[pull] master from DataDog:master

.generator/schemas/v2/openapi.yaml

@@ -59638,6 +59638,39 @@ paths:
       summary: Get AWS integration IAM permissions
       tags:
       - AWS Integration
+  /api/v2/integration/aws/iam_permissions/resource_collection:
+    get:
+      description: Get all resource collection AWS IAM permissions required for the
+        AWS integration.
+      operationId: GetAWSIntegrationIAMPermissionsResourceCollection
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/AWSIntegrationIamPermissionsResponse'
+          description: AWS integration resource collection IAM permissions.
+        '429':
+          $ref: '#/components/responses/TooManyRequestsResponse'
+      summary: Get resource collection IAM permissions
+      tags:
+      - AWS Integration
+  /api/v2/integration/aws/iam_permissions/standard:
+    get:
+      description: Get all standard AWS IAM permissions required for the AWS integration.
+      operationId: GetAWSIntegrationIAMPermissionsStandard
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/AWSIntegrationIamPermissionsResponse'
+          description: AWS integration standard IAM permissions.
+        '429':
+          $ref: '#/components/responses/TooManyRequestsResponse'
+      summary: Get AWS integration standard IAM permissions
+      tags:
+      - AWS Integration
   /api/v2/integration/aws/logs/services:
     get:
       description: Get a list of AWS services that can send logs to Datadog.

api/datadogV2/api_aws_integration.go

@@ -395,6 +395,160 @@ func (a *AWSIntegrationApi) GetAWSIntegrationIAMPermissions(ctx _context.Context
 	return localVarReturnValue, localVarHTTPResponse, nil
 }
 
+// GetAWSIntegrationIAMPermissionsResourceCollection Get resource collection IAM permissions.
+// Get all resource collection AWS IAM permissions required for the AWS integration.
+func (a *AWSIntegrationApi) GetAWSIntegrationIAMPermissionsResourceCollection(ctx _context.Context) (AWSIntegrationIamPermissionsResponse, *_nethttp.Response, error) {
+	var (
+		localVarHTTPMethod  = _nethttp.MethodGet
+		localVarPostBody    interface{}
+		localVarReturnValue AWSIntegrationIamPermissionsResponse
+	)
+
+	localBasePath, err := a.Client.Cfg.ServerURLWithContext(ctx, "v2.AWSIntegrationApi.GetAWSIntegrationIAMPermissionsResourceCollection")
+	if err != nil {
+		return localVarReturnValue, nil, datadog.GenericOpenAPIError{ErrorMessage: err.Error()}
+	}
+
+	localVarPath := localBasePath + "/api/v2/integration/aws/iam_permissions/resource_collection"
+
+	localVarHeaderParams := make(map[string]string)
+	localVarQueryParams := _neturl.Values{}
+	localVarFormParams := _neturl.Values{}
+	localVarHeaderParams["Accept"] = "application/json"
+
+	if a.Client.Cfg.DelegatedTokenConfig != nil {
+		err = datadog.UseDelegatedTokenAuth(ctx, &localVarHeaderParams, a.Client.Cfg.DelegatedTokenConfig)
+		if err != nil {
+			return localVarReturnValue, nil, err
+		}
+	} else {
+		datadog.SetAuthKeys(
+			ctx,
+			&localVarHeaderParams,
+			[2]string{"apiKeyAuth", "DD-API-KEY"},
+			[2]string{"appKeyAuth", "DD-APPLICATION-KEY"},
+		)
+	}
+	req, err := a.Client.PrepareRequest(ctx, localVarPath, localVarHTTPMethod, localVarPostBody, localVarHeaderParams, localVarQueryParams, localVarFormParams, nil)
+	if err != nil {
+		return localVarReturnValue, nil, err
+	}
+
+	localVarHTTPResponse, err := a.Client.CallAPI(req)
+	if err != nil || localVarHTTPResponse == nil {
+		return localVarReturnValue, localVarHTTPResponse, err
+	}
+
+	localVarBody, err := datadog.ReadBody(localVarHTTPResponse)
+	if err != nil {
+		return localVarReturnValue, localVarHTTPResponse, err
+	}
+
+	if localVarHTTPResponse.StatusCode >= 300 {
+		newErr := datadog.GenericOpenAPIError{
+			ErrorBody:    localVarBody,
+			ErrorMessage: localVarHTTPResponse.Status,
+		}
+		if localVarHTTPResponse.StatusCode == 429 {
+			var v APIErrorResponse
+			err = a.Client.Decode(&v, localVarBody, localVarHTTPResponse.Header.Get("Content-Type"))
+			if err != nil {
+				return localVarReturnValue, localVarHTTPResponse, newErr
+			}
+			newErr.ErrorModel = v
+		}
+		return localVarReturnValue, localVarHTTPResponse, newErr
+	}
+
+	err = a.Client.Decode(&localVarReturnValue, localVarBody, localVarHTTPResponse.Header.Get("Content-Type"))
+	if err != nil {
+		newErr := datadog.GenericOpenAPIError{
+			ErrorBody:    localVarBody,
+			ErrorMessage: err.Error(),
+		}
+		return localVarReturnValue, localVarHTTPResponse, newErr
+	}
+
+	return localVarReturnValue, localVarHTTPResponse, nil
+}
+
+// GetAWSIntegrationIAMPermissionsStandard Get AWS integration standard IAM permissions.
+// Get all standard AWS IAM permissions required for the AWS integration.
+func (a *AWSIntegrationApi) GetAWSIntegrationIAMPermissionsStandard(ctx _context.Context) (AWSIntegrationIamPermissionsResponse, *_nethttp.Response, error) {
+	var (
+		localVarHTTPMethod  = _nethttp.MethodGet
+		localVarPostBody    interface{}
+		localVarReturnValue AWSIntegrationIamPermissionsResponse
+	)
+
+	localBasePath, err := a.Client.Cfg.ServerURLWithContext(ctx, "v2.AWSIntegrationApi.GetAWSIntegrationIAMPermissionsStandard")
+	if err != nil {
+		return localVarReturnValue, nil, datadog.GenericOpenAPIError{ErrorMessage: err.Error()}
+	}
+
+	localVarPath := localBasePath + "/api/v2/integration/aws/iam_permissions/standard"
+
+	localVarHeaderParams := make(map[string]string)
+	localVarQueryParams := _neturl.Values{}
+	localVarFormParams := _neturl.Values{}
+	localVarHeaderParams["Accept"] = "application/json"
+
+	if a.Client.Cfg.DelegatedTokenConfig != nil {
+		err = datadog.UseDelegatedTokenAuth(ctx, &localVarHeaderParams, a.Client.Cfg.DelegatedTokenConfig)
+		if err != nil {
+			return localVarReturnValue, nil, err
+		}
+	} else {
+		datadog.SetAuthKeys(
+			ctx,
+			&localVarHeaderParams,
+			[2]string{"apiKeyAuth", "DD-API-KEY"},
+			[2]string{"appKeyAuth", "DD-APPLICATION-KEY"},
+		)
+	}
+	req, err := a.Client.PrepareRequest(ctx, localVarPath, localVarHTTPMethod, localVarPostBody, localVarHeaderParams, localVarQueryParams, localVarFormParams, nil)
+	if err != nil {
+		return localVarReturnValue, nil, err
+	}
+
+	localVarHTTPResponse, err := a.Client.CallAPI(req)
+	if err != nil || localVarHTTPResponse == nil {
+		return localVarReturnValue, localVarHTTPResponse, err
+	}
+
+	localVarBody, err := datadog.ReadBody(localVarHTTPResponse)
+	if err != nil {
+		return localVarReturnValue, localVarHTTPResponse, err
+	}
+
+	if localVarHTTPResponse.StatusCode >= 300 {
+		newErr := datadog.GenericOpenAPIError{
+			ErrorBody:    localVarBody,
+			ErrorMessage: localVarHTTPResponse.Status,
+		}
+		if localVarHTTPResponse.StatusCode == 429 {
+			var v APIErrorResponse
+			err = a.Client.Decode(&v, localVarBody, localVarHTTPResponse.Header.Get("Content-Type"))
+			if err != nil {
+				return localVarReturnValue, localVarHTTPResponse, newErr
+			}
+			newErr.ErrorModel = v
+		}
+		return localVarReturnValue, localVarHTTPResponse, newErr
+	}
+
+	err = a.Client.Decode(&localVarReturnValue, localVarBody, localVarHTTPResponse.Header.Get("Content-Type"))
+	if err != nil {
+		newErr := datadog.GenericOpenAPIError{
+			ErrorBody:    localVarBody,
+			ErrorMessage: err.Error(),
+		}
+		return localVarReturnValue, localVarHTTPResponse, newErr
+	}
+
+	return localVarReturnValue, localVarHTTPResponse, nil
+}
+
 // ListAWSAccountsOptionalParameters holds optional parameters for ListAWSAccounts.
 type ListAWSAccountsOptionalParameters struct {
 	AwsAccountId *string

api/datadogV2/doc.go

@@ -19,6 +19,8 @@
 //   - [AWSIntegrationApi.DeleteAWSAccount]
 //   - [AWSIntegrationApi.GetAWSAccount]
 //   - [AWSIntegrationApi.GetAWSIntegrationIAMPermissions]
+//   - [AWSIntegrationApi.GetAWSIntegrationIAMPermissionsResourceCollection]
+//   - [AWSIntegrationApi.GetAWSIntegrationIAMPermissionsStandard]
 //   - [AWSIntegrationApi.ListAWSAccounts]
 //   - [AWSIntegrationApi.ListAWSNamespaces]
 //   - [AWSIntegrationApi.UpdateAWSAccount]

examples/v2/aws-integration/GetAWSIntegrationIAMPermissionsResourceCollection.go

@@ -0,0 +1,29 @@
+// Get resource collection IAM permissions returns "AWS integration resource collection IAM permissions." response
+
+package main
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"os"
+
+	"github.com/DataDog/datadog-api-client-go/v2/api/datadog"
+	"github.com/DataDog/datadog-api-client-go/v2/api/datadogV2"
+)
+
+func main() {
+	ctx := datadog.NewDefaultContext(context.Background())
+	configuration := datadog.NewConfiguration()
+	apiClient := datadog.NewAPIClient(configuration)
+	api := datadogV2.NewAWSIntegrationApi(apiClient)
+	resp, r, err := api.GetAWSIntegrationIAMPermissionsResourceCollection(ctx)
+
+	if err != nil {
+		fmt.Fprintf(os.Stderr, "Error when calling `AWSIntegrationApi.GetAWSIntegrationIAMPermissionsResourceCollection`: %v\n", err)
+		fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
+	}
+
+	responseContent, _ := json.MarshalIndent(resp, "", "  ")
+	fmt.Fprintf(os.Stdout, "Response from `AWSIntegrationApi.GetAWSIntegrationIAMPermissionsResourceCollection`:\n%s\n", responseContent)
+}

examples/v2/aws-integration/GetAWSIntegrationIAMPermissionsResourceCollection_1008672547.go

@@ -0,0 +1,29 @@
+// Get resource collection IAM permissions returns "AWS IAM Permissions object" response
+
+package main
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"os"
+
+	"github.com/DataDog/datadog-api-client-go/v2/api/datadog"
+	"github.com/DataDog/datadog-api-client-go/v2/api/datadogV2"
+)
+
+func main() {
+	ctx := datadog.NewDefaultContext(context.Background())
+	configuration := datadog.NewConfiguration()
+	apiClient := datadog.NewAPIClient(configuration)
+	api := datadogV2.NewAWSIntegrationApi(apiClient)
+	resp, r, err := api.GetAWSIntegrationIAMPermissionsResourceCollection(ctx)
+
+	if err != nil {
+		fmt.Fprintf(os.Stderr, "Error when calling `AWSIntegrationApi.GetAWSIntegrationIAMPermissionsResourceCollection`: %v\n", err)
+		fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
+	}
+
+	responseContent, _ := json.MarshalIndent(resp, "", "  ")
+	fmt.Fprintf(os.Stdout, "Response from `AWSIntegrationApi.GetAWSIntegrationIAMPermissionsResourceCollection`:\n%s\n", responseContent)
+}

examples/v2/aws-integration/GetAWSIntegrationIAMPermissionsStandard.go

@@ -0,0 +1,29 @@
+// Get AWS integration standard IAM permissions returns "AWS integration standard IAM permissions." response
+
+package main
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"os"
+
+	"github.com/DataDog/datadog-api-client-go/v2/api/datadog"
+	"github.com/DataDog/datadog-api-client-go/v2/api/datadogV2"
+)
+
+func main() {
+	ctx := datadog.NewDefaultContext(context.Background())
+	configuration := datadog.NewConfiguration()
+	apiClient := datadog.NewAPIClient(configuration)
+	api := datadogV2.NewAWSIntegrationApi(apiClient)
+	resp, r, err := api.GetAWSIntegrationIAMPermissionsStandard(ctx)
+
+	if err != nil {
+		fmt.Fprintf(os.Stderr, "Error when calling `AWSIntegrationApi.GetAWSIntegrationIAMPermissionsStandard`: %v\n", err)
+		fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
+	}
+
+	responseContent, _ := json.MarshalIndent(resp, "", "  ")
+	fmt.Fprintf(os.Stdout, "Response from `AWSIntegrationApi.GetAWSIntegrationIAMPermissionsStandard`:\n%s\n", responseContent)
+}

examples/v2/aws-integration/GetAWSIntegrationIAMPermissionsStandard_3136299151.go

@@ -0,0 +1,29 @@
+// Get AWS integration standard IAM permissions returns "AWS IAM Permissions object" response
+
+package main
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"os"
+
+	"github.com/DataDog/datadog-api-client-go/v2/api/datadog"
+	"github.com/DataDog/datadog-api-client-go/v2/api/datadogV2"
+)
+
+func main() {
+	ctx := datadog.NewDefaultContext(context.Background())
+	configuration := datadog.NewConfiguration()
+	apiClient := datadog.NewAPIClient(configuration)
+	api := datadogV2.NewAWSIntegrationApi(apiClient)
+	resp, r, err := api.GetAWSIntegrationIAMPermissionsStandard(ctx)
+
+	if err != nil {
+		fmt.Fprintf(os.Stderr, "Error when calling `AWSIntegrationApi.GetAWSIntegrationIAMPermissionsStandard`: %v\n", err)
+		fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
+	}
+
+	responseContent, _ := json.MarshalIndent(resp, "", "  ")
+	fmt.Fprintf(os.Stdout, "Response from `AWSIntegrationApi.GetAWSIntegrationIAMPermissionsStandard`:\n%s\n", responseContent)
+}

tests/scenarios/cassettes/TestScenarios/v2/Feature_AWS_Integration/Scenario_Get_AWS_integration_standard_IAM_permissions_returns_AWS_IAM_Permissions_object_response.freeze

@@ -0,0 +1 @@
+2025-09-17T18:27:22.560Z

tests/scenarios/cassettes/TestScenarios/v2/Feature_AWS_Integration/Scenario_Get_AWS_integration_standard_IAM_permissions_returns_AWS_IAM_Permissions_object_response.yaml

@@ -0,0 +1,19 @@
+interactions:
+- request:
+    body: ''
+    form: {}
+    headers:
+      Accept:
+      - application/json
+    id: 0
+    method: GET
+    url: https://api.datadoghq.com/api/v2/integration/aws/iam_permissions/standard
+  response:
+    body: '{"data":{"id":"permissions","type":"permissions","attributes":{"permissions":["account:GetAccountInformation","airflow:GetEnvironment","airflow:ListEnvironments","apigateway:GET","appsync:ListGraphqlApis","autoscaling:Describe*","backup:List*","batch:DescribeJobDefinitions","bcm-data-exports:GetExport","bcm-data-exports:ListExports","budgets:ViewBudget","cloudfront:GetDistributionConfig","cloudfront:ListDistributions","cloudtrail:DescribeTrails","cloudtrail:GetTrail","cloudtrail:GetTrailStatus","cloudtrail:ListTrails","cloudtrail:LookupEvents","cloudwatch:Describe*","cloudwatch:Get*","cloudwatch:List*","codebuild:BatchGetProjects","codebuild:ListProjects","codedeploy:BatchGet*","codedeploy:List*","cur:DescribeReportDefinitions","directconnect:Describe*","dms:DescribeReplicationInstances","dynamodb:Describe*","dynamodb:List*","ec2:Describe*","ecs:Describe*","ecs:List*","eks:DescribeCluster","eks:ListClusters","elasticache:Describe*","elasticache:List*","elasticfilesystem:DescribeAccessPoints","elasticfilesystem:DescribeFileSystems","elasticfilesystem:DescribeTags","elasticloadbalancing:Describe*","elasticmapreduce:Describe*","elasticmapreduce:List*","es:DescribeElasticsearchDomains","es:ListDomainNames","es:ListTags","events:CreateEventBus","fsx:DescribeFileSystems","fsx:ListTagsForResource","health:DescribeAffectedEntities","health:DescribeEventDetails","health:DescribeEvents","iam:ListAccountAliases","kinesis:Describe*","kinesis:List*","lambda:List*","logs:DeleteSubscriptionFilter","logs:DescribeDeliveries","logs:DescribeDeliverySources","logs:DescribeLogGroups","logs:DescribeLogStreams","logs:DescribeSubscriptionFilters","logs:FilterLogEvents","logs:GetDeliveryDestination","logs:PutSubscriptionFilter","logs:TestMetricFilter","network-firewall:DescribeLoggingConfiguration","network-firewall:ListFirewalls","oam:ListAttachedLinks","oam:ListSinks","organizations:Describe*","organizations:List*","rds:Describe*","rds:List*","redshift-serverless:ListNamespaces","redshift:DescribeClusters","redshift:DescribeLoggingStatus","route53:List*","route53resolver:ListResolverQueryLogConfigs","s3:GetBucketLocation","s3:GetBucketLogging","s3:GetBucketNotification","s3:GetBucketTagging","s3:ListAllMyBuckets","s3:PutBucketNotification","ses:Get*","ses:List*","sns:GetSubscriptionAttributes","sns:List*","sns:Publish","sqs:ListQueues","ssm:GetServiceSetting","ssm:ListCommands","states:DescribeStateMachine","states:ListStateMachines","support:DescribeTrustedAdvisor*","support:RefreshTrustedAdvisorCheck","tag:GetResources","tag:GetTagKeys","tag:GetTagValues","timestream:DescribeEndpoints","wafv2:ListLoggingConfigurations","xray:BatchGetTraces","xray:GetTraceSummaries"]}}}'
+    code: 200
+    duration: 0ms
+    headers:
+      Content-Type:
+      - application/vnd.api+json
+    status: 200 OK
+version: 2

tests/scenarios/cassettes/TestScenarios/v2/Feature_AWS_Integration/Scenario_Get_resource_collection_IAM_permissions_returns_AWS_IAM_Permissions_object_response.freeze

@@ -0,0 +1 @@
+2025-09-17T18:27:22.885Z

tests/scenarios/features/v2/aws_integration.feature

@@ -79,6 +79,18 @@ Feature: AWS Integration
     When the request is sent
     Then the response status is 200 AWS IAM Permissions object
 
+  @team:DataDog/aws-integrations
+  Scenario: Get AWS integration standard IAM permissions returns "AWS IAM Permissions object" response
+    Given new "GetAWSIntegrationIAMPermissionsStandard" request
+    When the request is sent
+    Then the response status is 200 AWS IAM Permissions object
+
+  @generated @skip @team:DataDog/aws-integrations
+  Scenario: Get AWS integration standard IAM permissions returns "AWS integration standard IAM permissions." response
+    Given new "GetAWSIntegrationIAMPermissionsStandard" request
+    When the request is sent
+    Then the response status is 200 AWS integration standard IAM permissions.
+
   @team:DataDog/aws-integrations
   Scenario: Get an AWS integration by config ID returns "AWS Account object" response
     Given there is a valid "aws_account_v2" in the system
@@ -101,6 +113,18 @@ Feature: AWS Integration
     When the request is sent
     Then the response status is 404 Not Found
 
+  @team:DataDog/aws-integrations
+  Scenario: Get resource collection IAM permissions returns "AWS IAM Permissions object" response
+    Given new "GetAWSIntegrationIAMPermissionsResourceCollection" request
+    When the request is sent
+    Then the response status is 200 AWS IAM Permissions object
+
+  @generated @skip @team:DataDog/aws-integrations
+  Scenario: Get resource collection IAM permissions returns "AWS integration resource collection IAM permissions." response
+    Given new "GetAWSIntegrationIAMPermissionsResourceCollection" request
+    When the request is sent
+    Then the response status is 200 AWS integration resource collection IAM permissions.
+
   @team:DataDog/aws-integrations
   Scenario: List all AWS integrations returns "AWS Accounts List object" response
     Given new "ListAWSAccounts" request