diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index c4dc79f92fd..816ac84aac5 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -57796,7 +57796,8 @@ components: Signal-based notification rules can filter signals based on rule types application_security, log_detection, workload_security, signal_correlation, cloud_configuration and infrastructure_configuration. Vulnerability-based notification rules can filter vulnerabilities based on rule types application_code_vulnerability, - application_library_vulnerability, attack_path, container_image_vulnerability, identity_risk, misconfiguration, api_security, host_vulnerability and iac_misconfiguration. + application_library_vulnerability, attack_path, container_image_vulnerability, identity_risk, misconfiguration, + api_security, host_vulnerability, iac_misconfiguration, sast_vulnerability and secret_vulnerability. enum: - application_security - log_detection @@ -57813,6 +57814,8 @@ components: - api_security - host_vulnerability - iac_misconfiguration + - sast_vulnerability + - secret_vulnerability type: string x-enum-varnames: - APPLICATION_SECURITY @@ -57830,6 +57833,8 @@ components: - API_SECURITY - HOST_VULNERABILITY - IAC_MISCONFIGURATION + - SAST_VULNERABILITY + - SECRET_VULNERABILITY RuleUser: description: User creating or modifying a rule. properties: diff --git a/api/datadogV2/model_rule_types_items.go b/api/datadogV2/model_rule_types_items.go index 3b6c3a27b04..4c93ac9c50e 100644 --- a/api/datadogV2/model_rule_types_items.go +++ b/api/datadogV2/model_rule_types_items.go @@ -14,7 +14,8 @@ import ( // Signal-based notification rules can filter signals based on rule types application_security, log_detection, // workload_security, signal_correlation, cloud_configuration and infrastructure_configuration. // Vulnerability-based notification rules can filter vulnerabilities based on rule types application_code_vulnerability, -// application_library_vulnerability, attack_path, container_image_vulnerability, identity_risk, misconfiguration, api_security, host_vulnerability and iac_misconfiguration. +// application_library_vulnerability, attack_path, container_image_vulnerability, identity_risk, misconfiguration, +// api_security, host_vulnerability, iac_misconfiguration, sast_vulnerability and secret_vulnerability. type RuleTypesItems string // List of RuleTypesItems. @@ -34,6 +35,8 @@ const ( RULETYPESITEMS_API_SECURITY RuleTypesItems = "api_security" RULETYPESITEMS_HOST_VULNERABILITY RuleTypesItems = "host_vulnerability" RULETYPESITEMS_IAC_MISCONFIGURATION RuleTypesItems = "iac_misconfiguration" + RULETYPESITEMS_SAST_VULNERABILITY RuleTypesItems = "sast_vulnerability" + RULETYPESITEMS_SECRET_VULNERABILITY RuleTypesItems = "secret_vulnerability" ) var allowedRuleTypesItemsEnumValues = []RuleTypesItems{ @@ -52,6 +55,8 @@ var allowedRuleTypesItemsEnumValues = []RuleTypesItems{ RULETYPESITEMS_API_SECURITY, RULETYPESITEMS_HOST_VULNERABILITY, RULETYPESITEMS_IAC_MISCONFIGURATION, + RULETYPESITEMS_SAST_VULNERABILITY, + RULETYPESITEMS_SECRET_VULNERABILITY, } // GetAllowedValues reeturns the list of possible values. diff --git a/examples/v2/security-monitoring/CreateVulnerabilityNotificationRule_2417112739.go b/examples/v2/security-monitoring/CreateVulnerabilityNotificationRule_2417112739.go new file mode 100644 index 00000000000..b7394750a58 --- /dev/null +++ b/examples/v2/security-monitoring/CreateVulnerabilityNotificationRule_2417112739.go @@ -0,0 +1,54 @@ +// Create a new vulnerability-based notification rule with sast and secret rule types returns "Successfully created the +// notification rule." response + +package main + +import ( + "context" + "encoding/json" + "fmt" + "os" + + "github.com/DataDog/datadog-api-client-go/v2/api/datadog" + "github.com/DataDog/datadog-api-client-go/v2/api/datadogV2" +) + +func main() { + body := datadogV2.CreateNotificationRuleParameters{ + Data: &datadogV2.CreateNotificationRuleParametersData{ + Attributes: datadogV2.CreateNotificationRuleParametersDataAttributes{ + Enabled: datadog.PtrBool(true), + Name: "Example-Security-Monitoring", + Selectors: datadogV2.Selectors{ + Query: datadog.PtrString("(source:production_service OR env:prod)"), + RuleTypes: []datadogV2.RuleTypesItems{ + datadogV2.RULETYPESITEMS_SAST_VULNERABILITY, + datadogV2.RULETYPESITEMS_SECRET_VULNERABILITY, + }, + Severities: []datadogV2.RuleSeverity{ + datadogV2.RULESEVERITY_CRITICAL, + }, + TriggerSource: datadogV2.TRIGGERSOURCE_SECURITY_FINDINGS, + }, + Targets: []string{ + "@john.doe@email.com", + }, + TimeAggregation: datadog.PtrInt64(86400), + }, + Type: datadogV2.NOTIFICATIONRULESTYPE_NOTIFICATION_RULES, + }, + } + ctx := datadog.NewDefaultContext(context.Background()) + configuration := datadog.NewConfiguration() + apiClient := datadog.NewAPIClient(configuration) + api := datadogV2.NewSecurityMonitoringApi(apiClient) + resp, r, err := api.CreateVulnerabilityNotificationRule(ctx, body) + + if err != nil { + fmt.Fprintf(os.Stderr, "Error when calling `SecurityMonitoringApi.CreateVulnerabilityNotificationRule`: %v\n", err) + fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) + } + + responseContent, _ := json.MarshalIndent(resp, "", " ") + fmt.Fprintf(os.Stdout, "Response from `SecurityMonitoringApi.CreateVulnerabilityNotificationRule`:\n%s\n", responseContent) +} diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_new_vulnerability-based_notification_rule_with_sast_and_secret_rule_types_returns_Successfully_created_the_notification_rule._response.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_new_vulnerability-based_notification_rule_with_sast_and_secret_rule_types_returns_Successfully_created_the_notification_rule._response.freeze new file mode 100644 index 00000000000..0a015a705ff --- /dev/null +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_new_vulnerability-based_notification_rule_with_sast_and_secret_rule_types_returns_Successfully_created_the_notification_rule._response.freeze @@ -0,0 +1 @@ +2026-04-16T13:47:18.057Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_new_vulnerability-based_notification_rule_with_sast_and_secret_rule_types_returns_Successfully_created_the_notification_rule._response.yaml b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_new_vulnerability-based_notification_rule_with_sast_and_secret_rule_types_returns_Successfully_created_the_notification_rule._response.yaml new file mode 100644 index 00000000000..923405182cc --- /dev/null +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_new_vulnerability-based_notification_rule_with_sast_and_secret_rule_types_returns_Successfully_created_the_notification_rule._response.yaml @@ -0,0 +1,40 @@ +interactions: +- request: + body: | + {"data":{"attributes":{"enabled":true,"name":"Test-Create_a_new_vulnerability_based_notification_rule_with_sast_and_secret_rule_types_returns_Successfu-1776347238","selectors":{"query":"(source:production_service OR env:prod)","rule_types":["sast_vulnerability","secret_vulnerability"],"severities":["critical"],"trigger_source":"security_findings"},"targets":["@john.doe@email.com"],"time_aggregation":86400},"type":"notification_rules"}} + form: {} + headers: + Accept: + - application/json + Content-Type: + - application/json + id: 0 + method: POST + url: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules + response: + body: '{"data":{"id":"exz-ipg-n1m","type":"notification_rules","attributes":{"created_at":1776347239287,"created_by":{"name":"CI + Account","handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca"},"enabled":true,"modified_at":1776347239287,"modified_by":{"name":"CI + Account","handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca"},"name":"Test-Create_a_new_vulnerability_based_notification_rule_with_sast_and_secret_rule_types_returns_Successfu-1776347238","selectors":{"severities":["critical"],"rule_types":["sast_vulnerability","secret_vulnerability"],"query":"(source:production_service + OR env:prod)","trigger_source":"security_findings"},"targets":["@john.doe@email.com"],"time_aggregation":86400,"version":1}}}' + code: 201 + duration: 0ms + headers: + Content-Type: + - application/vnd.api+json + status: 201 Created +- request: + body: '' + form: {} + headers: + Accept: + - '*/*' + id: 1 + method: DELETE + url: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/exz-ipg-n1m + response: + body: '' + code: 204 + duration: 0ms + headers: {} + status: 204 No Content +version: 2 diff --git a/tests/scenarios/features/v2/security_monitoring.feature b/tests/scenarios/features/v2/security_monitoring.feature index ac7b626e0d3..d2cfdeaea0b 100644 --- a/tests/scenarios/features/v2/security_monitoring.feature +++ b/tests/scenarios/features/v2/security_monitoring.feature @@ -591,6 +591,13 @@ Feature: Security Monitoring When the request is sent Then the response status is 201 Successfully created the notification rule. + @team:DataDog/cloud-security-posture-management + Scenario: Create a new vulnerability-based notification rule with sast and secret rule types returns "Successfully created the notification rule." response + Given new "CreateVulnerabilityNotificationRule" request + And body with value {"data": {"attributes": {"enabled": true, "name": "{{ unique }}", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["sast_vulnerability", "secret_vulnerability"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400}, "type": "notification_rules"}} + When the request is sent + Then the response status is 201 Successfully created the notification rule. + @team:DataDog/k9-cloud-siem Scenario: Create a scheduled detection rule returns "OK" response Given new "CreateSecurityMonitoringRule" request