diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index 6fb646a7c0dd..bd0676550205 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -1023,6 +1023,13 @@ components: required: true schema: type: string + SecurityMonitoringCriticalAssetID: + description: The ID of the critical asset. + in: path + name: critical_asset_id + required: true + schema: + type: string SecurityMonitoringRuleID: description: The ID of the rule. in: path @@ -48912,6 +48919,237 @@ components: x-enum-varnames: - DONE - TIMEOUT + SecurityMonitoringCriticalAsset: + description: The critical asset's properties. + properties: + attributes: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetAttributes' + id: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetID' + type: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetType' + type: object + SecurityMonitoringCriticalAssetAttributes: + description: The attributes of the critical asset. + properties: + creation_author_id: + description: ID of user who created the critical asset. + example: 367742 + format: int64 + type: integer + creation_date: + description: A Unix millisecond timestamp given the creation date of the + critical asset. + format: int64 + type: integer + creator: + $ref: '#/components/schemas/SecurityMonitoringUser' + enabled: + description: Whether the critical asset is enabled. + example: true + type: boolean + query: + description: The query for the critical asset. It uses the same syntax as + the queries to search signals in the Signals Explorer. + example: security:monitoring + type: string + rule_query: + description: The rule query of the critical asset, with the same syntax + as the search bar for detection rules. This determines which rules this + critical asset will apply to. + example: type:log_detection source:cloudtrail + type: string + severity: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetSeverity' + tags: + description: List of tags associated with the critical asset. + example: + - team:database + - source:cloudtrail + items: + type: string + type: array + update_author_id: + description: ID of user who updated the critical asset. + example: 367743 + format: int64 + type: integer + update_date: + description: A Unix millisecond timestamp given the update date of the critical + asset. + format: int64 + type: integer + updater: + $ref: '#/components/schemas/SecurityMonitoringUser' + version: + description: The version of the critical asset; it starts at 1, and is incremented + at each update. + example: 2 + format: int32 + maximum: 2147483647 + type: integer + type: object + SecurityMonitoringCriticalAssetCreateAttributes: + description: Object containing the attributes of the critical asset to be created. + properties: + enabled: + default: true + description: Whether the critical asset is enabled. Defaults to `true` if + not specified. + example: true + type: boolean + query: + description: The query for the critical asset. It uses the same syntax as + the queries to search signals in the Signals Explorer. + example: security:monitoring + type: string + rule_query: + description: The rule query of the critical asset, with the same syntax + as the search bar for detection rules. This determines which rules this + critical asset will apply to. + example: type:(log_detection OR signal_correlation OR workload_security + OR application_security) source:cloudtrail + type: string + severity: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetSeverity' + tags: + description: List of tags associated with the critical asset. + example: + - team:database + - source:cloudtrail + items: + type: string + type: array + required: + - query + - severity + - rule_query + type: object + SecurityMonitoringCriticalAssetCreateData: + description: Object for a single critical asset. + properties: + attributes: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetCreateAttributes' + type: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetType' + required: + - type + - attributes + type: object + SecurityMonitoringCriticalAssetCreateRequest: + description: Request object that includes the critical asset that you would + like to create. + properties: + data: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetCreateData' + required: + - data + type: object + SecurityMonitoringCriticalAssetID: + description: The ID of the critical asset. + example: 4e2435a5-6670-4b8f-baff-46083cd1c250 + type: string + SecurityMonitoringCriticalAssetResponse: + description: Response object containing a single critical asset. + properties: + data: + $ref: '#/components/schemas/SecurityMonitoringCriticalAsset' + type: object + SecurityMonitoringCriticalAssetSeverity: + description: Severity associated with this critical asset. Either an explicit + severity can be set, or the severity can be increased or decreased. + enum: + - info + - low + - medium + - high + - critical + - increase + - decrease + example: increase + type: string + x-enum-varnames: + - INFO + - LOW + - MEDIUM + - HIGH + - CRITICAL + - INCREASE + - DECREASE + SecurityMonitoringCriticalAssetType: + default: critical_assets + description: The type of the resource. The value should always be `critical_assets`. + enum: + - critical_assets + example: critical_assets + type: string + x-enum-varnames: + - CRITICAL_ASSETS + SecurityMonitoringCriticalAssetUpdateAttributes: + description: The critical asset properties to be updated. + properties: + enabled: + description: Whether the critical asset is enabled. + example: true + type: boolean + query: + description: The query for the critical asset. It uses the same syntax as + the queries to search signals in the Signals Explorer. + example: security:monitoring + type: string + rule_query: + description: The rule query of the critical asset, with the same syntax + as the search bar for detection rules. This determines which rules this + critical asset will apply to. + example: type:log_detection source:cloudtrail + type: string + severity: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetSeverity' + tags: + description: List of tags associated with the critical asset. + example: + - technique:T1110-brute-force + - source:cloudtrail + items: + type: string + type: array + version: + description: The version of the critical asset being updated. Used for optimistic + locking to prevent concurrent modifications. + example: 1 + format: int32 + maximum: 2147483647 + type: integer + type: object + SecurityMonitoringCriticalAssetUpdateData: + description: The new critical asset properties; partial updates are supported. + properties: + attributes: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetUpdateAttributes' + type: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetType' + required: + - type + - attributes + type: object + SecurityMonitoringCriticalAssetUpdateRequest: + description: Request object containing the fields to update on the critical + asset. + properties: + data: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetUpdateData' + required: + - data + type: object + SecurityMonitoringCriticalAssetsResponse: + description: Response object containing the available critical assets. + properties: + data: + description: A list of critical assets objects. + items: + $ref: '#/components/schemas/SecurityMonitoringCriticalAsset' + type: array + type: object SecurityMonitoringFilter: description: The rule's suppression filter. properties: @@ -60568,6 +60806,8 @@ components: & unsubscribing from apps in the marketplace, and enabling & disabling Remote Configuration for the entire organization. security_comments_read: Read comments of vulnerabilities. + security_monitoring_critical_assets_read: Read Critical Assets. + security_monitoring_critical_assets_write: Write Critical Assets. security_monitoring_filters_read: Read Security Filters. security_monitoring_filters_write: Create, edit, and delete Security Filters. security_monitoring_findings_read: View a list of findings that include @@ -84951,6 +85191,184 @@ paths: operator: OR permissions: - security_monitoring_cws_agent_rules_write + /api/v2/security_monitoring/configuration/critical_assets: + get: + description: Get the list of all critical assets. + operationId: ListSecurityMonitoringCriticalAssets + parameters: + - description: Query string. + in: query + name: query + required: false + schema: + type: string + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetsResponse' + description: OK + '403': + $ref: '#/components/responses/NotAuthorizedResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_critical_assets_read + summary: Get all critical assets + tags: + - Security Monitoring + post: + description: Create a new critical asset. + operationId: CreateSecurityMonitoringCriticalAsset + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetCreateRequest' + description: The definition of the new critical asset. + required: true + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetResponse' + description: OK + '400': + $ref: '#/components/responses/BadRequestResponse' + '403': + $ref: '#/components/responses/NotAuthorizedResponse' + '409': + $ref: '#/components/responses/ConflictResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_critical_assets_write + summary: Create a critical asset + tags: + - Security Monitoring + x-codegen-request-body-name: body + /api/v2/security_monitoring/configuration/critical_assets/rules/{rule_id}: + get: + description: Get the list of critical assets that affect a specific existing + rule by the rule's ID. + operationId: GetCriticalAssetsAffectingRule + parameters: + - $ref: '#/components/parameters/SecurityMonitoringRuleID' + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetsResponse' + description: OK + '403': + $ref: '#/components/responses/NotAuthorizedResponse' + '404': + $ref: '#/components/responses/NotFoundResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_critical_assets_read + summary: Get critical assets affecting a specific rule + tags: + - Security Monitoring + /api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id}: + delete: + description: Delete a specific critical asset. + operationId: DeleteSecurityMonitoringCriticalAsset + parameters: + - $ref: '#/components/parameters/SecurityMonitoringCriticalAssetID' + responses: + '204': + description: OK + '403': + $ref: '#/components/responses/NotAuthorizedResponse' + '404': + $ref: '#/components/responses/NotFoundResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_critical_assets_write + summary: Delete a critical asset + tags: + - Security Monitoring + get: + description: Get the details of a specific critical asset. + operationId: GetSecurityMonitoringCriticalAsset + parameters: + - $ref: '#/components/parameters/SecurityMonitoringCriticalAssetID' + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetResponse' + description: OK + '403': + $ref: '#/components/responses/NotAuthorizedResponse' + '404': + $ref: '#/components/responses/NotFoundResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_critical_assets_read + summary: Get a critical asset + tags: + - Security Monitoring + patch: + description: Update a specific critical asset. + operationId: UpdateSecurityMonitoringCriticalAsset + parameters: + - $ref: '#/components/parameters/SecurityMonitoringCriticalAssetID' + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetUpdateRequest' + description: New definition of the critical asset. Supports partial updates. + required: true + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SecurityMonitoringCriticalAssetResponse' + description: OK + '400': + $ref: '#/components/responses/BadRequestResponse' + '403': + $ref: '#/components/responses/NotAuthorizedResponse' + '404': + $ref: '#/components/responses/NotFoundResponse' + '409': + $ref: '#/components/responses/ConcurrentModificationResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_critical_assets_write + summary: Update a critical asset + tags: + - Security Monitoring /api/v2/security_monitoring/configuration/security_filters: get: description: Get the list of configured security filters with their definitions. diff --git a/cassettes/v2/Security-Monitoring_1187227211/Create-a-critical-asset-returns-OK-response_447517121/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Create-a-critical-asset-returns-OK-response_447517121/frozen.json new file mode 100644 index 000000000000..dcd6cce98605 --- /dev/null +++ b/cassettes/v2/Security-Monitoring_1187227211/Create-a-critical-asset-returns-OK-response_447517121/frozen.json @@ -0,0 +1 @@ +"2026-01-02T19:09:02.221Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Create-a-critical-asset-returns-OK-response_447517121/recording.har b/cassettes/v2/Security-Monitoring_1187227211/Create-a-critical-asset-returns-OK-response_447517121/recording.har new file mode 100644 index 000000000000..8146cb21e7e5 --- /dev/null +++ b/cassettes/v2/Security-Monitoring_1187227211/Create-a-critical-asset-returns-OK-response_447517121/recording.har @@ -0,0 +1,104 @@ +{ + "log": { + "_recordingName": "Security Monitoring/Create a critical asset returns \"OK\" response", + "creator": { + "comment": "persister:fs", + "name": "Polly.JS", + "version": "6.0.5" + }, + "entries": [ + { + "_id": "0d28baa64867b45f82a6ca26ce287030", + "_order": 0, + "cache": {}, + "request": { + "bodySize": 296, + "cookies": [], + "headers": [ + { + "_fromType": "array", + "name": "accept", + "value": "application/json" + }, + { + "_fromType": "array", + "name": "content-type", + "value": "application/json" + } + ], + "headersSize": 621, + "httpVersion": "HTTP/1.1", + "method": "POST", + "postData": { + "mimeType": "application/json", + "params": [], + "text": "{\"data\":{\"attributes\":{\"query\":\"host:testcreateacriticalassetreturnsokresponse1767380942\",\"rule_query\":\"type:(log_detection OR signal_correlation OR workload_security OR application_security) source:cloudtrail\",\"severity\":\"decrease\",\"tags\":[\"team:security\",\"env:test\"]},\"type\":\"critical_assets\"}}" + }, + "queryString": [], + "url": "https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets" + }, + "response": { + "bodySize": 593, + "content": { + "mimeType": "application/vnd.api+json", + "size": 593, + "text": "{\"data\":{\"id\":\"93d5a224-589d-4d6d-adbf-f6657f484ecc\",\"type\":\"critical_assets\",\"attributes\":{\"creation_author_id\":1445416,\"creation_date\":1767380942322,\"creator\":{\"handle\":\"frog@datadoghq.com\",\"name\":\"frog\"},\"enabled\":true,\"query\":\"host:testcreateacriticalassetreturnsokresponse1767380942\",\"rule_query\":\"type:(log_detection OR signal_correlation OR workload_security OR application_security) source:cloudtrail\",\"severity\":\"decrease\",\"tags\":[\"team:security\",\"env:test\"],\"update_author_id\":1445416,\"update_date\":1767380942322,\"updater\":{\"handle\":\"frog@datadoghq.com\",\"name\":\"frog\"},\"version\":1}}}" + }, + "cookies": [], + "headers": [ + { + "name": "content-type", + "value": "application/vnd.api+json" + } + ], + "headersSize": 662, + "httpVersion": "HTTP/1.1", + "redirectURL": "", + "status": 200, + "statusText": "OK" + }, + "startedDateTime": "2026-01-02T19:09:02.225Z", + "time": 101 + }, + { + "_id": "599cdff0c43a200a52e3040e0f87675e", + "_order": 0, + "cache": {}, + "request": { + "bodySize": 0, + "cookies": [], + "headers": [ + { + "_fromType": "array", + "name": "accept", + "value": "*/*" + } + ], + "headersSize": 594, + "httpVersion": "HTTP/1.1", + "method": "DELETE", + "queryString": [], + "url": "https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/93d5a224-589d-4d6d-adbf-f6657f484ecc" + }, + "response": { + "bodySize": 0, + "content": { + "mimeType": "text/plain", + "size": 0 + }, + "cookies": [], + "headers": [], + "headersSize": 601, + "httpVersion": "HTTP/1.1", + "redirectURL": "", + "status": 204, + "statusText": "No Content" + }, + "startedDateTime": "2026-01-02T19:09:02.333Z", + "time": 106 + } + ], + "pages": [], + "version": "1.2" + } +} diff --git a/cassettes/v2/Security-Monitoring_1187227211/Delete-a-critical-asset-returns-Not-Found-response_329004921/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Delete-a-critical-asset-returns-Not-Found-response_329004921/frozen.json new file mode 100644 index 000000000000..3630061064a9 --- /dev/null +++ b/cassettes/v2/Security-Monitoring_1187227211/Delete-a-critical-asset-returns-Not-Found-response_329004921/frozen.json @@ -0,0 +1 @@ +"2026-01-02T19:09:07.983Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Delete-a-critical-asset-returns-Not-Found-response_329004921/recording.har b/cassettes/v2/Security-Monitoring_1187227211/Delete-a-critical-asset-returns-Not-Found-response_329004921/recording.har new file mode 100644 index 000000000000..149cc8bd2394 --- /dev/null +++ b/cassettes/v2/Security-Monitoring_1187227211/Delete-a-critical-asset-returns-Not-Found-response_329004921/recording.har @@ -0,0 +1,57 @@ +{ + "log": { + "_recordingName": "Security Monitoring/Delete a critical asset returns \"Not Found\" response", + "creator": { + "comment": "persister:fs", + "name": "Polly.JS", + "version": "6.0.5" + }, + "entries": [ + { + "_id": "4e5e5b34198fb98007a8931fdc0e413d", + "_order": 0, + "cache": {}, + "request": { + "bodySize": 0, + "cookies": [], + "headers": [ + { + "_fromType": "array", + "name": "accept", + "value": "*/*" + } + ], + "headersSize": 594, + "httpVersion": "HTTP/1.1", + "method": "DELETE", + "queryString": [], + "url": "https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/00000000-0000-0000-0000-000000000000" + }, + "response": { + "bodySize": 95, + "content": { + "mimeType": "application/json", + "size": 95, + "text": "{\"errors\":[\"not_found(Critical asset with ID 00000000-0000-0000-0000-000000000000 not found)\"]}" + }, + "cookies": [], + "headers": [ + { + "name": "content-type", + "value": "application/json" + } + ], + "headersSize": 653, + "httpVersion": "HTTP/1.1", + "redirectURL": "", + "status": 404, + "statusText": "Not Found" + }, + "startedDateTime": "2026-01-02T19:09:07.986Z", + "time": 85 + } + ], + "pages": [], + "version": "1.2" + } +} diff --git a/cassettes/v2/Security-Monitoring_1187227211/Delete-a-critical-asset-returns-OK-response_404013304/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Delete-a-critical-asset-returns-OK-response_404013304/frozen.json new file mode 100644 index 000000000000..ed7dbb6d9536 --- /dev/null +++ b/cassettes/v2/Security-Monitoring_1187227211/Delete-a-critical-asset-returns-OK-response_404013304/frozen.json @@ -0,0 +1 @@ +"2026-01-12T19:41:34.038Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Delete-a-critical-asset-returns-OK-response_404013304/recording.har b/cassettes/v2/Security-Monitoring_1187227211/Delete-a-critical-asset-returns-OK-response_404013304/recording.har new file mode 100644 index 000000000000..292aa4fa11bc --- /dev/null +++ b/cassettes/v2/Security-Monitoring_1187227211/Delete-a-critical-asset-returns-OK-response_404013304/recording.har @@ -0,0 +1,147 @@ +{ + "log": { + "_recordingName": "Security Monitoring/Delete a critical asset returns \"OK\" response", + "creator": { + "comment": "persister:fs", + "name": "Polly.JS", + "version": "6.0.5" + }, + "entries": [ + { + "_id": "6ffb5b4da3b76fa11d1ce0464f43c9e5", + "_order": 0, + "cache": {}, + "request": { + "bodySize": 150, + "cookies": [], + "headers": [ + { + "_fromType": "array", + "name": "accept", + "value": "application/json" + }, + { + "_fromType": "array", + "name": "content-type", + "value": "application/json" + } + ], + "headersSize": 621, + "httpVersion": "HTTP/1.1", + "method": "POST", + "postData": { + "mimeType": "application/json", + "params": [], + "text": "{\"data\":{\"attributes\":{\"query\":\"security:monitoring\",\"rule_query\":\"source:k9\",\"severity\":\"medium\",\"tags\":[\"team:security\"]},\"type\":\"critical_assets\"}}" + }, + "queryString": [], + "url": "https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets" + }, + "response": { + "bodySize": 495, + "content": { + "mimeType": "application/vnd.api+json", + "size": 495, + "text": "{\"data\":{\"id\":\"f340fbe7-ed28-466e-924e-7e23475dd405\",\"type\":\"critical_assets\",\"attributes\":{\"creation_author_id\":2320499,\"creation_date\":1768246895425,\"creator\":{\"handle\":\"9919ec9b-ebc7-49ee-8dc8-03626e717cca\",\"name\":\"CI Account\"},\"enabled\":true,\"query\":\"security:monitoring\",\"rule_query\":\"source:k9\",\"severity\":\"medium\",\"tags\":[\"team:security\"],\"update_author_id\":2320499,\"update_date\":1768246895425,\"updater\":{\"handle\":\"9919ec9b-ebc7-49ee-8dc8-03626e717cca\",\"name\":\"CI Account\"},\"version\":1}}}" + }, + "cookies": [], + "headers": [ + { + "name": "content-type", + "value": "application/vnd.api+json" + } + ], + "headersSize": 662, + "httpVersion": "HTTP/1.1", + "redirectURL": "", + "status": 200, + "statusText": "OK" + }, + "startedDateTime": "2026-01-12T19:41:35.036Z", + "time": 449 + }, + { + "_id": "daaf7fd861c22ac242aecd34b2857055", + "_order": 0, + "cache": {}, + "request": { + "bodySize": 0, + "cookies": [], + "headers": [ + { + "_fromType": "array", + "name": "accept", + "value": "*/*" + } + ], + "headersSize": 594, + "httpVersion": "HTTP/1.1", + "method": "DELETE", + "queryString": [], + "url": "https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/f340fbe7-ed28-466e-924e-7e23475dd405" + }, + "response": { + "bodySize": 0, + "content": { + "mimeType": "text/plain", + "size": 0 + }, + "cookies": [], + "headers": [], + "headersSize": 601, + "httpVersion": "HTTP/1.1", + "redirectURL": "", + "status": 204, + "statusText": "No Content" + }, + "startedDateTime": "2026-01-12T19:41:35.501Z", + "time": 337 + }, + { + "_id": "daaf7fd861c22ac242aecd34b2857055", + "_order": 1, + "cache": {}, + "request": { + "bodySize": 0, + "cookies": [], + "headers": [ + { + "_fromType": "array", + "name": "accept", + "value": "*/*" + } + ], + "headersSize": 594, + "httpVersion": "HTTP/1.1", + "method": "DELETE", + "queryString": [], + "url": "https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/f340fbe7-ed28-466e-924e-7e23475dd405" + }, + "response": { + "bodySize": 95, + "content": { + "mimeType": "application/json", + "size": 95, + "text": "{\"errors\":[\"not_found(Critical asset with ID f340fbe7-ed28-466e-924e-7e23475dd405 not found)\"]}" + }, + "cookies": [], + "headers": [ + { + "name": "content-type", + "value": "application/json" + } + ], + "headersSize": 653, + "httpVersion": "HTTP/1.1", + "redirectURL": "", + "status": 404, + "statusText": "Not Found" + }, + "startedDateTime": "2026-01-12T19:41:35.845Z", + "time": 314 + } + ], + "pages": [], + "version": "1.2" + } +} diff --git a/cassettes/v2/Security-Monitoring_1187227211/Get-a-critical-asset-returns-Not-Found-response_278312148/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Get-a-critical-asset-returns-Not-Found-response_278312148/frozen.json new file mode 100644 index 000000000000..96d52e5c00c1 --- /dev/null +++ b/cassettes/v2/Security-Monitoring_1187227211/Get-a-critical-asset-returns-Not-Found-response_278312148/frozen.json @@ -0,0 +1 @@ +"2026-01-02T19:09:12.106Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Get-a-critical-asset-returns-Not-Found-response_278312148/recording.har b/cassettes/v2/Security-Monitoring_1187227211/Get-a-critical-asset-returns-Not-Found-response_278312148/recording.har new file mode 100644 index 000000000000..e82c4cf8febb --- /dev/null +++ b/cassettes/v2/Security-Monitoring_1187227211/Get-a-critical-asset-returns-Not-Found-response_278312148/recording.har @@ -0,0 +1,57 @@ +{ + "log": { + "_recordingName": "Security Monitoring/Get a critical asset returns \"Not Found\" response", + "creator": { + "comment": "persister:fs", + "name": "Polly.JS", + "version": "6.0.5" + }, + "entries": [ + { + "_id": "d4775b637aae469f02216f5d7be0cdd1", + "_order": 0, + "cache": {}, + "request": { + "bodySize": 0, + "cookies": [], + "headers": [ + { + "_fromType": "array", + "name": "accept", + "value": "application/json" + } + ], + "headersSize": 601, + "httpVersion": "HTTP/1.1", + "method": "GET", + "queryString": [], + "url": "https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/00000000-0000-0000-0000-000000000000" + }, + "response": { + "bodySize": 95, + "content": { + "mimeType": "application/json", + "size": 95, + "text": "{\"errors\":[\"not_found(Critical asset with ID 00000000-0000-0000-0000-000000000000 not found)\"]}" + }, + "cookies": [], + "headers": [ + { + "name": "content-type", + "value": "application/json" + } + ], + "headersSize": 653, + "httpVersion": "HTTP/1.1", + "redirectURL": "", + "status": 404, + "statusText": "Not Found" + }, + "startedDateTime": "2026-01-02T19:09:12.109Z", + "time": 81 + } + ], + "pages": [], + "version": "1.2" + } +} diff --git a/cassettes/v2/Security-Monitoring_1187227211/Get-a-critical-asset-returns-OK-response_795278007/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Get-a-critical-asset-returns-OK-response_795278007/frozen.json new file mode 100644 index 000000000000..5c6225c9541c --- /dev/null +++ b/cassettes/v2/Security-Monitoring_1187227211/Get-a-critical-asset-returns-OK-response_795278007/frozen.json @@ -0,0 +1 @@ +"2026-01-12T19:41:36.187Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Get-a-critical-asset-returns-OK-response_795278007/recording.har b/cassettes/v2/Security-Monitoring_1187227211/Get-a-critical-asset-returns-OK-response_795278007/recording.har new file mode 100644 index 000000000000..1f912380e0a5 --- /dev/null +++ b/cassettes/v2/Security-Monitoring_1187227211/Get-a-critical-asset-returns-OK-response_795278007/recording.har @@ -0,0 +1,147 @@ +{ + "log": { + "_recordingName": "Security Monitoring/Get a critical asset returns \"OK\" response", + "creator": { + "comment": "persister:fs", + "name": "Polly.JS", + "version": "6.0.5" + }, + "entries": [ + { + "_id": "6ffb5b4da3b76fa11d1ce0464f43c9e5", + "_order": 0, + "cache": {}, + "request": { + "bodySize": 150, + "cookies": [], + "headers": [ + { + "_fromType": "array", + "name": "accept", + "value": "application/json" + }, + { + "_fromType": "array", + "name": "content-type", + "value": "application/json" + } + ], + "headersSize": 621, + "httpVersion": "HTTP/1.1", + "method": "POST", + "postData": { + "mimeType": "application/json", + "params": [], + "text": "{\"data\":{\"attributes\":{\"query\":\"security:monitoring\",\"rule_query\":\"source:k9\",\"severity\":\"medium\",\"tags\":[\"team:security\"]},\"type\":\"critical_assets\"}}" + }, + "queryString": [], + "url": "https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets" + }, + "response": { + "bodySize": 495, + "content": { + "mimeType": "application/vnd.api+json", + "size": 495, + "text": "{\"data\":{\"id\":\"a9dfa43c-734a-4984-bed6-68934254cb59\",\"type\":\"critical_assets\",\"attributes\":{\"creation_author_id\":2320499,\"creation_date\":1768246896448,\"creator\":{\"handle\":\"9919ec9b-ebc7-49ee-8dc8-03626e717cca\",\"name\":\"CI Account\"},\"enabled\":true,\"query\":\"security:monitoring\",\"rule_query\":\"source:k9\",\"severity\":\"medium\",\"tags\":[\"team:security\"],\"update_author_id\":2320499,\"update_date\":1768246896448,\"updater\":{\"handle\":\"9919ec9b-ebc7-49ee-8dc8-03626e717cca\",\"name\":\"CI Account\"},\"version\":1}}}" + }, + "cookies": [], + "headers": [ + { + "name": "content-type", + "value": "application/vnd.api+json" + } + ], + "headersSize": 662, + "httpVersion": "HTTP/1.1", + "redirectURL": "", + "status": 200, + "statusText": "OK" + }, + "startedDateTime": "2026-01-12T19:41:36.191Z", + "time": 312 + }, + { + "_id": "a17a7db1db0219ec65f131d37d6cfb58", + "_order": 0, + "cache": {}, + "request": { + "bodySize": 0, + "cookies": [], + "headers": [ + { + "_fromType": "array", + "name": "accept", + "value": "application/json" + } + ], + "headersSize": 601, + "httpVersion": "HTTP/1.1", + "method": "GET", + "queryString": [], + "url": "https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/a9dfa43c-734a-4984-bed6-68934254cb59" + }, + "response": { + "bodySize": 495, + "content": { + "mimeType": "application/vnd.api+json", + "size": 495, + "text": "{\"data\":{\"id\":\"a9dfa43c-734a-4984-bed6-68934254cb59\",\"type\":\"critical_assets\",\"attributes\":{\"creation_author_id\":2320499,\"creation_date\":1768246896448,\"creator\":{\"handle\":\"9919ec9b-ebc7-49ee-8dc8-03626e717cca\",\"name\":\"CI Account\"},\"enabled\":true,\"query\":\"security:monitoring\",\"rule_query\":\"source:k9\",\"severity\":\"medium\",\"tags\":[\"team:security\"],\"update_author_id\":2320499,\"update_date\":1768246896448,\"updater\":{\"handle\":\"9919ec9b-ebc7-49ee-8dc8-03626e717cca\",\"name\":\"CI Account\"},\"version\":1}}}" + }, + "cookies": [], + "headers": [ + { + "name": "content-type", + "value": "application/vnd.api+json" + } + ], + "headersSize": 662, + "httpVersion": "HTTP/1.1", + "redirectURL": "", + "status": 200, + "statusText": "OK" + }, + "startedDateTime": "2026-01-12T19:41:36.508Z", + "time": 333 + }, + { + "_id": "9f625e573f34bf1272dc2e32954df60d", + "_order": 0, + "cache": {}, + "request": { + "bodySize": 0, + "cookies": [], + "headers": [ + { + "_fromType": "array", + "name": "accept", + "value": "*/*" + } + ], + "headersSize": 594, + "httpVersion": "HTTP/1.1", + "method": "DELETE", + "queryString": [], + "url": "https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/a9dfa43c-734a-4984-bed6-68934254cb59" + }, + "response": { + "bodySize": 0, + "content": { + "mimeType": "text/plain", + "size": 0 + }, + "cookies": [], + "headers": [], + "headersSize": 601, + "httpVersion": "HTTP/1.1", + "redirectURL": "", + "status": 204, + "statusText": "No Content" + }, + "startedDateTime": "2026-01-12T19:41:36.846Z", + "time": 318 + } + ], + "pages": [], + "version": "1.2" + } +} diff --git a/cassettes/v2/Security-Monitoring_1187227211/Get-all-critical-assets-returns-OK-response_3417594760/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Get-all-critical-assets-returns-OK-response_3417594760/frozen.json new file mode 100644 index 000000000000..fb08f170cc3d --- /dev/null +++ b/cassettes/v2/Security-Monitoring_1187227211/Get-all-critical-assets-returns-OK-response_3417594760/frozen.json @@ -0,0 +1 @@ +"2026-01-02T19:09:14.824Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Get-all-critical-assets-returns-OK-response_3417594760/recording.har b/cassettes/v2/Security-Monitoring_1187227211/Get-all-critical-assets-returns-OK-response_3417594760/recording.har new file mode 100644 index 000000000000..9b49822dc894 --- /dev/null +++ b/cassettes/v2/Security-Monitoring_1187227211/Get-all-critical-assets-returns-OK-response_3417594760/recording.har @@ -0,0 +1,57 @@ +{ + "log": { + "_recordingName": "Security Monitoring/Get all critical assets returns \"OK\" response", + "creator": { + "comment": "persister:fs", + "name": "Polly.JS", + "version": "6.0.5" + }, + "entries": [ + { + "_id": "04174203702b7c9aae527facd5f268bd", + "_order": 0, + "cache": {}, + "request": { + "bodySize": 0, + "cookies": [], + "headers": [ + { + "_fromType": "array", + "name": "accept", + "value": "application/json" + } + ], + "headersSize": 566, + "httpVersion": "HTTP/1.1", + "method": "GET", + "queryString": [], + "url": "https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets" + }, + "response": { + "bodySize": 11, + "content": { + "mimeType": "application/vnd.api+json", + "size": 11, + "text": "{\"data\":[]}" + }, + "cookies": [], + "headers": [ + { + "name": "content-type", + "value": "application/vnd.api+json" + } + ], + "headersSize": 661, + "httpVersion": "HTTP/1.1", + "redirectURL": "", + "status": 200, + "statusText": "OK" + }, + "startedDateTime": "2026-01-02T19:09:14.828Z", + "time": 78 + } + ], + "pages": [], + "version": "1.2" + } +} diff --git a/cassettes/v2/Security-Monitoring_1187227211/Get-critical-assets-affecting-a-specific-rule-returns-Not-Found-response_1436505410/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Get-critical-assets-affecting-a-specific-rule-returns-Not-Found-response_1436505410/frozen.json new file mode 100644 index 000000000000..1cd658834443 --- /dev/null +++ b/cassettes/v2/Security-Monitoring_1187227211/Get-critical-assets-affecting-a-specific-rule-returns-Not-Found-response_1436505410/frozen.json @@ -0,0 +1 @@ +"2026-01-02T18:44:02.157Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Get-critical-assets-affecting-a-specific-rule-returns-Not-Found-response_1436505410/recording.har b/cassettes/v2/Security-Monitoring_1187227211/Get-critical-assets-affecting-a-specific-rule-returns-Not-Found-response_1436505410/recording.har new file mode 100644 index 000000000000..3fd954888f2d --- /dev/null +++ b/cassettes/v2/Security-Monitoring_1187227211/Get-critical-assets-affecting-a-specific-rule-returns-Not-Found-response_1436505410/recording.har @@ -0,0 +1,57 @@ +{ + "log": { + "_recordingName": "Security Monitoring/Get critical assets affecting a specific rule returns \"Not Found\" response", + "creator": { + "comment": "persister:fs", + "name": "Polly.JS", + "version": "6.0.5" + }, + "entries": [ + { + "_id": "eb71d87b3e1a97b762bb6d4e9179c149", + "_order": 0, + "cache": {}, + "request": { + "bodySize": 0, + "cookies": [], + "headers": [ + { + "_fromType": "array", + "name": "accept", + "value": "application/json" + } + ], + "headersSize": 582, + "httpVersion": "HTTP/1.1", + "method": "GET", + "queryString": [], + "url": "https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/rules/aaa-bbb-ccc-ddd" + }, + "response": { + "bodySize": 11, + "content": { + "mimeType": "application/vnd.api+json", + "size": 11, + "text": "{\"data\":[]}" + }, + "cookies": [], + "headers": [ + { + "name": "content-type", + "value": "application/vnd.api+json" + } + ], + "headersSize": 661, + "httpVersion": "HTTP/1.1", + "redirectURL": "", + "status": 200, + "statusText": "OK" + }, + "startedDateTime": "2026-01-02T18:44:02.158Z", + "time": 89 + } + ], + "pages": [], + "version": "1.2" + } +} diff --git a/cassettes/v2/Security-Monitoring_1187227211/Get-critical-assets-affecting-a-specific-rule-returns-OK-response_980432405/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Get-critical-assets-affecting-a-specific-rule-returns-OK-response_980432405/frozen.json new file mode 100644 index 000000000000..e07fc35b8597 --- /dev/null +++ b/cassettes/v2/Security-Monitoring_1187227211/Get-critical-assets-affecting-a-specific-rule-returns-OK-response_980432405/frozen.json @@ -0,0 +1 @@ +"2026-01-02T19:09:15.164Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Get-critical-assets-affecting-a-specific-rule-returns-OK-response_980432405/recording.har b/cassettes/v2/Security-Monitoring_1187227211/Get-critical-assets-affecting-a-specific-rule-returns-OK-response_980432405/recording.har new file mode 100644 index 000000000000..fcf7bb8e6622 --- /dev/null +++ b/cassettes/v2/Security-Monitoring_1187227211/Get-critical-assets-affecting-a-specific-rule-returns-OK-response_980432405/recording.har @@ -0,0 +1,147 @@ +{ + "log": { + "_recordingName": "Security Monitoring/Get critical assets affecting a specific rule returns \"OK\" response", + "creator": { + "comment": "persister:fs", + "name": "Polly.JS", + "version": "6.0.5" + }, + "entries": [ + { + "_id": "ba41852e6cedf10f1b564d095839c21d", + "_order": 0, + "cache": {}, + "request": { + "bodySize": 441, + "cookies": [], + "headers": [ + { + "_fromType": "array", + "name": "accept", + "value": "application/json" + }, + { + "_fromType": "array", + "name": "content-type", + "value": "application/json" + } + ], + "headersSize": 588, + "httpVersion": "HTTP/1.1", + "method": "POST", + "postData": { + "mimeType": "application/json", + "params": [], + "text": "{\"cases\":[{\"condition\":\"a > 0\",\"name\":\"\",\"notifications\":[],\"status\":\"info\"}],\"filters\":[],\"isEnabled\":true,\"message\":\"Test rule\",\"name\":\"Test-Get_critical_assets_affecting_a_specific_rule_returns_OK_response-1767380955\",\"options\":{\"evaluationWindow\":900,\"keepAlive\":3600,\"maxSignalDuration\":86400},\"queries\":[{\"aggregation\":\"count\",\"distinctFields\":[],\"groupByFields\":[],\"metrics\":[],\"query\":\"@test:true\"}],\"tags\":[],\"type\":\"log_detection\"}" + }, + "queryString": [], + "url": "https://api.datadoghq.com/api/v2/security_monitoring/rules" + }, + "response": { + "bodySize": 876, + "content": { + "mimeType": "application/json", + "size": 876, + "text": "{\"name\":\"Test-Get_critical_assets_affecting_a_specific_rule_returns_OK_response-1767380955\",\"createdAt\":1767380955311,\"isDefault\":false,\"isPartner\":false,\"isEnabled\":true,\"isBeta\":false,\"isDeleted\":false,\"isDeprecated\":false,\"queries\":[{\"query\":\"@test:true\",\"groupByFields\":[],\"hasOptionalGroupByFields\":false,\"distinctFields\":[],\"aggregation\":\"count\",\"name\":\"\",\"dataSource\":\"logs\"}],\"options\":{\"evaluationWindow\":900,\"detectionMethod\":\"threshold\",\"maxSignalDuration\":86400,\"keepAlive\":3600},\"cases\":[{\"name\":\"\",\"status\":\"info\",\"notifications\":[],\"condition\":\"a \\u003e 0\"}],\"message\":\"Test rule\",\"tags\":[],\"hasExtendedTitle\":false,\"type\":\"log_detection\",\"filters\":[],\"version\":1,\"id\":\"kcp-m1q-tmu\",\"blocking\":false,\"metadata\":{\"entities\":null,\"sources\":null},\"creationAuthorId\":1445416,\"creator\":{\"handle\":\"frog@datadoghq.com\",\"name\":\"frog\"},\"updater\":{\"handle\":\"\",\"name\":\"\"}}" + }, + "cookies": [], + "headers": [ + { + "name": "content-type", + "value": "application/json" + } + ], + "headersSize": 654, + "httpVersion": "HTTP/1.1", + "redirectURL": "", + "status": 200, + "statusText": "OK" + }, + "startedDateTime": "2026-01-02T19:09:15.165Z", + "time": 172 + }, + { + "_id": "2bff316f54448492caf43ad74bdf7cba", + "_order": 0, + "cache": {}, + "request": { + "bodySize": 0, + "cookies": [], + "headers": [ + { + "_fromType": "array", + "name": "accept", + "value": "application/json" + } + ], + "headersSize": 578, + "httpVersion": "HTTP/1.1", + "method": "GET", + "queryString": [], + "url": "https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/rules/kcp-m1q-tmu" + }, + "response": { + "bodySize": 11, + "content": { + "mimeType": "application/vnd.api+json", + "size": 11, + "text": "{\"data\":[]}" + }, + "cookies": [], + "headers": [ + { + "name": "content-type", + "value": "application/vnd.api+json" + } + ], + "headersSize": 661, + "httpVersion": "HTTP/1.1", + "redirectURL": "", + "status": 200, + "statusText": "OK" + }, + "startedDateTime": "2026-01-02T19:09:15.342Z", + "time": 114 + }, + { + "_id": "d99173e58701bb33cae95f924050add8", + "_order": 0, + "cache": {}, + "request": { + "bodySize": 0, + "cookies": [], + "headers": [ + { + "_fromType": "array", + "name": "accept", + "value": "*/*" + } + ], + "headersSize": 536, + "httpVersion": "HTTP/1.1", + "method": "DELETE", + "queryString": [], + "url": "https://api.datadoghq.com/api/v2/security_monitoring/rules/kcp-m1q-tmu" + }, + "response": { + "bodySize": 0, + "content": { + "mimeType": "text/plain", + "size": 0 + }, + "cookies": [], + "headers": [], + "headersSize": 601, + "httpVersion": "HTTP/1.1", + "redirectURL": "", + "status": 204, + "statusText": "No Content" + }, + "startedDateTime": "2026-01-02T19:09:15.460Z", + "time": 114 + } + ], + "pages": [], + "version": "1.2" + } +} diff --git a/cassettes/v2/Security-Monitoring_1187227211/Update-a-critical-asset-returns-Bad-Request-response_3336966640/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Update-a-critical-asset-returns-Bad-Request-response_3336966640/frozen.json new file mode 100644 index 000000000000..1a70c5149901 --- /dev/null +++ b/cassettes/v2/Security-Monitoring_1187227211/Update-a-critical-asset-returns-Bad-Request-response_3336966640/frozen.json @@ -0,0 +1 @@ +"2026-01-02T18:44:09.415Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Update-a-critical-asset-returns-Bad-Request-response_3336966640/recording.har b/cassettes/v2/Security-Monitoring_1187227211/Update-a-critical-asset-returns-Bad-Request-response_3336966640/recording.har new file mode 100644 index 000000000000..f89aa5115361 --- /dev/null +++ b/cassettes/v2/Security-Monitoring_1187227211/Update-a-critical-asset-returns-Bad-Request-response_3336966640/recording.har @@ -0,0 +1,67 @@ +{ + "log": { + "_recordingName": "Security Monitoring/Update a critical asset returns \"Bad Request\" response", + "creator": { + "comment": "persister:fs", + "name": "Polly.JS", + "version": "6.0.5" + }, + "entries": [ + { + "_id": "466a53c7f679d1db0216f39b6123ef42", + "_order": 0, + "cache": {}, + "request": { + "bodySize": 80, + "cookies": [], + "headers": [ + { + "_fromType": "array", + "name": "accept", + "value": "application/json" + }, + { + "_fromType": "array", + "name": "content-type", + "value": "application/json" + } + ], + "headersSize": 658, + "httpVersion": "HTTP/1.1", + "method": "PATCH", + "postData": { + "mimeType": "application/json", + "params": [], + "text": "{\"data\":{\"attributes\":{\"severity\":\"invalid_severity\"},\"type\":\"critical_assets\"}}" + }, + "queryString": [], + "url": "https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/00000000-0000-0000-0000-000000000000" + }, + "response": { + "bodySize": 95, + "content": { + "mimeType": "application/json", + "size": 95, + "text": "{\"errors\":[\"not_found(Critical asset with ID 00000000-0000-0000-0000-000000000000 not found)\"]}" + }, + "cookies": [], + "headers": [ + { + "name": "content-type", + "value": "application/json" + } + ], + "headersSize": 653, + "httpVersion": "HTTP/1.1", + "redirectURL": "", + "status": 404, + "statusText": "Not Found" + }, + "startedDateTime": "2026-01-02T18:44:09.417Z", + "time": 119 + } + ], + "pages": [], + "version": "1.2" + } +} diff --git a/cassettes/v2/Security-Monitoring_1187227211/Update-a-critical-asset-returns-Not-Found-response_2626135303/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Update-a-critical-asset-returns-Not-Found-response_2626135303/frozen.json new file mode 100644 index 000000000000..eabb71e1ae68 --- /dev/null +++ b/cassettes/v2/Security-Monitoring_1187227211/Update-a-critical-asset-returns-Not-Found-response_2626135303/frozen.json @@ -0,0 +1 @@ +"2026-01-02T19:09:24.526Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Update-a-critical-asset-returns-Not-Found-response_2626135303/recording.har b/cassettes/v2/Security-Monitoring_1187227211/Update-a-critical-asset-returns-Not-Found-response_2626135303/recording.har new file mode 100644 index 000000000000..440f92c05453 --- /dev/null +++ b/cassettes/v2/Security-Monitoring_1187227211/Update-a-critical-asset-returns-Not-Found-response_2626135303/recording.har @@ -0,0 +1,67 @@ +{ + "log": { + "_recordingName": "Security Monitoring/Update a critical asset returns \"Not Found\" response", + "creator": { + "comment": "persister:fs", + "name": "Polly.JS", + "version": "6.0.5" + }, + "entries": [ + { + "_id": "e4e82e73e0b71ddd15e2e4dfc3d0a85e", + "_order": 0, + "cache": {}, + "request": { + "bodySize": 68, + "cookies": [], + "headers": [ + { + "_fromType": "array", + "name": "accept", + "value": "application/json" + }, + { + "_fromType": "array", + "name": "content-type", + "value": "application/json" + } + ], + "headersSize": 658, + "httpVersion": "HTTP/1.1", + "method": "PATCH", + "postData": { + "mimeType": "application/json", + "params": [], + "text": "{\"data\":{\"attributes\":{\"severity\":\"high\"},\"type\":\"critical_assets\"}}" + }, + "queryString": [], + "url": "https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/00000000-0000-0000-0000-000000000001" + }, + "response": { + "bodySize": 95, + "content": { + "mimeType": "application/json", + "size": 95, + "text": "{\"errors\":[\"not_found(Critical asset with ID 00000000-0000-0000-0000-000000000001 not found)\"]}" + }, + "cookies": [], + "headers": [ + { + "name": "content-type", + "value": "application/json" + } + ], + "headersSize": 653, + "httpVersion": "HTTP/1.1", + "redirectURL": "", + "status": 404, + "statusText": "Not Found" + }, + "startedDateTime": "2026-01-02T19:09:24.528Z", + "time": 92 + } + ], + "pages": [], + "version": "1.2" + } +} diff --git a/cassettes/v2/Security-Monitoring_1187227211/Update-a-critical-asset-returns-OK-response_1947856830/frozen.json b/cassettes/v2/Security-Monitoring_1187227211/Update-a-critical-asset-returns-OK-response_1947856830/frozen.json new file mode 100644 index 000000000000..84b260134a6e --- /dev/null +++ b/cassettes/v2/Security-Monitoring_1187227211/Update-a-critical-asset-returns-OK-response_1947856830/frozen.json @@ -0,0 +1 @@ +"2026-01-12T19:41:37.223Z" diff --git a/cassettes/v2/Security-Monitoring_1187227211/Update-a-critical-asset-returns-OK-response_1947856830/recording.har b/cassettes/v2/Security-Monitoring_1187227211/Update-a-critical-asset-returns-OK-response_1947856830/recording.har new file mode 100644 index 000000000000..f9958ec6dbc0 --- /dev/null +++ b/cassettes/v2/Security-Monitoring_1187227211/Update-a-critical-asset-returns-OK-response_1947856830/recording.har @@ -0,0 +1,157 @@ +{ + "log": { + "_recordingName": "Security Monitoring/Update a critical asset returns \"OK\" response", + "creator": { + "comment": "persister:fs", + "name": "Polly.JS", + "version": "6.0.5" + }, + "entries": [ + { + "_id": "6ffb5b4da3b76fa11d1ce0464f43c9e5", + "_order": 0, + "cache": {}, + "request": { + "bodySize": 150, + "cookies": [], + "headers": [ + { + "_fromType": "array", + "name": "accept", + "value": "application/json" + }, + { + "_fromType": "array", + "name": "content-type", + "value": "application/json" + } + ], + "headersSize": 621, + "httpVersion": "HTTP/1.1", + "method": "POST", + "postData": { + "mimeType": "application/json", + "params": [], + "text": "{\"data\":{\"attributes\":{\"query\":\"security:monitoring\",\"rule_query\":\"source:k9\",\"severity\":\"medium\",\"tags\":[\"team:security\"]},\"type\":\"critical_assets\"}}" + }, + "queryString": [], + "url": "https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets" + }, + "response": { + "bodySize": 495, + "content": { + "mimeType": "application/vnd.api+json", + "size": 495, + "text": "{\"data\":{\"id\":\"8fb467ae-b5c8-4bb1-822d-7648fe10a912\",\"type\":\"critical_assets\",\"attributes\":{\"creation_author_id\":2320499,\"creation_date\":1768246897503,\"creator\":{\"handle\":\"9919ec9b-ebc7-49ee-8dc8-03626e717cca\",\"name\":\"CI Account\"},\"enabled\":true,\"query\":\"security:monitoring\",\"rule_query\":\"source:k9\",\"severity\":\"medium\",\"tags\":[\"team:security\"],\"update_author_id\":2320499,\"update_date\":1768246897503,\"updater\":{\"handle\":\"9919ec9b-ebc7-49ee-8dc8-03626e717cca\",\"name\":\"CI Account\"},\"version\":1}}}" + }, + "cookies": [], + "headers": [ + { + "name": "content-type", + "value": "application/vnd.api+json" + } + ], + "headersSize": 662, + "httpVersion": "HTTP/1.1", + "redirectURL": "", + "status": 200, + "statusText": "OK" + }, + "startedDateTime": "2026-01-12T19:41:37.226Z", + "time": 336 + }, + { + "_id": "eda47158957a4f3cbfe126bf417e8dc7", + "_order": 0, + "cache": {}, + "request": { + "bodySize": 267, + "cookies": [], + "headers": [ + { + "_fromType": "array", + "name": "accept", + "value": "application/json" + }, + { + "_fromType": "array", + "name": "content-type", + "value": "application/json" + } + ], + "headersSize": 659, + "httpVersion": "HTTP/1.1", + "method": "PATCH", + "postData": { + "mimeType": "application/json", + "params": [], + "text": "{\"data\":{\"attributes\":{\"enabled\":false,\"query\":\"no:alert\",\"rule_query\":\"type:(log_detection OR signal_correlation OR workload_security OR application_security) ruleId:djg-ktx-ipq\",\"severity\":\"decrease\",\"tags\":[\"env:production\"],\"version\":1},\"type\":\"critical_assets\"}}" + }, + "queryString": [], + "url": "https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/8fb467ae-b5c8-4bb1-822d-7648fe10a912" + }, + "response": { + "bodySize": 585, + "content": { + "mimeType": "application/vnd.api+json", + "size": 585, + "text": "{\"data\":{\"id\":\"8fb467ae-b5c8-4bb1-822d-7648fe10a912\",\"type\":\"critical_assets\",\"attributes\":{\"creation_author_id\":2320499,\"creation_date\":1768246897503,\"creator\":{\"handle\":\"9919ec9b-ebc7-49ee-8dc8-03626e717cca\",\"name\":\"CI Account\"},\"enabled\":false,\"query\":\"no:alert\",\"rule_query\":\"type:(log_detection OR signal_correlation OR workload_security OR application_security) ruleId:djg-ktx-ipq\",\"severity\":\"decrease\",\"tags\":[\"env:production\"],\"update_author_id\":2320499,\"update_date\":1768246897863,\"updater\":{\"handle\":\"9919ec9b-ebc7-49ee-8dc8-03626e717cca\",\"name\":\"CI Account\"},\"version\":2}}}" + }, + "cookies": [], + "headers": [ + { + "name": "content-type", + "value": "application/vnd.api+json" + } + ], + "headersSize": 662, + "httpVersion": "HTTP/1.1", + "redirectURL": "", + "status": 200, + "statusText": "OK" + }, + "startedDateTime": "2026-01-12T19:41:37.567Z", + "time": 351 + }, + { + "_id": "19cc5ac4f50f5c17be71cd051fd0bc4d", + "_order": 0, + "cache": {}, + "request": { + "bodySize": 0, + "cookies": [], + "headers": [ + { + "_fromType": "array", + "name": "accept", + "value": "*/*" + } + ], + "headersSize": 594, + "httpVersion": "HTTP/1.1", + "method": "DELETE", + "queryString": [], + "url": "https://api.datadoghq.com/api/v2/security_monitoring/configuration/critical_assets/8fb467ae-b5c8-4bb1-822d-7648fe10a912" + }, + "response": { + "bodySize": 0, + "content": { + "mimeType": "text/plain", + "size": 0 + }, + "cookies": [], + "headers": [], + "headersSize": 601, + "httpVersion": "HTTP/1.1", + "redirectURL": "", + "status": 204, + "statusText": "No Content" + }, + "startedDateTime": "2026-01-12T19:41:37.923Z", + "time": 339 + } + ], + "pages": [], + "version": "1.2" + } +} diff --git a/examples/v2/security-monitoring/CreateSecurityMonitoringCriticalAsset.ts b/examples/v2/security-monitoring/CreateSecurityMonitoringCriticalAsset.ts new file mode 100644 index 000000000000..72fd4b3acfd1 --- /dev/null +++ b/examples/v2/security-monitoring/CreateSecurityMonitoringCriticalAsset.ts @@ -0,0 +1,33 @@ +/** + * Create a critical asset returns "OK" response + */ + +import { client, v2 } from "@datadog/datadog-api-client"; + +const configuration = client.createConfiguration(); +const apiInstance = new v2.SecurityMonitoringApi(configuration); + +const params: v2.SecurityMonitoringApiCreateSecurityMonitoringCriticalAssetRequest = + { + body: { + data: { + type: "critical_assets", + attributes: { + query: "host:examplesecuritymonitoring", + ruleQuery: + "type:(log_detection OR signal_correlation OR workload_security OR application_security) source:cloudtrail", + severity: "decrease", + tags: ["team:security", "env:test"], + }, + }, + }, + }; + +apiInstance + .createSecurityMonitoringCriticalAsset(params) + .then((data: v2.SecurityMonitoringCriticalAssetResponse) => { + console.log( + "API called successfully. Returned data: " + JSON.stringify(data) + ); + }) + .catch((error: any) => console.error(error)); diff --git a/examples/v2/security-monitoring/DeleteSecurityMonitoringCriticalAsset.ts b/examples/v2/security-monitoring/DeleteSecurityMonitoringCriticalAsset.ts new file mode 100644 index 000000000000..2d805d231681 --- /dev/null +++ b/examples/v2/security-monitoring/DeleteSecurityMonitoringCriticalAsset.ts @@ -0,0 +1,25 @@ +/** + * Delete a critical asset returns "OK" response + */ + +import { client, v2 } from "@datadog/datadog-api-client"; + +const configuration = client.createConfiguration(); +const apiInstance = new v2.SecurityMonitoringApi(configuration); + +// there is a valid "critical_asset" in the system +const CRITICAL_ASSET_DATA_ID = process.env.CRITICAL_ASSET_DATA_ID as string; + +const params: v2.SecurityMonitoringApiDeleteSecurityMonitoringCriticalAssetRequest = + { + criticalAssetId: CRITICAL_ASSET_DATA_ID, + }; + +apiInstance + .deleteSecurityMonitoringCriticalAsset(params) + .then((data: any) => { + console.log( + "API called successfully. Returned data: " + JSON.stringify(data) + ); + }) + .catch((error: any) => console.error(error)); diff --git a/examples/v2/security-monitoring/GetCriticalAssetsAffectingRule.ts b/examples/v2/security-monitoring/GetCriticalAssetsAffectingRule.ts new file mode 100644 index 000000000000..95680484fd58 --- /dev/null +++ b/examples/v2/security-monitoring/GetCriticalAssetsAffectingRule.ts @@ -0,0 +1,24 @@ +/** + * Get critical assets affecting a specific rule returns "OK" response + */ + +import { client, v2 } from "@datadog/datadog-api-client"; + +const configuration = client.createConfiguration(); +const apiInstance = new v2.SecurityMonitoringApi(configuration); + +// there is a valid "security_rule" in the system +const SECURITY_RULE_ID = process.env.SECURITY_RULE_ID as string; + +const params: v2.SecurityMonitoringApiGetCriticalAssetsAffectingRuleRequest = { + ruleId: SECURITY_RULE_ID, +}; + +apiInstance + .getCriticalAssetsAffectingRule(params) + .then((data: v2.SecurityMonitoringCriticalAssetsResponse) => { + console.log( + "API called successfully. Returned data: " + JSON.stringify(data) + ); + }) + .catch((error: any) => console.error(error)); diff --git a/examples/v2/security-monitoring/GetSecurityMonitoringCriticalAsset.ts b/examples/v2/security-monitoring/GetSecurityMonitoringCriticalAsset.ts new file mode 100644 index 000000000000..2f0e0856c8f0 --- /dev/null +++ b/examples/v2/security-monitoring/GetSecurityMonitoringCriticalAsset.ts @@ -0,0 +1,25 @@ +/** + * Get a critical asset returns "OK" response + */ + +import { client, v2 } from "@datadog/datadog-api-client"; + +const configuration = client.createConfiguration(); +const apiInstance = new v2.SecurityMonitoringApi(configuration); + +// there is a valid "critical_asset" in the system +const CRITICAL_ASSET_DATA_ID = process.env.CRITICAL_ASSET_DATA_ID as string; + +const params: v2.SecurityMonitoringApiGetSecurityMonitoringCriticalAssetRequest = + { + criticalAssetId: CRITICAL_ASSET_DATA_ID, + }; + +apiInstance + .getSecurityMonitoringCriticalAsset(params) + .then((data: v2.SecurityMonitoringCriticalAssetResponse) => { + console.log( + "API called successfully. Returned data: " + JSON.stringify(data) + ); + }) + .catch((error: any) => console.error(error)); diff --git a/examples/v2/security-monitoring/ListSecurityMonitoringCriticalAssets.ts b/examples/v2/security-monitoring/ListSecurityMonitoringCriticalAssets.ts new file mode 100644 index 000000000000..65442f59ea8d --- /dev/null +++ b/examples/v2/security-monitoring/ListSecurityMonitoringCriticalAssets.ts @@ -0,0 +1,17 @@ +/** + * Get all critical assets returns "OK" response + */ + +import { client, v2 } from "@datadog/datadog-api-client"; + +const configuration = client.createConfiguration(); +const apiInstance = new v2.SecurityMonitoringApi(configuration); + +apiInstance + .listSecurityMonitoringCriticalAssets() + .then((data: v2.SecurityMonitoringCriticalAssetsResponse) => { + console.log( + "API called successfully. Returned data: " + JSON.stringify(data) + ); + }) + .catch((error: any) => console.error(error)); diff --git a/examples/v2/security-monitoring/UpdateSecurityMonitoringCriticalAsset.ts b/examples/v2/security-monitoring/UpdateSecurityMonitoringCriticalAsset.ts new file mode 100644 index 000000000000..1a2a00edeec2 --- /dev/null +++ b/examples/v2/security-monitoring/UpdateSecurityMonitoringCriticalAsset.ts @@ -0,0 +1,39 @@ +/** + * Update a critical asset returns "OK" response + */ + +import { client, v2 } from "@datadog/datadog-api-client"; + +const configuration = client.createConfiguration(); +const apiInstance = new v2.SecurityMonitoringApi(configuration); + +// there is a valid "critical_asset" in the system +const CRITICAL_ASSET_DATA_ID = process.env.CRITICAL_ASSET_DATA_ID as string; + +const params: v2.SecurityMonitoringApiUpdateSecurityMonitoringCriticalAssetRequest = + { + body: { + data: { + type: "critical_assets", + attributes: { + enabled: false, + query: "no:alert", + ruleQuery: + "type:(log_detection OR signal_correlation OR workload_security OR application_security) ruleId:djg-ktx-ipq", + severity: "decrease", + tags: ["env:production"], + version: 1, + }, + }, + }, + criticalAssetId: CRITICAL_ASSET_DATA_ID, + }; + +apiInstance + .updateSecurityMonitoringCriticalAsset(params) + .then((data: v2.SecurityMonitoringCriticalAssetResponse) => { + console.log( + "API called successfully. Returned data: " + JSON.stringify(data) + ); + }) + .catch((error: any) => console.error(error)); diff --git a/features/support/scenarios_model_mapping.ts b/features/support/scenarios_model_mapping.ts index 8156b37b602d..0e96b77a0ad1 100644 --- a/features/support/scenarios_model_mapping.ts +++ b/features/support/scenarios_model_mapping.ts @@ -4371,6 +4371,52 @@ export const ScenariosModelMappings: {[key: string]: {[key: string]: any}} = { }, "operationResponseType": "ListVulnerableAssetsResponse", }, + "v2.ListSecurityMonitoringCriticalAssets": { + "query": { + "type": "string", + "format": "", + }, + "operationResponseType": "SecurityMonitoringCriticalAssetsResponse", + }, + "v2.CreateSecurityMonitoringCriticalAsset": { + "body": { + "type": "SecurityMonitoringCriticalAssetCreateRequest", + "format": "", + }, + "operationResponseType": "SecurityMonitoringCriticalAssetResponse", + }, + "v2.GetCriticalAssetsAffectingRule": { + "ruleId": { + "type": "string", + "format": "", + }, + "operationResponseType": "SecurityMonitoringCriticalAssetsResponse", + }, + "v2.GetSecurityMonitoringCriticalAsset": { + "criticalAssetId": { + "type": "string", + "format": "", + }, + "operationResponseType": "SecurityMonitoringCriticalAssetResponse", + }, + "v2.DeleteSecurityMonitoringCriticalAsset": { + "criticalAssetId": { + "type": "string", + "format": "", + }, + "operationResponseType": "{}", + }, + "v2.UpdateSecurityMonitoringCriticalAsset": { + "criticalAssetId": { + "type": "string", + "format": "", + }, + "body": { + "type": "SecurityMonitoringCriticalAssetUpdateRequest", + "format": "", + }, + "operationResponseType": "SecurityMonitoringCriticalAssetResponse", + }, "v2.ListSecurityFilters": { "operationResponseType": "SecurityFiltersResponse", }, diff --git a/features/v2/given.json b/features/v2/given.json index 3a01a060c5bd..c717223ca711 100644 --- a/features/v2/given.json +++ b/features/v2/given.json @@ -1007,6 +1007,18 @@ "tag": "CSM Threats", "operationId": "CreateCloudWorkloadSecurityAgentRule" }, + { + "parameters": [ + { + "name": "body", + "value": "{\n \"data\": {\n \"type\": \"critical_assets\",\n \"attributes\": {\n \"query\":\"security:monitoring\",\n \"severity\":\"medium\",\n \"rule_query\":\"source:k9\",\n \"tags\":[\"team:security\"]\n }\n }\n}" + } + ], + "step": "there is a valid \"critical_asset\" in the system", + "key": "critical_asset", + "tag": "Security Monitoring", + "operationId": "CreateSecurityMonitoringCriticalAsset" + }, { "parameters": [ { diff --git a/features/v2/security_monitoring.feature b/features/v2/security_monitoring.feature index a4954459e206..2a6c599c3060 100644 --- a/features/v2/security_monitoring.feature +++ b/features/v2/security_monitoring.feature @@ -293,6 +293,29 @@ Feature: Security Monitoring And the response "message" is equal to "ddd" And the response "options.complianceRuleOptions.resourceType" is equal to "gcp_compute_disk" + @skip @team:DataDog/k9-cloud-security-platform + Scenario: Create a critical asset returns "Bad Request" response + Given new "CreateSecurityMonitoringCriticalAsset" request + And body with value {"data": {"type": "critical_assets", "attributes": {"query": "host:test"}}} + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: Create a critical asset returns "Conflict" response + Given new "CreateSecurityMonitoringCriticalAsset" request + And body with value {"data": {"attributes": {"enabled": true, "query": "security:monitoring", "rule_query": "type:(log_detection OR signal_correlation OR workload_security OR application_security) source:cloudtrail", "severity": "increase", "tags": ["team:database", "source:cloudtrail"]}, "type": "critical_assets"}} + When the request is sent + Then the response status is 409 Conflict + + @skip-validation @team:DataDog/k9-cloud-security-platform + Scenario: Create a critical asset returns "OK" response + Given new "CreateSecurityMonitoringCriticalAsset" request + And body with value {"data": {"type": "critical_assets", "attributes": {"query": "host:{{ unique_lower_alnum }}", "rule_query": "type:(log_detection OR signal_correlation OR workload_security OR application_security) source:cloudtrail", "severity": "decrease", "tags": ["team:security", "env:test"]}}} + When the request is sent + Then the response status is 200 OK + And the response "data.type" is equal to "critical_assets" + And the response "data.attributes.severity" is equal to "decrease" + @team:DataDog/k9-cloud-security-platform Scenario: Create a custom framework returns "Bad Request" response Given new "CreateCustomFramework" request @@ -588,6 +611,21 @@ Feature: Security Monitoring When the request is sent Then the response status is 404 Not Found + @team:DataDog/k9-cloud-security-platform + Scenario: Delete a critical asset returns "Not Found" response + Given new "DeleteSecurityMonitoringCriticalAsset" request + And request contains "critical_asset_id" parameter with value "00000000-0000-0000-0000-000000000000" + When the request is sent + Then the response status is 404 Not Found + + @skip-validation @team:DataDog/k9-cloud-security-platform + Scenario: Delete a critical asset returns "OK" response + Given there is a valid "critical_asset" in the system + And new "DeleteSecurityMonitoringCriticalAsset" request + And request contains "critical_asset_id" parameter from "critical_asset.data.id" + When the request is sent + Then the response status is 204 OK + @team:DataDog/k9-cloud-security-platform Scenario: Delete a custom framework returns "Bad Request" response Given new "DeleteCustomFramework" request @@ -784,6 +822,23 @@ Feature: Security Monitoring And the response "name" is equal to "{{ unique }}_cloud" And the response "id" has the same value as "cloud_configuration_rule.id" + @team:DataDog/k9-cloud-security-platform + Scenario: Get a critical asset returns "Not Found" response + Given new "GetSecurityMonitoringCriticalAsset" request + And request contains "critical_asset_id" parameter with value "00000000-0000-0000-0000-000000000000" + When the request is sent + Then the response status is 404 Not Found + + @skip-validation @team:DataDog/k9-cloud-security-platform + Scenario: Get a critical asset returns "OK" response + Given new "GetSecurityMonitoringCriticalAsset" request + And there is a valid "critical_asset" in the system + And request contains "critical_asset_id" parameter from "critical_asset.data.id" + When the request is sent + Then the response status is 200 OK + And the response "data.attributes.rule_query" has the same value as "critical_asset.data.attributes.rule_query" + And the response "data.attributes.severity" is equal to "medium" + @team:DataDog/k9-cloud-security-platform Scenario: Get a custom framework returns "Bad Request" response Given new "GetCustomFramework" request @@ -1049,6 +1104,12 @@ Feature: Security Monitoring When the request is sent Then the response status is 200 OK + @team:DataDog/k9-cloud-security-platform + Scenario: Get all critical assets returns "OK" response + Given new "ListSecurityMonitoringCriticalAssets" request + When the request is sent + Then the response status is 200 OK + @team:DataDog/k9-cloud-security-platform Scenario: Get all security filters returns "OK" response Given new "ListSecurityFilters" request @@ -1063,6 +1124,21 @@ Feature: Security Monitoring When the request is sent Then the response status is 200 OK + @skip @team:DataDog/k9-cloud-security-platform + Scenario: Get critical assets affecting a specific rule returns "Not Found" response + Given new "GetCriticalAssetsAffectingRule" request + And request contains "rule_id" parameter with value "aaa-bbb-ccc-ddd" + When the request is sent + Then the response status is 404 Not Found + + @team:DataDog/k9-cloud-security-platform + Scenario: Get critical assets affecting a specific rule returns "OK" response + Given new "GetCriticalAssetsAffectingRule" request + And there is a valid "security_rule" in the system + And request contains "rule_id" parameter from "security_rule.id" + When the request is sent + Then the response status is 200 OK + @generated @skip @team:DataDog/cloud-security-posture-management Scenario: Get details of a signal-based notification rule returns "Bad Request" response Given new "GetSignalNotificationRule" request @@ -1678,6 +1754,43 @@ Feature: Security Monitoring And the response "name" is equal to "{{ unique }}_cloud_updated" And the response "id" has the same value as "cloud_configuration_rule.id" + @skip @team:DataDog/k9-cloud-security-platform + Scenario: Update a critical asset returns "Bad Request" response + Given new "UpdateSecurityMonitoringCriticalAsset" request + And request contains "critical_asset_id" parameter with value "00000000-0000-0000-0000-000000000000" + And body with value {"data": {"type": "critical_assets", "attributes": {"severity": "invalid_severity"}}} + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: Update a critical asset returns "Concurrent Modification" response + Given new "UpdateSecurityMonitoringCriticalAsset" request + And request contains "critical_asset_id" parameter from "REPLACE.ME" + And body with value {"data": {"attributes": {"enabled": true, "query": "security:monitoring", "rule_query": "type:log_detection source:cloudtrail", "severity": "increase", "tags": ["technique:T1110-brute-force", "source:cloudtrail"], "version": 1}, "type": "critical_assets"}} + When the request is sent + Then the response status is 409 Concurrent Modification + + @team:DataDog/k9-cloud-security-platform + Scenario: Update a critical asset returns "Not Found" response + Given new "UpdateSecurityMonitoringCriticalAsset" request + And request contains "critical_asset_id" parameter with value "00000000-0000-0000-0000-000000000001" + And body with value {"data": {"type": "critical_assets", "attributes": {"severity": "high"}}} + When the request is sent + Then the response status is 404 Not Found + + @skip-validation @team:DataDog/k9-cloud-security-platform + Scenario: Update a critical asset returns "OK" response + Given new "UpdateSecurityMonitoringCriticalAsset" request + And there is a valid "critical_asset" in the system + And request contains "critical_asset_id" parameter from "critical_asset.data.id" + And body with value {"data": {"type": "critical_assets", "attributes": {"enabled": false, "query": "no:alert", "rule_query": "type:(log_detection OR signal_correlation OR workload_security OR application_security) ruleId:djg-ktx-ipq", "severity": "decrease", "tags": ["env:production"], "version": 1}}} + When the request is sent + Then the response status is 200 OK + And the response "data.type" is equal to "critical_assets" + And the response "data.attributes.severity" is equal to "decrease" + And the response "data.attributes.enabled" is equal to false + And the response "data.attributes.version" is equal to 2 + @team:DataDog/k9-cloud-security-platform Scenario: Update a custom framework returns "Bad Request" response Given new "UpdateCustomFramework" request diff --git a/features/v2/undo.json b/features/v2/undo.json index 661482db8696..421fd8933730 100644 --- a/features/v2/undo.json +++ b/features/v2/undo.json @@ -3988,6 +3988,49 @@ "type": "idempotent" } }, + "ListSecurityMonitoringCriticalAssets": { + "tag": "Security Monitoring", + "undo": { + "type": "safe" + } + }, + "CreateSecurityMonitoringCriticalAsset": { + "tag": "Security Monitoring", + "undo": { + "operationId": "DeleteSecurityMonitoringCriticalAsset", + "parameters": [ + { + "name": "critical_asset_id", + "source": "data.id" + } + ], + "type": "unsafe" + } + }, + "GetCriticalAssetsAffectingRule": { + "tag": "Security Monitoring", + "undo": { + "type": "safe" + } + }, + "DeleteSecurityMonitoringCriticalAsset": { + "tag": "Security Monitoring", + "undo": { + "type": "idempotent" + } + }, + "GetSecurityMonitoringCriticalAsset": { + "tag": "Security Monitoring", + "undo": { + "type": "safe" + } + }, + "UpdateSecurityMonitoringCriticalAsset": { + "tag": "Security Monitoring", + "undo": { + "type": "idempotent" + } + }, "ListSecurityFilters": { "tag": "Security Monitoring", "undo": { diff --git a/packages/datadog-api-client-v2/apis/SecurityMonitoringApi.ts b/packages/datadog-api-client-v2/apis/SecurityMonitoringApi.ts index d9eb78b61292..0c1effdbf276 100644 --- a/packages/datadog-api-client-v2/apis/SecurityMonitoringApi.ts +++ b/packages/datadog-api-client-v2/apis/SecurityMonitoringApi.ts @@ -71,6 +71,10 @@ import { SecurityFindingsSearchRequestData } from "../models/SecurityFindingsSea import { SecurityFindingsSearchRequestDataAttributes } from "../models/SecurityFindingsSearchRequestDataAttributes"; import { SecurityFindingsSearchRequestPage } from "../models/SecurityFindingsSearchRequestPage"; import { SecurityFindingsSort } from "../models/SecurityFindingsSort"; +import { SecurityMonitoringCriticalAssetCreateRequest } from "../models/SecurityMonitoringCriticalAssetCreateRequest"; +import { SecurityMonitoringCriticalAssetResponse } from "../models/SecurityMonitoringCriticalAssetResponse"; +import { SecurityMonitoringCriticalAssetsResponse } from "../models/SecurityMonitoringCriticalAssetsResponse"; +import { SecurityMonitoringCriticalAssetUpdateRequest } from "../models/SecurityMonitoringCriticalAssetUpdateRequest"; import { SecurityMonitoringListRulesResponse } from "../models/SecurityMonitoringListRulesResponse"; import { SecurityMonitoringRuleConvertPayload } from "../models/SecurityMonitoringRuleConvertPayload"; import { SecurityMonitoringRuleConvertResponse } from "../models/SecurityMonitoringRuleConvertResponse"; @@ -559,6 +563,55 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { return requestContext; } + public async createSecurityMonitoringCriticalAsset( + body: SecurityMonitoringCriticalAssetCreateRequest, + _options?: Configuration + ): Promise { + const _config = _options || this.configuration; + + // verify required parameter 'body' is not null or undefined + if (body === null || body === undefined) { + throw new RequiredError("body", "createSecurityMonitoringCriticalAsset"); + } + + // Path Params + const localVarPath = + "/api/v2/security_monitoring/configuration/critical_assets"; + + // Make Request Context + const requestContext = _config + .getServer( + "v2.SecurityMonitoringApi.createSecurityMonitoringCriticalAsset" + ) + .makeRequestContext(localVarPath, HttpMethod.POST); + requestContext.setHeaderParam("Accept", "application/json"); + requestContext.setHttpConfig(_config.httpConfig); + + // Body Params + const contentType = ObjectSerializer.getPreferredMediaType([ + "application/json", + ]); + requestContext.setHeaderParam("Content-Type", contentType); + const serializedBody = ObjectSerializer.stringify( + ObjectSerializer.serialize( + body, + "SecurityMonitoringCriticalAssetCreateRequest", + "" + ), + contentType + ); + requestContext.setBody(serializedBody); + + // Apply auth methods + applySecurityAuthentication(_config, requestContext, [ + "apiKeyAuth", + "appKeyAuth", + "AuthZ", + ]); + + return requestContext; + } + public async createSecurityMonitoringRule( body: SecurityMonitoringRuleCreatePayload, _options?: Configuration @@ -809,6 +862,46 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { return requestContext; } + public async deleteSecurityMonitoringCriticalAsset( + criticalAssetId: string, + _options?: Configuration + ): Promise { + const _config = _options || this.configuration; + + // verify required parameter 'criticalAssetId' is not null or undefined + if (criticalAssetId === null || criticalAssetId === undefined) { + throw new RequiredError( + "criticalAssetId", + "deleteSecurityMonitoringCriticalAsset" + ); + } + + // Path Params + const localVarPath = + "/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id}".replace( + "{critical_asset_id}", + encodeURIComponent(String(criticalAssetId)) + ); + + // Make Request Context + const requestContext = _config + .getServer( + "v2.SecurityMonitoringApi.deleteSecurityMonitoringCriticalAsset" + ) + .makeRequestContext(localVarPath, HttpMethod.DELETE); + requestContext.setHeaderParam("Accept", "*/*"); + requestContext.setHttpConfig(_config.httpConfig); + + // Apply auth methods + applySecurityAuthentication(_config, requestContext, [ + "apiKeyAuth", + "appKeyAuth", + "AuthZ", + ]); + + return requestContext; + } + public async deleteSecurityMonitoringRule( ruleId: string, _options?: Configuration @@ -1207,6 +1300,41 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { return requestContext; } + public async getCriticalAssetsAffectingRule( + ruleId: string, + _options?: Configuration + ): Promise { + const _config = _options || this.configuration; + + // verify required parameter 'ruleId' is not null or undefined + if (ruleId === null || ruleId === undefined) { + throw new RequiredError("ruleId", "getCriticalAssetsAffectingRule"); + } + + // Path Params + const localVarPath = + "/api/v2/security_monitoring/configuration/critical_assets/rules/{rule_id}".replace( + "{rule_id}", + encodeURIComponent(String(ruleId)) + ); + + // Make Request Context + const requestContext = _config + .getServer("v2.SecurityMonitoringApi.getCriticalAssetsAffectingRule") + .makeRequestContext(localVarPath, HttpMethod.GET); + requestContext.setHeaderParam("Accept", "application/json"); + requestContext.setHttpConfig(_config.httpConfig); + + // Apply auth methods + applySecurityAuthentication(_config, requestContext, [ + "apiKeyAuth", + "appKeyAuth", + "AuthZ", + ]); + + return requestContext; + } + public async getCustomFramework( handle: string, version: string, @@ -1539,6 +1667,44 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { return requestContext; } + public async getSecurityMonitoringCriticalAsset( + criticalAssetId: string, + _options?: Configuration + ): Promise { + const _config = _options || this.configuration; + + // verify required parameter 'criticalAssetId' is not null or undefined + if (criticalAssetId === null || criticalAssetId === undefined) { + throw new RequiredError( + "criticalAssetId", + "getSecurityMonitoringCriticalAsset" + ); + } + + // Path Params + const localVarPath = + "/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id}".replace( + "{critical_asset_id}", + encodeURIComponent(String(criticalAssetId)) + ); + + // Make Request Context + const requestContext = _config + .getServer("v2.SecurityMonitoringApi.getSecurityMonitoringCriticalAsset") + .makeRequestContext(localVarPath, HttpMethod.GET); + requestContext.setHeaderParam("Accept", "application/json"); + requestContext.setHttpConfig(_config.httpConfig); + + // Apply auth methods + applySecurityAuthentication(_config, requestContext, [ + "apiKeyAuth", + "appKeyAuth", + "AuthZ", + ]); + + return requestContext; + } + public async getSecurityMonitoringHistsignal( histsignalId: string, _options?: Configuration @@ -2550,6 +2716,44 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { return requestContext; } + public async listSecurityMonitoringCriticalAssets( + query?: string, + _options?: Configuration + ): Promise { + const _config = _options || this.configuration; + + // Path Params + const localVarPath = + "/api/v2/security_monitoring/configuration/critical_assets"; + + // Make Request Context + const requestContext = _config + .getServer( + "v2.SecurityMonitoringApi.listSecurityMonitoringCriticalAssets" + ) + .makeRequestContext(localVarPath, HttpMethod.GET); + requestContext.setHeaderParam("Accept", "application/json"); + requestContext.setHttpConfig(_config.httpConfig); + + // Query Params + if (query !== undefined) { + requestContext.setQueryParam( + "query", + ObjectSerializer.serialize(query, "string", ""), + "" + ); + } + + // Apply auth methods + applySecurityAuthentication(_config, requestContext, [ + "apiKeyAuth", + "appKeyAuth", + "AuthZ", + ]); + + return requestContext; + } + public async listSecurityMonitoringHistsignals( filterQuery?: string, filterFrom?: Date, @@ -4030,6 +4234,67 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory { return requestContext; } + public async updateSecurityMonitoringCriticalAsset( + criticalAssetId: string, + body: SecurityMonitoringCriticalAssetUpdateRequest, + _options?: Configuration + ): Promise { + const _config = _options || this.configuration; + + // verify required parameter 'criticalAssetId' is not null or undefined + if (criticalAssetId === null || criticalAssetId === undefined) { + throw new RequiredError( + "criticalAssetId", + "updateSecurityMonitoringCriticalAsset" + ); + } + + // verify required parameter 'body' is not null or undefined + if (body === null || body === undefined) { + throw new RequiredError("body", "updateSecurityMonitoringCriticalAsset"); + } + + // Path Params + const localVarPath = + "/api/v2/security_monitoring/configuration/critical_assets/{critical_asset_id}".replace( + "{critical_asset_id}", + encodeURIComponent(String(criticalAssetId)) + ); + + // Make Request Context + const requestContext = _config + .getServer( + "v2.SecurityMonitoringApi.updateSecurityMonitoringCriticalAsset" + ) + .makeRequestContext(localVarPath, HttpMethod.PATCH); + requestContext.setHeaderParam("Accept", "application/json"); + requestContext.setHttpConfig(_config.httpConfig); + + // Body Params + const contentType = ObjectSerializer.getPreferredMediaType([ + "application/json", + ]); + requestContext.setHeaderParam("Content-Type", contentType); + const serializedBody = ObjectSerializer.stringify( + ObjectSerializer.serialize( + body, + "SecurityMonitoringCriticalAssetUpdateRequest", + "" + ), + contentType + ); + requestContext.setBody(serializedBody); + + // Apply auth methods + applySecurityAuthentication(_config, requestContext, [ + "apiKeyAuth", + "appKeyAuth", + "AuthZ", + ]); + + return requestContext; + } + public async updateSecurityMonitoringRule( ruleId: string, body: SecurityMonitoringRuleUpdatePayload, @@ -4857,6 +5122,71 @@ export class SecurityMonitoringApiResponseProcessor { ); } + /** + * Unwraps the actual response sent by the server from the response context and deserializes the response content + * to the expected objects + * + * @params response Response returned by the server for a request to createSecurityMonitoringCriticalAsset + * @throws ApiException if the response code was not in [200, 299] + */ + public async createSecurityMonitoringCriticalAsset( + response: ResponseContext + ): Promise { + const contentType = ObjectSerializer.normalizeMediaType( + response.headers["content-type"] + ); + if (response.httpStatusCode === 200) { + const body: SecurityMonitoringCriticalAssetResponse = + ObjectSerializer.deserialize( + ObjectSerializer.parse(await response.body.text(), contentType), + "SecurityMonitoringCriticalAssetResponse" + ) as SecurityMonitoringCriticalAssetResponse; + return body; + } + if ( + response.httpStatusCode === 400 || + response.httpStatusCode === 403 || + response.httpStatusCode === 409 || + response.httpStatusCode === 429 + ) { + const bodyText = ObjectSerializer.parse( + await response.body.text(), + contentType + ); + let body: APIErrorResponse; + try { + body = ObjectSerializer.deserialize( + bodyText, + "APIErrorResponse" + ) as APIErrorResponse; + } catch (error) { + logger.debug(`Got error deserializing error: ${error}`); + throw new ApiException( + response.httpStatusCode, + bodyText + ); + } + throw new ApiException(response.httpStatusCode, body); + } + + // Work around for missing responses in specification, e.g. for petstore.yaml + if (response.httpStatusCode >= 200 && response.httpStatusCode <= 299) { + const body: SecurityMonitoringCriticalAssetResponse = + ObjectSerializer.deserialize( + ObjectSerializer.parse(await response.body.text(), contentType), + "SecurityMonitoringCriticalAssetResponse", + "" + ) as SecurityMonitoringCriticalAssetResponse; + return body; + } + + const body = (await response.body.text()) || ""; + throw new ApiException( + response.httpStatusCode, + 'Unknown API Status Code!\nBody: "' + body + '"' + ); + } + /** * Unwraps the actual response sent by the server from the response context and deserializes the response content * to the expected objects @@ -5221,6 +5551,59 @@ export class SecurityMonitoringApiResponseProcessor { ); } + /** + * Unwraps the actual response sent by the server from the response context and deserializes the response content + * to the expected objects + * + * @params response Response returned by the server for a request to deleteSecurityMonitoringCriticalAsset + * @throws ApiException if the response code was not in [200, 299] + */ + public async deleteSecurityMonitoringCriticalAsset( + response: ResponseContext + ): Promise { + const contentType = ObjectSerializer.normalizeMediaType( + response.headers["content-type"] + ); + if (response.httpStatusCode === 204) { + return; + } + if ( + response.httpStatusCode === 403 || + response.httpStatusCode === 404 || + response.httpStatusCode === 429 + ) { + const bodyText = ObjectSerializer.parse( + await response.body.text(), + contentType + ); + let body: APIErrorResponse; + try { + body = ObjectSerializer.deserialize( + bodyText, + "APIErrorResponse" + ) as APIErrorResponse; + } catch (error) { + logger.debug(`Got error deserializing error: ${error}`); + throw new ApiException( + response.httpStatusCode, + bodyText + ); + } + throw new ApiException(response.httpStatusCode, body); + } + + // Work around for missing responses in specification, e.g. for petstore.yaml + if (response.httpStatusCode >= 200 && response.httpStatusCode <= 299) { + return; + } + + const body = (await response.body.text()) || ""; + throw new ApiException( + response.httpStatusCode, + 'Unknown API Status Code!\nBody: "' + body + '"' + ); + } + /** * Unwraps the actual response sent by the server from the response context and deserializes the response content * to the expected objects @@ -5735,6 +6118,70 @@ export class SecurityMonitoringApiResponseProcessor { ); } + /** + * Unwraps the actual response sent by the server from the response context and deserializes the response content + * to the expected objects + * + * @params response Response returned by the server for a request to getCriticalAssetsAffectingRule + * @throws ApiException if the response code was not in [200, 299] + */ + public async getCriticalAssetsAffectingRule( + response: ResponseContext + ): Promise { + const contentType = ObjectSerializer.normalizeMediaType( + response.headers["content-type"] + ); + if (response.httpStatusCode === 200) { + const body: SecurityMonitoringCriticalAssetsResponse = + ObjectSerializer.deserialize( + ObjectSerializer.parse(await response.body.text(), contentType), + "SecurityMonitoringCriticalAssetsResponse" + ) as SecurityMonitoringCriticalAssetsResponse; + return body; + } + if ( + response.httpStatusCode === 403 || + response.httpStatusCode === 404 || + response.httpStatusCode === 429 + ) { + const bodyText = ObjectSerializer.parse( + await response.body.text(), + contentType + ); + let body: APIErrorResponse; + try { + body = ObjectSerializer.deserialize( + bodyText, + "APIErrorResponse" + ) as APIErrorResponse; + } catch (error) { + logger.debug(`Got error deserializing error: ${error}`); + throw new ApiException( + response.httpStatusCode, + bodyText + ); + } + throw new ApiException(response.httpStatusCode, body); + } + + // Work around for missing responses in specification, e.g. for petstore.yaml + if (response.httpStatusCode >= 200 && response.httpStatusCode <= 299) { + const body: SecurityMonitoringCriticalAssetsResponse = + ObjectSerializer.deserialize( + ObjectSerializer.parse(await response.body.text(), contentType), + "SecurityMonitoringCriticalAssetsResponse", + "" + ) as SecurityMonitoringCriticalAssetsResponse; + return body; + } + + const body = (await response.body.text()) || ""; + throw new ApiException( + response.httpStatusCode, + 'Unknown API Status Code!\nBody: "' + body + '"' + ); + } + /** * Unwraps the actual response sent by the server from the response context and deserializes the response content * to the expected objects @@ -6178,11 +6625,75 @@ export class SecurityMonitoringApiResponseProcessor { // Work around for missing responses in specification, e.g. for petstore.yaml if (response.httpStatusCode >= 200 && response.httpStatusCode <= 299) { - const body: SecurityFilterResponse = ObjectSerializer.deserialize( - ObjectSerializer.parse(await response.body.text(), contentType), - "SecurityFilterResponse", - "" - ) as SecurityFilterResponse; + const body: SecurityFilterResponse = ObjectSerializer.deserialize( + ObjectSerializer.parse(await response.body.text(), contentType), + "SecurityFilterResponse", + "" + ) as SecurityFilterResponse; + return body; + } + + const body = (await response.body.text()) || ""; + throw new ApiException( + response.httpStatusCode, + 'Unknown API Status Code!\nBody: "' + body + '"' + ); + } + + /** + * Unwraps the actual response sent by the server from the response context and deserializes the response content + * to the expected objects + * + * @params response Response returned by the server for a request to getSecurityMonitoringCriticalAsset + * @throws ApiException if the response code was not in [200, 299] + */ + public async getSecurityMonitoringCriticalAsset( + response: ResponseContext + ): Promise { + const contentType = ObjectSerializer.normalizeMediaType( + response.headers["content-type"] + ); + if (response.httpStatusCode === 200) { + const body: SecurityMonitoringCriticalAssetResponse = + ObjectSerializer.deserialize( + ObjectSerializer.parse(await response.body.text(), contentType), + "SecurityMonitoringCriticalAssetResponse" + ) as SecurityMonitoringCriticalAssetResponse; + return body; + } + if ( + response.httpStatusCode === 403 || + response.httpStatusCode === 404 || + response.httpStatusCode === 429 + ) { + const bodyText = ObjectSerializer.parse( + await response.body.text(), + contentType + ); + let body: APIErrorResponse; + try { + body = ObjectSerializer.deserialize( + bodyText, + "APIErrorResponse" + ) as APIErrorResponse; + } catch (error) { + logger.debug(`Got error deserializing error: ${error}`); + throw new ApiException( + response.httpStatusCode, + bodyText + ); + } + throw new ApiException(response.httpStatusCode, body); + } + + // Work around for missing responses in specification, e.g. for petstore.yaml + if (response.httpStatusCode >= 200 && response.httpStatusCode <= 299) { + const body: SecurityMonitoringCriticalAssetResponse = + ObjectSerializer.deserialize( + ObjectSerializer.parse(await response.body.text(), contentType), + "SecurityMonitoringCriticalAssetResponse", + "" + ) as SecurityMonitoringCriticalAssetResponse; return body; } @@ -7416,6 +7927,66 @@ export class SecurityMonitoringApiResponseProcessor { ); } + /** + * Unwraps the actual response sent by the server from the response context and deserializes the response content + * to the expected objects + * + * @params response Response returned by the server for a request to listSecurityMonitoringCriticalAssets + * @throws ApiException if the response code was not in [200, 299] + */ + public async listSecurityMonitoringCriticalAssets( + response: ResponseContext + ): Promise { + const contentType = ObjectSerializer.normalizeMediaType( + response.headers["content-type"] + ); + if (response.httpStatusCode === 200) { + const body: SecurityMonitoringCriticalAssetsResponse = + ObjectSerializer.deserialize( + ObjectSerializer.parse(await response.body.text(), contentType), + "SecurityMonitoringCriticalAssetsResponse" + ) as SecurityMonitoringCriticalAssetsResponse; + return body; + } + if (response.httpStatusCode === 403 || response.httpStatusCode === 429) { + const bodyText = ObjectSerializer.parse( + await response.body.text(), + contentType + ); + let body: APIErrorResponse; + try { + body = ObjectSerializer.deserialize( + bodyText, + "APIErrorResponse" + ) as APIErrorResponse; + } catch (error) { + logger.debug(`Got error deserializing error: ${error}`); + throw new ApiException( + response.httpStatusCode, + bodyText + ); + } + throw new ApiException(response.httpStatusCode, body); + } + + // Work around for missing responses in specification, e.g. for petstore.yaml + if (response.httpStatusCode >= 200 && response.httpStatusCode <= 299) { + const body: SecurityMonitoringCriticalAssetsResponse = + ObjectSerializer.deserialize( + ObjectSerializer.parse(await response.body.text(), contentType), + "SecurityMonitoringCriticalAssetsResponse", + "" + ) as SecurityMonitoringCriticalAssetsResponse; + return body; + } + + const body = (await response.body.text()) || ""; + throw new ApiException( + response.httpStatusCode, + 'Unknown API Status Code!\nBody: "' + body + '"' + ); + } + /** * Unwraps the actual response sent by the server from the response context and deserializes the response content * to the expected objects @@ -8713,6 +9284,72 @@ export class SecurityMonitoringApiResponseProcessor { ); } + /** + * Unwraps the actual response sent by the server from the response context and deserializes the response content + * to the expected objects + * + * @params response Response returned by the server for a request to updateSecurityMonitoringCriticalAsset + * @throws ApiException if the response code was not in [200, 299] + */ + public async updateSecurityMonitoringCriticalAsset( + response: ResponseContext + ): Promise { + const contentType = ObjectSerializer.normalizeMediaType( + response.headers["content-type"] + ); + if (response.httpStatusCode === 200) { + const body: SecurityMonitoringCriticalAssetResponse = + ObjectSerializer.deserialize( + ObjectSerializer.parse(await response.body.text(), contentType), + "SecurityMonitoringCriticalAssetResponse" + ) as SecurityMonitoringCriticalAssetResponse; + return body; + } + if ( + response.httpStatusCode === 400 || + response.httpStatusCode === 403 || + response.httpStatusCode === 404 || + response.httpStatusCode === 409 || + response.httpStatusCode === 429 + ) { + const bodyText = ObjectSerializer.parse( + await response.body.text(), + contentType + ); + let body: APIErrorResponse; + try { + body = ObjectSerializer.deserialize( + bodyText, + "APIErrorResponse" + ) as APIErrorResponse; + } catch (error) { + logger.debug(`Got error deserializing error: ${error}`); + throw new ApiException( + response.httpStatusCode, + bodyText + ); + } + throw new ApiException(response.httpStatusCode, body); + } + + // Work around for missing responses in specification, e.g. for petstore.yaml + if (response.httpStatusCode >= 200 && response.httpStatusCode <= 299) { + const body: SecurityMonitoringCriticalAssetResponse = + ObjectSerializer.deserialize( + ObjectSerializer.parse(await response.body.text(), contentType), + "SecurityMonitoringCriticalAssetResponse", + "" + ) as SecurityMonitoringCriticalAssetResponse; + return body; + } + + const body = (await response.body.text()) || ""; + throw new ApiException( + response.httpStatusCode, + 'Unknown API Status Code!\nBody: "' + body + '"' + ); + } + /** * Unwraps the actual response sent by the server from the response context and deserializes the response content * to the expected objects @@ -9028,6 +9665,14 @@ export interface SecurityMonitoringApiCreateSecurityFilterRequest { body: SecurityFilterCreateRequest; } +export interface SecurityMonitoringApiCreateSecurityMonitoringCriticalAssetRequest { + /** + * The definition of the new critical asset. + * @type SecurityMonitoringCriticalAssetCreateRequest + */ + body: SecurityMonitoringCriticalAssetCreateRequest; +} + export interface SecurityMonitoringApiCreateSecurityMonitoringRuleRequest { /** * @type SecurityMonitoringRuleCreatePayload @@ -9082,6 +9727,14 @@ export interface SecurityMonitoringApiDeleteSecurityFilterRequest { securityFilterId: string; } +export interface SecurityMonitoringApiDeleteSecurityMonitoringCriticalAssetRequest { + /** + * The ID of the critical asset. + * @type string + */ + criticalAssetId: string; +} + export interface SecurityMonitoringApiDeleteSecurityMonitoringRuleRequest { /** * The ID of the rule. @@ -9168,6 +9821,14 @@ export interface SecurityMonitoringApiEditSecurityMonitoringSignalStateRequest { body: SecurityMonitoringSignalStateUpdateRequest; } +export interface SecurityMonitoringApiGetCriticalAssetsAffectingRuleRequest { + /** + * The ID of the rule. + * @type string + */ + ruleId: string; +} + export interface SecurityMonitoringApiGetCustomFrameworkRequest { /** * The framework handle @@ -9261,6 +9922,14 @@ export interface SecurityMonitoringApiGetSecurityFilterRequest { securityFilterId: string; } +export interface SecurityMonitoringApiGetSecurityMonitoringCriticalAssetRequest { + /** + * The ID of the critical asset. + * @type string + */ + criticalAssetId: string; +} + export interface SecurityMonitoringApiGetSecurityMonitoringHistsignalRequest { /** * The ID of the threat hunting signal. @@ -9572,6 +10241,14 @@ export interface SecurityMonitoringApiListSecurityFindingsRequest { sort?: SecurityFindingsSort; } +export interface SecurityMonitoringApiListSecurityMonitoringCriticalAssetsRequest { + /** + * Query string. + * @type string + */ + query?: string; +} + export interface SecurityMonitoringApiListSecurityMonitoringHistsignalsRequest { /** * The search query for security signals. @@ -10113,6 +10790,19 @@ export interface SecurityMonitoringApiUpdateSecurityFilterRequest { body: SecurityFilterUpdateRequest; } +export interface SecurityMonitoringApiUpdateSecurityMonitoringCriticalAssetRequest { + /** + * The ID of the critical asset. + * @type string + */ + criticalAssetId: string; + /** + * New definition of the critical asset. Supports partial updates. + * @type SecurityMonitoringCriticalAssetUpdateRequest + */ + body: SecurityMonitoringCriticalAssetUpdateRequest; +} + export interface SecurityMonitoringApiUpdateSecurityMonitoringRuleRequest { /** * The ID of the rule. @@ -10407,6 +11097,30 @@ export class SecurityMonitoringApi { }); } + /** + * Create a new critical asset. + * @param param The request object + */ + public createSecurityMonitoringCriticalAsset( + param: SecurityMonitoringApiCreateSecurityMonitoringCriticalAssetRequest, + options?: Configuration + ): Promise { + const requestContextPromise = + this.requestFactory.createSecurityMonitoringCriticalAsset( + param.body, + options + ); + return requestContextPromise.then((requestContext) => { + return this.configuration.httpApi + .send(requestContext) + .then((responseContext) => { + return this.responseProcessor.createSecurityMonitoringCriticalAsset( + responseContext + ); + }); + }); + } + /** * Create a detection rule. * @param param The request object @@ -10540,6 +11254,30 @@ export class SecurityMonitoringApi { }); } + /** + * Delete a specific critical asset. + * @param param The request object + */ + public deleteSecurityMonitoringCriticalAsset( + param: SecurityMonitoringApiDeleteSecurityMonitoringCriticalAssetRequest, + options?: Configuration + ): Promise { + const requestContextPromise = + this.requestFactory.deleteSecurityMonitoringCriticalAsset( + param.criticalAssetId, + options + ); + return requestContextPromise.then((requestContext) => { + return this.configuration.httpApi + .send(requestContext) + .then((responseContext) => { + return this.responseProcessor.deleteSecurityMonitoringCriticalAsset( + responseContext + ); + }); + }); + } + /** * Delete an existing rule. Default rules cannot be deleted. * @param param The request object @@ -10748,6 +11486,27 @@ export class SecurityMonitoringApi { }); } + /** + * Get the list of critical assets that affect a specific existing rule by the rule's ID. + * @param param The request object + */ + public getCriticalAssetsAffectingRule( + param: SecurityMonitoringApiGetCriticalAssetsAffectingRuleRequest, + options?: Configuration + ): Promise { + const requestContextPromise = + this.requestFactory.getCriticalAssetsAffectingRule(param.ruleId, options); + return requestContextPromise.then((requestContext) => { + return this.configuration.httpApi + .send(requestContext) + .then((responseContext) => { + return this.responseProcessor.getCriticalAssetsAffectingRule( + responseContext + ); + }); + }); + } + /** * Get a custom framework. * @param param The request object @@ -10904,6 +11663,30 @@ export class SecurityMonitoringApi { }); } + /** + * Get the details of a specific critical asset. + * @param param The request object + */ + public getSecurityMonitoringCriticalAsset( + param: SecurityMonitoringApiGetSecurityMonitoringCriticalAssetRequest, + options?: Configuration + ): Promise { + const requestContextPromise = + this.requestFactory.getSecurityMonitoringCriticalAsset( + param.criticalAssetId, + options + ); + return requestContextPromise.then((requestContext) => { + return this.configuration.httpApi + .send(requestContext) + .then((responseContext) => { + return this.responseProcessor.getSecurityMonitoringCriticalAsset( + responseContext + ); + }); + }); + } + /** * Get a hist signal's details. * @param param The request object @@ -11581,6 +12364,30 @@ export class SecurityMonitoringApi { } } + /** + * Get the list of all critical assets. + * @param param The request object + */ + public listSecurityMonitoringCriticalAssets( + param: SecurityMonitoringApiListSecurityMonitoringCriticalAssetsRequest = {}, + options?: Configuration + ): Promise { + const requestContextPromise = + this.requestFactory.listSecurityMonitoringCriticalAssets( + param.query, + options + ); + return requestContextPromise.then((requestContext) => { + return this.configuration.httpApi + .send(requestContext) + .then((responseContext) => { + return this.responseProcessor.listSecurityMonitoringCriticalAssets( + responseContext + ); + }); + }); + } + /** * List hist signals. * @param param The request object @@ -12375,6 +13182,31 @@ export class SecurityMonitoringApi { }); } + /** + * Update a specific critical asset. + * @param param The request object + */ + public updateSecurityMonitoringCriticalAsset( + param: SecurityMonitoringApiUpdateSecurityMonitoringCriticalAssetRequest, + options?: Configuration + ): Promise { + const requestContextPromise = + this.requestFactory.updateSecurityMonitoringCriticalAsset( + param.criticalAssetId, + param.body, + options + ); + return requestContextPromise.then((requestContext) => { + return this.configuration.httpApi + .send(requestContext) + .then((responseContext) => { + return this.responseProcessor.updateSecurityMonitoringCriticalAsset( + responseContext + ); + }); + }); + } + /** * Update an existing rule. When updating `cases`, `queries` or `options`, the whole field * must be included. For example, when modifying a query all queries must be included. diff --git a/packages/datadog-api-client-v2/index.ts b/packages/datadog-api-client-v2/index.ts index 9e20e7c30119..f1fa90087198 100644 --- a/packages/datadog-api-client-v2/index.ts +++ b/packages/datadog-api-client-v2/index.ts @@ -758,12 +758,14 @@ export { SecurityMonitoringApiCreateCustomFrameworkRequest, SecurityMonitoringApiCreateJiraIssuesRequest, SecurityMonitoringApiCreateSecurityFilterRequest, + SecurityMonitoringApiCreateSecurityMonitoringCriticalAssetRequest, SecurityMonitoringApiCreateSecurityMonitoringRuleRequest, SecurityMonitoringApiCreateSecurityMonitoringSuppressionRequest, SecurityMonitoringApiCreateSignalNotificationRuleRequest, SecurityMonitoringApiCreateVulnerabilityNotificationRuleRequest, SecurityMonitoringApiDeleteCustomFrameworkRequest, SecurityMonitoringApiDeleteSecurityFilterRequest, + SecurityMonitoringApiDeleteSecurityMonitoringCriticalAssetRequest, SecurityMonitoringApiDeleteSecurityMonitoringRuleRequest, SecurityMonitoringApiDeleteSecurityMonitoringSuppressionRequest, SecurityMonitoringApiDeleteSignalNotificationRuleRequest, @@ -773,12 +775,14 @@ export { SecurityMonitoringApiEditSecurityMonitoringSignalAssigneeRequest, SecurityMonitoringApiEditSecurityMonitoringSignalIncidentsRequest, SecurityMonitoringApiEditSecurityMonitoringSignalStateRequest, + SecurityMonitoringApiGetCriticalAssetsAffectingRuleRequest, SecurityMonitoringApiGetCustomFrameworkRequest, SecurityMonitoringApiGetFindingRequest, SecurityMonitoringApiGetResourceEvaluationFiltersRequest, SecurityMonitoringApiGetRuleVersionHistoryRequest, SecurityMonitoringApiGetSBOMRequest, SecurityMonitoringApiGetSecurityFilterRequest, + SecurityMonitoringApiGetSecurityMonitoringCriticalAssetRequest, SecurityMonitoringApiGetSecurityMonitoringHistsignalRequest, SecurityMonitoringApiGetSecurityMonitoringHistsignalsByJobIdRequest, SecurityMonitoringApiGetSecurityMonitoringRuleRequest, @@ -795,6 +799,7 @@ export { SecurityMonitoringApiListMultipleRulesetsRequest, SecurityMonitoringApiListScannedAssetsMetadataRequest, SecurityMonitoringApiListSecurityFindingsRequest, + SecurityMonitoringApiListSecurityMonitoringCriticalAssetsRequest, SecurityMonitoringApiListSecurityMonitoringHistsignalsRequest, SecurityMonitoringApiListSecurityMonitoringRulesRequest, SecurityMonitoringApiListSecurityMonitoringSignalsRequest, @@ -814,6 +819,7 @@ export { SecurityMonitoringApiUpdateCustomFrameworkRequest, SecurityMonitoringApiUpdateResourceEvaluationFiltersRequest, SecurityMonitoringApiUpdateSecurityFilterRequest, + SecurityMonitoringApiUpdateSecurityMonitoringCriticalAssetRequest, SecurityMonitoringApiUpdateSecurityMonitoringRuleRequest, SecurityMonitoringApiUpdateSecurityMonitoringSuppressionRequest, SecurityMonitoringApiValidateSecurityMonitoringRuleRequest, @@ -4059,6 +4065,18 @@ export { SecurityFindingsSearchRequestDataAttributes } from "./models/SecurityFi export { SecurityFindingsSearchRequestPage } from "./models/SecurityFindingsSearchRequestPage"; export { SecurityFindingsSort } from "./models/SecurityFindingsSort"; export { SecurityFindingsStatus } from "./models/SecurityFindingsStatus"; +export { SecurityMonitoringCriticalAsset } from "./models/SecurityMonitoringCriticalAsset"; +export { SecurityMonitoringCriticalAssetAttributes } from "./models/SecurityMonitoringCriticalAssetAttributes"; +export { SecurityMonitoringCriticalAssetCreateAttributes } from "./models/SecurityMonitoringCriticalAssetCreateAttributes"; +export { SecurityMonitoringCriticalAssetCreateData } from "./models/SecurityMonitoringCriticalAssetCreateData"; +export { SecurityMonitoringCriticalAssetCreateRequest } from "./models/SecurityMonitoringCriticalAssetCreateRequest"; +export { SecurityMonitoringCriticalAssetResponse } from "./models/SecurityMonitoringCriticalAssetResponse"; +export { SecurityMonitoringCriticalAssetSeverity } from "./models/SecurityMonitoringCriticalAssetSeverity"; +export { SecurityMonitoringCriticalAssetsResponse } from "./models/SecurityMonitoringCriticalAssetsResponse"; +export { SecurityMonitoringCriticalAssetType } from "./models/SecurityMonitoringCriticalAssetType"; +export { SecurityMonitoringCriticalAssetUpdateAttributes } from "./models/SecurityMonitoringCriticalAssetUpdateAttributes"; +export { SecurityMonitoringCriticalAssetUpdateData } from "./models/SecurityMonitoringCriticalAssetUpdateData"; +export { SecurityMonitoringCriticalAssetUpdateRequest } from "./models/SecurityMonitoringCriticalAssetUpdateRequest"; export { SecurityMonitoringFilter } from "./models/SecurityMonitoringFilter"; export { SecurityMonitoringFilterAction } from "./models/SecurityMonitoringFilterAction"; export { SecurityMonitoringListRulesResponse } from "./models/SecurityMonitoringListRulesResponse"; diff --git a/packages/datadog-api-client-v2/models/ObjectSerializer.ts b/packages/datadog-api-client-v2/models/ObjectSerializer.ts index 8a0a93bd76e5..74f83d64c8ca 100644 --- a/packages/datadog-api-client-v2/models/ObjectSerializer.ts +++ b/packages/datadog-api-client-v2/models/ObjectSerializer.ts @@ -2302,6 +2302,16 @@ import { SecurityFindingsSearchRequest } from "./SecurityFindingsSearchRequest"; import { SecurityFindingsSearchRequestData } from "./SecurityFindingsSearchRequestData"; import { SecurityFindingsSearchRequestDataAttributes } from "./SecurityFindingsSearchRequestDataAttributes"; import { SecurityFindingsSearchRequestPage } from "./SecurityFindingsSearchRequestPage"; +import { SecurityMonitoringCriticalAsset } from "./SecurityMonitoringCriticalAsset"; +import { SecurityMonitoringCriticalAssetAttributes } from "./SecurityMonitoringCriticalAssetAttributes"; +import { SecurityMonitoringCriticalAssetCreateAttributes } from "./SecurityMonitoringCriticalAssetCreateAttributes"; +import { SecurityMonitoringCriticalAssetCreateData } from "./SecurityMonitoringCriticalAssetCreateData"; +import { SecurityMonitoringCriticalAssetCreateRequest } from "./SecurityMonitoringCriticalAssetCreateRequest"; +import { SecurityMonitoringCriticalAssetResponse } from "./SecurityMonitoringCriticalAssetResponse"; +import { SecurityMonitoringCriticalAssetUpdateAttributes } from "./SecurityMonitoringCriticalAssetUpdateAttributes"; +import { SecurityMonitoringCriticalAssetUpdateData } from "./SecurityMonitoringCriticalAssetUpdateData"; +import { SecurityMonitoringCriticalAssetUpdateRequest } from "./SecurityMonitoringCriticalAssetUpdateRequest"; +import { SecurityMonitoringCriticalAssetsResponse } from "./SecurityMonitoringCriticalAssetsResponse"; import { SecurityMonitoringFilter } from "./SecurityMonitoringFilter"; import { SecurityMonitoringListRulesResponse } from "./SecurityMonitoringListRulesResponse"; import { SecurityMonitoringReferenceTable } from "./SecurityMonitoringReferenceTable"; @@ -4166,6 +4176,16 @@ const enumsMap: { [key: string]: any[] } = { SecurityFindingsDataType: ["finding"], SecurityFindingsSort: ["@detection_changed_at", "-@detection_changed_at"], SecurityFindingsStatus: ["done", "timeout"], + SecurityMonitoringCriticalAssetSeverity: [ + "info", + "low", + "medium", + "high", + "critical", + "increase", + "decrease", + ], + SecurityMonitoringCriticalAssetType: ["critical_assets"], SecurityMonitoringFilterAction: ["require", "suppress"], SecurityMonitoringRuleAnomalyDetectionOptionsBucketDuration: [ 300, 600, 900, 1800, 3600, 10800, @@ -7300,6 +7320,25 @@ const typeMap: { [index: string]: any } = { SecurityFindingsSearchRequestDataAttributes: SecurityFindingsSearchRequestDataAttributes, SecurityFindingsSearchRequestPage: SecurityFindingsSearchRequestPage, + SecurityMonitoringCriticalAsset: SecurityMonitoringCriticalAsset, + SecurityMonitoringCriticalAssetAttributes: + SecurityMonitoringCriticalAssetAttributes, + SecurityMonitoringCriticalAssetCreateAttributes: + SecurityMonitoringCriticalAssetCreateAttributes, + SecurityMonitoringCriticalAssetCreateData: + SecurityMonitoringCriticalAssetCreateData, + SecurityMonitoringCriticalAssetCreateRequest: + SecurityMonitoringCriticalAssetCreateRequest, + SecurityMonitoringCriticalAssetResponse: + SecurityMonitoringCriticalAssetResponse, + SecurityMonitoringCriticalAssetUpdateAttributes: + SecurityMonitoringCriticalAssetUpdateAttributes, + SecurityMonitoringCriticalAssetUpdateData: + SecurityMonitoringCriticalAssetUpdateData, + SecurityMonitoringCriticalAssetUpdateRequest: + SecurityMonitoringCriticalAssetUpdateRequest, + SecurityMonitoringCriticalAssetsResponse: + SecurityMonitoringCriticalAssetsResponse, SecurityMonitoringFilter: SecurityMonitoringFilter, SecurityMonitoringListRulesResponse: SecurityMonitoringListRulesResponse, SecurityMonitoringReferenceTable: SecurityMonitoringReferenceTable, diff --git a/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAsset.ts b/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAsset.ts new file mode 100644 index 000000000000..649375de2e76 --- /dev/null +++ b/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAsset.ts @@ -0,0 +1,70 @@ +/** + * Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + * This product includes software developed at Datadog (https://www.datadoghq.com/). + * Copyright 2020-Present Datadog, Inc. + */ +import { SecurityMonitoringCriticalAssetAttributes } from "./SecurityMonitoringCriticalAssetAttributes"; +import { SecurityMonitoringCriticalAssetType } from "./SecurityMonitoringCriticalAssetType"; + +import { AttributeTypeMap } from "../../datadog-api-client-common/util"; + +/** + * The critical asset's properties. + */ +export class SecurityMonitoringCriticalAsset { + /** + * The attributes of the critical asset. + */ + "attributes"?: SecurityMonitoringCriticalAssetAttributes; + /** + * The ID of the critical asset. + */ + "id"?: string; + /** + * The type of the resource. The value should always be `critical_assets`. + */ + "type"?: SecurityMonitoringCriticalAssetType; + + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + attributes: { + baseName: "attributes", + type: "SecurityMonitoringCriticalAssetAttributes", + }, + id: { + baseName: "id", + type: "string", + }, + type: { + baseName: "type", + type: "SecurityMonitoringCriticalAssetType", + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return SecurityMonitoringCriticalAsset.attributeTypeMap; + } + + public constructor() {} +} diff --git a/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAssetAttributes.ts b/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAssetAttributes.ts new file mode 100644 index 000000000000..010f3afbaca7 --- /dev/null +++ b/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAssetAttributes.ts @@ -0,0 +1,147 @@ +/** + * Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + * This product includes software developed at Datadog (https://www.datadoghq.com/). + * Copyright 2020-Present Datadog, Inc. + */ +import { SecurityMonitoringCriticalAssetSeverity } from "./SecurityMonitoringCriticalAssetSeverity"; +import { SecurityMonitoringUser } from "./SecurityMonitoringUser"; + +import { AttributeTypeMap } from "../../datadog-api-client-common/util"; + +/** + * The attributes of the critical asset. + */ +export class SecurityMonitoringCriticalAssetAttributes { + /** + * ID of user who created the critical asset. + */ + "creationAuthorId"?: number; + /** + * A Unix millisecond timestamp given the creation date of the critical asset. + */ + "creationDate"?: number; + /** + * A user. + */ + "creator"?: SecurityMonitoringUser; + /** + * Whether the critical asset is enabled. + */ + "enabled"?: boolean; + /** + * The query for the critical asset. It uses the same syntax as the queries to search signals in the Signals Explorer. + */ + "query"?: string; + /** + * The rule query of the critical asset, with the same syntax as the search bar for detection rules. This determines which rules this critical asset will apply to. + */ + "ruleQuery"?: string; + /** + * Severity associated with this critical asset. Either an explicit severity can be set, or the severity can be increased or decreased. + */ + "severity"?: SecurityMonitoringCriticalAssetSeverity; + /** + * List of tags associated with the critical asset. + */ + "tags"?: Array; + /** + * ID of user who updated the critical asset. + */ + "updateAuthorId"?: number; + /** + * A Unix millisecond timestamp given the update date of the critical asset. + */ + "updateDate"?: number; + /** + * A user. + */ + "updater"?: SecurityMonitoringUser; + /** + * The version of the critical asset; it starts at 1, and is incremented at each update. + */ + "version"?: number; + + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + creationAuthorId: { + baseName: "creation_author_id", + type: "number", + format: "int64", + }, + creationDate: { + baseName: "creation_date", + type: "number", + format: "int64", + }, + creator: { + baseName: "creator", + type: "SecurityMonitoringUser", + }, + enabled: { + baseName: "enabled", + type: "boolean", + }, + query: { + baseName: "query", + type: "string", + }, + ruleQuery: { + baseName: "rule_query", + type: "string", + }, + severity: { + baseName: "severity", + type: "SecurityMonitoringCriticalAssetSeverity", + }, + tags: { + baseName: "tags", + type: "Array", + }, + updateAuthorId: { + baseName: "update_author_id", + type: "number", + format: "int64", + }, + updateDate: { + baseName: "update_date", + type: "number", + format: "int64", + }, + updater: { + baseName: "updater", + type: "SecurityMonitoringUser", + }, + version: { + baseName: "version", + type: "number", + format: "int32", + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return SecurityMonitoringCriticalAssetAttributes.attributeTypeMap; + } + + public constructor() {} +} diff --git a/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAssetCreateAttributes.ts b/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAssetCreateAttributes.ts new file mode 100644 index 000000000000..fba6b1d2acbd --- /dev/null +++ b/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAssetCreateAttributes.ts @@ -0,0 +1,88 @@ +/** + * Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + * This product includes software developed at Datadog (https://www.datadoghq.com/). + * Copyright 2020-Present Datadog, Inc. + */ +import { SecurityMonitoringCriticalAssetSeverity } from "./SecurityMonitoringCriticalAssetSeverity"; + +import { AttributeTypeMap } from "../../datadog-api-client-common/util"; + +/** + * Object containing the attributes of the critical asset to be created. + */ +export class SecurityMonitoringCriticalAssetCreateAttributes { + /** + * Whether the critical asset is enabled. Defaults to `true` if not specified. + */ + "enabled"?: boolean; + /** + * The query for the critical asset. It uses the same syntax as the queries to search signals in the Signals Explorer. + */ + "query": string; + /** + * The rule query of the critical asset, with the same syntax as the search bar for detection rules. This determines which rules this critical asset will apply to. + */ + "ruleQuery": string; + /** + * Severity associated with this critical asset. Either an explicit severity can be set, or the severity can be increased or decreased. + */ + "severity": SecurityMonitoringCriticalAssetSeverity; + /** + * List of tags associated with the critical asset. + */ + "tags"?: Array; + + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + enabled: { + baseName: "enabled", + type: "boolean", + }, + query: { + baseName: "query", + type: "string", + required: true, + }, + ruleQuery: { + baseName: "rule_query", + type: "string", + required: true, + }, + severity: { + baseName: "severity", + type: "SecurityMonitoringCriticalAssetSeverity", + required: true, + }, + tags: { + baseName: "tags", + type: "Array", + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return SecurityMonitoringCriticalAssetCreateAttributes.attributeTypeMap; + } + + public constructor() {} +} diff --git a/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAssetCreateData.ts b/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAssetCreateData.ts new file mode 100644 index 000000000000..40f6a8580df5 --- /dev/null +++ b/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAssetCreateData.ts @@ -0,0 +1,64 @@ +/** + * Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + * This product includes software developed at Datadog (https://www.datadoghq.com/). + * Copyright 2020-Present Datadog, Inc. + */ +import { SecurityMonitoringCriticalAssetCreateAttributes } from "./SecurityMonitoringCriticalAssetCreateAttributes"; +import { SecurityMonitoringCriticalAssetType } from "./SecurityMonitoringCriticalAssetType"; + +import { AttributeTypeMap } from "../../datadog-api-client-common/util"; + +/** + * Object for a single critical asset. + */ +export class SecurityMonitoringCriticalAssetCreateData { + /** + * Object containing the attributes of the critical asset to be created. + */ + "attributes": SecurityMonitoringCriticalAssetCreateAttributes; + /** + * The type of the resource. The value should always be `critical_assets`. + */ + "type": SecurityMonitoringCriticalAssetType; + + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + attributes: { + baseName: "attributes", + type: "SecurityMonitoringCriticalAssetCreateAttributes", + required: true, + }, + type: { + baseName: "type", + type: "SecurityMonitoringCriticalAssetType", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return SecurityMonitoringCriticalAssetCreateData.attributeTypeMap; + } + + public constructor() {} +} diff --git a/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAssetCreateRequest.ts b/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAssetCreateRequest.ts new file mode 100644 index 000000000000..980d210ff0f7 --- /dev/null +++ b/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAssetCreateRequest.ts @@ -0,0 +1,54 @@ +/** + * Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + * This product includes software developed at Datadog (https://www.datadoghq.com/). + * Copyright 2020-Present Datadog, Inc. + */ +import { SecurityMonitoringCriticalAssetCreateData } from "./SecurityMonitoringCriticalAssetCreateData"; + +import { AttributeTypeMap } from "../../datadog-api-client-common/util"; + +/** + * Request object that includes the critical asset that you would like to create. + */ +export class SecurityMonitoringCriticalAssetCreateRequest { + /** + * Object for a single critical asset. + */ + "data": SecurityMonitoringCriticalAssetCreateData; + + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + data: { + baseName: "data", + type: "SecurityMonitoringCriticalAssetCreateData", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return SecurityMonitoringCriticalAssetCreateRequest.attributeTypeMap; + } + + public constructor() {} +} diff --git a/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAssetResponse.ts b/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAssetResponse.ts new file mode 100644 index 000000000000..105255c1a3b0 --- /dev/null +++ b/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAssetResponse.ts @@ -0,0 +1,53 @@ +/** + * Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + * This product includes software developed at Datadog (https://www.datadoghq.com/). + * Copyright 2020-Present Datadog, Inc. + */ +import { SecurityMonitoringCriticalAsset } from "./SecurityMonitoringCriticalAsset"; + +import { AttributeTypeMap } from "../../datadog-api-client-common/util"; + +/** + * Response object containing a single critical asset. + */ +export class SecurityMonitoringCriticalAssetResponse { + /** + * The critical asset's properties. + */ + "data"?: SecurityMonitoringCriticalAsset; + + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + data: { + baseName: "data", + type: "SecurityMonitoringCriticalAsset", + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return SecurityMonitoringCriticalAssetResponse.attributeTypeMap; + } + + public constructor() {} +} diff --git a/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAssetSeverity.ts b/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAssetSeverity.ts new file mode 100644 index 000000000000..02cb6edbd107 --- /dev/null +++ b/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAssetSeverity.ts @@ -0,0 +1,28 @@ +/** + * Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + * This product includes software developed at Datadog (https://www.datadoghq.com/). + * Copyright 2020-Present Datadog, Inc. + */ + +import { UnparsedObject } from "../../datadog-api-client-common/util"; + +/** + * Severity associated with this critical asset. Either an explicit severity can be set, or the severity can be increased or decreased. + */ + +export type SecurityMonitoringCriticalAssetSeverity = + | typeof INFO + | typeof LOW + | typeof MEDIUM + | typeof HIGH + | typeof CRITICAL + | typeof INCREASE + | typeof DECREASE + | UnparsedObject; +export const INFO = "info"; +export const LOW = "low"; +export const MEDIUM = "medium"; +export const HIGH = "high"; +export const CRITICAL = "critical"; +export const INCREASE = "increase"; +export const DECREASE = "decrease"; diff --git a/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAssetType.ts b/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAssetType.ts new file mode 100644 index 000000000000..c33e661bdb69 --- /dev/null +++ b/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAssetType.ts @@ -0,0 +1,16 @@ +/** + * Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + * This product includes software developed at Datadog (https://www.datadoghq.com/). + * Copyright 2020-Present Datadog, Inc. + */ + +import { UnparsedObject } from "../../datadog-api-client-common/util"; + +/** + * The type of the resource. The value should always be `critical_assets`. + */ + +export type SecurityMonitoringCriticalAssetType = + | typeof CRITICAL_ASSETS + | UnparsedObject; +export const CRITICAL_ASSETS = "critical_assets"; diff --git a/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAssetUpdateAttributes.ts b/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAssetUpdateAttributes.ts new file mode 100644 index 000000000000..1418cca37205 --- /dev/null +++ b/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAssetUpdateAttributes.ts @@ -0,0 +1,94 @@ +/** + * Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + * This product includes software developed at Datadog (https://www.datadoghq.com/). + * Copyright 2020-Present Datadog, Inc. + */ +import { SecurityMonitoringCriticalAssetSeverity } from "./SecurityMonitoringCriticalAssetSeverity"; + +import { AttributeTypeMap } from "../../datadog-api-client-common/util"; + +/** + * The critical asset properties to be updated. + */ +export class SecurityMonitoringCriticalAssetUpdateAttributes { + /** + * Whether the critical asset is enabled. + */ + "enabled"?: boolean; + /** + * The query for the critical asset. It uses the same syntax as the queries to search signals in the Signals Explorer. + */ + "query"?: string; + /** + * The rule query of the critical asset, with the same syntax as the search bar for detection rules. This determines which rules this critical asset will apply to. + */ + "ruleQuery"?: string; + /** + * Severity associated with this critical asset. Either an explicit severity can be set, or the severity can be increased or decreased. + */ + "severity"?: SecurityMonitoringCriticalAssetSeverity; + /** + * List of tags associated with the critical asset. + */ + "tags"?: Array; + /** + * The version of the critical asset being updated. Used for optimistic locking to prevent concurrent modifications. + */ + "version"?: number; + + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + enabled: { + baseName: "enabled", + type: "boolean", + }, + query: { + baseName: "query", + type: "string", + }, + ruleQuery: { + baseName: "rule_query", + type: "string", + }, + severity: { + baseName: "severity", + type: "SecurityMonitoringCriticalAssetSeverity", + }, + tags: { + baseName: "tags", + type: "Array", + }, + version: { + baseName: "version", + type: "number", + format: "int32", + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return SecurityMonitoringCriticalAssetUpdateAttributes.attributeTypeMap; + } + + public constructor() {} +} diff --git a/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAssetUpdateData.ts b/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAssetUpdateData.ts new file mode 100644 index 000000000000..4324ff78d5db --- /dev/null +++ b/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAssetUpdateData.ts @@ -0,0 +1,64 @@ +/** + * Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + * This product includes software developed at Datadog (https://www.datadoghq.com/). + * Copyright 2020-Present Datadog, Inc. + */ +import { SecurityMonitoringCriticalAssetType } from "./SecurityMonitoringCriticalAssetType"; +import { SecurityMonitoringCriticalAssetUpdateAttributes } from "./SecurityMonitoringCriticalAssetUpdateAttributes"; + +import { AttributeTypeMap } from "../../datadog-api-client-common/util"; + +/** + * The new critical asset properties; partial updates are supported. + */ +export class SecurityMonitoringCriticalAssetUpdateData { + /** + * The critical asset properties to be updated. + */ + "attributes": SecurityMonitoringCriticalAssetUpdateAttributes; + /** + * The type of the resource. The value should always be `critical_assets`. + */ + "type": SecurityMonitoringCriticalAssetType; + + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + attributes: { + baseName: "attributes", + type: "SecurityMonitoringCriticalAssetUpdateAttributes", + required: true, + }, + type: { + baseName: "type", + type: "SecurityMonitoringCriticalAssetType", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return SecurityMonitoringCriticalAssetUpdateData.attributeTypeMap; + } + + public constructor() {} +} diff --git a/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAssetUpdateRequest.ts b/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAssetUpdateRequest.ts new file mode 100644 index 000000000000..e8bcee0d3008 --- /dev/null +++ b/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAssetUpdateRequest.ts @@ -0,0 +1,54 @@ +/** + * Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + * This product includes software developed at Datadog (https://www.datadoghq.com/). + * Copyright 2020-Present Datadog, Inc. + */ +import { SecurityMonitoringCriticalAssetUpdateData } from "./SecurityMonitoringCriticalAssetUpdateData"; + +import { AttributeTypeMap } from "../../datadog-api-client-common/util"; + +/** + * Request object containing the fields to update on the critical asset. + */ +export class SecurityMonitoringCriticalAssetUpdateRequest { + /** + * The new critical asset properties; partial updates are supported. + */ + "data": SecurityMonitoringCriticalAssetUpdateData; + + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + data: { + baseName: "data", + type: "SecurityMonitoringCriticalAssetUpdateData", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return SecurityMonitoringCriticalAssetUpdateRequest.attributeTypeMap; + } + + public constructor() {} +} diff --git a/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAssetsResponse.ts b/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAssetsResponse.ts new file mode 100644 index 000000000000..1be0f09ed3d1 --- /dev/null +++ b/packages/datadog-api-client-v2/models/SecurityMonitoringCriticalAssetsResponse.ts @@ -0,0 +1,53 @@ +/** + * Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + * This product includes software developed at Datadog (https://www.datadoghq.com/). + * Copyright 2020-Present Datadog, Inc. + */ +import { SecurityMonitoringCriticalAsset } from "./SecurityMonitoringCriticalAsset"; + +import { AttributeTypeMap } from "../../datadog-api-client-common/util"; + +/** + * Response object containing the available critical assets. + */ +export class SecurityMonitoringCriticalAssetsResponse { + /** + * A list of critical assets objects. + */ + "data"?: Array; + + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + data: { + baseName: "data", + type: "Array", + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return SecurityMonitoringCriticalAssetsResponse.attributeTypeMap; + } + + public constructor() {} +}