diff --git a/.apigentools-info b/.apigentools-info index a7f57df5427d..4a08edaef9c7 100644 --- a/.apigentools-info +++ b/.apigentools-info @@ -4,13 +4,13 @@ "spec_versions": { "v1": { "apigentools_version": "1.6.6", - "regenerated": "2024-01-12 13:44:51.039843", - "spec_repo_commit": "0d87bc66" + "regenerated": "2024-01-12 15:18:18.135388", + "spec_repo_commit": "b125495e" }, "v2": { "apigentools_version": "1.6.6", - "regenerated": "2024-01-12 13:44:51.059761", - "spec_repo_commit": "0d87bc66" + "regenerated": "2024-01-12 15:18:18.151793", + "spec_repo_commit": "b125495e" } } } \ No newline at end of file diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index 8fbfc47bcd5f..8d81630a0145 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -432,6 +432,13 @@ components: required: true schema: type: string + SecurityMonitoringSuppressionID: + description: The ID of the suppression rule + in: path + name: suppression_id + required: true + schema: + type: string SensitiveDataScannerGroupID: description: The ID of a group of rules. in: path @@ -16588,6 +16595,216 @@ components: description: The version of the rule. format: int64 type: integer + SecurityMonitoringSuppression: + description: The suppression rule's properties. + properties: + attributes: + $ref: '#/components/schemas/SecurityMonitoringSuppressionAttributes' + id: + $ref: '#/components/schemas/SecurityMonitoringSuppressionID' + type: + $ref: '#/components/schemas/SecurityMonitoringSuppressionType' + type: object + SecurityMonitoringSuppressionAttributes: + description: The attributes of the suppression rule. + properties: + creation_date: + description: A Unix millisecond timestamp given the creation date of the + suppression rule. + format: int64 + type: integer + creator: + $ref: '#/components/schemas/SecurityMonitoringUser' + description: + description: A description for the suppression rule. + example: This rule suppresses low-severity signals in staging environments. + type: string + enabled: + description: Whether the suppression rule is enabled. + example: true + type: boolean + expiration_date: + description: A Unix millisecond timestamp giving an expiration date for + the suppression rule. After this date, it won't suppress signals anymore. + example: 1703187336000 + format: int64 + type: integer + name: + description: The name of the suppression rule. + example: Custom suppression + type: string + rule_query: + description: The rule query of the suppression rule, with the same syntax + as the search bar for detection rules. + example: type:log_detection source:cloudtrail + type: string + suppression_query: + description: The suppression query of the suppression rule. If a signal + matches this query, it is suppressed and not triggered. Same syntax as + the queries to search signals in the signal explorer. + example: env:staging status:low + type: string + update_date: + description: A Unix millisecond timestamp given the update date of the suppression + rule. + format: int64 + type: integer + updater: + $ref: '#/components/schemas/SecurityMonitoringUser' + version: + description: The version of the suppression rule; it starts at 1, and is + incremented at each update. + example: 42 + format: int32 + maximum: 2147483647 + type: integer + type: object + SecurityMonitoringSuppressionCreateAttributes: + description: Object containing the attributes of the suppression rule to be + created. + properties: + description: + description: A description for the suppression rule. + example: This rule suppresses low-severity signals in staging environments. + type: string + enabled: + description: Whether the suppression rule is enabled. + example: true + type: boolean + expiration_date: + description: A Unix millisecond timestamp giving an expiration date for + the suppression rule. After this date, it won't suppress signals anymore. + example: 1703187336000 + format: int64 + type: integer + name: + description: The name of the suppression rule. + example: Custom suppression + type: string + rule_query: + description: The rule query of the suppression rule, with the same syntax + as the search bar for detection rules. + example: type:log_detection source:cloudtrail + type: string + suppression_query: + description: The suppression query of the suppression rule. If a signal + matches this query, it is suppressed and is not triggered . Same syntax + as the queries to search signals in the signal explorer. + example: env:staging status:low + type: string + required: + - name + - enabled + - rule_query + - suppression_query + type: object + SecurityMonitoringSuppressionCreateData: + description: Object for a single suppression rule. + properties: + attributes: + $ref: '#/components/schemas/SecurityMonitoringSuppressionCreateAttributes' + type: + $ref: '#/components/schemas/SecurityMonitoringSuppressionType' + required: + - type + - attributes + type: object + SecurityMonitoringSuppressionCreateRequest: + description: Request object that includes the suppression rule that you would + like to create. + properties: + data: + $ref: '#/components/schemas/SecurityMonitoringSuppressionCreateData' + required: + - data + type: object + SecurityMonitoringSuppressionID: + description: The ID of the suppression rule. + example: 3dd-0uc-h1s + type: string + SecurityMonitoringSuppressionResponse: + description: Response object containing a single suppression rule. + properties: + data: + $ref: '#/components/schemas/SecurityMonitoringSuppression' + type: object + SecurityMonitoringSuppressionType: + default: suppressions + description: The type of the resource. The value should always be `suppressions`. + enum: + - suppressions + example: suppressions + type: string + x-enum-varnames: + - SUPPRESSIONS + SecurityMonitoringSuppressionUpdateAttributes: + description: The suppression rule properties to be updated. + properties: + description: + description: A description for the suppression rule. + example: This rule suppresses low-severity signals in staging environments. + type: string + enabled: + description: Whether the suppression rule is enabled. + example: true + type: boolean + expiration_date: + description: A Unix millisecond timestamp giving an expiration date for + the suppression rule. After this date, it won't suppress signals anymore. + example: 1703187336000 + format: int64 + type: integer + name: + description: The name of the suppression rule. + example: Custom suppression + type: string + rule_query: + description: The rule query of the suppression rule, with the same syntax + as the search bar for detection rules. + example: type:log_detection source:cloudtrail + type: string + suppression_query: + description: The suppression query of the suppression rule. If a signal + matches this query, it is suppressed and not triggered. Same syntax as + the queries to search signals in the signal explorer. + example: env:staging status:low + type: string + version: + description: The current version of the suppression. This is optional, but + it can help prevent concurrent modifications. + format: int32 + maximum: 2147483647 + type: integer + type: object + SecurityMonitoringSuppressionUpdateData: + description: The new suppression properties; partial updates are supported. + properties: + attributes: + $ref: '#/components/schemas/SecurityMonitoringSuppressionUpdateAttributes' + type: + $ref: '#/components/schemas/SecurityMonitoringSuppressionType' + required: + - type + - attributes + type: object + SecurityMonitoringSuppressionUpdateRequest: + description: Request object containing the fields to update on the suppression + rule. + properties: + data: + $ref: '#/components/schemas/SecurityMonitoringSuppressionUpdateData' + required: + - data + type: object + SecurityMonitoringSuppressionsResponse: + description: Response object containing the available suppression rules. + properties: + data: + description: A list of suppressions objects. + items: + $ref: '#/components/schemas/SecurityMonitoringSuppression' + type: array + type: object SecurityMonitoringThirdPartyRootQuery: description: A query to be combined with the third party case query. properties: @@ -16666,6 +16883,19 @@ components: required: - uuid type: object + SecurityMonitoringUser: + description: A user. + properties: + handle: + description: The handle of the user. + example: john.doe@datadoghq.com + type: string + name: + description: The name of the user. + example: John Doe + nullable: true + type: string + type: object SensitiveDataScannerConfigRequest: description: Group reorder request. properties: @@ -29288,6 +29518,149 @@ paths: tags: - Security Monitoring x-codegen-request-body-name: body + /api/v2/security_monitoring/configuration/suppressions: + get: + description: Get the list of all suppression rules. + operationId: ListSecurityMonitoringSuppressions + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SecurityMonitoringSuppressionsResponse' + description: OK + '403': + $ref: '#/components/responses/NotAuthorizedResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_suppressions_read + summary: Get all suppression rules + tags: + - Security Monitoring + post: + description: Create a new suppression rule. + operationId: CreateSecurityMonitoringSuppression + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SecurityMonitoringSuppressionCreateRequest' + description: The definition of the new suppression rule. + required: true + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SecurityMonitoringSuppressionResponse' + description: OK + '400': + $ref: '#/components/responses/BadRequestResponse' + '403': + $ref: '#/components/responses/NotAuthorizedResponse' + '409': + $ref: '#/components/responses/ConflictResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_suppressions_write + summary: Create a suppression rule + tags: + - Security Monitoring + x-codegen-request-body-name: body + /api/v2/security_monitoring/configuration/suppressions/{suppression_id}: + delete: + description: Delete a specific suppression rule. + operationId: DeleteSecurityMonitoringSuppression + parameters: + - $ref: '#/components/parameters/SecurityMonitoringSuppressionID' + responses: + '204': + description: OK + '403': + $ref: '#/components/responses/NotAuthorizedResponse' + '404': + $ref: '#/components/responses/NotFoundResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_suppressions_write + summary: Delete a suppression rule + tags: + - Security Monitoring + get: + description: Get the details of a specific suppression rule. + operationId: GetSecurityMonitoringSuppression + parameters: + - $ref: '#/components/parameters/SecurityMonitoringSuppressionID' + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SecurityMonitoringSuppressionResponse' + description: OK + '403': + $ref: '#/components/responses/NotAuthorizedResponse' + '404': + $ref: '#/components/responses/NotFoundResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_suppressions_read + summary: Get a suppression rule + tags: + - Security Monitoring + patch: + description: Update a specific suppression rule. + operationId: UpdateSecurityMonitoringSuppression + parameters: + - $ref: '#/components/parameters/SecurityMonitoringSuppressionID' + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SecurityMonitoringSuppressionUpdateRequest' + description: New definition of the suppression rule. Supports partial updates. + required: true + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SecurityMonitoringSuppressionResponse' + description: OK + '400': + $ref: '#/components/responses/BadRequestResponse' + '403': + $ref: '#/components/responses/NotAuthorizedResponse' + '404': + $ref: '#/components/responses/NotFoundResponse' + '409': + $ref: '#/components/responses/ConcurrentModificationResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_suppressions_write + summary: Update a suppression rule + tags: + - Security Monitoring /api/v2/security_monitoring/rules: get: description: List rules. diff --git a/cassettes/features/v2/security_monitoring/Create-a-suppression-rule-returns-OK-response.frozen b/cassettes/features/v2/security_monitoring/Create-a-suppression-rule-returns-OK-response.frozen new file mode 100644 index 000000000000..cc25655a1b40 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Create-a-suppression-rule-returns-OK-response.frozen @@ -0,0 +1 @@ +2024-01-11T10:06:23.179Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Create-a-suppression-rule-returns-OK-response.yml b/cassettes/features/v2/security_monitoring/Create-a-suppression-rule-returns-OK-response.yml new file mode 100644 index 000000000000..69164832c42b --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Create-a-suppression-rule-returns-OK-response.yml @@ -0,0 +1,48 @@ +http_interactions: +- recorded_at: Thu, 11 Jan 2024 10:06:23 GMT + request: + body: + encoding: UTF-8 + string: '{"data":{"attributes":{"description":"This rule suppresses low-severity + signals in staging environments.","enabled":true,"expiration_date":1703187336000,"name":"Test-Create_a_suppression_rule_returns_OK_response-1704967583","rule_query":"type:log_detection + source:cloudtrail","suppression_query":"env:staging status:low"},"type":"suppressions"}}' + headers: + Accept: + - application/json + Content-Type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions + response: + body: + encoding: UTF-8 + string: '{"data":{"id":"5sx-nhj-htc","attributes":{"name":"Test-Create_a_suppression_rule_returns_OK_response-1704967583","enabled":true,"description":"This + rule suppresses low-severity signals in staging environments.","rule_query":"type:log_detection + source:cloudtrail","suppression_query":"env:staging status:low","expiration_date":1703187336000,"version":1,"creation_date":1704967583506,"update_date":1704967583506,"creator":{"name":null,"handle":"frog@datadoghq.com"},"updater":{"name":null,"handle":"frog@datadoghq.com"}},"type":"suppressions"}} + + ' + headers: + Content-Type: + - application/json + status: + code: 200 + message: OK +- recorded_at: Thu, 11 Jan 2024 10:06:23 GMT + request: + body: null + headers: + Accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/5sx-nhj-htc + response: + body: + encoding: UTF-8 + string: '' + headers: + Content-Type: + - text/html; charset=utf-8 + status: + code: 204 + message: No Content +recorded_with: VCR 6.0.0 diff --git a/cassettes/features/v2/security_monitoring/Delete-a-suppression-rule-returns-OK-response.frozen b/cassettes/features/v2/security_monitoring/Delete-a-suppression-rule-returns-OK-response.frozen new file mode 100644 index 000000000000..b989f5be0b47 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Delete-a-suppression-rule-returns-OK-response.frozen @@ -0,0 +1 @@ +2024-01-11T10:06:25.411Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Delete-a-suppression-rule-returns-OK-response.yml b/cassettes/features/v2/security_monitoring/Delete-a-suppression-rule-returns-OK-response.yml new file mode 100644 index 000000000000..fe5a78cffe99 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Delete-a-suppression-rule-returns-OK-response.yml @@ -0,0 +1,64 @@ +http_interactions: +- recorded_at: Thu, 11 Jan 2024 10:06:25 GMT + request: + body: + encoding: UTF-8 + string: '{"data":{"attributes":{"description":"Test-Delete_a_suppression_rule_returns_OK_response-1704967585","enabled":true,"name":"Test-Delete_a_suppression_rule_returns_OK_response-1704967585","rule_query":"source:cloudtrail","suppression_query":"env:test"},"type":"suppressions"}}' + headers: + Accept: + - application/json + Content-Type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions + response: + body: + encoding: UTF-8 + string: '{"data":{"id":"kpz-5gs-wn9","attributes":{"name":"Test-Delete_a_suppression_rule_returns_OK_response-1704967585","enabled":true,"description":"Test-Delete_a_suppression_rule_returns_OK_response-1704967585","rule_query":"source:cloudtrail","suppression_query":"env:test","version":1,"creation_date":1704967585721,"update_date":1704967585721,"creator":{"name":null,"handle":"frog@datadoghq.com"},"updater":{"name":null,"handle":"frog@datadoghq.com"}},"type":"suppressions"}} + + ' + headers: + Content-Type: + - application/json + status: + code: 200 + message: OK +- recorded_at: Thu, 11 Jan 2024 10:06:25 GMT + request: + body: null + headers: + Accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/kpz-5gs-wn9 + response: + body: + encoding: UTF-8 + string: '' + headers: + Content-Type: + - text/html; charset=utf-8 + status: + code: 204 + message: No Content +- recorded_at: Thu, 11 Jan 2024 10:06:25 GMT + request: + body: null + headers: + Accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/kpz-5gs-wn9 + response: + body: + encoding: UTF-8 + string: '{"errors":["not_found(Suppression with ID kpz-5gs-wn9 not found)"]} + + ' + headers: + Content-Type: + - application/json + status: + code: 404 + message: Not Found +recorded_with: VCR 6.0.0 diff --git a/cassettes/features/v2/security_monitoring/Get-a-suppression-rule-returns-Not-Found-response.frozen b/cassettes/features/v2/security_monitoring/Get-a-suppression-rule-returns-Not-Found-response.frozen new file mode 100644 index 000000000000..5ef607bf2ec3 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Get-a-suppression-rule-returns-Not-Found-response.frozen @@ -0,0 +1 @@ +2024-01-11T10:06:31.565Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Get-a-suppression-rule-returns-Not-Found-response.yml b/cassettes/features/v2/security_monitoring/Get-a-suppression-rule-returns-Not-Found-response.yml new file mode 100644 index 000000000000..769743ae2031 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Get-a-suppression-rule-returns-Not-Found-response.yml @@ -0,0 +1,22 @@ +http_interactions: +- recorded_at: Thu, 11 Jan 2024 10:06:31 GMT + request: + body: null + headers: + Accept: + - application/json + method: GET + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/this-does-not-exist + response: + body: + encoding: UTF-8 + string: '{"errors":["Not found"]} + + ' + headers: + Content-Type: + - application/json + status: + code: 404 + message: Not Found +recorded_with: VCR 6.0.0 diff --git a/cassettes/features/v2/security_monitoring/Get-a-suppression-rule-returns-OK-response.frozen b/cassettes/features/v2/security_monitoring/Get-a-suppression-rule-returns-OK-response.frozen new file mode 100644 index 000000000000..513c48865103 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Get-a-suppression-rule-returns-OK-response.frozen @@ -0,0 +1 @@ +2024-01-11T10:06:31.876Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Get-a-suppression-rule-returns-OK-response.yml b/cassettes/features/v2/security_monitoring/Get-a-suppression-rule-returns-OK-response.yml new file mode 100644 index 000000000000..4181bc6c2fa2 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Get-a-suppression-rule-returns-OK-response.yml @@ -0,0 +1,64 @@ +http_interactions: +- recorded_at: Thu, 11 Jan 2024 10:06:31 GMT + request: + body: + encoding: UTF-8 + string: '{"data":{"attributes":{"description":"Test-Get_a_suppression_rule_returns_OK_response-1704967591","enabled":true,"name":"Test-Get_a_suppression_rule_returns_OK_response-1704967591","rule_query":"source:cloudtrail","suppression_query":"env:test"},"type":"suppressions"}}' + headers: + Accept: + - application/json + Content-Type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions + response: + body: + encoding: UTF-8 + string: '{"data":{"id":"vac-d9u-mmr","attributes":{"name":"Test-Get_a_suppression_rule_returns_OK_response-1704967591","enabled":true,"description":"Test-Get_a_suppression_rule_returns_OK_response-1704967591","rule_query":"source:cloudtrail","suppression_query":"env:test","version":1,"creation_date":1704967592204,"update_date":1704967592204,"creator":{"name":null,"handle":"frog@datadoghq.com"},"updater":{"name":null,"handle":"frog@datadoghq.com"}},"type":"suppressions"}} + + ' + headers: + Content-Type: + - application/json + status: + code: 200 + message: OK +- recorded_at: Thu, 11 Jan 2024 10:06:31 GMT + request: + body: null + headers: + Accept: + - application/json + method: GET + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/vac-d9u-mmr + response: + body: + encoding: UTF-8 + string: '{"data":{"id":"vac-d9u-mmr","attributes":{"name":"Test-Get_a_suppression_rule_returns_OK_response-1704967591","enabled":true,"description":"Test-Get_a_suppression_rule_returns_OK_response-1704967591","rule_query":"source:cloudtrail","suppression_query":"env:test","version":1,"creation_date":1704967592204,"update_date":1704967592204,"creator":{"name":null,"handle":"frog@datadoghq.com"},"updater":{"name":null,"handle":"frog@datadoghq.com"}},"type":"suppressions"}} + + ' + headers: + Content-Type: + - application/json + status: + code: 200 + message: OK +- recorded_at: Thu, 11 Jan 2024 10:06:31 GMT + request: + body: null + headers: + Accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/vac-d9u-mmr + response: + body: + encoding: UTF-8 + string: '' + headers: + Content-Type: + - text/html; charset=utf-8 + status: + code: 204 + message: No Content +recorded_with: VCR 6.0.0 diff --git a/cassettes/features/v2/security_monitoring/Update-a-suppression-rule-returns-OK-response.frozen b/cassettes/features/v2/security_monitoring/Update-a-suppression-rule-returns-OK-response.frozen new file mode 100644 index 000000000000..1fae5f63e7c6 --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Update-a-suppression-rule-returns-OK-response.frozen @@ -0,0 +1 @@ +2024-01-11T10:06:37.000Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Update-a-suppression-rule-returns-OK-response.yml b/cassettes/features/v2/security_monitoring/Update-a-suppression-rule-returns-OK-response.yml new file mode 100644 index 000000000000..219fc2f5ccce --- /dev/null +++ b/cassettes/features/v2/security_monitoring/Update-a-suppression-rule-returns-OK-response.yml @@ -0,0 +1,69 @@ +http_interactions: +- recorded_at: Thu, 11 Jan 2024 10:06:37 GMT + request: + body: + encoding: UTF-8 + string: '{"data":{"attributes":{"description":"Test-Update_a_suppression_rule_returns_OK_response-1704967597","enabled":true,"name":"Test-Update_a_suppression_rule_returns_OK_response-1704967597","rule_query":"source:cloudtrail","suppression_query":"env:test"},"type":"suppressions"}}' + headers: + Accept: + - application/json + Content-Type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions + response: + body: + encoding: UTF-8 + string: '{"data":{"id":"xhe-kbx-qym","attributes":{"name":"Test-Update_a_suppression_rule_returns_OK_response-1704967597","enabled":true,"description":"Test-Update_a_suppression_rule_returns_OK_response-1704967597","rule_query":"source:cloudtrail","suppression_query":"env:test","version":1,"creation_date":1704967597310,"update_date":1704967597310,"creator":{"name":null,"handle":"frog@datadoghq.com"},"updater":{"name":null,"handle":"frog@datadoghq.com"}},"type":"suppressions"}} + + ' + headers: + Content-Type: + - application/json + status: + code: 200 + message: OK +- recorded_at: Thu, 11 Jan 2024 10:06:37 GMT + request: + body: + encoding: UTF-8 + string: '{"data":{"attributes":{"suppression_query":"env:staging status:low"},"type":"suppressions"}}' + headers: + Accept: + - application/json + Content-Type: + - application/json + method: PATCH + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/xhe-kbx-qym + response: + body: + encoding: UTF-8 + string: '{"data":{"id":"xhe-kbx-qym","attributes":{"name":"Test-Update_a_suppression_rule_returns_OK_response-1704967597","enabled":true,"description":"Test-Update_a_suppression_rule_returns_OK_response-1704967597","rule_query":"source:cloudtrail","suppression_query":"env:staging + status:low","version":2,"creation_date":1704967597310,"update_date":1704967597660,"creator":{"name":null,"handle":"frog@datadoghq.com"},"updater":{"name":null,"handle":"frog@datadoghq.com"}},"type":"suppressions"}} + + ' + headers: + Content-Type: + - application/json + status: + code: 200 + message: OK +- recorded_at: Thu, 11 Jan 2024 10:06:37 GMT + request: + body: null + headers: + Accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/xhe-kbx-qym + response: + body: + encoding: UTF-8 + string: '' + headers: + Content-Type: + - text/html; charset=utf-8 + status: + code: 204 + message: No Content +recorded_with: VCR 6.0.0 diff --git a/examples/v2/security-monitoring/CreateSecurityMonitoringSuppression.rb b/examples/v2/security-monitoring/CreateSecurityMonitoringSuppression.rb new file mode 100644 index 000000000000..0b885fc80038 --- /dev/null +++ b/examples/v2/security-monitoring/CreateSecurityMonitoringSuppression.rb @@ -0,0 +1,19 @@ +# Create a suppression rule returns "OK" response + +require "datadog_api_client" +api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new + +body = DatadogAPIClient::V2::SecurityMonitoringSuppressionCreateRequest.new({ + data: DatadogAPIClient::V2::SecurityMonitoringSuppressionCreateData.new({ + attributes: DatadogAPIClient::V2::SecurityMonitoringSuppressionCreateAttributes.new({ + description: "This rule suppresses low-severity signals in staging environments.", + enabled: true, + expiration_date: 1703187336000, + name: "Example-Security-Monitoring", + rule_query: "type:log_detection source:cloudtrail", + suppression_query: "env:staging status:low", + }), + type: DatadogAPIClient::V2::SecurityMonitoringSuppressionType::SUPPRESSIONS, + }), +}) +p api_instance.create_security_monitoring_suppression(body) diff --git a/examples/v2/security-monitoring/DeleteSecurityMonitoringSuppression.rb b/examples/v2/security-monitoring/DeleteSecurityMonitoringSuppression.rb new file mode 100644 index 000000000000..0e345d0569f4 --- /dev/null +++ b/examples/v2/security-monitoring/DeleteSecurityMonitoringSuppression.rb @@ -0,0 +1,8 @@ +# Delete a suppression rule returns "OK" response + +require "datadog_api_client" +api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new + +# there is a valid "suppression" in the system +SUPPRESSION_DATA_ID = ENV["SUPPRESSION_DATA_ID"] +api_instance.delete_security_monitoring_suppression(SUPPRESSION_DATA_ID) diff --git a/examples/v2/security-monitoring/GetSecurityMonitoringSuppression.rb b/examples/v2/security-monitoring/GetSecurityMonitoringSuppression.rb new file mode 100644 index 000000000000..2b927721cec1 --- /dev/null +++ b/examples/v2/security-monitoring/GetSecurityMonitoringSuppression.rb @@ -0,0 +1,8 @@ +# Get a suppression rule returns "OK" response + +require "datadog_api_client" +api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new + +# there is a valid "suppression" in the system +SUPPRESSION_DATA_ID = ENV["SUPPRESSION_DATA_ID"] +p api_instance.get_security_monitoring_suppression(SUPPRESSION_DATA_ID) diff --git a/examples/v2/security-monitoring/ListSecurityMonitoringSuppressions.rb b/examples/v2/security-monitoring/ListSecurityMonitoringSuppressions.rb new file mode 100644 index 000000000000..f990a2e09632 --- /dev/null +++ b/examples/v2/security-monitoring/ListSecurityMonitoringSuppressions.rb @@ -0,0 +1,5 @@ +# Get all suppression rules returns "OK" response + +require "datadog_api_client" +api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new +p api_instance.list_security_monitoring_suppressions() diff --git a/examples/v2/security-monitoring/UpdateSecurityMonitoringSuppression.rb b/examples/v2/security-monitoring/UpdateSecurityMonitoringSuppression.rb new file mode 100644 index 000000000000..6cde65d6c509 --- /dev/null +++ b/examples/v2/security-monitoring/UpdateSecurityMonitoringSuppression.rb @@ -0,0 +1,17 @@ +# Update a suppression rule returns "OK" response + +require "datadog_api_client" +api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new + +# there is a valid "suppression" in the system +SUPPRESSION_DATA_ID = ENV["SUPPRESSION_DATA_ID"] + +body = DatadogAPIClient::V2::SecurityMonitoringSuppressionUpdateRequest.new({ + data: DatadogAPIClient::V2::SecurityMonitoringSuppressionUpdateData.new({ + attributes: DatadogAPIClient::V2::SecurityMonitoringSuppressionUpdateAttributes.new({ + suppression_query: "env:staging status:low", + }), + type: DatadogAPIClient::V2::SecurityMonitoringSuppressionType::SUPPRESSIONS, + }), +}) +p api_instance.update_security_monitoring_suppression(SUPPRESSION_DATA_ID, body) diff --git a/features/scenarios_model_mapping.rb b/features/scenarios_model_mapping.rb index 4c5a289d8bb0..d1102ddab277 100644 --- a/features/scenarios_model_mapping.rb +++ b/features/scenarios_model_mapping.rb @@ -1539,6 +1539,19 @@ "security_filter_id" => "String", "body" => "SecurityFilterUpdateRequest", }, + "v2.CreateSecurityMonitoringSuppression" => { + "body" => "SecurityMonitoringSuppressionCreateRequest", + }, + "v2.DeleteSecurityMonitoringSuppression" => { + "suppression_id" => "String", + }, + "v2.GetSecurityMonitoringSuppression" => { + "suppression_id" => "String", + }, + "v2.UpdateSecurityMonitoringSuppression" => { + "suppression_id" => "String", + "body" => "SecurityMonitoringSuppressionUpdateRequest", + }, "v2.ListSecurityMonitoringRules" => { "page_size" => "Integer", "page_number" => "Integer", diff --git a/features/v2/given.json b/features/v2/given.json index 19f0c37eec6a..5baa4e01925f 100644 --- a/features/v2/given.json +++ b/features/v2/given.json @@ -422,6 +422,18 @@ "tag": "Security Monitoring", "operationId": "CreateSecurityFilter" }, + { + "parameters": [ + { + "name": "body", + "value": "{\n \"data\": {\n \"type\": \"suppressions\",\n \"attributes\": {\n \"enabled\": true,\n \"name\": \"{{ unique }}\",\n \"description\": \"{{ unique }}\",\n \"rule_query\": \"source:cloudtrail\",\n \"suppression_query\": \"env:test\"\n }\n }\n}" + } + ], + "step": "there is a valid \"suppression\" in the system", + "key": "suppression", + "tag": "Security Monitoring", + "operationId": "CreateSecurityMonitoringSuppression" + }, { "parameters": [ { diff --git a/features/v2/security_monitoring.feature b/features/v2/security_monitoring.feature index 2ed8263d9dd9..73b1741d31ae 100644 --- a/features/v2/security_monitoring.feature +++ b/features/v2/security_monitoring.feature @@ -155,6 +155,30 @@ Feature: Security Monitoring And the response "data.attributes.exclusion_filters[0].name" is equal to "Exclude staging" And the response "data.attributes.exclusion_filters[0].query" is equal to "source:staging" + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: Create a suppression rule returns "Bad Request" response + Given new "CreateSecurityMonitoringSuppression" request + And body with value {"data": {"attributes": {"description": "This rule suppresses low-severity signals in staging environments.", "enabled": true, "expiration_date": 1703187336000, "name": "Custom suppression", "rule_query": "type:log_detection source:cloudtrail", "suppression_query": "env:staging status:low"}, "type": "suppressions"}} + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: Create a suppression rule returns "Conflict" response + Given new "CreateSecurityMonitoringSuppression" request + And body with value {"data": {"attributes": {"description": "This rule suppresses low-severity signals in staging environments.", "enabled": true, "expiration_date": 1703187336000, "name": "Custom suppression", "rule_query": "type:log_detection source:cloudtrail", "suppression_query": "env:staging status:low"}, "type": "suppressions"}} + When the request is sent + Then the response status is 409 Conflict + + @team:DataDog/k9-cloud-security-platform + Scenario: Create a suppression rule returns "OK" response + Given new "CreateSecurityMonitoringSuppression" request + And body with value {"data": {"attributes": {"description": "This rule suppresses low-severity signals in staging environments.", "enabled": true, "expiration_date": 1703187336000, "name": "{{ unique }}", "rule_query": "type:log_detection source:cloudtrail", "suppression_query": "env:staging status:low"}, "type": "suppressions"}} + When the request is sent + Then the response status is 200 OK + And the response "data.type" is equal to "suppressions" + And the response "data.attributes.enabled" is equal to true + And the response "data.attributes.rule_query" is equal to "type:log_detection source:cloudtrail" + @skip @team:DataDog/k9-cloud-security-platform Scenario: Delete a non existing rule returns "Not Found" response Given new "DeleteSecurityMonitoringRule" request @@ -184,6 +208,21 @@ Feature: Security Monitoring When the request is sent Then the response status is 204 OK + @skip @team:DataDog/k9-cloud-security-platform + Scenario: Delete a suppression rule returns "Not Found" response + Given new "DeleteSecurityMonitoringSuppression" request + And request contains "suppression_id" parameter with value "does-not-exist" + When the request is sent + Then the response status is 404 Not Found + + @team:DataDog/k9-cloud-security-platform + Scenario: Delete a suppression rule returns "OK" response + Given there is a valid "suppression" in the system + And new "DeleteSecurityMonitoringSuppression" request + And request contains "suppression_id" parameter from "suppression.data.id" + When the request is sent + Then the response status is 204 OK + @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Delete an existing rule returns "Not Found" response Given new "DeleteSecurityMonitoringRule" request @@ -327,6 +366,23 @@ Feature: Security Monitoring When the request is sent Then the response status is 200 OK + @team:DataDog/k9-cloud-security-platform + Scenario: Get a suppression rule returns "Not Found" response + Given new "GetSecurityMonitoringSuppression" request + And request contains "suppression_id" parameter with value "this-does-not-exist" + When the request is sent + Then the response status is 404 Not Found + + @team:DataDog/k9-cloud-security-platform + Scenario: Get a suppression rule returns "OK" response + Given new "GetSecurityMonitoringSuppression" request + And there is a valid "suppression" in the system + And request contains "suppression_id" parameter from "suppression.data.id" + When the request is sent + Then the response status is 200 OK + And the response "data.attributes.rule_query" has the same value as "suppression.data.attributes.rule_query" + And the response "data.attributes.suppression_query" is equal to "env:test" + @team:DataDog/k9-cloud-security-platform Scenario: Get all security filters returns "OK" response Given new "ListSecurityFilters" request @@ -335,6 +391,12 @@ Feature: Security Monitoring And the response "data" has item with field "attributes.filtered_data_type" with value "logs" And the response "data" has item with field "attributes.is_builtin" with value true + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: Get all suppression rules returns "OK" response + Given new "ListSecurityMonitoringSuppressions" request + When the request is sent + Then the response status is 200 OK + @generated @skip @team:DataDog/cloud-security-posture-management Scenario: List findings returns "Bad Request: The server cannot process the request due to invalid syntax in the request." response Given operation "ListFindings" enabled @@ -479,6 +541,42 @@ Feature: Security Monitoring And the response "data.attributes.filtered_data_type" is equal to "logs" And the response "data.attributes.name" is equal to "{{ unique }}" + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: Update a suppression rule returns "Bad Request" response + Given new "UpdateSecurityMonitoringSuppression" request + And request contains "suppression_id" parameter from "REPLACE.ME" + And body with value {"data": {"attributes": {"description": "This rule suppresses low-severity signals in staging environments.", "enabled": true, "expiration_date": 1703187336000, "name": "Custom suppression", "rule_query": "type:log_detection source:cloudtrail", "suppression_query": "env:staging status:low"}, "type": "suppressions"}} + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: Update a suppression rule returns "Concurrent Modification" response + Given new "UpdateSecurityMonitoringSuppression" request + And request contains "suppression_id" parameter from "REPLACE.ME" + And body with value {"data": {"attributes": {"description": "This rule suppresses low-severity signals in staging environments.", "enabled": true, "expiration_date": 1703187336000, "name": "Custom suppression", "rule_query": "type:log_detection source:cloudtrail", "suppression_query": "env:staging status:low"}, "type": "suppressions"}} + When the request is sent + Then the response status is 409 Concurrent Modification + + @generated @skip @team:DataDog/k9-cloud-security-platform + Scenario: Update a suppression rule returns "Not Found" response + Given new "UpdateSecurityMonitoringSuppression" request + And request contains "suppression_id" parameter from "REPLACE.ME" + And body with value {"data": {"attributes": {"description": "This rule suppresses low-severity signals in staging environments.", "enabled": true, "expiration_date": 1703187336000, "name": "Custom suppression", "rule_query": "type:log_detection source:cloudtrail", "suppression_query": "env:staging status:low"}, "type": "suppressions"}} + When the request is sent + Then the response status is 404 Not Found + + @team:DataDog/k9-cloud-security-platform + Scenario: Update a suppression rule returns "OK" response + Given new "UpdateSecurityMonitoringSuppression" request + And there is a valid "suppression" in the system + And request contains "suppression_id" parameter from "suppression.data.id" + And body with value {"data": {"attributes": {"suppression_query": "env:staging status:low"}, "type": "suppressions"}} + When the request is sent + Then the response status is 200 OK + And the response "data.type" is equal to "suppressions" + And the response "data.attributes.suppression_query" is equal to "env:staging status:low" + And the response "data.attributes.version" is equal to 2 + @skip-validation @team:DataDog/k9-cloud-security-platform Scenario: Update an existing rule returns "Bad Request" response Given new "UpdateSecurityMonitoringRule" request diff --git a/features/v2/undo.json b/features/v2/undo.json index d4ee6f5c891e..ecf9568a3317 100644 --- a/features/v2/undo.json +++ b/features/v2/undo.json @@ -1493,6 +1493,43 @@ "type": "idempotent" } }, + "ListSecurityMonitoringSuppressions": { + "tag": "Security Monitoring", + "undo": { + "type": "safe" + } + }, + "CreateSecurityMonitoringSuppression": { + "tag": "Security Monitoring", + "undo": { + "operationId": "DeleteSecurityMonitoringSuppression", + "parameters": [ + { + "name": "suppression_id", + "source": "data.id" + } + ], + "type": "unsafe" + } + }, + "DeleteSecurityMonitoringSuppression": { + "tag": "Security Monitoring", + "undo": { + "type": "idempotent" + } + }, + "GetSecurityMonitoringSuppression": { + "tag": "Security Monitoring", + "undo": { + "type": "safe" + } + }, + "UpdateSecurityMonitoringSuppression": { + "tag": "Security Monitoring", + "undo": { + "type": "idempotent" + } + }, "ListSecurityMonitoringRules": { "tag": "Security Monitoring", "undo": { diff --git a/lib/datadog_api_client/inflector.rb b/lib/datadog_api_client/inflector.rb index 9a4f218e1cf2..b9b909a057a4 100644 --- a/lib/datadog_api_client/inflector.rb +++ b/lib/datadog_api_client/inflector.rb @@ -1880,10 +1880,22 @@ def overrides "v2.security_monitoring_standard_rule_create_payload" => "SecurityMonitoringStandardRuleCreatePayload", "v2.security_monitoring_standard_rule_query" => "SecurityMonitoringStandardRuleQuery", "v2.security_monitoring_standard_rule_response" => "SecurityMonitoringStandardRuleResponse", + "v2.security_monitoring_suppression" => "SecurityMonitoringSuppression", + "v2.security_monitoring_suppression_attributes" => "SecurityMonitoringSuppressionAttributes", + "v2.security_monitoring_suppression_create_attributes" => "SecurityMonitoringSuppressionCreateAttributes", + "v2.security_monitoring_suppression_create_data" => "SecurityMonitoringSuppressionCreateData", + "v2.security_monitoring_suppression_create_request" => "SecurityMonitoringSuppressionCreateRequest", + "v2.security_monitoring_suppression_response" => "SecurityMonitoringSuppressionResponse", + "v2.security_monitoring_suppressions_response" => "SecurityMonitoringSuppressionsResponse", + "v2.security_monitoring_suppression_type" => "SecurityMonitoringSuppressionType", + "v2.security_monitoring_suppression_update_attributes" => "SecurityMonitoringSuppressionUpdateAttributes", + "v2.security_monitoring_suppression_update_data" => "SecurityMonitoringSuppressionUpdateData", + "v2.security_monitoring_suppression_update_request" => "SecurityMonitoringSuppressionUpdateRequest", "v2.security_monitoring_third_party_root_query" => "SecurityMonitoringThirdPartyRootQuery", "v2.security_monitoring_third_party_rule_case" => "SecurityMonitoringThirdPartyRuleCase", "v2.security_monitoring_third_party_rule_case_create" => "SecurityMonitoringThirdPartyRuleCaseCreate", "v2.security_monitoring_triage_user" => "SecurityMonitoringTriageUser", + "v2.security_monitoring_user" => "SecurityMonitoringUser", "v2.sensitive_data_scanner_config_request" => "SensitiveDataScannerConfigRequest", "v2.sensitive_data_scanner_configuration" => "SensitiveDataScannerConfiguration", "v2.sensitive_data_scanner_configuration_data" => "SensitiveDataScannerConfigurationData", diff --git a/lib/datadog_api_client/v2/api/security_monitoring_api.rb b/lib/datadog_api_client/v2/api/security_monitoring_api.rb index eda2983753ce..6dc94e9bc799 100644 --- a/lib/datadog_api_client/v2/api/security_monitoring_api.rb +++ b/lib/datadog_api_client/v2/api/security_monitoring_api.rb @@ -160,6 +160,73 @@ def create_security_monitoring_rule_with_http_info(body, opts = {}) return data, status_code, headers end + # Create a suppression rule. + # + # @see #create_security_monitoring_suppression_with_http_info + def create_security_monitoring_suppression(body, opts = {}) + data, _status_code, _headers = create_security_monitoring_suppression_with_http_info(body, opts) + data + end + + # Create a suppression rule. + # + # Create a new suppression rule. + # + # @param body [SecurityMonitoringSuppressionCreateRequest] The definition of the new suppression rule. + # @param opts [Hash] the optional parameters + # @return [Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>] SecurityMonitoringSuppressionResponse data, response status code and response headers + def create_security_monitoring_suppression_with_http_info(body, opts = {}) + + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.create_security_monitoring_suppression ...' + end + # verify the required parameter 'body' is set + if @api_client.config.client_side_validation && body.nil? + fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.create_security_monitoring_suppression" + end + # resource path + local_var_path = '/api/v2/security_monitoring/configuration/suppressions' + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:debug_body] || @api_client.object_to_http_body(body) + + # return_type + return_type = opts[:debug_return_type] || 'SecurityMonitoringSuppressionResponse' + + # auth_names + auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ] + + new_options = opts.merge( + :operation => :create_security_monitoring_suppression, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type, + :api_version => "V2" + ) + + data, status_code, headers = @api_client.call_api(Net::HTTP::Post, local_var_path, new_options) + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SecurityMonitoringAPI#create_security_monitoring_suppression\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Delete a security filter. # # @see #delete_security_filter_with_http_info @@ -290,6 +357,71 @@ def delete_security_monitoring_rule_with_http_info(rule_id, opts = {}) return data, status_code, headers end + # Delete a suppression rule. + # + # @see #delete_security_monitoring_suppression_with_http_info + def delete_security_monitoring_suppression(suppression_id, opts = {}) + delete_security_monitoring_suppression_with_http_info(suppression_id, opts) + nil + end + + # Delete a suppression rule. + # + # Delete a specific suppression rule. + # + # @param suppression_id [String] The ID of the suppression rule + # @param opts [Hash] the optional parameters + # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers + def delete_security_monitoring_suppression_with_http_info(suppression_id, opts = {}) + + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.delete_security_monitoring_suppression ...' + end + # verify the required parameter 'suppression_id' is set + if @api_client.config.client_side_validation && suppression_id.nil? + fail ArgumentError, "Missing the required parameter 'suppression_id' when calling SecurityMonitoringAPI.delete_security_monitoring_suppression" + end + # resource path + local_var_path = '/api/v2/security_monitoring/configuration/suppressions/{suppression_id}'.sub('{suppression_id}', CGI.escape(suppression_id.to_s).gsub('%2F', '/')) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['*/*']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:debug_body] + + # return_type + return_type = opts[:debug_return_type] + + # auth_names + auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ] + + new_options = opts.merge( + :operation => :delete_security_monitoring_suppression, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type, + :api_version => "V2" + ) + + data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options) + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SecurityMonitoringAPI#delete_security_monitoring_suppression\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Modify the triage assignee of a security signal. # # @see #edit_security_monitoring_signal_assignee_with_http_info @@ -780,6 +912,71 @@ def get_security_monitoring_signal_with_http_info(signal_id, opts = {}) return data, status_code, headers end + # Get a suppression rule. + # + # @see #get_security_monitoring_suppression_with_http_info + def get_security_monitoring_suppression(suppression_id, opts = {}) + data, _status_code, _headers = get_security_monitoring_suppression_with_http_info(suppression_id, opts) + data + end + + # Get a suppression rule. + # + # Get the details of a specific suppression rule. + # + # @param suppression_id [String] The ID of the suppression rule + # @param opts [Hash] the optional parameters + # @return [Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>] SecurityMonitoringSuppressionResponse data, response status code and response headers + def get_security_monitoring_suppression_with_http_info(suppression_id, opts = {}) + + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.get_security_monitoring_suppression ...' + end + # verify the required parameter 'suppression_id' is set + if @api_client.config.client_side_validation && suppression_id.nil? + fail ArgumentError, "Missing the required parameter 'suppression_id' when calling SecurityMonitoringAPI.get_security_monitoring_suppression" + end + # resource path + local_var_path = '/api/v2/security_monitoring/configuration/suppressions/{suppression_id}'.sub('{suppression_id}', CGI.escape(suppression_id.to_s).gsub('%2F', '/')) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:debug_body] + + # return_type + return_type = opts[:debug_return_type] || 'SecurityMonitoringSuppressionResponse' + + # auth_names + auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ] + + new_options = opts.merge( + :operation => :get_security_monitoring_suppression, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type, + :api_version => "V2" + ) + + data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options) + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SecurityMonitoringAPI#get_security_monitoring_suppression\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # List findings. # # @see #list_findings_with_http_info @@ -1164,6 +1361,66 @@ def list_security_monitoring_signals_with_pagination(opts = {}) end end + # Get all suppression rules. + # + # @see #list_security_monitoring_suppressions_with_http_info + def list_security_monitoring_suppressions(opts = {}) + data, _status_code, _headers = list_security_monitoring_suppressions_with_http_info(opts) + data + end + + # Get all suppression rules. + # + # Get the list of all suppression rules. + # + # @param opts [Hash] the optional parameters + # @return [Array<(SecurityMonitoringSuppressionsResponse, Integer, Hash)>] SecurityMonitoringSuppressionsResponse data, response status code and response headers + def list_security_monitoring_suppressions_with_http_info(opts = {}) + + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.list_security_monitoring_suppressions ...' + end + # resource path + local_var_path = '/api/v2/security_monitoring/configuration/suppressions' + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:debug_body] + + # return_type + return_type = opts[:debug_return_type] || 'SecurityMonitoringSuppressionsResponse' + + # auth_names + auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ] + + new_options = opts.merge( + :operation => :list_security_monitoring_suppressions, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type, + :api_version => "V2" + ) + + data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options) + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SecurityMonitoringAPI#list_security_monitoring_suppressions\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end + # Mute or unmute a batch of findings. # # @see #mute_findings_with_http_info @@ -1469,5 +1726,77 @@ def update_security_monitoring_rule_with_http_info(rule_id, body, opts = {}) end return data, status_code, headers end + + # Update a suppression rule. + # + # @see #update_security_monitoring_suppression_with_http_info + def update_security_monitoring_suppression(suppression_id, body, opts = {}) + data, _status_code, _headers = update_security_monitoring_suppression_with_http_info(suppression_id, body, opts) + data + end + + # Update a suppression rule. + # + # Update a specific suppression rule. + # + # @param suppression_id [String] The ID of the suppression rule + # @param body [SecurityMonitoringSuppressionUpdateRequest] New definition of the suppression rule. Supports partial updates. + # @param opts [Hash] the optional parameters + # @return [Array<(SecurityMonitoringSuppressionResponse, Integer, Hash)>] SecurityMonitoringSuppressionResponse data, response status code and response headers + def update_security_monitoring_suppression_with_http_info(suppression_id, body, opts = {}) + + if @api_client.config.debugging + @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.update_security_monitoring_suppression ...' + end + # verify the required parameter 'suppression_id' is set + if @api_client.config.client_side_validation && suppression_id.nil? + fail ArgumentError, "Missing the required parameter 'suppression_id' when calling SecurityMonitoringAPI.update_security_monitoring_suppression" + end + # verify the required parameter 'body' is set + if @api_client.config.client_side_validation && body.nil? + fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.update_security_monitoring_suppression" + end + # resource path + local_var_path = '/api/v2/security_monitoring/configuration/suppressions/{suppression_id}'.sub('{suppression_id}', CGI.escape(suppression_id.to_s).gsub('%2F', '/')) + + # query parameters + query_params = opts[:query_params] || {} + + # header parameters + header_params = opts[:header_params] || {} + # HTTP header 'Accept' (if needed) + header_params['Accept'] = @api_client.select_header_accept(['application/json']) + # HTTP header 'Content-Type' + header_params['Content-Type'] = @api_client.select_header_content_type(['application/json']) + + # form parameters + form_params = opts[:form_params] || {} + + # http body (model) + post_body = opts[:debug_body] || @api_client.object_to_http_body(body) + + # return_type + return_type = opts[:debug_return_type] || 'SecurityMonitoringSuppressionResponse' + + # auth_names + auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ] + + new_options = opts.merge( + :operation => :update_security_monitoring_suppression, + :header_params => header_params, + :query_params => query_params, + :form_params => form_params, + :body => post_body, + :auth_names => auth_names, + :return_type => return_type, + :api_version => "V2" + ) + + data, status_code, headers = @api_client.call_api(Net::HTTP::Patch, local_var_path, new_options) + if @api_client.config.debugging + @api_client.config.logger.debug "API called: SecurityMonitoringAPI#update_security_monitoring_suppression\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}" + end + return data, status_code, headers + end end end diff --git a/lib/datadog_api_client/v2/models/security_monitoring_suppression.rb b/lib/datadog_api_client/v2/models/security_monitoring_suppression.rb new file mode 100644 index 000000000000..2dfb73328df7 --- /dev/null +++ b/lib/datadog_api_client/v2/models/security_monitoring_suppression.rb @@ -0,0 +1,100 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # The suppression rule's properties. + class SecurityMonitoringSuppression + include BaseGenericModel + + # The attributes of the suppression rule. + attr_accessor :attributes + + # The ID of the suppression rule. + attr_accessor :id + + # The type of the resource. The value should always be `suppressions`. + attr_accessor :type + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'attributes' => :'attributes', + :'id' => :'id', + :'type' => :'type' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'attributes' => :'SecurityMonitoringSuppressionAttributes', + :'id' => :'String', + :'type' => :'SecurityMonitoringSuppressionType' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::SecurityMonitoringSuppression` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `DatadogAPIClient::V2::SecurityMonitoringSuppression`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'attributes') + self.attributes = attributes[:'attributes'] + end + + if attributes.key?(:'id') + self.id = attributes[:'id'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + attributes == o.attributes && + id == o.id && + type == o.type + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [attributes, id, type].hash + end + end +end diff --git a/lib/datadog_api_client/v2/models/security_monitoring_suppression_attributes.rb b/lib/datadog_api_client/v2/models/security_monitoring_suppression_attributes.rb new file mode 100644 index 000000000000..0ae1c5e92b4b --- /dev/null +++ b/lib/datadog_api_client/v2/models/security_monitoring_suppression_attributes.rb @@ -0,0 +1,198 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # The attributes of the suppression rule. + class SecurityMonitoringSuppressionAttributes + include BaseGenericModel + + # A Unix millisecond timestamp given the creation date of the suppression rule. + attr_accessor :creation_date + + # A user. + attr_accessor :creator + + # A description for the suppression rule. + attr_accessor :description + + # Whether the suppression rule is enabled. + attr_accessor :enabled + + # A Unix millisecond timestamp giving an expiration date for the suppression rule. After this date, it won't suppress signals anymore. + attr_accessor :expiration_date + + # The name of the suppression rule. + attr_accessor :name + + # The rule query of the suppression rule, with the same syntax as the search bar for detection rules. + attr_accessor :rule_query + + # The suppression query of the suppression rule. If a signal matches this query, it is suppressed and not triggered. Same syntax as the queries to search signals in the signal explorer. + attr_accessor :suppression_query + + # A Unix millisecond timestamp given the update date of the suppression rule. + attr_accessor :update_date + + # A user. + attr_accessor :updater + + # The version of the suppression rule; it starts at 1, and is incremented at each update. + attr_reader :version + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'creation_date' => :'creation_date', + :'creator' => :'creator', + :'description' => :'description', + :'enabled' => :'enabled', + :'expiration_date' => :'expiration_date', + :'name' => :'name', + :'rule_query' => :'rule_query', + :'suppression_query' => :'suppression_query', + :'update_date' => :'update_date', + :'updater' => :'updater', + :'version' => :'version' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'creation_date' => :'Integer', + :'creator' => :'SecurityMonitoringUser', + :'description' => :'String', + :'enabled' => :'Boolean', + :'expiration_date' => :'Integer', + :'name' => :'String', + :'rule_query' => :'String', + :'suppression_query' => :'String', + :'update_date' => :'Integer', + :'updater' => :'SecurityMonitoringUser', + :'version' => :'Integer' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::SecurityMonitoringSuppressionAttributes` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `DatadogAPIClient::V2::SecurityMonitoringSuppressionAttributes`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'creation_date') + self.creation_date = attributes[:'creation_date'] + end + + if attributes.key?(:'creator') + self.creator = attributes[:'creator'] + end + + if attributes.key?(:'description') + self.description = attributes[:'description'] + end + + if attributes.key?(:'enabled') + self.enabled = attributes[:'enabled'] + end + + if attributes.key?(:'expiration_date') + self.expiration_date = attributes[:'expiration_date'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'rule_query') + self.rule_query = attributes[:'rule_query'] + end + + if attributes.key?(:'suppression_query') + self.suppression_query = attributes[:'suppression_query'] + end + + if attributes.key?(:'update_date') + self.update_date = attributes[:'update_date'] + end + + if attributes.key?(:'updater') + self.updater = attributes[:'updater'] + end + + if attributes.key?(:'version') + self.version = attributes[:'version'] + end + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + # @!visibility private + def valid? + return false if !@version.nil? && @version > 2147483647 + true + end + + # Custom attribute writer method with validation + # @param version [Object] Object to be assigned + # @!visibility private + def version=(version) + if !version.nil? && version > 2147483647 + fail ArgumentError, 'invalid value for "version", must be smaller than or equal to 2147483647.' + end + @version = version + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + creation_date == o.creation_date && + creator == o.creator && + description == o.description && + enabled == o.enabled && + expiration_date == o.expiration_date && + name == o.name && + rule_query == o.rule_query && + suppression_query == o.suppression_query && + update_date == o.update_date && + updater == o.updater && + version == o.version + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [creation_date, creator, description, enabled, expiration_date, name, rule_query, suppression_query, update_date, updater, version].hash + end + end +end diff --git a/lib/datadog_api_client/v2/models/security_monitoring_suppression_create_attributes.rb b/lib/datadog_api_client/v2/models/security_monitoring_suppression_create_attributes.rb new file mode 100644 index 000000000000..9c468e79f27b --- /dev/null +++ b/lib/datadog_api_client/v2/models/security_monitoring_suppression_create_attributes.rb @@ -0,0 +1,181 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # Object containing the attributes of the suppression rule to be created. + class SecurityMonitoringSuppressionCreateAttributes + include BaseGenericModel + + # A description for the suppression rule. + attr_accessor :description + + # Whether the suppression rule is enabled. + attr_reader :enabled + + # A Unix millisecond timestamp giving an expiration date for the suppression rule. After this date, it won't suppress signals anymore. + attr_accessor :expiration_date + + # The name of the suppression rule. + attr_reader :name + + # The rule query of the suppression rule, with the same syntax as the search bar for detection rules. + attr_reader :rule_query + + # The suppression query of the suppression rule. If a signal matches this query, it is suppressed and is not triggered . Same syntax as the queries to search signals in the signal explorer. + attr_reader :suppression_query + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'description' => :'description', + :'enabled' => :'enabled', + :'expiration_date' => :'expiration_date', + :'name' => :'name', + :'rule_query' => :'rule_query', + :'suppression_query' => :'suppression_query' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'description' => :'String', + :'enabled' => :'Boolean', + :'expiration_date' => :'Integer', + :'name' => :'String', + :'rule_query' => :'String', + :'suppression_query' => :'String' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::SecurityMonitoringSuppressionCreateAttributes` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `DatadogAPIClient::V2::SecurityMonitoringSuppressionCreateAttributes`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'description') + self.description = attributes[:'description'] + end + + if attributes.key?(:'enabled') + self.enabled = attributes[:'enabled'] + end + + if attributes.key?(:'expiration_date') + self.expiration_date = attributes[:'expiration_date'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'rule_query') + self.rule_query = attributes[:'rule_query'] + end + + if attributes.key?(:'suppression_query') + self.suppression_query = attributes[:'suppression_query'] + end + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + # @!visibility private + def valid? + return false if @enabled.nil? + return false if @name.nil? + return false if @rule_query.nil? + return false if @suppression_query.nil? + true + end + + # Custom attribute writer method with validation + # @param enabled [Object] Object to be assigned + # @!visibility private + def enabled=(enabled) + if enabled.nil? + fail ArgumentError, 'invalid value for "enabled", enabled cannot be nil.' + end + @enabled = enabled + end + + # Custom attribute writer method with validation + # @param name [Object] Object to be assigned + # @!visibility private + def name=(name) + if name.nil? + fail ArgumentError, 'invalid value for "name", name cannot be nil.' + end + @name = name + end + + # Custom attribute writer method with validation + # @param rule_query [Object] Object to be assigned + # @!visibility private + def rule_query=(rule_query) + if rule_query.nil? + fail ArgumentError, 'invalid value for "rule_query", rule_query cannot be nil.' + end + @rule_query = rule_query + end + + # Custom attribute writer method with validation + # @param suppression_query [Object] Object to be assigned + # @!visibility private + def suppression_query=(suppression_query) + if suppression_query.nil? + fail ArgumentError, 'invalid value for "suppression_query", suppression_query cannot be nil.' + end + @suppression_query = suppression_query + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + description == o.description && + enabled == o.enabled && + expiration_date == o.expiration_date && + name == o.name && + rule_query == o.rule_query && + suppression_query == o.suppression_query + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [description, enabled, expiration_date, name, rule_query, suppression_query].hash + end + end +end diff --git a/lib/datadog_api_client/v2/models/security_monitoring_suppression_create_data.rb b/lib/datadog_api_client/v2/models/security_monitoring_suppression_create_data.rb new file mode 100644 index 000000000000..2f2c8ded5c2b --- /dev/null +++ b/lib/datadog_api_client/v2/models/security_monitoring_suppression_create_data.rb @@ -0,0 +1,119 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # Object for a single suppression rule. + class SecurityMonitoringSuppressionCreateData + include BaseGenericModel + + # Object containing the attributes of the suppression rule to be created. + attr_reader :attributes + + # The type of the resource. The value should always be `suppressions`. + attr_reader :type + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'attributes' => :'attributes', + :'type' => :'type' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'attributes' => :'SecurityMonitoringSuppressionCreateAttributes', + :'type' => :'SecurityMonitoringSuppressionType' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::SecurityMonitoringSuppressionCreateData` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `DatadogAPIClient::V2::SecurityMonitoringSuppressionCreateData`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'attributes') + self.attributes = attributes[:'attributes'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + # @!visibility private + def valid? + return false if @attributes.nil? + return false if @type.nil? + true + end + + # Custom attribute writer method with validation + # @param attributes [Object] Object to be assigned + # @!visibility private + def attributes=(attributes) + if attributes.nil? + fail ArgumentError, 'invalid value for "attributes", attributes cannot be nil.' + end + @attributes = attributes + end + + # Custom attribute writer method with validation + # @param type [Object] Object to be assigned + # @!visibility private + def type=(type) + if type.nil? + fail ArgumentError, 'invalid value for "type", type cannot be nil.' + end + @type = type + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + attributes == o.attributes && + type == o.type + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [attributes, type].hash + end + end +end diff --git a/lib/datadog_api_client/v2/models/security_monitoring_suppression_create_request.rb b/lib/datadog_api_client/v2/models/security_monitoring_suppression_create_request.rb new file mode 100644 index 000000000000..0abd250c88ef --- /dev/null +++ b/lib/datadog_api_client/v2/models/security_monitoring_suppression_create_request.rb @@ -0,0 +1,98 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # Request object that includes the suppression rule that you would like to create. + class SecurityMonitoringSuppressionCreateRequest + include BaseGenericModel + + # Object for a single suppression rule. + attr_reader :data + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'data' => :'data' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'data' => :'SecurityMonitoringSuppressionCreateData' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::SecurityMonitoringSuppressionCreateRequest` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `DatadogAPIClient::V2::SecurityMonitoringSuppressionCreateRequest`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'data') + self.data = attributes[:'data'] + end + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + # @!visibility private + def valid? + return false if @data.nil? + true + end + + # Custom attribute writer method with validation + # @param data [Object] Object to be assigned + # @!visibility private + def data=(data) + if data.nil? + fail ArgumentError, 'invalid value for "data", data cannot be nil.' + end + @data = data + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + data == o.data + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [data].hash + end + end +end diff --git a/lib/datadog_api_client/v2/models/security_monitoring_suppression_response.rb b/lib/datadog_api_client/v2/models/security_monitoring_suppression_response.rb new file mode 100644 index 000000000000..f43709e35457 --- /dev/null +++ b/lib/datadog_api_client/v2/models/security_monitoring_suppression_response.rb @@ -0,0 +1,80 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # Response object containing a single suppression rule. + class SecurityMonitoringSuppressionResponse + include BaseGenericModel + + # The suppression rule's properties. + attr_accessor :data + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'data' => :'data' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'data' => :'SecurityMonitoringSuppression' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::SecurityMonitoringSuppressionResponse` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `DatadogAPIClient::V2::SecurityMonitoringSuppressionResponse`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'data') + self.data = attributes[:'data'] + end + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + data == o.data + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [data].hash + end + end +end diff --git a/lib/datadog_api_client/v2/models/security_monitoring_suppression_type.rb b/lib/datadog_api_client/v2/models/security_monitoring_suppression_type.rb new file mode 100644 index 000000000000..874873011ab5 --- /dev/null +++ b/lib/datadog_api_client/v2/models/security_monitoring_suppression_type.rb @@ -0,0 +1,26 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # The type of the resource. The value should always be `suppressions`. + class SecurityMonitoringSuppressionType + include BaseEnumModel + + SUPPRESSIONS = "suppressions".freeze + end +end diff --git a/lib/datadog_api_client/v2/models/security_monitoring_suppression_update_attributes.rb b/lib/datadog_api_client/v2/models/security_monitoring_suppression_update_attributes.rb new file mode 100644 index 000000000000..5887a1ffd927 --- /dev/null +++ b/lib/datadog_api_client/v2/models/security_monitoring_suppression_update_attributes.rb @@ -0,0 +1,158 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # The suppression rule properties to be updated. + class SecurityMonitoringSuppressionUpdateAttributes + include BaseGenericModel + + # A description for the suppression rule. + attr_accessor :description + + # Whether the suppression rule is enabled. + attr_accessor :enabled + + # A Unix millisecond timestamp giving an expiration date for the suppression rule. After this date, it won't suppress signals anymore. + attr_accessor :expiration_date + + # The name of the suppression rule. + attr_accessor :name + + # The rule query of the suppression rule, with the same syntax as the search bar for detection rules. + attr_accessor :rule_query + + # The suppression query of the suppression rule. If a signal matches this query, it is suppressed and not triggered. Same syntax as the queries to search signals in the signal explorer. + attr_accessor :suppression_query + + # The current version of the suppression. This is optional, but it can help prevent concurrent modifications. + attr_reader :version + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'description' => :'description', + :'enabled' => :'enabled', + :'expiration_date' => :'expiration_date', + :'name' => :'name', + :'rule_query' => :'rule_query', + :'suppression_query' => :'suppression_query', + :'version' => :'version' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'description' => :'String', + :'enabled' => :'Boolean', + :'expiration_date' => :'Integer', + :'name' => :'String', + :'rule_query' => :'String', + :'suppression_query' => :'String', + :'version' => :'Integer' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::SecurityMonitoringSuppressionUpdateAttributes` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `DatadogAPIClient::V2::SecurityMonitoringSuppressionUpdateAttributes`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'description') + self.description = attributes[:'description'] + end + + if attributes.key?(:'enabled') + self.enabled = attributes[:'enabled'] + end + + if attributes.key?(:'expiration_date') + self.expiration_date = attributes[:'expiration_date'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + + if attributes.key?(:'rule_query') + self.rule_query = attributes[:'rule_query'] + end + + if attributes.key?(:'suppression_query') + self.suppression_query = attributes[:'suppression_query'] + end + + if attributes.key?(:'version') + self.version = attributes[:'version'] + end + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + # @!visibility private + def valid? + return false if !@version.nil? && @version > 2147483647 + true + end + + # Custom attribute writer method with validation + # @param version [Object] Object to be assigned + # @!visibility private + def version=(version) + if !version.nil? && version > 2147483647 + fail ArgumentError, 'invalid value for "version", must be smaller than or equal to 2147483647.' + end + @version = version + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + description == o.description && + enabled == o.enabled && + expiration_date == o.expiration_date && + name == o.name && + rule_query == o.rule_query && + suppression_query == o.suppression_query && + version == o.version + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [description, enabled, expiration_date, name, rule_query, suppression_query, version].hash + end + end +end diff --git a/lib/datadog_api_client/v2/models/security_monitoring_suppression_update_data.rb b/lib/datadog_api_client/v2/models/security_monitoring_suppression_update_data.rb new file mode 100644 index 000000000000..580032dba2cc --- /dev/null +++ b/lib/datadog_api_client/v2/models/security_monitoring_suppression_update_data.rb @@ -0,0 +1,119 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # The new suppression properties; partial updates are supported. + class SecurityMonitoringSuppressionUpdateData + include BaseGenericModel + + # The suppression rule properties to be updated. + attr_reader :attributes + + # The type of the resource. The value should always be `suppressions`. + attr_reader :type + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'attributes' => :'attributes', + :'type' => :'type' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'attributes' => :'SecurityMonitoringSuppressionUpdateAttributes', + :'type' => :'SecurityMonitoringSuppressionType' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::SecurityMonitoringSuppressionUpdateData` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `DatadogAPIClient::V2::SecurityMonitoringSuppressionUpdateData`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'attributes') + self.attributes = attributes[:'attributes'] + end + + if attributes.key?(:'type') + self.type = attributes[:'type'] + end + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + # @!visibility private + def valid? + return false if @attributes.nil? + return false if @type.nil? + true + end + + # Custom attribute writer method with validation + # @param attributes [Object] Object to be assigned + # @!visibility private + def attributes=(attributes) + if attributes.nil? + fail ArgumentError, 'invalid value for "attributes", attributes cannot be nil.' + end + @attributes = attributes + end + + # Custom attribute writer method with validation + # @param type [Object] Object to be assigned + # @!visibility private + def type=(type) + if type.nil? + fail ArgumentError, 'invalid value for "type", type cannot be nil.' + end + @type = type + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + attributes == o.attributes && + type == o.type + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [attributes, type].hash + end + end +end diff --git a/lib/datadog_api_client/v2/models/security_monitoring_suppression_update_request.rb b/lib/datadog_api_client/v2/models/security_monitoring_suppression_update_request.rb new file mode 100644 index 000000000000..3ca3b366346b --- /dev/null +++ b/lib/datadog_api_client/v2/models/security_monitoring_suppression_update_request.rb @@ -0,0 +1,98 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # Request object containing the fields to update on the suppression rule. + class SecurityMonitoringSuppressionUpdateRequest + include BaseGenericModel + + # The new suppression properties; partial updates are supported. + attr_reader :data + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'data' => :'data' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'data' => :'SecurityMonitoringSuppressionUpdateData' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::SecurityMonitoringSuppressionUpdateRequest` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `DatadogAPIClient::V2::SecurityMonitoringSuppressionUpdateRequest`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'data') + self.data = attributes[:'data'] + end + end + + # Check to see if the all the properties in the model are valid + # @return true if the model is valid + # @!visibility private + def valid? + return false if @data.nil? + true + end + + # Custom attribute writer method with validation + # @param data [Object] Object to be assigned + # @!visibility private + def data=(data) + if data.nil? + fail ArgumentError, 'invalid value for "data", data cannot be nil.' + end + @data = data + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + data == o.data + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [data].hash + end + end +end diff --git a/lib/datadog_api_client/v2/models/security_monitoring_suppressions_response.rb b/lib/datadog_api_client/v2/models/security_monitoring_suppressions_response.rb new file mode 100644 index 000000000000..4bd5337ec3a5 --- /dev/null +++ b/lib/datadog_api_client/v2/models/security_monitoring_suppressions_response.rb @@ -0,0 +1,82 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # Response object containing the available suppression rules. + class SecurityMonitoringSuppressionsResponse + include BaseGenericModel + + # A list of suppressions objects. + attr_accessor :data + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'data' => :'data' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'data' => :'Array' + } + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::SecurityMonitoringSuppressionsResponse` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `DatadogAPIClient::V2::SecurityMonitoringSuppressionsResponse`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'data') + if (value = attributes[:'data']).is_a?(Array) + self.data = value + end + end + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + data == o.data + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [data].hash + end + end +end diff --git a/lib/datadog_api_client/v2/models/security_monitoring_user.rb b/lib/datadog_api_client/v2/models/security_monitoring_user.rb new file mode 100644 index 000000000000..33e91538fd5a --- /dev/null +++ b/lib/datadog_api_client/v2/models/security_monitoring_user.rb @@ -0,0 +1,98 @@ +=begin +#Datadog API V2 Collection + +#Collection of all Datadog Public endpoints. + +The version of the OpenAPI document: 1.0 +Contact: support@datadoghq.com +Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator + + Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. + This product includes software developed at Datadog (https://www.datadoghq.com/). + Copyright 2020-Present Datadog, Inc. + +=end + +require 'date' +require 'time' + +module DatadogAPIClient::V2 + # A user. + class SecurityMonitoringUser + include BaseGenericModel + + # The handle of the user. + attr_accessor :handle + + # The name of the user. + attr_accessor :name + + # Attribute mapping from ruby-style variable name to JSON key. + # @!visibility private + def self.attribute_map + { + :'handle' => :'handle', + :'name' => :'name' + } + end + + # Attribute type mapping. + # @!visibility private + def self.openapi_types + { + :'handle' => :'String', + :'name' => :'String' + } + end + + # List of attributes with nullable: true + # @!visibility private + def self.openapi_nullable + Set.new([ + :'name', + ]) + end + + # Initializes the object + # @param attributes [Hash] Model attributes in the form of hash + # @!visibility private + def initialize(attributes = {}) + if (!attributes.is_a?(Hash)) + fail ArgumentError, "The input argument (attributes) must be a hash in `DatadogAPIClient::V2::SecurityMonitoringUser` initialize method" + end + + # check to see if the attribute exists and convert string to symbol for hash key + attributes = attributes.each_with_object({}) { |(k, v), h| + if (!self.class.attribute_map.key?(k.to_sym)) + fail ArgumentError, "`#{k}` is not a valid attribute in `DatadogAPIClient::V2::SecurityMonitoringUser`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect + end + h[k.to_sym] = v + } + + if attributes.key?(:'handle') + self.handle = attributes[:'handle'] + end + + if attributes.key?(:'name') + self.name = attributes[:'name'] + end + end + + # Checks equality by comparing each attribute. + # @param o [Object] Object to be compared + # @!visibility private + def ==(o) + return true if self.equal?(o) + self.class == o.class && + handle == o.handle && + name == o.name + end + + # Calculates hash code according to all attributes. + # @return [Integer] Hash code + # @!visibility private + def hash + [handle, name].hash + end + end +end