DataDog · api-clients-generation-pipeline · Jul 20, 2023 · Jul 20, 2023
@@ -4,13 +4,13 @@
     "spec_versions": {
         "v1": {
             "apigentools_version": "1.6.5",
-            "regenerated": "2023-07-19 18:05:03.712229",
-            "spec_repo_commit": "e9066fe1"
+            "regenerated": "2023-07-20 14:24:42.709002",
+            "spec_repo_commit": "878f93fe"
         },
         "v2": {
             "apigentools_version": "1.6.5",
-            "regenerated": "2023-07-19 18:05:03.728984",
-            "spec_repo_commit": "e9066fe1"
+            "regenerated": "2023-07-20 14:24:42.721852",
+            "spec_repo_commit": "878f93fe"
         }
     }
 }
@@ -2696,6 +2696,12 @@ components:
           type: array
         complianceSignalOptions:
           $ref: '#/components/schemas/CloudConfigurationRuleComplianceSignalOptions'
+        filters:
+          description: Additional queries to filter matched events before they are
+            processed.
+          items:
+            $ref: '#/components/schemas/SecurityMonitoringFilter'
+          type: array
         isEnabled:
           description: Whether the rule is enabled.
           example: true

@@ -10,9 +10,12 @@
 import com.datadog.api.client.v2.model.CloudConfigurationRuleCreatePayload;
 import com.datadog.api.client.v2.model.CloudConfigurationRuleOptions;
 import com.datadog.api.client.v2.model.CloudConfigurationRuleType;
+import com.datadog.api.client.v2.model.SecurityMonitoringFilter;
+import com.datadog.api.client.v2.model.SecurityMonitoringFilterAction;
 import com.datadog.api.client.v2.model.SecurityMonitoringRuleCreatePayload;
 import com.datadog.api.client.v2.model.SecurityMonitoringRuleResponse;
 import com.datadog.api.client.v2.model.SecurityMonitoringRuleSeverity;
+import java.util.Arrays;
 import java.util.Collections;
 
 public class Example {
@@ -50,7 +53,15 @@ public static void main(String[] args) {
                 .complianceSignalOptions(
                     new CloudConfigurationRuleComplianceSignalOptions()
                         .userActivationStatus(true)
-                        .userGroupByFields(Collections.singletonList("@account_id"))));
+                        .userGroupByFields(Collections.singletonList("@account_id")))
+                .filters(
+                    Arrays.asList(
+                        new SecurityMonitoringFilter()
+                            .action(SecurityMonitoringFilterAction.REQUIRE)
+                            .query("resource_id:helo*"),
+                        new SecurityMonitoringFilter()
+                            .action(SecurityMonitoringFilterAction.SUPPRESS)
+                            .query("control:helo*"))));
 
     try {
       SecurityMonitoringRuleResponse result = apiInstance.createSecurityMonitoringRule(body);

@@ -23,6 +23,7 @@
 @JsonPropertyOrder({
   CloudConfigurationRuleCreatePayload.JSON_PROPERTY_CASES,
   CloudConfigurationRuleCreatePayload.JSON_PROPERTY_COMPLIANCE_SIGNAL_OPTIONS,
+  CloudConfigurationRuleCreatePayload.JSON_PROPERTY_FILTERS,
   CloudConfigurationRuleCreatePayload.JSON_PROPERTY_IS_ENABLED,
   CloudConfigurationRuleCreatePayload.JSON_PROPERTY_MESSAGE,
   CloudConfigurationRuleCreatePayload.JSON_PROPERTY_NAME,
@@ -40,6 +41,9 @@ public class CloudConfigurationRuleCreatePayload {
   public static final String JSON_PROPERTY_COMPLIANCE_SIGNAL_OPTIONS = "complianceSignalOptions";
   private CloudConfigurationRuleComplianceSignalOptions complianceSignalOptions;
 
+  public static final String JSON_PROPERTY_FILTERS = "filters";
+  private List<SecurityMonitoringFilter> filters = null;
+
   public static final String JSON_PROPERTY_IS_ENABLED = "isEnabled";
   private Boolean isEnabled;
 
@@ -135,6 +139,39 @@ public void setComplianceSignalOptions(
     this.complianceSignalOptions = complianceSignalOptions;
   }
 
+  public CloudConfigurationRuleCreatePayload filters(List<SecurityMonitoringFilter> filters) {
+    this.filters = filters;
+    for (SecurityMonitoringFilter item : filters) {
+      this.unparsed |= item.unparsed;
+    }
+    return this;
+  }
+
+  public CloudConfigurationRuleCreatePayload addFiltersItem(SecurityMonitoringFilter filtersItem) {
+    if (this.filters == null) {
+      this.filters = new ArrayList<>();
+    }
+    this.filters.add(filtersItem);
+    this.unparsed |= filtersItem.unparsed;
+    return this;
+  }
+
+  /**
+   * Additional queries to filter matched events before they are processed.
+   *
+   * @return filters
+   */
+  @jakarta.annotation.Nullable
+  @JsonProperty(JSON_PROPERTY_FILTERS)
+  @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS)
+  public List<SecurityMonitoringFilter> getFilters() {
+    return filters;
+  }
+
+  public void setFilters(List<SecurityMonitoringFilter> filters) {
+    this.filters = filters;
+  }
+
   public CloudConfigurationRuleCreatePayload isEnabled(Boolean isEnabled) {
     this.isEnabled = isEnabled;
     return this;
@@ -331,6 +368,7 @@ public boolean equals(Object o) {
         && Objects.equals(
             this.complianceSignalOptions,
             cloudConfigurationRuleCreatePayload.complianceSignalOptions)
+        && Objects.equals(this.filters, cloudConfigurationRuleCreatePayload.filters)
         && Objects.equals(this.isEnabled, cloudConfigurationRuleCreatePayload.isEnabled)
         && Objects.equals(this.message, cloudConfigurationRuleCreatePayload.message)
         && Objects.equals(this.name, cloudConfigurationRuleCreatePayload.name)
@@ -346,6 +384,7 @@ public int hashCode() {
     return Objects.hash(
         cases,
         complianceSignalOptions,
+        filters,
         isEnabled,
         message,
         name,
@@ -363,6 +402,7 @@ public String toString() {
     sb.append("    complianceSignalOptions: ")
         .append(toIndentedString(complianceSignalOptions))
         .append("\n");
+    sb.append("    filters: ").append(toIndentedString(filters)).append("\n");
     sb.append("    isEnabled: ").append(toIndentedString(isEnabled)).append("\n");
     sb.append("    message: ").append(toIndentedString(message)).append("\n");
     sb.append("    name: ").append(toIndentedString(name)).append("\n");

@@ -1 +1 @@
-2022-12-16T18:53:53.418Z
+2023-07-20T12:27:33.661Z
@@ -3,7 +3,7 @@
     "httpRequest": {
       "body": {
         "type": "JSON",
-        "json": "{\"cases\":[{\"notifications\":[\"channel\"],\"status\":\"info\"}],\"complianceSignalOptions\":{\"userActivationStatus\":true,\"userGroupByFields\":[\"@account_id\"]},\"isEnabled\":false,\"message\":\"ddd\",\"name\":\"Test-Create_a_cloud_configuration_rule_returns_OK_response-1671216833_cloud\",\"options\":{\"complianceRuleOptions\":{\"complexRule\":false,\"regoRule\":{\"policy\":\"package datadog\\n\",\"resourceTypes\":[\"gcp_compute_disk\"]},\"resourceType\":\"gcp_compute_disk\"}},\"tags\":[\"my:tag\"],\"type\":\"cloud_configuration\"}"
+        "json": "{\"cases\":[{\"notifications\":[\"channel\"],\"status\":\"info\"}],\"complianceSignalOptions\":{\"userActivationStatus\":true,\"userGroupByFields\":[\"@account_id\"]},\"filters\":[{\"action\":\"require\",\"query\":\"resource_id:helo*\"},{\"action\":\"suppress\",\"query\":\"control:helo*\"}],\"isEnabled\":false,\"message\":\"ddd\",\"name\":\"Test-Create_a_cloud_configuration_rule_returns_OK_response-1689856053_cloud\",\"options\":{\"complianceRuleOptions\":{\"complexRule\":false,\"regoRule\":{\"policy\":\"package datadog\\n\",\"resourceTypes\":[\"gcp_compute_disk\"]},\"resourceType\":\"gcp_compute_disk\"}},\"tags\":[\"my:tag\"],\"type\":\"cloud_configuration\"}"
       },
       "headers": {},
       "method": "POST",
@@ -12,7 +12,7 @@
       "secure": true
     },
     "httpResponse": {
-      "body": "{\"creationAuthorId\":1445416,\"tags\":[\"my:tag\"],\"type\":\"cloud_configuration\",\"isEnabled\":false,\"hasExtendedTitle\":true,\"message\":\"ddd\",\"options\":{\"detectionMethod\":\"threshold\",\"evaluationWindow\":7200,\"maxSignalDuration\":86400,\"complianceRuleOptions\":{\"resourceType\":\"gcp_compute_disk\",\"regoRule\":{\"policy\":\"package datadog\\n\",\"resourceTypes\":[\"gcp_compute_disk\"]},\"complexRule\":false},\"keepAlive\":21600},\"version\":1,\"createdAt\":1671216834196,\"filters\":[],\"queries\":[{\"query\":\"resource_type:gcp_compute_disk\",\"groupByFields\":[\"resource_type\",\"resource_id\"],\"aggregation\":\"count\",\"name\":\"a\",\"distinctFields\":[]}],\"isDeleted\":false,\"complianceSignalOptions\":{\"defaultActivationStatus\":null,\"userActivationStatus\":true,\"defaultGroupByFields\":null,\"userGroupByFields\":[\"@account_id\"]},\"cases\":[{\"status\":\"info\",\"notifications\":[\"channel\"],\"name\":\"\",\"condition\":\"a > 0\"}],\"id\":\"fat-bma-9yo\",\"isDefault\":false,\"name\":\"Test-Create_a_cloud_configuration_rule_returns_OK_response-1671216833_cloud\"}\n",
+      "body": "{\"id\":\"rmr-xkf-scr\",\"version\":1,\"name\":\"Test-Create_a_cloud_configuration_rule_returns_OK_response-1689856053_cloud\",\"createdAt\":1689856054469,\"creationAuthorId\":1445416,\"isDefault\":false,\"isEnabled\":false,\"isDeleted\":false,\"isDeprecated\":false,\"queries\":[{\"query\":\"resource_type:gcp_compute_disk\",\"groupByFields\":[\"resource_type\",\"resource_id\"],\"distinctFields\":[],\"aggregation\":\"count\",\"name\":\"a\"}],\"options\":{\"keepAlive\":21600,\"maxSignalDuration\":86400,\"detectionMethod\":\"threshold\",\"evaluationWindow\":7200,\"complianceRuleOptions\":{\"resourceType\":\"gcp_compute_disk\",\"regoRule\":{\"policy\":\"package datadog\\n\",\"resourceTypes\":[\"gcp_compute_disk\"]},\"complexRule\":false}},\"complianceSignalOptions\":{\"defaultActivationStatus\":null,\"defaultGroupByFields\":null,\"userActivationStatus\":true,\"userGroupByFields\":[\"@account_id\"]},\"cases\":[{\"condition\":\"a > 0\",\"name\":\"\",\"status\":\"info\",\"notifications\":[\"channel\"]}],\"message\":\"ddd\",\"tags\":[\"my:tag\"],\"hasExtendedTitle\":true,\"type\":\"cloud_configuration\",\"filters\":[{\"action\":\"require\",\"query\":\"resource_id:helo*\"},{\"action\":\"suppress\",\"query\":\"control:helo*\"}]}\n",
       "headers": {
         "Content-Type": [
           "application/json"
@@ -27,13 +27,13 @@
     "timeToLive": {
       "unlimited": true
     },
-    "id": "d06540ca-e8aa-cb41-1cd0-62b8c1919a24"
+    "id": "242acd1f-1aa8-dce4-04b8-00b78709e4a4"
   },
   {
     "httpRequest": {
       "headers": {},
       "method": "DELETE",
-      "path": "/api/v2/security_monitoring/rules/fat-bma-9yo",
+      "path": "/api/v2/security_monitoring/rules/rmr-xkf-scr",
       "keepAlive": false,
       "secure": true
     },
@@ -48,6 +48,6 @@
     "timeToLive": {
       "unlimited": true
     },
-    "id": "578b9528-6605-978c-f0b8-3aad6a998b79"
+    "id": "fcc1c54c-47a8-bc3f-4da5-4d41c1afd208"
   }
 ]
@@ -58,7 +58,7 @@ Feature: Security Monitoring
   @team:DataDog/k9-cloud-security-platform
   Scenario: Create a cloud_configuration rule returns "OK" response
     Given new "CreateSecurityMonitoringRule" request
-    And body with value {"type":"cloud_configuration","name":"{{ unique }}_cloud","isEnabled":false,"cases":[{"status":"info","notifications":["channel"]}],"options":{"complianceRuleOptions":{"resourceType":"gcp_compute_disk","complexRule": false,"regoRule":{"policy":"package datadog\n","resourceTypes":["gcp_compute_disk"]}}},"message":"ddd","tags":["my:tag"],"complianceSignalOptions":{"userActivationStatus":true,"userGroupByFields":["@account_id"]}}
+    And body with value {"type":"cloud_configuration","name":"{{ unique }}_cloud","isEnabled":false,"cases":[{"status":"info","notifications":["channel"]}],"options":{"complianceRuleOptions":{"resourceType":"gcp_compute_disk","complexRule": false,"regoRule":{"policy":"package datadog\n","resourceTypes":["gcp_compute_disk"]}}},"message":"ddd","tags":["my:tag"],"complianceSignalOptions":{"userActivationStatus":true,"userGroupByFields":["@account_id"]},"filters":[{"action":"require","query":"resource_id:helo*"},{"action":"suppress","query":"control:helo*"}]}
     When the request is sent
     Then the response status is 200 OK
     And the response "name" is equal to "{{ unique }}_cloud"