[pull] master from DataDog:master

CHANGELOG.md

@@ -1,5 +1,31 @@
 # CHANGELOG
 
+## 2.59.0/2026-04-24
+
+### Changed
+* Add GET OrgGroupPolicy and OrgGroupPolicyOverride, Add policy_type/enforcement_tier fields, Remove enforced_at field [#3999](https://github.com/DataDog/datadog-api-client-go/pull/3999)
+* Rename pat_uuid to pat_id and remove alias field from PAT spec [#3989](https://github.com/DataDog/datadog-api-client-go/pull/3989)
+* Add GET OrgGroupPolicy and OrgGroupPolicyOverride, Add policy_type/enforcement_tier fields, Remove enforced_at field [#3973](https://github.com/DataDog/datadog-api-client-go/pull/3973)
+* Rename pat_uuid to pat_id and remove alias field from PAT spec [#3969](https://github.com/DataDog/datadog-api-client-go/pull/3969)
+* Security Monitoring - Revert rename of historical job API endpoints to threat hunting [#3956](https://github.com/DataDog/datadog-api-client-go/pull/3956)
+
+### Removed
+* Remove unsupported operators from CCM Custom Allocation Rules feature [#3987](https://github.com/DataDog/datadog-api-client-go/pull/3987)
+
+### Added
+* Add us2.ddog-gov.com. [#3984](https://github.com/DataDog/datadog-api-client-go/pull/3984)
+* Add OpenAPI documentation for LLM Observability eval config CRUD endpoints [#3980](https://github.com/DataDog/datadog-api-client-go/pull/3980)
+* Add OpenAPI spec for v2 Synthetics test result endpoints [#3978](https://github.com/DataDog/datadog-api-client-go/pull/3978)
+* Document signals triage update endpoints [#3977](https://github.com/DataDog/datadog-api-client-go/pull/3977)
+* Security notifications - Add SAST and secret rule types [#3971](https://github.com/DataDog/datadog-api-client-go/pull/3971)
+* Add OpenAPI documentation for list and get indicators of compromise endpoints [#3967](https://github.com/DataDog/datadog-api-client-go/pull/3967)
+* Cloud SIEM - Document content packs SIEM endpoints [#3965](https://github.com/DataDog/datadog-api-client-go/pull/3965)
+* Add API spec for security monitoring terraform export endpoints [#3954](https://github.com/DataDog/datadog-api-client-go/pull/3954)
+* Add team and assignee filters for Search Error Tracking Issues API [#3953](https://github.com/DataDog/datadog-api-client-go/pull/3953)
+* Add missing params to ListCustomCostsFiles [#3950](https://github.com/DataDog/datadog-api-client-go/pull/3950)
+* Add unstable PUT /api/v2/anonymize_users endpoint [#3934](https://github.com/DataDog/datadog-api-client-go/pull/3934)
+* Add query type schemas for timeseries-query data sources [#3917](https://github.com/DataDog/datadog-api-client-go/pull/3917)
+
 ## 2.58.0/2026-04-16
 
 ### Added

api/datadog/configuration.go

@@ -880,6 +880,8 @@ func NewConfiguration() *Configuration {
 			"v2.DeleteOrgGroupPolicyOverride":                   false,
 			"v2.GetOrgGroup":                                    false,
 			"v2.GetOrgGroupMembership":                          false,
+			"v2.GetOrgGroupPolicy":                              false,
+			"v2.GetOrgGroupPolicyOverride":                      false,
 			"v2.ListOrgGroupMemberships":                        false,
 			"v2.ListOrgGroupPolicies":                           false,
 			"v2.ListOrgGroupPolicyConfigs":                      false,

api/datadogV2/api_cloud_cost_management.go

@@ -265,11 +265,11 @@ func (a *CloudCostManagementApi) CreateCostGCPUsageCostConfig(ctx _context.Conte
 // - **PERCENT**: Allocates fixed percentages to specific tags. Requires: allocated_by (array of percentage allocations).
 //
 // **Filter Conditions:**
-// - Use **value** for single-value conditions: "is", "is not", "contains", "does not contain", "=", "!=", "like", "not like", "is all values", "is untagged"
+// - Use **value** for single-value conditions: "is", "is not", "contains", "=", "!=", "like", "not like"
 // - Use **values** for multi-value conditions: "in", "not in"
 // - Cannot use both value and values simultaneously.
 //
-// **Supported operators**: is, is not, is all values, is untagged, contains, does not contain, in, not in, =, !=, like, not like
+// **Supported operators**: is, is not, contains, in, not in, =, !=, like, not like
 func (a *CloudCostManagementApi) CreateCustomAllocationRule(ctx _context.Context, body ArbitraryCostUpsertRequest) (ArbitraryRuleResponse, *_nethttp.Response, error) {
 	var (
 		localVarHTTPMethod  = _nethttp.MethodPost
@@ -2474,11 +2474,11 @@ func (a *CloudCostManagementApi) UpdateCostGCPUsageCostConfig(ctx _context.Conte
 // - **USAGE_METRIC**: Allocates based on usage metrics (implementation varies).
 //
 // **Filter Conditions:**
-// - Use **value** for single-value conditions: "is", "is not", "contains", "does not contain", "=", "!=", "like", "not like", "is all values", "is untagged"
+// - Use **value** for single-value conditions: "is", "is not", "contains", "=", "!=", "like", "not like"
 // - Use **values** for multi-value conditions: "in", "not in"
 // - Cannot use both value and values simultaneously.
 //
-// **Supported operators**: is, is not, is all values, is untagged, contains, does not contain, in, not in, =, !=, like, not like
+// **Supported operators**: is, is not, contains, in, not in, =, !=, like, not like
 func (a *CloudCostManagementApi) UpdateCustomAllocationRule(ctx _context.Context, ruleId int64, body ArbitraryCostUpsertRequest) (ArbitraryRuleResponse, *_nethttp.Response, error) {
 	var (
 		localVarHTTPMethod  = _nethttp.MethodPatch

api/datadogV2/api_org_groups.go

@@ -860,6 +860,198 @@ func (a *OrgGroupsApi) GetOrgGroupMembership(ctx _context.Context, orgGroupMembe
 	return localVarReturnValue, localVarHTTPResponse, nil
 }
 
+// GetOrgGroupPolicy Get an org group policy.
+// Get a specific organization group policy by its ID.
+func (a *OrgGroupsApi) GetOrgGroupPolicy(ctx _context.Context, orgGroupPolicyId uuid.UUID) (OrgGroupPolicyResponse, *_nethttp.Response, error) {
+	var (
+		localVarHTTPMethod  = _nethttp.MethodGet
+		localVarPostBody    interface{}
+		localVarReturnValue OrgGroupPolicyResponse
+	)
+
+	operationId := "v2.GetOrgGroupPolicy"
+	isOperationEnabled := a.Client.Cfg.IsUnstableOperationEnabled(operationId)
+	if !isOperationEnabled {
+		return localVarReturnValue, nil, datadog.GenericOpenAPIError{ErrorMessage: _fmt.Sprintf("Unstable operation '%s' is disabled", operationId)}
+	}
+	if isOperationEnabled && a.Client.Cfg.Debug {
+		_log.Printf("WARNING: Using unstable operation '%s'", operationId)
+	}
+
+	localBasePath, err := a.Client.Cfg.ServerURLWithContext(ctx, "v2.OrgGroupsApi.GetOrgGroupPolicy")
+	if err != nil {
+		return localVarReturnValue, nil, datadog.GenericOpenAPIError{ErrorMessage: err.Error()}
+	}
+
+	localVarPath := localBasePath + "/api/v2/org_group_policies/{org_group_policy_id}"
+	localVarPath = datadog.ReplacePathParameter(localVarPath, "{org_group_policy_id}", _neturl.PathEscape(datadog.ParameterToString(orgGroupPolicyId, "")))
+
+	localVarHeaderParams := make(map[string]string)
+	localVarQueryParams := _neturl.Values{}
+	localVarFormParams := _neturl.Values{}
+	localVarHeaderParams["Accept"] = "application/json"
+
+	if a.Client.Cfg.DelegatedTokenConfig != nil {
+		err = datadog.UseDelegatedTokenAuth(ctx, &localVarHeaderParams, a.Client.Cfg.DelegatedTokenConfig)
+		if err != nil {
+			return localVarReturnValue, nil, err
+		}
+	} else {
+		datadog.SetAuthKeys(
+			ctx,
+			&localVarHeaderParams,
+			[2]string{"apiKeyAuth", "DD-API-KEY"},
+			[2]string{"appKeyAuth", "DD-APPLICATION-KEY"},
+		)
+	}
+	req, err := a.Client.PrepareRequest(ctx, localVarPath, localVarHTTPMethod, localVarPostBody, localVarHeaderParams, localVarQueryParams, localVarFormParams, nil)
+	if err != nil {
+		return localVarReturnValue, nil, err
+	}
+
+	localVarHTTPResponse, err := a.Client.CallAPI(req)
+	if err != nil || localVarHTTPResponse == nil {
+		return localVarReturnValue, localVarHTTPResponse, err
+	}
+
+	localVarBody, err := datadog.ReadBody(localVarHTTPResponse)
+	if err != nil {
+		return localVarReturnValue, localVarHTTPResponse, err
+	}
+
+	if localVarHTTPResponse.StatusCode >= 300 {
+		newErr := datadog.GenericOpenAPIError{
+			ErrorBody:    localVarBody,
+			ErrorMessage: localVarHTTPResponse.Status,
+		}
+		if localVarHTTPResponse.StatusCode == 400 || localVarHTTPResponse.StatusCode == 401 || localVarHTTPResponse.StatusCode == 403 || localVarHTTPResponse.StatusCode == 404 {
+			var v JSONAPIErrorResponse
+			err = a.Client.Decode(&v, localVarBody, localVarHTTPResponse.Header.Get("Content-Type"))
+			if err != nil {
+				return localVarReturnValue, localVarHTTPResponse, newErr
+			}
+			newErr.ErrorModel = v
+			return localVarReturnValue, localVarHTTPResponse, newErr
+		}
+		if localVarHTTPResponse.StatusCode == 429 {
+			var v APIErrorResponse
+			err = a.Client.Decode(&v, localVarBody, localVarHTTPResponse.Header.Get("Content-Type"))
+			if err != nil {
+				return localVarReturnValue, localVarHTTPResponse, newErr
+			}
+			newErr.ErrorModel = v
+		}
+		return localVarReturnValue, localVarHTTPResponse, newErr
+	}
+
+	err = a.Client.Decode(&localVarReturnValue, localVarBody, localVarHTTPResponse.Header.Get("Content-Type"))
+	if err != nil {
+		newErr := datadog.GenericOpenAPIError{
+			ErrorBody:    localVarBody,
+			ErrorMessage: err.Error(),
+		}
+		return localVarReturnValue, localVarHTTPResponse, newErr
+	}
+
+	return localVarReturnValue, localVarHTTPResponse, nil
+}
+
+// GetOrgGroupPolicyOverride Get an org group policy override.
+// Get a specific organization group policy override by its ID.
+func (a *OrgGroupsApi) GetOrgGroupPolicyOverride(ctx _context.Context, orgGroupPolicyOverrideId uuid.UUID) (OrgGroupPolicyOverrideResponse, *_nethttp.Response, error) {
+	var (
+		localVarHTTPMethod  = _nethttp.MethodGet
+		localVarPostBody    interface{}
+		localVarReturnValue OrgGroupPolicyOverrideResponse
+	)
+
+	operationId := "v2.GetOrgGroupPolicyOverride"
+	isOperationEnabled := a.Client.Cfg.IsUnstableOperationEnabled(operationId)
+	if !isOperationEnabled {
+		return localVarReturnValue, nil, datadog.GenericOpenAPIError{ErrorMessage: _fmt.Sprintf("Unstable operation '%s' is disabled", operationId)}
+	}
+	if isOperationEnabled && a.Client.Cfg.Debug {
+		_log.Printf("WARNING: Using unstable operation '%s'", operationId)
+	}
+
+	localBasePath, err := a.Client.Cfg.ServerURLWithContext(ctx, "v2.OrgGroupsApi.GetOrgGroupPolicyOverride")
+	if err != nil {
+		return localVarReturnValue, nil, datadog.GenericOpenAPIError{ErrorMessage: err.Error()}
+	}
+
+	localVarPath := localBasePath + "/api/v2/org_group_policy_overrides/{org_group_policy_override_id}"
+	localVarPath = datadog.ReplacePathParameter(localVarPath, "{org_group_policy_override_id}", _neturl.PathEscape(datadog.ParameterToString(orgGroupPolicyOverrideId, "")))
+
+	localVarHeaderParams := make(map[string]string)
+	localVarQueryParams := _neturl.Values{}
+	localVarFormParams := _neturl.Values{}
+	localVarHeaderParams["Accept"] = "application/json"
+
+	if a.Client.Cfg.DelegatedTokenConfig != nil {
+		err = datadog.UseDelegatedTokenAuth(ctx, &localVarHeaderParams, a.Client.Cfg.DelegatedTokenConfig)
+		if err != nil {
+			return localVarReturnValue, nil, err
+		}
+	} else {
+		datadog.SetAuthKeys(
+			ctx,
+			&localVarHeaderParams,
+			[2]string{"apiKeyAuth", "DD-API-KEY"},
+			[2]string{"appKeyAuth", "DD-APPLICATION-KEY"},
+		)
+	}
+	req, err := a.Client.PrepareRequest(ctx, localVarPath, localVarHTTPMethod, localVarPostBody, localVarHeaderParams, localVarQueryParams, localVarFormParams, nil)
+	if err != nil {
+		return localVarReturnValue, nil, err
+	}
+
+	localVarHTTPResponse, err := a.Client.CallAPI(req)
+	if err != nil || localVarHTTPResponse == nil {
+		return localVarReturnValue, localVarHTTPResponse, err
+	}
+
+	localVarBody, err := datadog.ReadBody(localVarHTTPResponse)
+	if err != nil {
+		return localVarReturnValue, localVarHTTPResponse, err
+	}
+
+	if localVarHTTPResponse.StatusCode >= 300 {
+		newErr := datadog.GenericOpenAPIError{
+			ErrorBody:    localVarBody,
+			ErrorMessage: localVarHTTPResponse.Status,
+		}
+		if localVarHTTPResponse.StatusCode == 400 || localVarHTTPResponse.StatusCode == 401 || localVarHTTPResponse.StatusCode == 403 || localVarHTTPResponse.StatusCode == 404 {
+			var v JSONAPIErrorResponse
+			err = a.Client.Decode(&v, localVarBody, localVarHTTPResponse.Header.Get("Content-Type"))
+			if err != nil {
+				return localVarReturnValue, localVarHTTPResponse, newErr
+			}
+			newErr.ErrorModel = v
+			return localVarReturnValue, localVarHTTPResponse, newErr
+		}
+		if localVarHTTPResponse.StatusCode == 429 {
+			var v APIErrorResponse
+			err = a.Client.Decode(&v, localVarBody, localVarHTTPResponse.Header.Get("Content-Type"))
+			if err != nil {
+				return localVarReturnValue, localVarHTTPResponse, newErr
+			}
+			newErr.ErrorModel = v
+		}
+		return localVarReturnValue, localVarHTTPResponse, newErr
+	}
+
+	err = a.Client.Decode(&localVarReturnValue, localVarBody, localVarHTTPResponse.Header.Get("Content-Type"))
+	if err != nil {
+		newErr := datadog.GenericOpenAPIError{
+			ErrorBody:    localVarBody,
+			ErrorMessage: err.Error(),
+		}
+		return localVarReturnValue, localVarHTTPResponse, newErr
+	}
+
+	return localVarReturnValue, localVarHTTPResponse, nil
+}
+
 // ListOrgGroupMembershipsOptionalParameters holds optional parameters for ListOrgGroupMemberships.
 type ListOrgGroupMembershipsOptionalParameters struct {
 	FilterOrgGroupId *uuid.UUID
@@ -1778,7 +1970,7 @@ func (a *OrgGroupsApi) UpdateOrgGroupMembership(ctx _context.Context, orgGroupMe
 }
 
 // UpdateOrgGroupPolicy Update an org group policy.
-// Update the content of an existing organization group policy.
+// Update an existing organization group policy.
 func (a *OrgGroupsApi) UpdateOrgGroupPolicy(ctx _context.Context, orgGroupPolicyId uuid.UUID, body OrgGroupPolicyUpdateRequest) (OrgGroupPolicyResponse, *_nethttp.Response, error) {
 	var (
 		localVarHTTPMethod  = _nethttp.MethodPatch

api/datadogV2/doc.go

@@ -619,6 +619,8 @@
 //   - [OrgGroupsApi.DeleteOrgGroupPolicyOverride]
 //   - [OrgGroupsApi.GetOrgGroup]
 //   - [OrgGroupsApi.GetOrgGroupMembership]
+//   - [OrgGroupsApi.GetOrgGroupPolicy]
+//   - [OrgGroupsApi.GetOrgGroupPolicyOverride]
 //   - [OrgGroupsApi.ListOrgGroupMemberships]
 //   - [OrgGroupsApi.ListOrgGroupPolicies]
 //   - [OrgGroupsApi.ListOrgGroupPolicyConfigs]