Regenerate client from commit 8c9edef of spec repo

Author: ci.datadog-api-spec

.generator/schemas/v2/openapi.yaml

@@ -60787,7 +60787,7 @@ components:
         - DONE
         - TIMEOUT
     SecurityMonitoringContentPackActivation:
-      description: The activation status of a content pack
+      description: The activation lifecycle state of a content pack.
       enum:
         - never_activated
         - activated
@@ -60799,7 +60799,7 @@ components:
         - ACTIVATED
         - DEACTIVATED
     SecurityMonitoringContentPackIntegrationStatus:
-      description: The installation status of the related integration
+      description: The installation status of the related Datadog integration.
       enum:
         - installed
         - available
@@ -60824,15 +60824,16 @@ components:
         cp_activation:
           $ref: "#/components/schemas/SecurityMonitoringContentPackActivation"
         filters_configured_for_logs:
-          description: Whether filters (Security Filters or Index Query depending on the pricing model) are configured for logs
+          description: Whether filters (Security Filters or Index Query depending on the pricing model) are present and correctly configured to route logs into Cloud SIEM.
           example: true
           type: boolean
         integration_installed_status:
           $ref: "#/components/schemas/SecurityMonitoringContentPackIntegrationStatus"
         logs_last_collected:
           $ref: "#/components/schemas/SecurityMonitoringContentPackTimestampBucket"
         logs_seen_from_any_index:
-          description: Whether logs have been seen from any index
+          description: >-
+            Whether logs for this content pack have been seen in any Datadog index within the last 72 hours, regardless of whether the Cloud SIEM filter is configured.
           example: true
           type: boolean
         state:
@@ -60897,7 +60898,14 @@ components:
         - meta
       type: object
     SecurityMonitoringContentPackStatus:
-      description: The current status of a content pack
+      description: |-
+        The current operational status of a content pack:
+        - `install`: Not activated; no logs detected in the last 72 hours.
+        - `activate`: Not activated; logs are flowing into a Datadog index but not yet routed through Cloud SIEM.
+        - `initializing`: Activated; awaiting first log ingestion.
+        - `active`: Activated; logs received within the last 24 hours.
+        - `warning`: Activated; integration not installed or logs last seen 24 to 72 hours ago.
+        - `broken`: Activated; no logs for over 72 hours, filter missing, or Cloud SIEM index incorrectly ordered.
       enum:
         - install
         - activate
@@ -60915,7 +60923,7 @@ components:
         - WARNING
         - BROKEN
     SecurityMonitoringContentPackTimestampBucket:
-      description: Timestamp bucket indicating when logs were last collected
+      description: When logs were last collected through the content pack's Cloud SIEM filter or index query.
       enum:
         - not_seen
         - within_24_hours
@@ -62014,7 +62022,7 @@ components:
         - $ref: "#/components/schemas/SecurityMonitoringSignalRulePayload"
         - $ref: "#/components/schemas/CloudConfigurationRulePayload"
     SecurityMonitoringSKU:
-      description: The SIEM pricing model (SKU) for the organization
+      description: The Cloud SIEM pricing model (SKU) for the organization.
       enum:
         - per_gb_analyzed
         - per_event_in_siem_index_2023
@@ -111561,10 +111569,7 @@ paths:
         - Security Monitoring
   /api/v2/security_monitoring/content_packs/states:
     get:
-      description: |-
-        Get the activation and configuration states for all security monitoring content packs.
-        This endpoint returns status information about each content pack including activation state,
-        integration status, and log collection status.
+      description: Get the activation and operational state for all Cloud SIEM content packs.
       operationId: GetContentPacksStates
       responses:
         "200":
@@ -111574,11 +111579,7 @@ paths:
                 $ref: "#/components/schemas/SecurityMonitoringContentPackStatesResponse"
           description: OK
         "403":
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/JSONAPIErrorResponse"
-          description: Forbidden
+          $ref: "#/components/responses/NotAuthorizedResponse"
         "404":
           content:
             application/json:
@@ -111587,21 +111588,31 @@ paths:
           description: Not Found
         "429":
           $ref: "#/components/responses/TooManyRequestsResponse"
+      security:
+        - apiKeyAuth: []
+          appKeyAuth: []
+        - AuthZ:
+            - security_monitoring_filters_read
       summary: Get content pack states
       tags:
         - Security Monitoring
+      "x-permission":
+        operator: OR
+        permissions:
+          - security_monitoring_filters_read
+          - logs_read_index_data
       x-unstable: |-
         **Note**: This endpoint is in preview and is subject to change.
         If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).
   /api/v2/security_monitoring/content_packs/{content_pack_id}/activate:
     put:
       description: |-
-        Activate a security monitoring content pack. This operation configures the necessary
+        Activate a Cloud SIEM content pack. This operation configures the necessary
         log filters or security filters depending on the pricing model and updates the content
         pack activation state.
       operationId: ActivateContentPack
       parameters:
-        - description: The ID of the content pack to activate.
+        - description: The ID of the content pack to activate (for example, `aws-cloudtrail`).
           in: path
           name: content_pack_id
           required: true
@@ -111612,11 +111623,7 @@ paths:
         "202":
           description: Accepted
         "403":
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/JSONAPIErrorResponse"
-          description: Forbidden
+          $ref: "#/components/responses/NotAuthorizedResponse"
         "404":
           content:
             application/json:
@@ -111625,20 +111632,30 @@ paths:
           description: Not Found
         "429":
           $ref: "#/components/responses/TooManyRequestsResponse"
+      security:
+        - apiKeyAuth: []
+          appKeyAuth: []
+        - AuthZ:
+            - security_monitoring_filters_write
       summary: Activate content pack
       tags:
         - Security Monitoring
+      "x-permission":
+        operator: OR
+        permissions:
+          - security_monitoring_filters_write
+          - logs_modify_indexes
       x-unstable: |-
         **Note**: This endpoint is in preview and is subject to change.
         If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).
   /api/v2/security_monitoring/content_packs/{content_pack_id}/deactivate:
     put:
       description: |-
-        Deactivate a security monitoring content pack. This operation removes the content pack's
+        Deactivate a Cloud SIEM content pack. This operation removes the content pack's
         configuration from log filters or security filters and updates the content pack activation state.
       operationId: DeactivateContentPack
       parameters:
-        - description: The ID of the content pack to deactivate.
+        - description: The ID of the content pack to deactivate (for example, `aws-cloudtrail`).
           in: path
           name: content_pack_id
           required: true
@@ -111649,11 +111666,7 @@ paths:
         "202":
           description: Accepted
         "403":
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/JSONAPIErrorResponse"
-          description: Forbidden
+          $ref: "#/components/responses/NotAuthorizedResponse"
         "404":
           content:
             application/json:
@@ -111662,9 +111675,19 @@ paths:
           description: Not Found
         "429":
           $ref: "#/components/responses/TooManyRequestsResponse"
+      security:
+        - apiKeyAuth: []
+          appKeyAuth: []
+        - AuthZ:
+            - security_monitoring_filters_write
       summary: Deactivate content pack
       tags:
         - Security Monitoring
+      "x-permission":
+        operator: OR
+        permissions:
+          - security_monitoring_filters_write
+          - logs_modify_indexes
       x-unstable: |-
         **Note**: This endpoint is in preview and is subject to change.
         If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).

src/main/java/com/datadog/api/client/v2/api/SecurityMonitoringApi.java

@@ -150,7 +150,8 @@ public void setApiClient(ApiClient apiClient) {
    *
    * <p>See {@link #activateContentPackWithHttpInfo}.
    *
-   * @param contentPackId The ID of the content pack to activate. (required)
+   * @param contentPackId The ID of the content pack to activate (for example, <code>aws-cloudtrail
+   *     </code>). (required)
    * @throws ApiException if fails to make API call
    */
   public void activateContentPack(String contentPackId) throws ApiException {
@@ -162,7 +163,8 @@ public void activateContentPack(String contentPackId) throws ApiException {
    *
    * <p>See {@link #activateContentPackWithHttpInfoAsync}.
    *
-   * @param contentPackId The ID of the content pack to activate. (required)
+   * @param contentPackId The ID of the content pack to activate (for example, <code>aws-cloudtrail
+   *     </code>). (required)
    * @return CompletableFuture
    */
   public CompletableFuture<Void> activateContentPackAsync(String contentPackId) {
@@ -174,19 +176,19 @@ public CompletableFuture<Void> activateContentPackAsync(String contentPackId) {
   }
 
   /**
-   * Activate a security monitoring content pack. This operation configures the necessary log
-   * filters or security filters depending on the pricing model and updates the content pack
-   * activation state.
+   * Activate a Cloud SIEM content pack. This operation configures the necessary log filters or
+   * security filters depending on the pricing model and updates the content pack activation state.
    *
-   * @param contentPackId The ID of the content pack to activate. (required)
+   * @param contentPackId The ID of the content pack to activate (for example, <code>aws-cloudtrail
+   *     </code>). (required)
    * @return ApiResponse&lt;Void&gt;
    * @throws ApiException if fails to make API call
    * @http.response.details
    *     <table border="1">
    *    <caption>Response details</caption>
    *       <tr><td> Status Code </td><td> Description </td><td> Response Headers </td></tr>
    *       <tr><td> 202 </td><td> Accepted </td><td>  -  </td></tr>
-   *       <tr><td> 403 </td><td> Forbidden </td><td>  -  </td></tr>
+   *       <tr><td> 403 </td><td> Not Authorized </td><td>  -  </td></tr>
    *       <tr><td> 404 </td><td> Not Found </td><td>  -  </td></tr>
    *       <tr><td> 429 </td><td> Too many requests </td><td>  -  </td></tr>
    *     </table>
@@ -224,7 +226,7 @@ public ApiResponse<Void> activateContentPackWithHttpInfo(String contentPackId)
             localVarHeaderParams,
             new HashMap<String, String>(),
             new String[] {"*/*"},
-            new String[] {"apiKeyAuth", "appKeyAuth"});
+            new String[] {"apiKeyAuth", "appKeyAuth", "AuthZ"});
     return apiClient.invokeAPI(
         "PUT",
         builder,
@@ -241,7 +243,8 @@ public ApiResponse<Void> activateContentPackWithHttpInfo(String contentPackId)
    *
    * <p>See {@link #activateContentPackWithHttpInfo}.
    *
-   * @param contentPackId The ID of the content pack to activate. (required)
+   * @param contentPackId The ID of the content pack to activate (for example, <code>aws-cloudtrail
+   *     </code>). (required)
    * @return CompletableFuture&lt;ApiResponse&lt;Void&gt;&gt;
    */
   public CompletableFuture<ApiResponse<Void>> activateContentPackWithHttpInfoAsync(
@@ -286,7 +289,7 @@ public CompletableFuture<ApiResponse<Void>> activateContentPackWithHttpInfoAsync
               localVarHeaderParams,
               new HashMap<String, String>(),
               new String[] {"*/*"},
-              new String[] {"apiKeyAuth", "appKeyAuth"});
+              new String[] {"apiKeyAuth", "appKeyAuth", "AuthZ"});
     } catch (ApiException ex) {
       CompletableFuture<ApiResponse<Void>> result = new CompletableFuture<>();
       result.completeExceptionally(ex);
@@ -2882,7 +2885,8 @@ public ApiResponse<NotificationRuleResponse> createVulnerabilityNotificationRule
    *
    * <p>See {@link #deactivateContentPackWithHttpInfo}.
    *
-   * @param contentPackId The ID of the content pack to deactivate. (required)
+   * @param contentPackId The ID of the content pack to deactivate (for example, <code>
+   *     aws-cloudtrail</code>). (required)
    * @throws ApiException if fails to make API call
    */
   public void deactivateContentPack(String contentPackId) throws ApiException {
@@ -2894,7 +2898,8 @@ public void deactivateContentPack(String contentPackId) throws ApiException {
    *
    * <p>See {@link #deactivateContentPackWithHttpInfoAsync}.
    *
-   * @param contentPackId The ID of the content pack to deactivate. (required)
+   * @param contentPackId The ID of the content pack to deactivate (for example, <code>
+   *     aws-cloudtrail</code>). (required)
    * @return CompletableFuture
    */
   public CompletableFuture<Void> deactivateContentPackAsync(String contentPackId) {
@@ -2906,19 +2911,19 @@ public CompletableFuture<Void> deactivateContentPackAsync(String contentPackId)
   }
 
   /**
-   * Deactivate a security monitoring content pack. This operation removes the content pack's
-   * configuration from log filters or security filters and updates the content pack activation
-   * state.
+   * Deactivate a Cloud SIEM content pack. This operation removes the content pack's configuration
+   * from log filters or security filters and updates the content pack activation state.
    *
-   * @param contentPackId The ID of the content pack to deactivate. (required)
+   * @param contentPackId The ID of the content pack to deactivate (for example, <code>
+   *     aws-cloudtrail</code>). (required)
    * @return ApiResponse&lt;Void&gt;
    * @throws ApiException if fails to make API call
    * @http.response.details
    *     <table border="1">
    *    <caption>Response details</caption>
    *       <tr><td> Status Code </td><td> Description </td><td> Response Headers </td></tr>
    *       <tr><td> 202 </td><td> Accepted </td><td>  -  </td></tr>
-   *       <tr><td> 403 </td><td> Forbidden </td><td>  -  </td></tr>
+   *       <tr><td> 403 </td><td> Not Authorized </td><td>  -  </td></tr>
    *       <tr><td> 404 </td><td> Not Found </td><td>  -  </td></tr>
    *       <tr><td> 429 </td><td> Too many requests </td><td>  -  </td></tr>
    *     </table>
@@ -2956,7 +2961,7 @@ public ApiResponse<Void> deactivateContentPackWithHttpInfo(String contentPackId)
             localVarHeaderParams,
             new HashMap<String, String>(),
             new String[] {"*/*"},
-            new String[] {"apiKeyAuth", "appKeyAuth"});
+            new String[] {"apiKeyAuth", "appKeyAuth", "AuthZ"});
     return apiClient.invokeAPI(
         "PUT",
         builder,
@@ -2973,7 +2978,8 @@ public ApiResponse<Void> deactivateContentPackWithHttpInfo(String contentPackId)
    *
    * <p>See {@link #deactivateContentPackWithHttpInfo}.
    *
-   * @param contentPackId The ID of the content pack to deactivate. (required)
+   * @param contentPackId The ID of the content pack to deactivate (for example, <code>
+   *     aws-cloudtrail</code>). (required)
    * @return CompletableFuture&lt;ApiResponse&lt;Void&gt;&gt;
    */
   public CompletableFuture<ApiResponse<Void>> deactivateContentPackWithHttpInfoAsync(
@@ -3018,7 +3024,7 @@ public CompletableFuture<ApiResponse<Void>> deactivateContentPackWithHttpInfoAsy
               localVarHeaderParams,
               new HashMap<String, String>(),
               new String[] {"*/*"},
-              new String[] {"apiKeyAuth", "appKeyAuth"});
+              new String[] {"apiKeyAuth", "appKeyAuth", "AuthZ"});
     } catch (ApiException ex) {
       CompletableFuture<ApiResponse<Void>> result = new CompletableFuture<>();
       result.completeExceptionally(ex);
@@ -4853,9 +4859,7 @@ public SecurityMonitoringContentPackStatesResponse getContentPacksStates() throw
   }
 
   /**
-   * Get the activation and configuration states for all security monitoring content packs. This
-   * endpoint returns status information about each content pack including activation state,
-   * integration status, and log collection status.
+   * Get the activation and operational state for all Cloud SIEM content packs.
    *
    * @return ApiResponse&lt;SecurityMonitoringContentPackStatesResponse&gt;
    * @throws ApiException if fails to make API call
@@ -4864,7 +4868,7 @@ public SecurityMonitoringContentPackStatesResponse getContentPacksStates() throw
    *    <caption>Response details</caption>
    *       <tr><td> Status Code </td><td> Description </td><td> Response Headers </td></tr>
    *       <tr><td> 200 </td><td> OK </td><td>  -  </td></tr>
-   *       <tr><td> 403 </td><td> Forbidden </td><td>  -  </td></tr>
+   *       <tr><td> 403 </td><td> Not Authorized </td><td>  -  </td></tr>
    *       <tr><td> 404 </td><td> Not Found </td><td>  -  </td></tr>
    *       <tr><td> 429 </td><td> Too many requests </td><td>  -  </td></tr>
    *     </table>
@@ -4892,7 +4896,7 @@ public SecurityMonitoringContentPackStatesResponse getContentPacksStates() throw
             localVarHeaderParams,
             new HashMap<String, String>(),
             new String[] {"application/json"},
-            new String[] {"apiKeyAuth", "appKeyAuth"});
+            new String[] {"apiKeyAuth", "appKeyAuth", "AuthZ"});
     return apiClient.invokeAPI(
         "GET",
         builder,
@@ -4940,7 +4944,7 @@ public SecurityMonitoringContentPackStatesResponse getContentPacksStates() throw
               localVarHeaderParams,
               new HashMap<String, String>(),
               new String[] {"application/json"},
-              new String[] {"apiKeyAuth", "appKeyAuth"});
+              new String[] {"apiKeyAuth", "appKeyAuth", "AuthZ"});
     } catch (ApiException ex) {
       CompletableFuture<ApiResponse<SecurityMonitoringContentPackStatesResponse>> result =
           new CompletableFuture<>();