security_monitoring - Document rules bulk export (DataDog#3615)

Co-authored-by: ci.datadog-api-spec <packages@datadoghq.com>

Author: api-clients-generation-pipeline[bot]

.generator/schemas/v2/openapi.yaml

@@ -49985,6 +49985,55 @@ components:
       - TWO_DAYS
       - ONE_WEEK
       - TWO_WEEKS
+    SecurityMonitoringRuleBulkExportAttributes:
+      description: Attributes for bulk exporting security monitoring rules.
+      properties:
+        ruleIds:
+          description: 'List of rule IDs to export. Each rule will be included in
+            the resulting ZIP file
+
+            as a separate JSON file.'
+          example:
+          - def-000-u7q
+          - def-000-7dd
+          items:
+            type: string
+          minItems: 1
+          type: array
+      required:
+      - ruleIds
+      type: object
+    SecurityMonitoringRuleBulkExportData:
+      description: Data for bulk exporting security monitoring rules.
+      properties:
+        attributes:
+          $ref: '#/components/schemas/SecurityMonitoringRuleBulkExportAttributes'
+        id:
+          description: Request ID.
+          example: bulk_export
+          type: string
+        type:
+          $ref: '#/components/schemas/SecurityMonitoringRuleBulkExportDataType'
+      required:
+      - attributes
+      - type
+      type: object
+    SecurityMonitoringRuleBulkExportDataType:
+      description: The type of the resource.
+      enum:
+      - security_monitoring_rules_bulk_export
+      example: security_monitoring_rules_bulk_export
+      type: string
+      x-enum-varnames:
+      - SECURITY_MONITORING_RULES_BULK_EXPORT
+    SecurityMonitoringRuleBulkExportPayload:
+      description: Payload for bulk exporting security monitoring rules.
+      properties:
+        data:
+          $ref: '#/components/schemas/SecurityMonitoringRuleBulkExportData'
+      required:
+      - data
+      type: object
     SecurityMonitoringRuleCase:
       description: Case when signal is generated.
       properties:
@@ -87257,6 +87306,51 @@ paths:
         operator: OR
         permissions:
         - security_monitoring_rules_write
+  /api/v2/security_monitoring/rules/bulk_export:
+    post:
+      description: 'Export a list of security monitoring rules as a ZIP file containing
+        JSON rule definitions.
+
+        The endpoint accepts a list of rule IDs and returns a ZIP archive where each
+        rule is
+
+        saved as a separate JSON file named after the rule.'
+      operationId: BulkExportSecurityMonitoringRules
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/SecurityMonitoringRuleBulkExportPayload'
+        required: true
+      responses:
+        '200':
+          content:
+            application/zip:
+              schema:
+                format: binary
+                type: string
+          description: OK
+        '400':
+          $ref: '#/components/responses/BadRequestResponse'
+        '403':
+          $ref: '#/components/responses/NotAuthorizedResponse'
+        '404':
+          $ref: '#/components/responses/NotFoundResponse'
+        '429':
+          $ref: '#/components/responses/TooManyRequestsResponse'
+      security:
+      - apiKeyAuth: []
+        appKeyAuth: []
+      - AuthZ:
+        - security_monitoring_rules_read
+      summary: Bulk export security monitoring rules
+      tags:
+      - Security Monitoring
+      x-codegen-request-body-name: body
+      x-permission:
+        operator: OR
+        permissions:
+        - security_monitoring_rules_read
   /api/v2/security_monitoring/rules/convert:
     post:
       description: 'Convert a rule that doesn''t (yet) exist from JSON to Terraform

api/datadogV2/api_security_monitoring.go

@@ -7,6 +7,7 @@ package datadogV2
 import (
 	_context "context"
 	_fmt "fmt"
+	_io "io"
 	_log "log"
 	_nethttp "net/http"
 	_neturl "net/url"
@@ -191,6 +192,80 @@ func (a *SecurityMonitoringApi) AttachJiraIssue(ctx _context.Context, body Attac
 	return localVarReturnValue, localVarHTTPResponse, nil
 }
 
+// BulkExportSecurityMonitoringRules Bulk export security monitoring rules.
+// Export a list of security monitoring rules as a ZIP file containing JSON rule definitions.
+// The endpoint accepts a list of rule IDs and returns a ZIP archive where each rule is
+// saved as a separate JSON file named after the rule.
+func (a *SecurityMonitoringApi) BulkExportSecurityMonitoringRules(ctx _context.Context, body SecurityMonitoringRuleBulkExportPayload) (_io.Reader, *_nethttp.Response, error) {
+	var (
+		localVarHTTPMethod  = _nethttp.MethodPost
+		localVarPostBody    interface{}
+		localVarReturnValue _io.Reader
+	)
+
+	localBasePath, err := a.Client.Cfg.ServerURLWithContext(ctx, "v2.SecurityMonitoringApi.BulkExportSecurityMonitoringRules")
+	if err != nil {
+		return localVarReturnValue, nil, datadog.GenericOpenAPIError{ErrorMessage: err.Error()}
+	}
+
+	localVarPath := localBasePath + "/api/v2/security_monitoring/rules/bulk_export"
+
+	localVarHeaderParams := make(map[string]string)
+	localVarQueryParams := _neturl.Values{}
+	localVarFormParams := _neturl.Values{}
+	localVarHeaderParams["Content-Type"] = "application/json"
+	localVarHeaderParams["Accept"] = "application/json"
+
+	// body params
+	localVarPostBody = &body
+	if a.Client.Cfg.DelegatedTokenConfig != nil {
+		err = datadog.UseDelegatedTokenAuth(ctx, &localVarHeaderParams, a.Client.Cfg.DelegatedTokenConfig)
+		if err != nil {
+			return localVarReturnValue, nil, err
+		}
+	} else {
+		datadog.SetAuthKeys(
+			ctx,
+			&localVarHeaderParams,
+			[2]string{"apiKeyAuth", "DD-API-KEY"},
+			[2]string{"appKeyAuth", "DD-APPLICATION-KEY"},
+		)
+	}
+	req, err := a.Client.PrepareRequest(ctx, localVarPath, localVarHTTPMethod, localVarPostBody, localVarHeaderParams, localVarQueryParams, localVarFormParams, nil)
+	if err != nil {
+		return localVarReturnValue, nil, err
+	}
+
+	localVarHTTPResponse, err := a.Client.CallAPI(req)
+	if err != nil || localVarHTTPResponse == nil {
+		return localVarReturnValue, localVarHTTPResponse, err
+	}
+
+	if localVarHTTPResponse.StatusCode >= 300 {
+
+		localVarBody, err := datadog.ReadBody(localVarHTTPResponse)
+		if err != nil {
+			return localVarReturnValue, localVarHTTPResponse, err
+		}
+		newErr := datadog.GenericOpenAPIError{
+			ErrorBody:    localVarBody,
+			ErrorMessage: localVarHTTPResponse.Status,
+		}
+		if localVarHTTPResponse.StatusCode == 400 || localVarHTTPResponse.StatusCode == 403 || localVarHTTPResponse.StatusCode == 404 || localVarHTTPResponse.StatusCode == 429 {
+			var v APIErrorResponse
+			err = a.Client.Decode(&v, localVarBody, localVarHTTPResponse.Header.Get("Content-Type"))
+			if err != nil {
+				return localVarReturnValue, localVarHTTPResponse, newErr
+			}
+			newErr.ErrorModel = v
+		}
+		return localVarReturnValue, localVarHTTPResponse, newErr
+	}
+	localVarReturnValue = localVarHTTPResponse.Body
+
+	return localVarReturnValue, localVarHTTPResponse, nil
+}
+
 // CancelThreatHuntingJob Cancel a threat hunting job.
 // Cancel a threat hunting job.
 func (a *SecurityMonitoringApi) CancelThreatHuntingJob(ctx _context.Context, jobId string) (*_nethttp.Response, error) {

api/datadogV2/doc.go

@@ -548,6 +548,7 @@
 //   - [RumRetentionFiltersApi.UpdateRetentionFilter]
 //   - [SecurityMonitoringApi.AttachCase]
 //   - [SecurityMonitoringApi.AttachJiraIssue]
+//   - [SecurityMonitoringApi.BulkExportSecurityMonitoringRules]
 //   - [SecurityMonitoringApi.CancelThreatHuntingJob]
 //   - [SecurityMonitoringApi.ConvertExistingSecurityMonitoringRule]
 //   - [SecurityMonitoringApi.ConvertJobResultToSignal]

api/datadogV2/model_security_monitoring_rule_bulk_export_attributes.go

@@ -0,0 +1,102 @@
+// Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License.
+// This product includes software developed at Datadog (https://www.datadoghq.com/).
+// Copyright 2019-Present Datadog, Inc.
+
+package datadogV2
+
+import (
+	"fmt"
+
+	"github.com/DataDog/datadog-api-client-go/v2/api/datadog"
+)
+
+// SecurityMonitoringRuleBulkExportAttributes Attributes for bulk exporting security monitoring rules.
+type SecurityMonitoringRuleBulkExportAttributes struct {
+	// List of rule IDs to export. Each rule will be included in the resulting ZIP file
+	// as a separate JSON file.
+	RuleIds []string `json:"ruleIds"`
+	// UnparsedObject contains the raw value of the object if there was an error when deserializing into the struct
+	UnparsedObject       map[string]interface{} `json:"-"`
+	AdditionalProperties map[string]interface{} `json:"-"`
+}
+
+// NewSecurityMonitoringRuleBulkExportAttributes instantiates a new SecurityMonitoringRuleBulkExportAttributes object.
+// This constructor will assign default values to properties that have it defined,
+// and makes sure properties required by API are set, but the set of arguments
+// will change when the set of required properties is changed.
+func NewSecurityMonitoringRuleBulkExportAttributes(ruleIds []string) *SecurityMonitoringRuleBulkExportAttributes {
+	this := SecurityMonitoringRuleBulkExportAttributes{}
+	this.RuleIds = ruleIds
+	return &this
+}
+
+// NewSecurityMonitoringRuleBulkExportAttributesWithDefaults instantiates a new SecurityMonitoringRuleBulkExportAttributes object.
+// This constructor will only assign default values to properties that have it defined,
+// but it doesn't guarantee that properties required by API are set.
+func NewSecurityMonitoringRuleBulkExportAttributesWithDefaults() *SecurityMonitoringRuleBulkExportAttributes {
+	this := SecurityMonitoringRuleBulkExportAttributes{}
+	return &this
+}
+
+// GetRuleIds returns the RuleIds field value.
+func (o *SecurityMonitoringRuleBulkExportAttributes) GetRuleIds() []string {
+	if o == nil {
+		var ret []string
+		return ret
+	}
+	return o.RuleIds
+}
+
+// GetRuleIdsOk returns a tuple with the RuleIds field value
+// and a boolean to check if the value has been set.
+func (o *SecurityMonitoringRuleBulkExportAttributes) GetRuleIdsOk() (*[]string, bool) {
+	if o == nil {
+		return nil, false
+	}
+	return &o.RuleIds, true
+}
+
+// SetRuleIds sets field value.
+func (o *SecurityMonitoringRuleBulkExportAttributes) SetRuleIds(v []string) {
+	o.RuleIds = v
+}
+
+// MarshalJSON serializes the struct using spec logic.
+func (o SecurityMonitoringRuleBulkExportAttributes) MarshalJSON() ([]byte, error) {
+	toSerialize := map[string]interface{}{}
+	if o.UnparsedObject != nil {
+		return datadog.Marshal(o.UnparsedObject)
+	}
+	toSerialize["ruleIds"] = o.RuleIds
+
+	for key, value := range o.AdditionalProperties {
+		toSerialize[key] = value
+	}
+	return datadog.Marshal(toSerialize)
+}
+
+// UnmarshalJSON deserializes the given payload.
+func (o *SecurityMonitoringRuleBulkExportAttributes) UnmarshalJSON(bytes []byte) (err error) {
+	all := struct {
+		RuleIds *[]string `json:"ruleIds"`
+	}{}
+	if err = datadog.Unmarshal(bytes, &all); err != nil {
+		return datadog.Unmarshal(bytes, &o.UnparsedObject)
+	}
+	if all.RuleIds == nil {
+		return fmt.Errorf("required field ruleIds missing")
+	}
+	additionalProperties := make(map[string]interface{})
+	if err = datadog.Unmarshal(bytes, &additionalProperties); err == nil {
+		datadog.DeleteKeys(additionalProperties, &[]string{"ruleIds"})
+	} else {
+		return err
+	}
+	o.RuleIds = *all.RuleIds
+
+	if len(additionalProperties) > 0 {
+		o.AdditionalProperties = additionalProperties
+	}
+
+	return nil
+}