"data": {"attributes": {"handle": "", "name": "", "requirements": [{"controls": [{"name": "", "rules_id": [""]}], "name": ""}], "version": ""}, "type": "custom_framework"}} @@ -1357,7 +1702,9 @@ Feature: Security Monitoring @replay-only @team:DataDog/k9-cloud-security-platform Scenario: Update a custom framework returns "OK" response - Given there is a valid "custom_framework" in the system + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And there is a valid "custom_framework" in the system And new "UpdateCustomFramework" request And request contains "handle" parameter with value "create-framework-new" And request contains "version" parameter with value "10" @@ -1367,7 +1714,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Update a security filter returns "Bad Request" response - Given new "UpdateSecurityFilter" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "UpdateSecurityFilter" request And request contains "security_filter_id" parameter from "REPLACE.ME" And body with value {"data": {"attributes": {"exclusion_filters": [], "filtered_data_type": "logs", "is_enabled": true, "name": "Custom security filter", "query": "service:api", "version": 1}, "type": "security_filters"}} When the request is sent @@ -1375,7 +1724,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Update a security filter returns "Concurrent Modification" response - Given new "UpdateSecurityFilter" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "UpdateSecurityFilter" request And request contains "security_filter_id" parameter from "REPLACE.ME" And body with value {"data": {"attributes": {"exclusion_filters": [], "filtered_data_type": "logs", "is_enabled": true, "name": "Custom security filter", "query": "service:api", "version": 1}, "type": "security_filters"}} When the request is sent @@ -1383,7 +1734,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Update a security filter returns "Not Found" response - Given new "UpdateSecurityFilter" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "UpdateSecurityFilter" request And request contains "security_filter_id" parameter from "REPLACE.ME" And body with value {"data": {"attributes": {"exclusion_filters": [], "filtered_data_type": "logs", "is_enabled": true, "name": "Custom security filter", "query": "service:api", "version": 1}, "type": "security_filters"}} When the request is sent @@ -1391,7 +1744,9 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-security-platform Scenario: Update a security filter returns "OK" response - Given new "UpdateSecurityFilter" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "UpdateSecurityFilter" request And there is a valid "security_filter" in the system And request contains "security_filter_id" parameter from "security_filter.data.id" And body with value {"data": {"attributes": {"exclusion_filters": [], "filtered_data_type": "logs", "is_enabled": true, "name": "{{ unique }}", "query": "service:{{ unique_alnum }}", "version": 1}, "type": "security_filters"}} @@ -1403,7 +1758,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Update a suppression rule returns "Bad Request" response - Given new "UpdateSecurityMonitoringSuppression" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "UpdateSecurityMonitoringSuppression" request And request contains "suppression_id" parameter from "REPLACE.ME" And body with value {"data": {"attributes": {"data_exclusion_query": "source:cloudtrail account_id:12345", "description": "This rule suppresses low-severity signals in staging environments.", "enabled": true, "expiration_date": 1703187336000, "name": "Custom suppression", "rule_query": "type:log_detection source:cloudtrail", "start_date": 1703187336000, "suppression_query": "env:staging status:low"}, "type": "suppressions"}} When the request is sent @@ -1411,7 +1768,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Update a suppression rule returns "Concurrent Modification" response - Given new "UpdateSecurityMonitoringSuppression" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "UpdateSecurityMonitoringSuppression" request And request contains "suppression_id" parameter from "REPLACE.ME" And body with value {"data": {"attributes": {"data_exclusion_query": "source:cloudtrail account_id:12345", "description": "This rule suppresses low-severity signals in staging environments.", "enabled": true, "expiration_date": 1703187336000, "name": "Custom suppression", "rule_query": "type:log_detection source:cloudtrail", "start_date": 1703187336000, "suppression_query": "env:staging status:low"}, "type": "suppressions"}} When the request is sent @@ -1419,7 +1778,9 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Update a suppression rule returns "Not Found" response - Given new "UpdateSecurityMonitoringSuppression" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "UpdateSecurityMonitoringSuppression" request And request contains "suppression_id" parameter from "REPLACE.ME" And body with value {"data": {"attributes": {"data_exclusion_query": "source:cloudtrail account_id:12345", "description": "This rule suppresses low-severity signals in staging environments.", "enabled": true, "expiration_date": 1703187336000, "name": "Custom suppression", "rule_query": "type:log_detection source:cloudtrail", "start_date": 1703187336000, "suppression_query": "env:staging status:low"}, "type": "suppressions"}} When the request is sent @@ -1427,7 +1788,9 @@ Feature: Security Monitoring @skip-validation @team:DataDog/k9-cloud-security-platform Scenario: Update a suppression rule returns "OK" response - Given new "UpdateSecurityMonitoringSuppression" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "UpdateSecurityMonitoringSuppression" request And there is a valid "suppression" in the system And request contains "suppression_id" parameter from "suppression.data.id" And body with value {"data": {"attributes": {"suppression_query": "env:staging status:low"}, "type": "suppressions"}} @@ -1439,7 +1802,9 @@ Feature: Security Monitoring @skip-validation @team:DataDog/k9-cloud-security-platform Scenario: Update an existing rule returns "Bad Request" response - Given new "UpdateSecurityMonitoringRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "UpdateSecurityMonitoringRule" request And there is a valid "security_rule" in the system And request contains "rule_id" parameter from "security_rule.id" And body with value {"name":"{{ unique }}", "queries":[{"query":""}],"cases":[{"status":"info"}],"options":{},"message":"Test rule Bad","tags":[],"isEnabled":true} @@ -1448,7 +1813,9 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-security-platform Scenario: Update an existing rule returns "Not Found" response - Given new "UpdateSecurityMonitoringRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "UpdateSecurityMonitoringRule" request And request contains "rule_id" parameter with value "abcde-12345" And body with value {"name": "{{ unique }}-NotFound","queries": [{"query": "@test:true","aggregation": "count","groupByFields": [],"distinctFields": [],"metrics": []}],"filters": [],"cases": [{"name": "", "status": "info", "condition": "a > 0", "notifications": []}], "options": {"evaluationWindow": 900, "keepAlive": 3600, "maxSignalDuration": 86400}, "message": "Test rule", "tags": [], "isEnabled": true} When the request is sent @@ -1456,7 +1823,9 @@ Feature: Security Monitoring @skip-validation @team:DataDog/k9-cloud-security-platform Scenario: Update an existing rule returns "OK" response - Given new "UpdateSecurityMonitoringRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "UpdateSecurityMonitoringRule" request And there is a valid "security_rule" in the system And request contains "rule_id" parameter from "security_rule.id" And body with value {"name": "{{ unique }}-Updated","queries": [{"query": "@test:true","aggregation": "count","groupByFields": [],"distinctFields": [],"metrics": []}],"filters": [],"cases": [{"name": "", "status": "info", "condition": "a > 0", "notifications": []}], "options": {"evaluationWindow": 900, "keepAlive": 3600, "maxSignalDuration": 86400}, "message": "Test rule", "tags": [], "isEnabled": true} @@ -1467,49 +1836,63 @@ Feature: Security Monitoring @team:DataDog/k9-cloud-security-platform Scenario: Update resource filters returns "Bad Request" response - Given new "UpdateResourceEvaluationFilters" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "UpdateResourceEvaluationFilters" request And body with value {"data": {"attributes": {"cloud_provider": {"invalid": {"aws_account_id": ["tag1:v1"]}}}, "id": "csm_resource_filter", "type": "csm_resource_filter"}} When the request is sent Then the response status is 400 Bad Request @team:DataDog/k9-cloud-security-platform Scenario: Update resource filters returns "OK" response - Given new "UpdateResourceEvaluationFilters" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "UpdateResourceEvaluationFilters" request And body with value {"data": {"attributes": {"cloud_provider": {"aws": {"aws_account_id": ["tag1:v1"]}}}, "id": "csm_resource_filter", "type": "csm_resource_filter"}} When the request is sent Then the response status is 201 OK @skip-go @skip-java @skip-python @skip-ruby @skip-rust @skip-typescript @skip-validation @team:DataDog/k9-cloud-security-platform Scenario: Validate a detection rule returns "Bad Request" response - Given new "ValidateSecurityMonitoringRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "ValidateSecurityMonitoringRule" request And body with value {"cases":[{"name":"","status":"info","notifications":[],"condition":"a > 0"}],"hasExtendedTitle":true,"isEnabled":true,"message":"My security monitoring rule","name":"My security monitoring rule","options":{"evaluationWindow":1800,"keepAlive":999999,"maxSignalDuration":1800,"detectionMethod":"threshold"},"queries":[{"query":"source:source_here","groupByFields":["@userIdentity.assumed_role"],"distinctFields":[],"aggregation":"count","name":""}],"tags":["env:prod","team:security"],"type":"log_detection"} When the request is sent Then the response status is 400 Bad Request @team:DataDog/k9-cloud-security-platform Scenario: Validate a detection rule returns "OK" response - Given new "ValidateSecurityMonitoringRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "ValidateSecurityMonitoringRule" request And body with value {"cases":[{"name":"","status":"info","notifications":[],"condition":"a > 0"}],"hasExtendedTitle":true,"isEnabled":true,"message":"My security monitoring rule","name":"My security monitoring rule","options":{"evaluationWindow":1800,"keepAlive":1800,"maxSignalDuration":1800,"detectionMethod":"threshold"},"queries":[{"query":"source:source_here","groupByFields":["@userIdentity.assumed_role"],"distinctFields":[],"aggregation":"count","name":""}],"tags":["env:prod","team:security"],"type":"log_detection"} When the request is sent Then the response status is 204 OK @team:DataDog/k9-cloud-security-platform Scenario: Validate a detection rule with detection method 'sequence_detection' returns "OK" response - Given new "ValidateSecurityMonitoringRule" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "ValidateSecurityMonitoringRule" request And body with value {"cases":[{"name":"","status":"info","notifications":[],"condition":"step_b > 0"}],"hasExtendedTitle":true,"isEnabled":true,"message":"My security monitoring rule","name":"My security monitoring rule","options":{"evaluationWindow":0,"keepAlive":300,"maxSignalDuration":600,"detectionMethod":"sequence_detection","sequenceDetectionOptions":{"stepTransitions":[{"child":"step_b","evaluationWindow":900,"parent":"step_a"}],"steps":[{"condition":"a > 0","evaluationWindow":60,"name":"step_a"},{"condition":"b > 0","evaluationWindow":60,"name":"step_b"}]}},"queries":[{"query":"source:source_here","groupByFields":["@userIdentity.assumed_role"],"distinctFields":[],"aggregation":"count","name":""},{"query":"source:source_here2","groupByFields":[],"distinctFields":[],"aggregation":"count","name":""}],"tags":["env:prod","team:security"],"type":"log_detection"} When the request is sent Then the response status is 204 OK @team:DataDog/k9-cloud-security-platform Scenario: Validate a suppression rule returns "Bad Request" response - Given new "ValidateSecurityMonitoringSuppression" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "ValidateSecurityMonitoringSuppression" request And body with value {"data": {"attributes": {"name" : "cold_harbour", "enabled": false, "rule_query":"rule:[A-Invalid", "data_exclusion_query": "not enough attributes"}, "type": "suppressions"}} When the request is sent Then the response status is 400 Bad Request @team:DataDog/k9-cloud-security-platform Scenario: Validate a suppression rule returns "OK" response - Given new "ValidateSecurityMonitoringSuppression" request + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And new "ValidateSecurityMonitoringSuppression" request And body with value {"data": {"attributes": {"data_exclusion_query": "source:cloudtrail account_id:12345", "description": "This rule suppresses low-severity signals in staging environments.", "enabled": true, "name": "Custom suppression", "rule_query": "type:log_detection source:cloudtrail"}, "type": "suppressions"}} When the request is sent Then the response status is 204 OK diff --git a/features/v2/undo.json b/features/v2/undo.json index c4c269d3cab9..3b918b525a67 100644 --- a/features/v2/undo.json +++ b/features/v2/undo.json @@ -3780,6 +3780,20 @@ "type": "safe" } }, + "ListMultipleRulesets": { + "tag": "Security Monitoring", + "undo": { + "operationId": "TODO", + "parameters": [], + "type": "unsafe" + } + }, + "GetSecretsRules": { + "tag": "Security Monitoring", + "undo": { + "type": "safe" + } + }, "GetOnDemandConcurrencyCap": { "tag": "Synthetics", "undo": { diff --git a/private/bdd_runner/src/support/scenarios_model_mapping.ts b/private/bdd_runner/src/support/scenarios_model_mapping.ts index 0689e2fae8b9..f10752da9195 100644 --- a/private/bdd_runner/src/support/scenarios_model_mapping.ts +++ b/private/bdd_runner/src/support/scenarios_model_mapping.ts @@ -4368,6 +4368,16 @@ export const ScenariosModelMappings: { [key: string]: OperationMapping } = { }, operationResponseType: "SecurityMonitoringSignalsListResponse", }, + "SecurityMonitoringApi.V2.ListMultipleRulesets": { + body: { + type: "GetMultipleRulesetsRequest", + format: "", + }, + operationResponseType: "GetMultipleRulesetsResponse", + }, + "SecurityMonitoringApi.V2.GetSecretsRules": { + operationResponseType: "SecretRuleArray", + }, "ContainerImagesApi.V2.ListContainerImages": { filterTags: { type: "string", diff --git a/services/security_monitoring/src/v2/SecurityMonitoringApi.ts b/services/security_monitoring/src/v2/SecurityMonitoringApi.ts index 7b7eeb1d66fd..4944300514c3 100644 --- a/services/security_monitoring/src/v2/SecurityMonitoringApi.ts +++ b/services/security_monitoring/src/v2/SecurityMonitoringApi.ts @@ -37,6 +37,8 @@ import { FindingStatus } from "./models/FindingStatus"; import { FindingVulnerabilityType } from "./models/FindingVulnerabilityType"; import { GetCustomFrameworkResponse } from "./models/GetCustomFrameworkResponse"; import { GetFindingResponse } from "./models/GetFindingResponse"; +import { GetMultipleRulesetsRequest } from "./models/GetMultipleRulesetsRequest"; +import { GetMultipleRulesetsResponse } from "./models/GetMultipleRulesetsResponse"; import { GetResourceEvaluationFiltersResponse } from "./models/GetResourceEvaluationFiltersResponse"; import { GetRuleVersionHistoryResponse } from "./models/GetRuleVersionHistoryResponse"; import { GetSBOMResponse } from "./models/GetSBOMResponse"; @@ -53,6 +55,7 @@ import { NotificationRulesList } from "./models/NotificationRulesList"; import { PatchNotificationRuleParameters } from "./models/PatchNotificationRuleParameters"; import { RunHistoricalJobRequest } from "./models/RunHistoricalJobRequest"; import { SBOMComponentLicenseType } from "./models/SBOMComponentLicenseType"; +import { SecretRuleArray } from "./models/SecretRuleArray"; import { SecurityFilterCreateRequest } from "./models/SecurityFilterCreateRequest"; import { SecurityFilterResponse } from "./models/SecurityFilterResponse"; import { SecurityFiltersResponse } from "./models/SecurityFiltersResponse"; @@ -1544,6 +1547,50 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { return requestContext; } + public async getSecretsRules( + _options?: Configuration, + ): Promise { + const _config = _options || this.configuration; + + if ( + !_config.unstableOperations["SecurityMonitoringApi.v2.getSecretsRules"] + ) { + throw new Error( + "Unstable operation 'getSecretsRules' is disabled. Enable it by setting `configuration.unstableOperations['SecurityMonitoringApi.v2.getSecretsRules'] = true`", + ); + } + + // Path Params + const localVarPath = "/api/v2/static-analysis/secrets/rules"; + + // Make Request Context + const { server, overrides } = _config.getServerAndOverrides( + "SecurityMonitoringApi.v2.getSecretsRules", + SecurityMonitoringApi.operationServers, + ); + const requestContext = server.makeRequestContext( + localVarPath, + HttpMethod.GET, + overrides, + ); + requestContext.setHeaderParam("Accept", "application/json"); + requestContext.setHttpConfig(_config.httpConfig); + + // Set User-Agent + if (this.userAgent) { + requestContext.setHeaderParam("User-Agent", this.userAgent); + } + + // Apply auth methods + applySecurityAuthentication(_config, requestContext, [ + "apiKeyAuth", + "appKeyAuth", + "AuthZ", + ]); + + return requestContext; + } + public async getSecurityFilter( securityFilterId: string, _options?: Configuration, @@ -2517,6 +2564,67 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { return requestContext; } + public async listMultipleRulesets( + body: GetMultipleRulesetsRequest, + _options?: Configuration, + ): Promise { + const _config = _options || this.configuration; + + if ( + !_config.unstableOperations[ + "SecurityMonitoringApi.v2.listMultipleRulesets" + ] + ) { + throw new Error( + "Unstable operation 'listMultipleRulesets' is disabled. Enable it by setting `configuration.unstableOperations['SecurityMonitoringApi.v2.listMultipleRulesets'] = true`", + ); + } + + // verify required parameter 'body' is not null or undefined + if (body === null || body === undefined) { + throw new RequiredError("body", "listMultipleRulesets"); + } + + // Path Params + const localVarPath = "/api/v2/static-analysis/rulesets"; + + // Make Request Context + const { server, overrides } = _config.getServerAndOverrides( + "SecurityMonitoringApi.v2.listMultipleRulesets", + SecurityMonitoringApi.operationServers, + ); + const requestContext = server.makeRequestContext( + localVarPath, + HttpMethod.POST, + overrides, + ); + requestContext.setHeaderParam("Accept", "application/json"); + requestContext.setHttpConfig(_config.httpConfig); + + // Set User-Agent + if (this.userAgent) { + requestContext.setHeaderParam("User-Agent", this.userAgent); + } + + // Body Params + const contentType = getPreferredMediaType(["application/json"]); + requestContext.setHeaderParam("Content-Type", contentType); + const serializedBody = stringify( + serialize(body, TypingInfo, "GetMultipleRulesetsRequest", ""), + contentType, + ); + requestContext.setBody(serializedBody); + + // Apply auth methods + applySecurityAuthentication(_config, requestContext, [ + "apiKeyAuth", + "appKeyAuth", + "AuthZ", + ]); + + return requestContext; + } + public async listSecurityFilters( _options?: Configuration, ): Promise { @@ -5818,6 +5926,62 @@ export class SecurityMonitoringApiResponseProcessor { ); } + /** + * Unwraps the actual response sent by the server from the response context and deserializes the response content + * to the expected objects + * + * @params response Response returned by the server for a request to getSecretsRules + * @throws ApiException if the response code was not in [200, 299] + */ + public async getSecretsRules( + response: ResponseContext, + ): Promise { + const contentType = normalizeMediaType(response.headers["content-type"]); + if (response.httpStatusCode === 200) { + const body: SecretRuleArray = deserialize( + parse(await response.body.text(), contentType), + TypingInfo, + "SecretRuleArray", + ) as SecretRuleArray; + return body; + } + if (response.httpStatusCode === 429) { + const bodyText = parse(await response.body.text(), contentType); + let body: APIErrorResponse; + try { + body = deserialize( + bodyText, + TypingInfo, + "APIErrorResponse", + ) as APIErrorResponse; + } catch (error) { + logger.debug(`Got error deserializing error: ${error}`); + throw new ApiException( + response.httpStatusCode, + bodyText, + ); + } + throw new ApiException(response.httpStatusCode, body); + } + + // Work around for missing responses in specification, e.g. for petstore.yaml + if (response.httpStatusCode >= 200 && response.httpStatusCode <= 299) { + const body: SecretRuleArray = deserialize( + parse(await response.body.text(), contentType), + TypingInfo, + "SecretRuleArray", + "", + ) as SecretRuleArray; + return body; + } + + const body = (await response.body.text()) || ""; + throw new ApiException( + response.httpStatusCode, + 'Unknown API Status Code!\nBody: "' + body + '"', + ); + } + /** * Unwraps the actual response sent by the server from the response context and deserializes the response content * to the expected objects @@ -6731,6 +6895,62 @@ export class SecurityMonitoringApiResponseProcessor { ); } + /** + * Unwraps the actual response sent by the server from the response context and deserializes the response content + * to the expected objects + * + * @params response Response returned by the server for a request to listMultipleRulesets + * @throws ApiException if the response code was not in [200, 299] + */ + public async listMultipleRulesets( + response: ResponseContext, + ): Promise { + const contentType = normalizeMediaType(response.headers["content-type"]); + if (response.httpStatusCode === 200) { + const body: GetMultipleRulesetsResponse = deserialize( + parse(await response.body.text(), contentType), + TypingInfo, + "GetMultipleRulesetsResponse", + ) as GetMultipleRulesetsResponse; + return body; + } + if (response.httpStatusCode === 429) { + const bodyText = parse(await response.body.text(), contentType); + let body: APIErrorResponse; + try { + body = deserialize( + bodyText, + TypingInfo, + "APIErrorResponse", + ) as APIErrorResponse; + } catch (error) { + logger.debug(`Got error deserializing error: ${error}`); + throw new ApiException( + response.httpStatusCode, + bodyText, + ); + } + throw new ApiException(response.httpStatusCode, body); + } + + // Work around for missing responses in specification, e.g. for petstore.yaml + if (response.httpStatusCode >= 200 && response.httpStatusCode <= 299) { + const body: GetMultipleRulesetsResponse = deserialize( + parse(await response.body.text(), contentType), + TypingInfo, + "GetMultipleRulesetsResponse", + "", + ) as GetMultipleRulesetsResponse; + return body; + } + + const body = (await response.body.text()) || ""; + throw new ApiException( + response.httpStatusCode, + 'Unknown API Status Code!\nBody: "' + body + '"', + ); + } + /** * Unwraps the actual response sent by the server from the response context and deserializes the response content * to the expected objects @@ -8642,6 +8862,13 @@ export interface SecurityMonitoringApiListHistoricalJobsRequest { filterQuery?: string; } +export interface SecurityMonitoringApiListMultipleRulesetsRequest { + /** + * @type GetMultipleRulesetsRequest + */ + body: GetMultipleRulesetsRequest; +} + export interface SecurityMonitoringApiListSecurityMonitoringHistsignalsRequest { /** * The search query for security signals. @@ -9802,6 +10029,21 @@ export class SecurityMonitoringApi { }); } + /** + * Returns list of Secrets rules with ID, Pattern, Description, Priority, and SDS ID + * @param param The request object + */ + public getSecretsRules(options?: Configuration): Promise { + const requestContextPromise = this.requestFactory.getSecretsRules(options); + return requestContextPromise.then((requestContext) => { + return this.configuration.httpApi + .send(requestContext) + .then((responseContext) => { + return this.responseProcessor.getSecretsRules(responseContext); + }); + }); + } + /** * Get the details of a specific security filter. * @@ -10283,6 +10525,27 @@ export class SecurityMonitoringApi { }); } + /** + * Get rules for multiple rulesets in batch. + * @param param The request object + */ + public listMultipleRulesets( + param: SecurityMonitoringApiListMultipleRulesetsRequest, + options?: Configuration, + ): Promise { + const requestContextPromise = this.requestFactory.listMultipleRulesets( + param.body, + options, + ); + return requestContextPromise.then((requestContext) => { + return this.configuration.httpApi + .send(requestContext) + .then((responseContext) => { + return this.responseProcessor.listMultipleRulesets(responseContext); + }); + }); + } + /** * Get the list of configured security filters with their definitions. * @param param The request object diff --git a/services/security_monitoring/src/v2/index.ts b/services/security_monitoring/src/v2/index.ts index b082a9953cba..50da73419d42 100644 --- a/services/security_monitoring/src/v2/index.ts +++ b/services/security_monitoring/src/v2/index.ts @@ -38,6 +38,7 @@ export { SecurityMonitoringApiListAssetsSBOMsRequest, SecurityMonitoringApiListFindingsRequest, SecurityMonitoringApiListHistoricalJobsRequest, + SecurityMonitoringApiListMultipleRulesetsRequest, SecurityMonitoringApiListSecurityMonitoringHistsignalsRequest, SecurityMonitoringApiListSecurityMonitoringRulesRequest, SecurityMonitoringApiListSecurityMonitoringSignalsRequest, @@ -127,6 +128,22 @@ export { FullCustomFrameworkData } from "./models/FullCustomFrameworkData"; export { FullCustomFrameworkDataAttributes } from "./models/FullCustomFrameworkDataAttributes"; export { GetCustomFrameworkResponse } from "./models/GetCustomFrameworkResponse"; export { GetFindingResponse } from "./models/GetFindingResponse"; +export { GetMultipleRulesetsRequest } from "./models/GetMultipleRulesetsRequest"; +export { GetMultipleRulesetsRequestData } from "./models/GetMultipleRulesetsRequestData"; +export { GetMultipleRulesetsRequestDataAttributes } from "./models/GetMultipleRulesetsRequestDataAttributes"; +export { GetMultipleRulesetsRequestDataType } from "./models/GetMultipleRulesetsRequestDataType"; +export { GetMultipleRulesetsResponse } from "./models/GetMultipleRulesetsResponse"; +export { GetMultipleRulesetsResponseData } from "./models/GetMultipleRulesetsResponseData"; +export { GetMultipleRulesetsResponseDataAttributes } from "./models/GetMultipleRulesetsResponseDataAttributes"; +export { GetMultipleRulesetsResponseDataAttributesRulesetsItems } from "./models/GetMultipleRulesetsResponseDataAttributesRulesetsItems"; +export { GetMultipleRulesetsResponseDataAttributesRulesetsItemsData } from "./models/GetMultipleRulesetsResponseDataAttributesRulesetsItemsData"; +export { GetMultipleRulesetsResponseDataAttributesRulesetsItemsDataType } from "./models/GetMultipleRulesetsResponseDataAttributesRulesetsItemsDataType"; +export { GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItems } from "./models/GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItems"; +export { GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsArgumentsItems } from "./models/GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsArgumentsItems"; +export { GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsData } from "./models/GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsData"; +export { GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsDataType } from "./models/GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsDataType"; +export { GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsTestsItems } from "./models/GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsTestsItems"; +export { GetMultipleRulesetsResponseDataType } from "./models/GetMultipleRulesetsResponseDataType"; export { GetResourceEvaluationFiltersResponse } from "./models/GetResourceEvaluationFiltersResponse"; export { GetResourceEvaluationFiltersResponseData } from "./models/GetResourceEvaluationFiltersResponseData"; export { GetRuleVersionHistoryData } from "./models/GetRuleVersionHistoryData"; @@ -195,6 +212,13 @@ export { SBOMMetadata } from "./models/SBOMMetadata"; export { SBOMMetadataAuthor } from "./models/SBOMMetadataAuthor"; export { SBOMMetadataComponent } from "./models/SBOMMetadataComponent"; export { SBOMType } from "./models/SBOMType"; +export { SecretRuleArray } from "./models/SecretRuleArray"; +export { SecretRuleData } from "./models/SecretRuleData"; +export { SecretRuleDataAttributes } from "./models/SecretRuleDataAttributes"; +export { SecretRuleDataAttributesMatchValidation } from "./models/SecretRuleDataAttributesMatchValidation"; +export { SecretRuleDataAttributesMatchValidationInvalidHttpStatusCodeItems } from "./models/SecretRuleDataAttributesMatchValidationInvalidHttpStatusCodeItems"; +export { SecretRuleDataAttributesMatchValidationValidHttpStatusCodeItems } from "./models/SecretRuleDataAttributesMatchValidationValidHttpStatusCodeItems"; +export { SecretRuleDataType } from "./models/SecretRuleDataType"; export { SecurityFilter } from "./models/SecurityFilter"; export { SecurityFilterAttributes } from "./models/SecurityFilterAttributes"; export { SecurityFilterCreateAttributes } from "./models/SecurityFilterCreateAttributes"; diff --git a/services/security_monitoring/src/v2/models/GetMultipleRulesetsRequest.ts b/services/security_monitoring/src/v2/models/GetMultipleRulesetsRequest.ts new file mode 100644 index 000000000000..1bde86b5406a --- /dev/null +++ b/services/security_monitoring/src/v2/models/GetMultipleRulesetsRequest.ts @@ -0,0 +1,46 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +import { GetMultipleRulesetsRequestData } from "./GetMultipleRulesetsRequestData"; + +/** + * The definition of `GetMultipleRulesetsRequest` object. + */ +export class GetMultipleRulesetsRequest { + /** + * The definition of `GetMultipleRulesetsRequestData` object. + */ + "data"?: GetMultipleRulesetsRequestData; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + data: { + baseName: "data", + type: "GetMultipleRulesetsRequestData", + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return GetMultipleRulesetsRequest.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/security_monitoring/src/v2/models/GetMultipleRulesetsRequestData.ts b/services/security_monitoring/src/v2/models/GetMultipleRulesetsRequestData.ts new file mode 100644 index 000000000000..9606cc721914 --- /dev/null +++ b/services/security_monitoring/src/v2/models/GetMultipleRulesetsRequestData.ts @@ -0,0 +1,64 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +import { GetMultipleRulesetsRequestDataAttributes } from "./GetMultipleRulesetsRequestDataAttributes"; +import { GetMultipleRulesetsRequestDataType } from "./GetMultipleRulesetsRequestDataType"; + +/** + * The definition of `GetMultipleRulesetsRequestData` object. + */ +export class GetMultipleRulesetsRequestData { + /** + * The definition of `GetMultipleRulesetsRequestDataAttributes` object. + */ + "attributes"?: GetMultipleRulesetsRequestDataAttributes; + /** + * The `GetMultipleRulesetsRequestData` `id`. + */ + "id"?: string; + /** + * Get multiple rulesets request resource type. + */ + "type": GetMultipleRulesetsRequestDataType; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + attributes: { + baseName: "attributes", + type: "GetMultipleRulesetsRequestDataAttributes", + }, + id: { + baseName: "id", + type: "string", + }, + type: { + baseName: "type", + type: "GetMultipleRulesetsRequestDataType", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return GetMultipleRulesetsRequestData.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/security_monitoring/src/v2/models/GetMultipleRulesetsRequestDataAttributes.ts b/services/security_monitoring/src/v2/models/GetMultipleRulesetsRequestDataAttributes.ts new file mode 100644 index 000000000000..b3aff552a744 --- /dev/null +++ b/services/security_monitoring/src/v2/models/GetMultipleRulesetsRequestDataAttributes.ts @@ -0,0 +1,60 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +/** + * The definition of `GetMultipleRulesetsRequestDataAttributes` object. + */ +export class GetMultipleRulesetsRequestDataAttributes { + /** + * The `attributes` `include_testing_rules`. + */ + "includeTestingRules"?: boolean; + /** + * The `attributes` `include_tests`. + */ + "includeTests"?: boolean; + /** + * The `attributes` `rulesets`. + */ + "rulesets"?: Array; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + includeTestingRules: { + baseName: "include_testing_rules", + type: "boolean", + }, + includeTests: { + baseName: "include_tests", + type: "boolean", + }, + rulesets: { + baseName: "rulesets", + type: "Array", + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return GetMultipleRulesetsRequestDataAttributes.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/security_monitoring/src/v2/models/GetMultipleRulesetsRequestDataType.ts b/services/security_monitoring/src/v2/models/GetMultipleRulesetsRequestDataType.ts new file mode 100644 index 000000000000..be9475288f34 --- /dev/null +++ b/services/security_monitoring/src/v2/models/GetMultipleRulesetsRequestDataType.ts @@ -0,0 +1,9 @@ +import { UnparsedObject } from "@datadog/datadog-api-client"; + +/** + * Get multiple rulesets request resource type. + */ +export type GetMultipleRulesetsRequestDataType = + | typeof GET_MULTIPLE_RULESETS_REQUEST + | UnparsedObject; +export const GET_MULTIPLE_RULESETS_REQUEST = "get_multiple_rulesets_request"; diff --git a/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponse.ts b/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponse.ts new file mode 100644 index 000000000000..036769b2712f --- /dev/null +++ b/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponse.ts @@ -0,0 +1,46 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +import { GetMultipleRulesetsResponseData } from "./GetMultipleRulesetsResponseData"; + +/** + * The definition of `GetMultipleRulesetsResponse` object. + */ +export class GetMultipleRulesetsResponse { + /** + * The definition of `GetMultipleRulesetsResponseData` object. + */ + "data"?: GetMultipleRulesetsResponseData; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + data: { + baseName: "data", + type: "GetMultipleRulesetsResponseData", + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return GetMultipleRulesetsResponse.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponseData.ts b/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponseData.ts new file mode 100644 index 000000000000..7f8e3c1e342c --- /dev/null +++ b/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponseData.ts @@ -0,0 +1,64 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +import { GetMultipleRulesetsResponseDataAttributes } from "./GetMultipleRulesetsResponseDataAttributes"; +import { GetMultipleRulesetsResponseDataType } from "./GetMultipleRulesetsResponseDataType"; + +/** + * The definition of `GetMultipleRulesetsResponseData` object. + */ +export class GetMultipleRulesetsResponseData { + /** + * The definition of `GetMultipleRulesetsResponseDataAttributes` object. + */ + "attributes"?: GetMultipleRulesetsResponseDataAttributes; + /** + * The `GetMultipleRulesetsResponseData` `id`. + */ + "id"?: string; + /** + * Get multiple rulesets response resource type. + */ + "type": GetMultipleRulesetsResponseDataType; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + attributes: { + baseName: "attributes", + type: "GetMultipleRulesetsResponseDataAttributes", + }, + id: { + baseName: "id", + type: "string", + }, + type: { + baseName: "type", + type: "GetMultipleRulesetsResponseDataType", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return GetMultipleRulesetsResponseData.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponseDataAttributes.ts b/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponseDataAttributes.ts new file mode 100644 index 000000000000..e216383ee35f --- /dev/null +++ b/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponseDataAttributes.ts @@ -0,0 +1,46 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +import { GetMultipleRulesetsResponseDataAttributesRulesetsItems } from "./GetMultipleRulesetsResponseDataAttributesRulesetsItems"; + +/** + * The definition of `GetMultipleRulesetsResponseDataAttributes` object. + */ +export class GetMultipleRulesetsResponseDataAttributes { + /** + * The `attributes` `rulesets`. + */ + "rulesets"?: Array; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + rulesets: { + baseName: "rulesets", + type: "Array", + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return GetMultipleRulesetsResponseDataAttributes.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponseDataAttributesRulesetsItems.ts b/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponseDataAttributesRulesetsItems.ts new file mode 100644 index 000000000000..69e714c902e9 --- /dev/null +++ b/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponseDataAttributesRulesetsItems.ts @@ -0,0 +1,80 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +import { GetMultipleRulesetsResponseDataAttributesRulesetsItemsData } from "./GetMultipleRulesetsResponseDataAttributesRulesetsItemsData"; +import { GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItems } from "./GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItems"; + +/** + * The definition of `GetMultipleRulesetsResponseDataAttributesRulesetsItems` object. + */ +export class GetMultipleRulesetsResponseDataAttributesRulesetsItems { + /** + * The definition of `GetMultipleRulesetsResponseDataAttributesRulesetsItemsData` object. + */ + "data": GetMultipleRulesetsResponseDataAttributesRulesetsItemsData; + /** + * The `items` `description`. + */ + "description"?: string; + /** + * The `items` `name`. + */ + "name"?: string; + /** + * The `items` `rules`. + */ + "rules"?: Array; + /** + * The `items` `short_description`. + */ + "shortDescription"?: string; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + data: { + baseName: "data", + type: "GetMultipleRulesetsResponseDataAttributesRulesetsItemsData", + required: true, + }, + description: { + baseName: "description", + type: "string", + }, + name: { + baseName: "name", + type: "string", + }, + rules: { + baseName: "rules", + type: "Array", + }, + shortDescription: { + baseName: "short_description", + type: "string", + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return GetMultipleRulesetsResponseDataAttributesRulesetsItems.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponseDataAttributesRulesetsItemsData.ts b/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponseDataAttributesRulesetsItemsData.ts new file mode 100644 index 000000000000..437ea2c74417 --- /dev/null +++ b/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponseDataAttributesRulesetsItemsData.ts @@ -0,0 +1,55 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +import { GetMultipleRulesetsResponseDataAttributesRulesetsItemsDataType } from "./GetMultipleRulesetsResponseDataAttributesRulesetsItemsDataType"; + +/** + * The definition of `GetMultipleRulesetsResponseDataAttributesRulesetsItemsData` object. + */ +export class GetMultipleRulesetsResponseDataAttributesRulesetsItemsData { + /** + * The `data` `id`. + */ + "id"?: string; + /** + * Rulesets resource type. + */ + "type": GetMultipleRulesetsResponseDataAttributesRulesetsItemsDataType; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + id: { + baseName: "id", + type: "string", + }, + type: { + baseName: "type", + type: "GetMultipleRulesetsResponseDataAttributesRulesetsItemsDataType", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return GetMultipleRulesetsResponseDataAttributesRulesetsItemsData.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponseDataAttributesRulesetsItemsDataType.ts b/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponseDataAttributesRulesetsItemsDataType.ts new file mode 100644 index 000000000000..bd2fedebebc3 --- /dev/null +++ b/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponseDataAttributesRulesetsItemsDataType.ts @@ -0,0 +1,9 @@ +import { UnparsedObject } from "@datadog/datadog-api-client"; + +/** + * Rulesets resource type. + */ +export type GetMultipleRulesetsResponseDataAttributesRulesetsItemsDataType = + | typeof RULESETS + | UnparsedObject; +export const RULESETS = "rulesets"; diff --git a/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItems.ts b/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItems.ts new file mode 100644 index 000000000000..a5a707af22ed --- /dev/null +++ b/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItems.ts @@ -0,0 +1,243 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +import { GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsArgumentsItems } from "./GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsArgumentsItems"; +import { GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsData } from "./GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsData"; +import { GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsTestsItems } from "./GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsTestsItems"; + +/** + * The definition of `GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItems` object. + */ +export class GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItems { + /** + * The `items` `arguments`. + */ + "arguments"?: Array; + /** + * The `items` `category`. + */ + "category"?: string; + /** + * The `items` `checksum`. + */ + "checksum"?: string; + /** + * The `items` `code`. + */ + "code"?: string; + /** + * The `items` `created_at`. + */ + "createdAt"?: Date; + /** + * The `items` `created_by`. + */ + "createdBy"?: string; + /** + * The `items` `cve`. + */ + "cve"?: string; + /** + * The `items` `cwe`. + */ + "cwe"?: string; + /** + * The definition of `GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsData` object. + */ + "data": GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsData; + /** + * The `items` `description`. + */ + "description"?: string; + /** + * The `items` `documentation_url`. + */ + "documentationUrl"?: string; + /** + * The `items` `entity_checked`. + */ + "entityChecked"?: string; + /** + * The `items` `is_published`. + */ + "isPublished"?: boolean; + /** + * The `items` `is_testing`. + */ + "isTesting"?: boolean; + /** + * The `items` `language`. + */ + "language"?: string; + /** + * The `items` `last_updated_at`. + */ + "lastUpdatedAt"?: Date; + /** + * The `items` `last_updated_by`. + */ + "lastUpdatedBy"?: string; + /** + * The `items` `name`. + */ + "name"?: string; + /** + * The `items` `regex`. + */ + "regex"?: string; + /** + * The `items` `severity`. + */ + "severity"?: string; + /** + * The `items` `short_description`. + */ + "shortDescription"?: string; + /** + * The `items` `should_use_ai_fix`. + */ + "shouldUseAiFix"?: boolean; + /** + * The `items` `tests`. + */ + "tests"?: Array; + /** + * The `items` `tree_sitter_query`. + */ + "treeSitterQuery"?: string; + /** + * The `items` `type`. + */ + "type"?: string; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + arguments: { + baseName: "arguments", + type: "Array", + }, + category: { + baseName: "category", + type: "string", + }, + checksum: { + baseName: "checksum", + type: "string", + }, + code: { + baseName: "code", + type: "string", + }, + createdAt: { + baseName: "created_at", + type: "Date", + format: "date-time", + }, + createdBy: { + baseName: "created_by", + type: "string", + }, + cve: { + baseName: "cve", + type: "string", + }, + cwe: { + baseName: "cwe", + type: "string", + }, + data: { + baseName: "data", + type: "GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsData", + required: true, + }, + description: { + baseName: "description", + type: "string", + }, + documentationUrl: { + baseName: "documentation_url", + type: "string", + }, + entityChecked: { + baseName: "entity_checked", + type: "string", + }, + isPublished: { + baseName: "is_published", + type: "boolean", + }, + isTesting: { + baseName: "is_testing", + type: "boolean", + }, + language: { + baseName: "language", + type: "string", + }, + lastUpdatedAt: { + baseName: "last_updated_at", + type: "Date", + format: "date-time", + }, + lastUpdatedBy: { + baseName: "last_updated_by", + type: "string", + }, + name: { + baseName: "name", + type: "string", + }, + regex: { + baseName: "regex", + type: "string", + }, + severity: { + baseName: "severity", + type: "string", + }, + shortDescription: { + baseName: "short_description", + type: "string", + }, + shouldUseAiFix: { + baseName: "should_use_ai_fix", + type: "boolean", + }, + tests: { + baseName: "tests", + type: "Array", + }, + treeSitterQuery: { + baseName: "tree_sitter_query", + type: "string", + }, + type: { + baseName: "type", + type: "string", + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItems.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsArgumentsItems.ts b/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsArgumentsItems.ts new file mode 100644 index 000000000000..ea3e35fc08a7 --- /dev/null +++ b/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsArgumentsItems.ts @@ -0,0 +1,52 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +/** + * The definition of `GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsArgumentsItems` object. + */ +export class GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsArgumentsItems { + /** + * The `items` `description`. + */ + "description"?: string; + /** + * The `items` `name`. + */ + "name"?: string; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + description: { + baseName: "description", + type: "string", + }, + name: { + baseName: "name", + type: "string", + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsArgumentsItems.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsData.ts b/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsData.ts new file mode 100644 index 000000000000..93ca54600086 --- /dev/null +++ b/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsData.ts @@ -0,0 +1,55 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +import { GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsDataType } from "./GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsDataType"; + +/** + * The definition of `GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsData` object. + */ +export class GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsData { + /** + * The `data` `id`. + */ + "id"?: string; + /** + * Rules resource type. + */ + "type": GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsDataType; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + id: { + baseName: "id", + type: "string", + }, + type: { + baseName: "type", + type: "GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsDataType", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsData.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsDataType.ts b/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsDataType.ts new file mode 100644 index 000000000000..9c05201ba95f --- /dev/null +++ b/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsDataType.ts @@ -0,0 +1,8 @@ +import { UnparsedObject } from "@datadog/datadog-api-client"; + +/** + * Rules resource type. + */ +export type GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsDataType = + typeof RULES | UnparsedObject; +export const RULES = "rules"; diff --git a/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsTestsItems.ts b/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsTestsItems.ts new file mode 100644 index 000000000000..cd5ae892563e --- /dev/null +++ b/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsTestsItems.ts @@ -0,0 +1,61 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +/** + * The definition of `GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsTestsItems` object. + */ +export class GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsTestsItems { + /** + * The `items` `annotation_count`. + */ + "annotationCount"?: number; + /** + * The `items` `code`. + */ + "code"?: string; + /** + * The `items` `filename`. + */ + "filename"?: string; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + annotationCount: { + baseName: "annotation_count", + type: "number", + format: "int64", + }, + code: { + baseName: "code", + type: "string", + }, + filename: { + baseName: "filename", + type: "string", + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsTestsItems.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponseDataType.ts b/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponseDataType.ts new file mode 100644 index 000000000000..1e449ea66bec --- /dev/null +++ b/services/security_monitoring/src/v2/models/GetMultipleRulesetsResponseDataType.ts @@ -0,0 +1,9 @@ +import { UnparsedObject } from "@datadog/datadog-api-client"; + +/** + * Get multiple rulesets response resource type. + */ +export type GetMultipleRulesetsResponseDataType = + | typeof GET_MULTIPLE_RULESETS_RESPONSE + | UnparsedObject; +export const GET_MULTIPLE_RULESETS_RESPONSE = "get_multiple_rulesets_response"; diff --git a/services/security_monitoring/src/v2/models/SecretRuleArray.ts b/services/security_monitoring/src/v2/models/SecretRuleArray.ts new file mode 100644 index 000000000000..b7fd090bd67a --- /dev/null +++ b/services/security_monitoring/src/v2/models/SecretRuleArray.ts @@ -0,0 +1,47 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +import { SecretRuleData } from "./SecretRuleData"; + +/** + * The definition of `SecretRuleArray` object. + */ +export class SecretRuleArray { + /** + * The `SecretRuleArray` `data`. + */ + "data": Array; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + data: { + baseName: "data", + type: "Array", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return SecretRuleArray.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/security_monitoring/src/v2/models/SecretRuleData.ts b/services/security_monitoring/src/v2/models/SecretRuleData.ts new file mode 100644 index 000000000000..8597d254007e --- /dev/null +++ b/services/security_monitoring/src/v2/models/SecretRuleData.ts @@ -0,0 +1,64 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +import { SecretRuleDataAttributes } from "./SecretRuleDataAttributes"; +import { SecretRuleDataType } from "./SecretRuleDataType"; + +/** + * The definition of `SecretRuleData` object. + */ +export class SecretRuleData { + /** + * The definition of `SecretRuleDataAttributes` object. + */ + "attributes"?: SecretRuleDataAttributes; + /** + * The `SecretRuleData` `id`. + */ + "id"?: string; + /** + * Secret rule resource type. + */ + "type": SecretRuleDataType; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + attributes: { + baseName: "attributes", + type: "SecretRuleDataAttributes", + }, + id: { + baseName: "id", + type: "string", + }, + type: { + baseName: "type", + type: "SecretRuleDataType", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return SecretRuleData.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/security_monitoring/src/v2/models/SecretRuleDataAttributes.ts b/services/security_monitoring/src/v2/models/SecretRuleDataAttributes.ts new file mode 100644 index 000000000000..70fcfd14362a --- /dev/null +++ b/services/security_monitoring/src/v2/models/SecretRuleDataAttributes.ts @@ -0,0 +1,110 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +import { SecretRuleDataAttributesMatchValidation } from "./SecretRuleDataAttributesMatchValidation"; + +/** + * The definition of `SecretRuleDataAttributes` object. + */ +export class SecretRuleDataAttributes { + /** + * The `attributes` `default_included_keywords`. + */ + "defaultIncludedKeywords"?: Array; + /** + * The `attributes` `description`. + */ + "description"?: string; + /** + * The `attributes` `license`. + */ + "license"?: string; + /** + * The definition of `SecretRuleDataAttributesMatchValidation` object. + */ + "matchValidation"?: SecretRuleDataAttributesMatchValidation; + /** + * The `attributes` `name`. + */ + "name"?: string; + /** + * The `attributes` `pattern`. + */ + "pattern"?: string; + /** + * The `attributes` `priority`. + */ + "priority"?: string; + /** + * The `attributes` `sds_id`. + */ + "sdsId"?: string; + /** + * The `attributes` `validators`. + */ + "validators"?: Array; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + defaultIncludedKeywords: { + baseName: "default_included_keywords", + type: "Array", + }, + description: { + baseName: "description", + type: "string", + }, + license: { + baseName: "license", + type: "string", + }, + matchValidation: { + baseName: "match_validation", + type: "SecretRuleDataAttributesMatchValidation", + }, + name: { + baseName: "name", + type: "string", + }, + pattern: { + baseName: "pattern", + type: "string", + }, + priority: { + baseName: "priority", + type: "string", + }, + sdsId: { + baseName: "sds_id", + type: "string", + }, + validators: { + baseName: "validators", + type: "Array", + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return SecretRuleDataAttributes.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/security_monitoring/src/v2/models/SecretRuleDataAttributesMatchValidation.ts b/services/security_monitoring/src/v2/models/SecretRuleDataAttributesMatchValidation.ts new file mode 100644 index 000000000000..44f5f1d06d7a --- /dev/null +++ b/services/security_monitoring/src/v2/models/SecretRuleDataAttributesMatchValidation.ts @@ -0,0 +1,104 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +import { SecretRuleDataAttributesMatchValidationInvalidHttpStatusCodeItems } from "./SecretRuleDataAttributesMatchValidationInvalidHttpStatusCodeItems"; +import { SecretRuleDataAttributesMatchValidationValidHttpStatusCodeItems } from "./SecretRuleDataAttributesMatchValidationValidHttpStatusCodeItems"; + +/** + * The definition of `SecretRuleDataAttributesMatchValidation` object. + */ +export class SecretRuleDataAttributesMatchValidation { + /** + * The `match_validation` `endpoint`. + */ + "endpoint"?: string; + /** + * The `match_validation` `hosts`. + */ + "hosts"?: Array; + /** + * The `match_validation` `http_method`. + */ + "httpMethod"?: string; + /** + * The `match_validation` `invalid_http_status_code`. + */ + "invalidHttpStatusCode"?: Array; + /** + * The `match_validation` `request_headers`. + */ + "requestHeaders"?: { [key: string]: string }; + /** + * The `match_validation` `timeout_seconds`. + */ + "timeoutSeconds"?: number; + /** + * The `match_validation` `type`. + */ + "type"?: string; + /** + * The `match_validation` `valid_http_status_code`. + */ + "validHttpStatusCode"?: Array; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + endpoint: { + baseName: "endpoint", + type: "string", + }, + hosts: { + baseName: "hosts", + type: "Array", + }, + httpMethod: { + baseName: "http_method", + type: "string", + }, + invalidHttpStatusCode: { + baseName: "invalid_http_status_code", + type: "Array", + }, + requestHeaders: { + baseName: "request_headers", + type: "{ [key: string]: string; }", + }, + timeoutSeconds: { + baseName: "timeout_seconds", + type: "number", + format: "int64", + }, + type: { + baseName: "type", + type: "string", + }, + validHttpStatusCode: { + baseName: "valid_http_status_code", + type: "Array", + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return SecretRuleDataAttributesMatchValidation.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/security_monitoring/src/v2/models/SecretRuleDataAttributesMatchValidationInvalidHttpStatusCodeItems.ts b/services/security_monitoring/src/v2/models/SecretRuleDataAttributesMatchValidationInvalidHttpStatusCodeItems.ts new file mode 100644 index 000000000000..1aaa5fed9cc3 --- /dev/null +++ b/services/security_monitoring/src/v2/models/SecretRuleDataAttributesMatchValidationInvalidHttpStatusCodeItems.ts @@ -0,0 +1,54 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +/** + * The definition of `SecretRuleDataAttributesMatchValidationInvalidHttpStatusCodeItems` object. + */ +export class SecretRuleDataAttributesMatchValidationInvalidHttpStatusCodeItems { + /** + * The `items` `end`. + */ + "end"?: number; + /** + * The `items` `start`. + */ + "start"?: number; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + end: { + baseName: "end", + type: "number", + format: "int64", + }, + start: { + baseName: "start", + type: "number", + format: "int64", + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return SecretRuleDataAttributesMatchValidationInvalidHttpStatusCodeItems.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/security_monitoring/src/v2/models/SecretRuleDataAttributesMatchValidationValidHttpStatusCodeItems.ts b/services/security_monitoring/src/v2/models/SecretRuleDataAttributesMatchValidationValidHttpStatusCodeItems.ts new file mode 100644 index 000000000000..3668a5dbaafb --- /dev/null +++ b/services/security_monitoring/src/v2/models/SecretRuleDataAttributesMatchValidationValidHttpStatusCodeItems.ts @@ -0,0 +1,54 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +/** + * The definition of `SecretRuleDataAttributesMatchValidationValidHttpStatusCodeItems` object. + */ +export class SecretRuleDataAttributesMatchValidationValidHttpStatusCodeItems { + /** + * The `items` `end`. + */ + "end"?: number; + /** + * The `items` `start`. + */ + "start"?: number; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + end: { + baseName: "end", + type: "number", + format: "int64", + }, + start: { + baseName: "start", + type: "number", + format: "int64", + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return SecretRuleDataAttributesMatchValidationValidHttpStatusCodeItems.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/security_monitoring/src/v2/models/SecretRuleDataType.ts b/services/security_monitoring/src/v2/models/SecretRuleDataType.ts new file mode 100644 index 000000000000..824e55537da9 --- /dev/null +++ b/services/security_monitoring/src/v2/models/SecretRuleDataType.ts @@ -0,0 +1,7 @@ +import { UnparsedObject } from "@datadog/datadog-api-client"; + +/** + * Secret rule resource type. + */ +export type SecretRuleDataType = typeof SECRET_RULE | UnparsedObject; +export const SECRET_RULE = "secret_rule"; diff --git a/services/security_monitoring/src/v2/models/TypingInfo.ts b/services/security_monitoring/src/v2/models/TypingInfo.ts index 61fea6c3e5a6..8134789041a3 100644 --- a/services/security_monitoring/src/v2/models/TypingInfo.ts +++ b/services/security_monitoring/src/v2/models/TypingInfo.ts @@ -54,6 +54,18 @@ import { FullCustomFrameworkData } from "./FullCustomFrameworkData"; import { FullCustomFrameworkDataAttributes } from "./FullCustomFrameworkDataAttributes"; import { GetCustomFrameworkResponse } from "./GetCustomFrameworkResponse"; import { GetFindingResponse } from "./GetFindingResponse"; +import { GetMultipleRulesetsRequest } from "./GetMultipleRulesetsRequest"; +import { GetMultipleRulesetsRequestData } from "./GetMultipleRulesetsRequestData"; +import { GetMultipleRulesetsRequestDataAttributes } from "./GetMultipleRulesetsRequestDataAttributes"; +import { GetMultipleRulesetsResponse } from "./GetMultipleRulesetsResponse"; +import { GetMultipleRulesetsResponseData } from "./GetMultipleRulesetsResponseData"; +import { GetMultipleRulesetsResponseDataAttributes } from "./GetMultipleRulesetsResponseDataAttributes"; +import { GetMultipleRulesetsResponseDataAttributesRulesetsItems } from "./GetMultipleRulesetsResponseDataAttributesRulesetsItems"; +import { GetMultipleRulesetsResponseDataAttributesRulesetsItemsData } from "./GetMultipleRulesetsResponseDataAttributesRulesetsItemsData"; +import { GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItems } from "./GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItems"; +import { GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsArgumentsItems } from "./GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsArgumentsItems"; +import { GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsData } from "./GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsData"; +import { GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsTestsItems } from "./GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsTestsItems"; import { GetResourceEvaluationFiltersResponse } from "./GetResourceEvaluationFiltersResponse"; import { GetResourceEvaluationFiltersResponseData } from "./GetResourceEvaluationFiltersResponseData"; import { GetRuleVersionHistoryData } from "./GetRuleVersionHistoryData"; @@ -111,6 +123,12 @@ import { SBOMComponentSupplier } from "./SBOMComponentSupplier"; import { SBOMMetadata } from "./SBOMMetadata"; import { SBOMMetadataAuthor } from "./SBOMMetadataAuthor"; import { SBOMMetadataComponent } from "./SBOMMetadataComponent"; +import { SecretRuleArray } from "./SecretRuleArray"; +import { SecretRuleData } from "./SecretRuleData"; +import { SecretRuleDataAttributes } from "./SecretRuleDataAttributes"; +import { SecretRuleDataAttributesMatchValidation } from "./SecretRuleDataAttributesMatchValidation"; +import { SecretRuleDataAttributesMatchValidationInvalidHttpStatusCodeItems } from "./SecretRuleDataAttributesMatchValidationInvalidHttpStatusCodeItems"; +import { SecretRuleDataAttributesMatchValidationValidHttpStatusCodeItems } from "./SecretRuleDataAttributesMatchValidationValidHttpStatusCodeItems"; import { SecurityFilter } from "./SecurityFilter"; import { SecurityFilterAttributes } from "./SecurityFilterAttributes"; import { SecurityFilterCreateAttributes } from "./SecurityFilterCreateAttributes"; @@ -236,6 +254,14 @@ export const TypingInfo: ModelTypingInfo = { "identity_risk", "api_security", ], + GetMultipleRulesetsRequestDataType: ["get_multiple_rulesets_request"], + GetMultipleRulesetsResponseDataAttributesRulesetsItemsDataType: [ + "rulesets", + ], + GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsDataType: [ + "rules", + ], + GetMultipleRulesetsResponseDataType: ["get_multiple_rulesets_response"], GetRuleVersionHistoryDataType: ["GetRuleVersionHistoryResponse"], HistoricalJobDataType: ["historicalDetectionsJob"], NotificationRulesType: ["notification_rules"], @@ -285,6 +311,7 @@ export const TypingInfo: ModelTypingInfo = { "platform", ], SBOMType: ["sboms"], + SecretRuleDataType: ["secret_rule"], SecurityFilterFilteredDataType: ["logs"], SecurityFilterType: ["security_filters"], SecurityMonitoringFilterAction: ["require", "suppress"], @@ -542,6 +569,26 @@ export const TypingInfo: ModelTypingInfo = { FullCustomFrameworkDataAttributes: FullCustomFrameworkDataAttributes, GetCustomFrameworkResponse: GetCustomFrameworkResponse, GetFindingResponse: GetFindingResponse, + GetMultipleRulesetsRequest: GetMultipleRulesetsRequest, + GetMultipleRulesetsRequestData: GetMultipleRulesetsRequestData, + GetMultipleRulesetsRequestDataAttributes: + GetMultipleRulesetsRequestDataAttributes, + GetMultipleRulesetsResponse: GetMultipleRulesetsResponse, + GetMultipleRulesetsResponseData: GetMultipleRulesetsResponseData, + GetMultipleRulesetsResponseDataAttributes: + GetMultipleRulesetsResponseDataAttributes, + GetMultipleRulesetsResponseDataAttributesRulesetsItems: + GetMultipleRulesetsResponseDataAttributesRulesetsItems, + GetMultipleRulesetsResponseDataAttributesRulesetsItemsData: + GetMultipleRulesetsResponseDataAttributesRulesetsItemsData, + GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItems: + GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItems, + GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsArgumentsItems: + GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsArgumentsItems, + GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsData: + GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsData, + GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsTestsItems: + GetMultipleRulesetsResponseDataAttributesRulesetsItemsRulesItemsTestsItems, GetResourceEvaluationFiltersResponse: GetResourceEvaluationFiltersResponse, GetResourceEvaluationFiltersResponseData: GetResourceEvaluationFiltersResponseData, @@ -601,6 +648,15 @@ export const TypingInfo: ModelTypingInfo = { SBOMMetadata: SBOMMetadata, SBOMMetadataAuthor: SBOMMetadataAuthor, SBOMMetadataComponent: SBOMMetadataComponent, + SecretRuleArray: SecretRuleArray, + SecretRuleData: SecretRuleData, + SecretRuleDataAttributes: SecretRuleDataAttributes, + SecretRuleDataAttributesMatchValidation: + SecretRuleDataAttributesMatchValidation, + SecretRuleDataAttributesMatchValidationInvalidHttpStatusCodeItems: + SecretRuleDataAttributesMatchValidationInvalidHttpStatusCodeItems, + SecretRuleDataAttributesMatchValidationValidHttpStatusCodeItems: + SecretRuleDataAttributesMatchValidationValidHttpStatusCodeItems, SecurityFilter: SecurityFilter, SecurityFilterAttributes: SecurityFilterAttributes, SecurityFilterCreateAttributes: SecurityFilterCreateAttributes,