diff --git a/.apigentools-info b/.apigentools-info index 45c5e5595a0..1f21347bd57 100644 --- a/.apigentools-info +++ b/.apigentools-info @@ -4,13 +4,13 @@ "spec_versions": { "v1": { "apigentools_version": "1.6.4", - "regenerated": "2022-12-13 20:14:53.242276", - "spec_repo_commit": "cb07e37b" + "regenerated": "2022-12-14 12:52:34.630004", + "spec_repo_commit": "1ef2d5fc" }, "v2": { "apigentools_version": "1.6.4", - "regenerated": "2022-12-13 20:14:53.259631", - "spec_repo_commit": "cb07e37b" + "regenerated": "2022-12-14 12:52:34.641536", + "spec_repo_commit": "1ef2d5fc" } } } \ No newline at end of file diff --git a/.generator/schemas/v1/openapi.yaml b/.generator/schemas/v1/openapi.yaml index 06d158418b0..b48b8a9ace0 100644 --- a/.generator/schemas/v1/openapi.yaml +++ b/.generator/schemas/v1/openapi.yaml @@ -6155,10 +6155,6 @@ components: enable_logs_sample: description: Whether or not to send a log sample when the log monitor triggers. type: boolean - enable_samples: - description: Whether or not to send a list of samples when the monitor triggers. - This is only used by CI Test and Pipeline monitors. - type: boolean escalation_message: default: none description: 'We recommend using the [is_renotify](https://docs.datadoghq.com/monitors/notify/?tab=is_alert#renotify), diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index c32905eadb1..11b17a22134 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -1761,6 +1761,148 @@ components: example: infra_host type: string type: object + CloudConfigurationComplianceRuleOptions: + description: Options for cloud_configuration rules. + properties: + complexRule: + description: 'Whether the rule is a complex one. + + Must be set to true if `regoRule.resourceTypes` contains more than one + item. Defaults to false. + + ' + type: boolean + regoRule: + $ref: '#/components/schemas/CloudConfigurationRegoRule' + required: + - regoRule + type: object + CloudConfigurationRegoRule: + description: Rule details. + properties: + policy: + description: 'The policy written in `rego`, see: https://www.openpolicyagent.org/docs/latest/policy-language/' + example: "package datadog\n\nimport data.datadog.output as dd_output\nimport + future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\neval(resource) + = \"skip\" if {\n # Logic that evaluates to true if the resource should + be skipped\n true\n} else = \"pass\" {\n # Logic that evaluates to true + if the resource is compliant\n true\n} else = \"fail\" {\n # Logic that + evaluates to true if the resource is not compliant\n true\n}\n\n# This + part remains unchanged for all rules\nresults contains result if {\n some + resource in input.resources[input.main_resource_type]\n result := dd_output.format(resource, + eval(resource))\n}\n" + type: string + resourceTypes: + description: List of resource types that will be evaluated upon. Must have + at least one element. + example: + - gcp_iam_service_account + - gcp_iam_policy + items: + type: string + type: array + required: + - policy + - resourceTypes + type: object + CloudConfigurationRuleCaseCreate: + description: Description of signals. + properties: + notifications: + description: Notification targets for each rule case. + items: + description: Notification. + type: string + type: array + status: + $ref: '#/components/schemas/SecurityMonitoringRuleSeverity' + required: + - status + type: object + CloudConfigurationRuleComplianceSignalOptions: + description: How to generate compliance signals. Useful for cloud_configuration + rules only. + properties: + userActivationStatus: + description: Whether signals will be sent. + type: boolean + userGroupByFields: + description: Fields to use to group findings by when sending signals. + items: + type: string + type: array + type: object + CloudConfigurationRuleCreatePayload: + description: Create a new cloud configuration rule. + properties: + cases: + description: 'Description of generated findings and signals (severity and + channels to be notified in case of a signal). Must contain exactly one + item. + + ' + items: + $ref: '#/components/schemas/CloudConfigurationRuleCaseCreate' + type: array + complianceSignalOptions: + $ref: '#/components/schemas/CloudConfigurationRuleComplianceSignalOptions' + isEnabled: + description: Whether the rule is enabled. + example: true + type: boolean + message: + description: Message in markdown format for generated findings and signals. + example: '#Description + + Explanation of the rule. + + + #Remediation + + How to fix the security issue. + + ' + type: string + name: + description: The name of the rule. + example: My security monitoring rule. + type: string + options: + $ref: '#/components/schemas/CloudConfigurationRuleOptions' + tags: + description: Tags for generated findings and signals. + example: + - env:prod + - team:security + items: + description: Tag. + type: string + type: array + type: + $ref: '#/components/schemas/CloudConfigurationRuleType' + required: + - name + - isEnabled + - options + - complianceSignalOptions + - cases + - message + type: object + CloudConfigurationRuleOptions: + description: Options on cloud configuration rules. + properties: + complianceRuleOptions: + $ref: '#/components/schemas/CloudConfigurationComplianceRuleOptions' + required: + - complianceRuleOptions + type: object + CloudConfigurationRuleType: + description: The rule type. + enum: + - cloud_configuration + type: string + x-enum-varnames: + - CLOUD_CONFIGURATION CloudWorkloadSecurityAgentRuleAttributes: description: A Cloud Workload Security Agent rule returned by the API. properties: @@ -8344,6 +8486,7 @@ components: oneOf: - $ref: '#/components/schemas/SecurityMonitoringStandardRuleCreatePayload' - $ref: '#/components/schemas/SecurityMonitoringSignalRuleCreatePayload' + - $ref: '#/components/schemas/CloudConfigurationRuleCreatePayload' type: object SecurityMonitoringRuleDecreaseCriticalityBasedOnEnv: description: 'If true, signals in non-production environments have a lower severity @@ -8549,6 +8692,8 @@ components: SecurityMonitoringRuleOptions: description: Options on rules. properties: + complianceRuleOptions: + $ref: '#/components/schemas/CloudConfigurationComplianceRuleOptions' decreaseCriticalityBasedOnEnv: $ref: '#/components/schemas/SecurityMonitoringRuleDecreaseCriticalityBasedOnEnv' detectionMethod: @@ -8643,6 +8788,8 @@ components: items: $ref: '#/components/schemas/SecurityMonitoringRuleCase' type: array + complianceSignalOptions: + $ref: '#/components/schemas/CloudConfigurationRuleComplianceSignalOptions' filters: description: Additional queries to filter matched events before they are processed. @@ -9323,6 +9470,8 @@ components: items: $ref: '#/components/schemas/SecurityMonitoringRuleCase' type: array + complianceSignalOptions: + $ref: '#/components/schemas/CloudConfigurationRuleComplianceSignalOptions' createdAt: description: When the rule was created, timestamp in milliseconds. format: int64 diff --git a/api/datadogV1/model_monitor_options.go b/api/datadogV1/model_monitor_options.go index 4a003480f11..4fcc89ccc0c 100644 --- a/api/datadogV1/model_monitor_options.go +++ b/api/datadogV1/model_monitor_options.go @@ -19,8 +19,6 @@ type MonitorOptions struct { DeviceIds []MonitorDeviceID `json:"device_ids,omitempty"` // Whether or not to send a log sample when the log monitor triggers. EnableLogsSample *bool `json:"enable_logs_sample,omitempty"` - // Whether or not to send a list of samples when the monitor triggers. This is only used by CI Test and Pipeline monitors. - EnableSamples *bool `json:"enable_samples,omitempty"` // We recommend using the [is_renotify](https://docs.datadoghq.com/monitors/notify/?tab=is_alert#renotify), // block in the original message instead. // A message to include with a re-notification. Supports the `@username` notification we allow elsewhere. @@ -254,34 +252,6 @@ func (o *MonitorOptions) SetEnableLogsSample(v bool) { o.EnableLogsSample = &v } -// GetEnableSamples returns the EnableSamples field value if set, zero value otherwise. -func (o *MonitorOptions) GetEnableSamples() bool { - if o == nil || o.EnableSamples == nil { - var ret bool - return ret - } - return *o.EnableSamples -} - -// GetEnableSamplesOk returns a tuple with the EnableSamples field value if set, nil otherwise -// and a boolean to check if the value has been set. -func (o *MonitorOptions) GetEnableSamplesOk() (*bool, bool) { - if o == nil || o.EnableSamples == nil { - return nil, false - } - return o.EnableSamples, true -} - -// HasEnableSamples returns a boolean if a field has been set. -func (o *MonitorOptions) HasEnableSamples() bool { - return o != nil && o.EnableSamples != nil -} - -// SetEnableSamples gets a reference to the given bool and assigns it to the EnableSamples field. -func (o *MonitorOptions) SetEnableSamples(v bool) { - o.EnableSamples = &v -} - // GetEscalationMessage returns the EscalationMessage field value if set, zero value otherwise. func (o *MonitorOptions) GetEscalationMessage() string { if o == nil || o.EscalationMessage == nil { @@ -1148,9 +1118,6 @@ func (o MonitorOptions) MarshalJSON() ([]byte, error) { if o.EnableLogsSample != nil { toSerialize["enable_logs_sample"] = o.EnableLogsSample } - if o.EnableSamples != nil { - toSerialize["enable_samples"] = o.EnableSamples - } if o.EscalationMessage != nil { toSerialize["escalation_message"] = o.EscalationMessage } @@ -1243,7 +1210,6 @@ func (o *MonitorOptions) UnmarshalJSON(bytes []byte) (err error) { Aggregation *MonitorOptionsAggregation `json:"aggregation,omitempty"` DeviceIds []MonitorDeviceID `json:"device_ids,omitempty"` EnableLogsSample *bool `json:"enable_logs_sample,omitempty"` - EnableSamples *bool `json:"enable_samples,omitempty"` EscalationMessage *string `json:"escalation_message,omitempty"` EvaluationDelay datadog.NullableInt64 `json:"evaluation_delay,omitempty"` GroupRetentionDuration *string `json:"group_retention_duration,omitempty"` @@ -1298,7 +1264,6 @@ func (o *MonitorOptions) UnmarshalJSON(bytes []byte) (err error) { o.Aggregation = all.Aggregation o.DeviceIds = all.DeviceIds o.EnableLogsSample = all.EnableLogsSample - o.EnableSamples = all.EnableSamples o.EscalationMessage = all.EscalationMessage o.EvaluationDelay = all.EvaluationDelay o.GroupRetentionDuration = all.GroupRetentionDuration diff --git a/api/datadogV2/model_cloud_configuration_compliance_rule_options.go b/api/datadogV2/model_cloud_configuration_compliance_rule_options.go new file mode 100644 index 00000000000..b2cc930a4f1 --- /dev/null +++ b/api/datadogV2/model_cloud_configuration_compliance_rule_options.go @@ -0,0 +1,147 @@ +// Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2019-Present Datadog, Inc. + +package datadogV2 + +import ( + "encoding/json" + "fmt" +) + +// CloudConfigurationComplianceRuleOptions Options for cloud_configuration rules. +type CloudConfigurationComplianceRuleOptions struct { + // Whether the rule is a complex one. + // Must be set to true if `regoRule.resourceTypes` contains more than one item. Defaults to false. + // + ComplexRule *bool `json:"complexRule,omitempty"` + // Rule details. + RegoRule CloudConfigurationRegoRule `json:"regoRule"` + // UnparsedObject contains the raw value of the object if there was an error when deserializing into the struct + UnparsedObject map[string]interface{} `json:"-"` + AdditionalProperties map[string]interface{} +} + +// NewCloudConfigurationComplianceRuleOptions instantiates a new CloudConfigurationComplianceRuleOptions object. +// This constructor will assign default values to properties that have it defined, +// and makes sure properties required by API are set, but the set of arguments +// will change when the set of required properties is changed. +func NewCloudConfigurationComplianceRuleOptions(regoRule CloudConfigurationRegoRule) *CloudConfigurationComplianceRuleOptions { + this := CloudConfigurationComplianceRuleOptions{} + this.RegoRule = regoRule + return &this +} + +// NewCloudConfigurationComplianceRuleOptionsWithDefaults instantiates a new CloudConfigurationComplianceRuleOptions object. +// This constructor will only assign default values to properties that have it defined, +// but it doesn't guarantee that properties required by API are set. +func NewCloudConfigurationComplianceRuleOptionsWithDefaults() *CloudConfigurationComplianceRuleOptions { + this := CloudConfigurationComplianceRuleOptions{} + return &this +} + +// GetComplexRule returns the ComplexRule field value if set, zero value otherwise. +func (o *CloudConfigurationComplianceRuleOptions) GetComplexRule() bool { + if o == nil || o.ComplexRule == nil { + var ret bool + return ret + } + return *o.ComplexRule +} + +// GetComplexRuleOk returns a tuple with the ComplexRule field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *CloudConfigurationComplianceRuleOptions) GetComplexRuleOk() (*bool, bool) { + if o == nil || o.ComplexRule == nil { + return nil, false + } + return o.ComplexRule, true +} + +// HasComplexRule returns a boolean if a field has been set. +func (o *CloudConfigurationComplianceRuleOptions) HasComplexRule() bool { + return o != nil && o.ComplexRule != nil +} + +// SetComplexRule gets a reference to the given bool and assigns it to the ComplexRule field. +func (o *CloudConfigurationComplianceRuleOptions) SetComplexRule(v bool) { + o.ComplexRule = &v +} + +// GetRegoRule returns the RegoRule field value. +func (o *CloudConfigurationComplianceRuleOptions) GetRegoRule() CloudConfigurationRegoRule { + if o == nil { + var ret CloudConfigurationRegoRule + return ret + } + return o.RegoRule +} + +// GetRegoRuleOk returns a tuple with the RegoRule field value +// and a boolean to check if the value has been set. +func (o *CloudConfigurationComplianceRuleOptions) GetRegoRuleOk() (*CloudConfigurationRegoRule, bool) { + if o == nil { + return nil, false + } + return &o.RegoRule, true +} + +// SetRegoRule sets field value. +func (o *CloudConfigurationComplianceRuleOptions) SetRegoRule(v CloudConfigurationRegoRule) { + o.RegoRule = v +} + +// MarshalJSON serializes the struct using spec logic. +func (o CloudConfigurationComplianceRuleOptions) MarshalJSON() ([]byte, error) { + toSerialize := map[string]interface{}{} + if o.UnparsedObject != nil { + return json.Marshal(o.UnparsedObject) + } + if o.ComplexRule != nil { + toSerialize["complexRule"] = o.ComplexRule + } + toSerialize["regoRule"] = o.RegoRule + + for key, value := range o.AdditionalProperties { + toSerialize[key] = value + } + return json.Marshal(toSerialize) +} + +// UnmarshalJSON deserializes the given payload. +func (o *CloudConfigurationComplianceRuleOptions) UnmarshalJSON(bytes []byte) (err error) { + raw := map[string]interface{}{} + required := struct { + RegoRule *CloudConfigurationRegoRule `json:"regoRule"` + }{} + all := struct { + ComplexRule *bool `json:"complexRule,omitempty"` + RegoRule CloudConfigurationRegoRule `json:"regoRule"` + }{} + err = json.Unmarshal(bytes, &required) + if err != nil { + return err + } + if required.RegoRule == nil { + return fmt.Errorf("required field regoRule missing") + } + err = json.Unmarshal(bytes, &all) + if err != nil { + err = json.Unmarshal(bytes, &raw) + if err != nil { + return err + } + o.UnparsedObject = raw + return nil + } + o.ComplexRule = all.ComplexRule + if all.RegoRule.UnparsedObject != nil && o.UnparsedObject == nil { + err = json.Unmarshal(bytes, &raw) + if err != nil { + return err + } + o.UnparsedObject = raw + } + o.RegoRule = all.RegoRule + return nil +} diff --git a/api/datadogV2/model_cloud_configuration_rego_rule.go b/api/datadogV2/model_cloud_configuration_rego_rule.go new file mode 100644 index 00000000000..68e4fd7af3f --- /dev/null +++ b/api/datadogV2/model_cloud_configuration_rego_rule.go @@ -0,0 +1,136 @@ +// Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2019-Present Datadog, Inc. + +package datadogV2 + +import ( + "encoding/json" + "fmt" +) + +// CloudConfigurationRegoRule Rule details. +type CloudConfigurationRegoRule struct { + // The policy written in `rego`, see: https://www.openpolicyagent.org/docs/latest/policy-language/ + Policy string `json:"policy"` + // List of resource types that will be evaluated upon. Must have at least one element. + ResourceTypes []string `json:"resourceTypes"` + // UnparsedObject contains the raw value of the object if there was an error when deserializing into the struct + UnparsedObject map[string]interface{} `json:"-"` + AdditionalProperties map[string]interface{} +} + +// NewCloudConfigurationRegoRule instantiates a new CloudConfigurationRegoRule object. +// This constructor will assign default values to properties that have it defined, +// and makes sure properties required by API are set, but the set of arguments +// will change when the set of required properties is changed. +func NewCloudConfigurationRegoRule(policy string, resourceTypes []string) *CloudConfigurationRegoRule { + this := CloudConfigurationRegoRule{} + this.Policy = policy + this.ResourceTypes = resourceTypes + return &this +} + +// NewCloudConfigurationRegoRuleWithDefaults instantiates a new CloudConfigurationRegoRule object. +// This constructor will only assign default values to properties that have it defined, +// but it doesn't guarantee that properties required by API are set. +func NewCloudConfigurationRegoRuleWithDefaults() *CloudConfigurationRegoRule { + this := CloudConfigurationRegoRule{} + return &this +} + +// GetPolicy returns the Policy field value. +func (o *CloudConfigurationRegoRule) GetPolicy() string { + if o == nil { + var ret string + return ret + } + return o.Policy +} + +// GetPolicyOk returns a tuple with the Policy field value +// and a boolean to check if the value has been set. +func (o *CloudConfigurationRegoRule) GetPolicyOk() (*string, bool) { + if o == nil { + return nil, false + } + return &o.Policy, true +} + +// SetPolicy sets field value. +func (o *CloudConfigurationRegoRule) SetPolicy(v string) { + o.Policy = v +} + +// GetResourceTypes returns the ResourceTypes field value. +func (o *CloudConfigurationRegoRule) GetResourceTypes() []string { + if o == nil { + var ret []string + return ret + } + return o.ResourceTypes +} + +// GetResourceTypesOk returns a tuple with the ResourceTypes field value +// and a boolean to check if the value has been set. +func (o *CloudConfigurationRegoRule) GetResourceTypesOk() (*[]string, bool) { + if o == nil { + return nil, false + } + return &o.ResourceTypes, true +} + +// SetResourceTypes sets field value. +func (o *CloudConfigurationRegoRule) SetResourceTypes(v []string) { + o.ResourceTypes = v +} + +// MarshalJSON serializes the struct using spec logic. +func (o CloudConfigurationRegoRule) MarshalJSON() ([]byte, error) { + toSerialize := map[string]interface{}{} + if o.UnparsedObject != nil { + return json.Marshal(o.UnparsedObject) + } + toSerialize["policy"] = o.Policy + toSerialize["resourceTypes"] = o.ResourceTypes + + for key, value := range o.AdditionalProperties { + toSerialize[key] = value + } + return json.Marshal(toSerialize) +} + +// UnmarshalJSON deserializes the given payload. +func (o *CloudConfigurationRegoRule) UnmarshalJSON(bytes []byte) (err error) { + raw := map[string]interface{}{} + required := struct { + Policy *string `json:"policy"` + ResourceTypes *[]string `json:"resourceTypes"` + }{} + all := struct { + Policy string `json:"policy"` + ResourceTypes []string `json:"resourceTypes"` + }{} + err = json.Unmarshal(bytes, &required) + if err != nil { + return err + } + if required.Policy == nil { + return fmt.Errorf("required field policy missing") + } + if required.ResourceTypes == nil { + return fmt.Errorf("required field resourceTypes missing") + } + err = json.Unmarshal(bytes, &all) + if err != nil { + err = json.Unmarshal(bytes, &raw) + if err != nil { + return err + } + o.UnparsedObject = raw + return nil + } + o.Policy = all.Policy + o.ResourceTypes = all.ResourceTypes + return nil +} diff --git a/api/datadogV2/model_cloud_configuration_rule_case_create.go b/api/datadogV2/model_cloud_configuration_rule_case_create.go new file mode 100644 index 00000000000..7486128b6af --- /dev/null +++ b/api/datadogV2/model_cloud_configuration_rule_case_create.go @@ -0,0 +1,146 @@ +// Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2019-Present Datadog, Inc. + +package datadogV2 + +import ( + "encoding/json" + "fmt" +) + +// CloudConfigurationRuleCaseCreate Description of signals. +type CloudConfigurationRuleCaseCreate struct { + // Notification targets for each rule case. + Notifications []string `json:"notifications,omitempty"` + // Severity of the Security Signal. + Status SecurityMonitoringRuleSeverity `json:"status"` + // UnparsedObject contains the raw value of the object if there was an error when deserializing into the struct + UnparsedObject map[string]interface{} `json:"-"` + AdditionalProperties map[string]interface{} +} + +// NewCloudConfigurationRuleCaseCreate instantiates a new CloudConfigurationRuleCaseCreate object. +// This constructor will assign default values to properties that have it defined, +// and makes sure properties required by API are set, but the set of arguments +// will change when the set of required properties is changed. +func NewCloudConfigurationRuleCaseCreate(status SecurityMonitoringRuleSeverity) *CloudConfigurationRuleCaseCreate { + this := CloudConfigurationRuleCaseCreate{} + this.Status = status + return &this +} + +// NewCloudConfigurationRuleCaseCreateWithDefaults instantiates a new CloudConfigurationRuleCaseCreate object. +// This constructor will only assign default values to properties that have it defined, +// but it doesn't guarantee that properties required by API are set. +func NewCloudConfigurationRuleCaseCreateWithDefaults() *CloudConfigurationRuleCaseCreate { + this := CloudConfigurationRuleCaseCreate{} + return &this +} + +// GetNotifications returns the Notifications field value if set, zero value otherwise. +func (o *CloudConfigurationRuleCaseCreate) GetNotifications() []string { + if o == nil || o.Notifications == nil { + var ret []string + return ret + } + return o.Notifications +} + +// GetNotificationsOk returns a tuple with the Notifications field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *CloudConfigurationRuleCaseCreate) GetNotificationsOk() (*[]string, bool) { + if o == nil || o.Notifications == nil { + return nil, false + } + return &o.Notifications, true +} + +// HasNotifications returns a boolean if a field has been set. +func (o *CloudConfigurationRuleCaseCreate) HasNotifications() bool { + return o != nil && o.Notifications != nil +} + +// SetNotifications gets a reference to the given []string and assigns it to the Notifications field. +func (o *CloudConfigurationRuleCaseCreate) SetNotifications(v []string) { + o.Notifications = v +} + +// GetStatus returns the Status field value. +func (o *CloudConfigurationRuleCaseCreate) GetStatus() SecurityMonitoringRuleSeverity { + if o == nil { + var ret SecurityMonitoringRuleSeverity + return ret + } + return o.Status +} + +// GetStatusOk returns a tuple with the Status field value +// and a boolean to check if the value has been set. +func (o *CloudConfigurationRuleCaseCreate) GetStatusOk() (*SecurityMonitoringRuleSeverity, bool) { + if o == nil { + return nil, false + } + return &o.Status, true +} + +// SetStatus sets field value. +func (o *CloudConfigurationRuleCaseCreate) SetStatus(v SecurityMonitoringRuleSeverity) { + o.Status = v +} + +// MarshalJSON serializes the struct using spec logic. +func (o CloudConfigurationRuleCaseCreate) MarshalJSON() ([]byte, error) { + toSerialize := map[string]interface{}{} + if o.UnparsedObject != nil { + return json.Marshal(o.UnparsedObject) + } + if o.Notifications != nil { + toSerialize["notifications"] = o.Notifications + } + toSerialize["status"] = o.Status + + for key, value := range o.AdditionalProperties { + toSerialize[key] = value + } + return json.Marshal(toSerialize) +} + +// UnmarshalJSON deserializes the given payload. +func (o *CloudConfigurationRuleCaseCreate) UnmarshalJSON(bytes []byte) (err error) { + raw := map[string]interface{}{} + required := struct { + Status *SecurityMonitoringRuleSeverity `json:"status"` + }{} + all := struct { + Notifications []string `json:"notifications,omitempty"` + Status SecurityMonitoringRuleSeverity `json:"status"` + }{} + err = json.Unmarshal(bytes, &required) + if err != nil { + return err + } + if required.Status == nil { + return fmt.Errorf("required field status missing") + } + err = json.Unmarshal(bytes, &all) + if err != nil { + err = json.Unmarshal(bytes, &raw) + if err != nil { + return err + } + o.UnparsedObject = raw + return nil + } + if v := all.Status; !v.IsValid() { + err = json.Unmarshal(bytes, &raw) + if err != nil { + return err + } + o.UnparsedObject = raw + return nil + } + o.Notifications = all.Notifications + o.Status = all.Status + return nil +} diff --git a/api/datadogV2/model_cloud_configuration_rule_compliance_signal_options.go b/api/datadogV2/model_cloud_configuration_rule_compliance_signal_options.go new file mode 100644 index 00000000000..dd5e3dbe0f7 --- /dev/null +++ b/api/datadogV2/model_cloud_configuration_rule_compliance_signal_options.go @@ -0,0 +1,133 @@ +// Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2019-Present Datadog, Inc. + +package datadogV2 + +import ( + "encoding/json" +) + +// CloudConfigurationRuleComplianceSignalOptions How to generate compliance signals. Useful for cloud_configuration rules only. +type CloudConfigurationRuleComplianceSignalOptions struct { + // Whether signals will be sent. + UserActivationStatus *bool `json:"userActivationStatus,omitempty"` + // Fields to use to group findings by when sending signals. + UserGroupByFields []string `json:"userGroupByFields,omitempty"` + // UnparsedObject contains the raw value of the object if there was an error when deserializing into the struct + UnparsedObject map[string]interface{} `json:"-"` + AdditionalProperties map[string]interface{} +} + +// NewCloudConfigurationRuleComplianceSignalOptions instantiates a new CloudConfigurationRuleComplianceSignalOptions object. +// This constructor will assign default values to properties that have it defined, +// and makes sure properties required by API are set, but the set of arguments +// will change when the set of required properties is changed. +func NewCloudConfigurationRuleComplianceSignalOptions() *CloudConfigurationRuleComplianceSignalOptions { + this := CloudConfigurationRuleComplianceSignalOptions{} + return &this +} + +// NewCloudConfigurationRuleComplianceSignalOptionsWithDefaults instantiates a new CloudConfigurationRuleComplianceSignalOptions object. +// This constructor will only assign default values to properties that have it defined, +// but it doesn't guarantee that properties required by API are set. +func NewCloudConfigurationRuleComplianceSignalOptionsWithDefaults() *CloudConfigurationRuleComplianceSignalOptions { + this := CloudConfigurationRuleComplianceSignalOptions{} + return &this +} + +// GetUserActivationStatus returns the UserActivationStatus field value if set, zero value otherwise. +func (o *CloudConfigurationRuleComplianceSignalOptions) GetUserActivationStatus() bool { + if o == nil || o.UserActivationStatus == nil { + var ret bool + return ret + } + return *o.UserActivationStatus +} + +// GetUserActivationStatusOk returns a tuple with the UserActivationStatus field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *CloudConfigurationRuleComplianceSignalOptions) GetUserActivationStatusOk() (*bool, bool) { + if o == nil || o.UserActivationStatus == nil { + return nil, false + } + return o.UserActivationStatus, true +} + +// HasUserActivationStatus returns a boolean if a field has been set. +func (o *CloudConfigurationRuleComplianceSignalOptions) HasUserActivationStatus() bool { + return o != nil && o.UserActivationStatus != nil +} + +// SetUserActivationStatus gets a reference to the given bool and assigns it to the UserActivationStatus field. +func (o *CloudConfigurationRuleComplianceSignalOptions) SetUserActivationStatus(v bool) { + o.UserActivationStatus = &v +} + +// GetUserGroupByFields returns the UserGroupByFields field value if set, zero value otherwise. +func (o *CloudConfigurationRuleComplianceSignalOptions) GetUserGroupByFields() []string { + if o == nil || o.UserGroupByFields == nil { + var ret []string + return ret + } + return o.UserGroupByFields +} + +// GetUserGroupByFieldsOk returns a tuple with the UserGroupByFields field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *CloudConfigurationRuleComplianceSignalOptions) GetUserGroupByFieldsOk() (*[]string, bool) { + if o == nil || o.UserGroupByFields == nil { + return nil, false + } + return &o.UserGroupByFields, true +} + +// HasUserGroupByFields returns a boolean if a field has been set. +func (o *CloudConfigurationRuleComplianceSignalOptions) HasUserGroupByFields() bool { + return o != nil && o.UserGroupByFields != nil +} + +// SetUserGroupByFields gets a reference to the given []string and assigns it to the UserGroupByFields field. +func (o *CloudConfigurationRuleComplianceSignalOptions) SetUserGroupByFields(v []string) { + o.UserGroupByFields = v +} + +// MarshalJSON serializes the struct using spec logic. +func (o CloudConfigurationRuleComplianceSignalOptions) MarshalJSON() ([]byte, error) { + toSerialize := map[string]interface{}{} + if o.UnparsedObject != nil { + return json.Marshal(o.UnparsedObject) + } + if o.UserActivationStatus != nil { + toSerialize["userActivationStatus"] = o.UserActivationStatus + } + if o.UserGroupByFields != nil { + toSerialize["userGroupByFields"] = o.UserGroupByFields + } + + for key, value := range o.AdditionalProperties { + toSerialize[key] = value + } + return json.Marshal(toSerialize) +} + +// UnmarshalJSON deserializes the given payload. +func (o *CloudConfigurationRuleComplianceSignalOptions) UnmarshalJSON(bytes []byte) (err error) { + raw := map[string]interface{}{} + all := struct { + UserActivationStatus *bool `json:"userActivationStatus,omitempty"` + UserGroupByFields []string `json:"userGroupByFields,omitempty"` + }{} + err = json.Unmarshal(bytes, &all) + if err != nil { + err = json.Unmarshal(bytes, &raw) + if err != nil { + return err + } + o.UnparsedObject = raw + return nil + } + o.UserActivationStatus = all.UserActivationStatus + o.UserGroupByFields = all.UserGroupByFields + return nil +} diff --git a/api/datadogV2/model_cloud_configuration_rule_create_payload.go b/api/datadogV2/model_cloud_configuration_rule_create_payload.go new file mode 100644 index 00000000000..ba9d12fcc31 --- /dev/null +++ b/api/datadogV2/model_cloud_configuration_rule_create_payload.go @@ -0,0 +1,361 @@ +// Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2019-Present Datadog, Inc. + +package datadogV2 + +import ( + "encoding/json" + "fmt" +) + +// CloudConfigurationRuleCreatePayload Create a new cloud configuration rule. +type CloudConfigurationRuleCreatePayload struct { + // Description of generated findings and signals (severity and channels to be notified in case of a signal). Must contain exactly one item. + // + Cases []CloudConfigurationRuleCaseCreate `json:"cases"` + // How to generate compliance signals. Useful for cloud_configuration rules only. + ComplianceSignalOptions CloudConfigurationRuleComplianceSignalOptions `json:"complianceSignalOptions"` + // Whether the rule is enabled. + IsEnabled bool `json:"isEnabled"` + // Message in markdown format for generated findings and signals. + Message string `json:"message"` + // The name of the rule. + Name string `json:"name"` + // Options on cloud configuration rules. + Options CloudConfigurationRuleOptions `json:"options"` + // Tags for generated findings and signals. + Tags []string `json:"tags,omitempty"` + // The rule type. + Type *CloudConfigurationRuleType `json:"type,omitempty"` + // UnparsedObject contains the raw value of the object if there was an error when deserializing into the struct + UnparsedObject map[string]interface{} `json:"-"` + AdditionalProperties map[string]interface{} +} + +// NewCloudConfigurationRuleCreatePayload instantiates a new CloudConfigurationRuleCreatePayload object. +// This constructor will assign default values to properties that have it defined, +// and makes sure properties required by API are set, but the set of arguments +// will change when the set of required properties is changed. +func NewCloudConfigurationRuleCreatePayload(cases []CloudConfigurationRuleCaseCreate, complianceSignalOptions CloudConfigurationRuleComplianceSignalOptions, isEnabled bool, message string, name string, options CloudConfigurationRuleOptions) *CloudConfigurationRuleCreatePayload { + this := CloudConfigurationRuleCreatePayload{} + this.Cases = cases + this.ComplianceSignalOptions = complianceSignalOptions + this.IsEnabled = isEnabled + this.Message = message + this.Name = name + this.Options = options + return &this +} + +// NewCloudConfigurationRuleCreatePayloadWithDefaults instantiates a new CloudConfigurationRuleCreatePayload object. +// This constructor will only assign default values to properties that have it defined, +// but it doesn't guarantee that properties required by API are set. +func NewCloudConfigurationRuleCreatePayloadWithDefaults() *CloudConfigurationRuleCreatePayload { + this := CloudConfigurationRuleCreatePayload{} + return &this +} + +// GetCases returns the Cases field value. +func (o *CloudConfigurationRuleCreatePayload) GetCases() []CloudConfigurationRuleCaseCreate { + if o == nil { + var ret []CloudConfigurationRuleCaseCreate + return ret + } + return o.Cases +} + +// GetCasesOk returns a tuple with the Cases field value +// and a boolean to check if the value has been set. +func (o *CloudConfigurationRuleCreatePayload) GetCasesOk() (*[]CloudConfigurationRuleCaseCreate, bool) { + if o == nil { + return nil, false + } + return &o.Cases, true +} + +// SetCases sets field value. +func (o *CloudConfigurationRuleCreatePayload) SetCases(v []CloudConfigurationRuleCaseCreate) { + o.Cases = v +} + +// GetComplianceSignalOptions returns the ComplianceSignalOptions field value. +func (o *CloudConfigurationRuleCreatePayload) GetComplianceSignalOptions() CloudConfigurationRuleComplianceSignalOptions { + if o == nil { + var ret CloudConfigurationRuleComplianceSignalOptions + return ret + } + return o.ComplianceSignalOptions +} + +// GetComplianceSignalOptionsOk returns a tuple with the ComplianceSignalOptions field value +// and a boolean to check if the value has been set. +func (o *CloudConfigurationRuleCreatePayload) GetComplianceSignalOptionsOk() (*CloudConfigurationRuleComplianceSignalOptions, bool) { + if o == nil { + return nil, false + } + return &o.ComplianceSignalOptions, true +} + +// SetComplianceSignalOptions sets field value. +func (o *CloudConfigurationRuleCreatePayload) SetComplianceSignalOptions(v CloudConfigurationRuleComplianceSignalOptions) { + o.ComplianceSignalOptions = v +} + +// GetIsEnabled returns the IsEnabled field value. +func (o *CloudConfigurationRuleCreatePayload) GetIsEnabled() bool { + if o == nil { + var ret bool + return ret + } + return o.IsEnabled +} + +// GetIsEnabledOk returns a tuple with the IsEnabled field value +// and a boolean to check if the value has been set. +func (o *CloudConfigurationRuleCreatePayload) GetIsEnabledOk() (*bool, bool) { + if o == nil { + return nil, false + } + return &o.IsEnabled, true +} + +// SetIsEnabled sets field value. +func (o *CloudConfigurationRuleCreatePayload) SetIsEnabled(v bool) { + o.IsEnabled = v +} + +// GetMessage returns the Message field value. +func (o *CloudConfigurationRuleCreatePayload) GetMessage() string { + if o == nil { + var ret string + return ret + } + return o.Message +} + +// GetMessageOk returns a tuple with the Message field value +// and a boolean to check if the value has been set. +func (o *CloudConfigurationRuleCreatePayload) GetMessageOk() (*string, bool) { + if o == nil { + return nil, false + } + return &o.Message, true +} + +// SetMessage sets field value. +func (o *CloudConfigurationRuleCreatePayload) SetMessage(v string) { + o.Message = v +} + +// GetName returns the Name field value. +func (o *CloudConfigurationRuleCreatePayload) GetName() string { + if o == nil { + var ret string + return ret + } + return o.Name +} + +// GetNameOk returns a tuple with the Name field value +// and a boolean to check if the value has been set. +func (o *CloudConfigurationRuleCreatePayload) GetNameOk() (*string, bool) { + if o == nil { + return nil, false + } + return &o.Name, true +} + +// SetName sets field value. +func (o *CloudConfigurationRuleCreatePayload) SetName(v string) { + o.Name = v +} + +// GetOptions returns the Options field value. +func (o *CloudConfigurationRuleCreatePayload) GetOptions() CloudConfigurationRuleOptions { + if o == nil { + var ret CloudConfigurationRuleOptions + return ret + } + return o.Options +} + +// GetOptionsOk returns a tuple with the Options field value +// and a boolean to check if the value has been set. +func (o *CloudConfigurationRuleCreatePayload) GetOptionsOk() (*CloudConfigurationRuleOptions, bool) { + if o == nil { + return nil, false + } + return &o.Options, true +} + +// SetOptions sets field value. +func (o *CloudConfigurationRuleCreatePayload) SetOptions(v CloudConfigurationRuleOptions) { + o.Options = v +} + +// GetTags returns the Tags field value if set, zero value otherwise. +func (o *CloudConfigurationRuleCreatePayload) GetTags() []string { + if o == nil || o.Tags == nil { + var ret []string + return ret + } + return o.Tags +} + +// GetTagsOk returns a tuple with the Tags field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *CloudConfigurationRuleCreatePayload) GetTagsOk() (*[]string, bool) { + if o == nil || o.Tags == nil { + return nil, false + } + return &o.Tags, true +} + +// HasTags returns a boolean if a field has been set. +func (o *CloudConfigurationRuleCreatePayload) HasTags() bool { + return o != nil && o.Tags != nil +} + +// SetTags gets a reference to the given []string and assigns it to the Tags field. +func (o *CloudConfigurationRuleCreatePayload) SetTags(v []string) { + o.Tags = v +} + +// GetType returns the Type field value if set, zero value otherwise. +func (o *CloudConfigurationRuleCreatePayload) GetType() CloudConfigurationRuleType { + if o == nil || o.Type == nil { + var ret CloudConfigurationRuleType + return ret + } + return *o.Type +} + +// GetTypeOk returns a tuple with the Type field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *CloudConfigurationRuleCreatePayload) GetTypeOk() (*CloudConfigurationRuleType, bool) { + if o == nil || o.Type == nil { + return nil, false + } + return o.Type, true +} + +// HasType returns a boolean if a field has been set. +func (o *CloudConfigurationRuleCreatePayload) HasType() bool { + return o != nil && o.Type != nil +} + +// SetType gets a reference to the given CloudConfigurationRuleType and assigns it to the Type field. +func (o *CloudConfigurationRuleCreatePayload) SetType(v CloudConfigurationRuleType) { + o.Type = &v +} + +// MarshalJSON serializes the struct using spec logic. +func (o CloudConfigurationRuleCreatePayload) MarshalJSON() ([]byte, error) { + toSerialize := map[string]interface{}{} + if o.UnparsedObject != nil { + return json.Marshal(o.UnparsedObject) + } + toSerialize["cases"] = o.Cases + toSerialize["complianceSignalOptions"] = o.ComplianceSignalOptions + toSerialize["isEnabled"] = o.IsEnabled + toSerialize["message"] = o.Message + toSerialize["name"] = o.Name + toSerialize["options"] = o.Options + if o.Tags != nil { + toSerialize["tags"] = o.Tags + } + if o.Type != nil { + toSerialize["type"] = o.Type + } + + for key, value := range o.AdditionalProperties { + toSerialize[key] = value + } + return json.Marshal(toSerialize) +} + +// UnmarshalJSON deserializes the given payload. +func (o *CloudConfigurationRuleCreatePayload) UnmarshalJSON(bytes []byte) (err error) { + raw := map[string]interface{}{} + required := struct { + Cases *[]CloudConfigurationRuleCaseCreate `json:"cases"` + ComplianceSignalOptions *CloudConfigurationRuleComplianceSignalOptions `json:"complianceSignalOptions"` + IsEnabled *bool `json:"isEnabled"` + Message *string `json:"message"` + Name *string `json:"name"` + Options *CloudConfigurationRuleOptions `json:"options"` + }{} + all := struct { + Cases []CloudConfigurationRuleCaseCreate `json:"cases"` + ComplianceSignalOptions CloudConfigurationRuleComplianceSignalOptions `json:"complianceSignalOptions"` + IsEnabled bool `json:"isEnabled"` + Message string `json:"message"` + Name string `json:"name"` + Options CloudConfigurationRuleOptions `json:"options"` + Tags []string `json:"tags,omitempty"` + Type *CloudConfigurationRuleType `json:"type,omitempty"` + }{} + err = json.Unmarshal(bytes, &required) + if err != nil { + return err + } + if required.Cases == nil { + return fmt.Errorf("required field cases missing") + } + if required.ComplianceSignalOptions == nil { + return fmt.Errorf("required field complianceSignalOptions missing") + } + if required.IsEnabled == nil { + return fmt.Errorf("required field isEnabled missing") + } + if required.Message == nil { + return fmt.Errorf("required field message missing") + } + if required.Name == nil { + return fmt.Errorf("required field name missing") + } + if required.Options == nil { + return fmt.Errorf("required field options missing") + } + err = json.Unmarshal(bytes, &all) + if err != nil { + err = json.Unmarshal(bytes, &raw) + if err != nil { + return err + } + o.UnparsedObject = raw + return nil + } + if v := all.Type; v != nil && !v.IsValid() { + err = json.Unmarshal(bytes, &raw) + if err != nil { + return err + } + o.UnparsedObject = raw + return nil + } + o.Cases = all.Cases + if all.ComplianceSignalOptions.UnparsedObject != nil && o.UnparsedObject == nil { + err = json.Unmarshal(bytes, &raw) + if err != nil { + return err + } + o.UnparsedObject = raw + } + o.ComplianceSignalOptions = all.ComplianceSignalOptions + o.IsEnabled = all.IsEnabled + o.Message = all.Message + o.Name = all.Name + if all.Options.UnparsedObject != nil && o.UnparsedObject == nil { + err = json.Unmarshal(bytes, &raw) + if err != nil { + return err + } + o.UnparsedObject = raw + } + o.Options = all.Options + o.Tags = all.Tags + o.Type = all.Type + return nil +} diff --git a/api/datadogV2/model_cloud_configuration_rule_options.go b/api/datadogV2/model_cloud_configuration_rule_options.go new file mode 100644 index 00000000000..c63f4e39cd4 --- /dev/null +++ b/api/datadogV2/model_cloud_configuration_rule_options.go @@ -0,0 +1,110 @@ +// Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2019-Present Datadog, Inc. + +package datadogV2 + +import ( + "encoding/json" + "fmt" +) + +// CloudConfigurationRuleOptions Options on cloud configuration rules. +type CloudConfigurationRuleOptions struct { + // Options for cloud_configuration rules. + ComplianceRuleOptions CloudConfigurationComplianceRuleOptions `json:"complianceRuleOptions"` + // UnparsedObject contains the raw value of the object if there was an error when deserializing into the struct + UnparsedObject map[string]interface{} `json:"-"` + AdditionalProperties map[string]interface{} +} + +// NewCloudConfigurationRuleOptions instantiates a new CloudConfigurationRuleOptions object. +// This constructor will assign default values to properties that have it defined, +// and makes sure properties required by API are set, but the set of arguments +// will change when the set of required properties is changed. +func NewCloudConfigurationRuleOptions(complianceRuleOptions CloudConfigurationComplianceRuleOptions) *CloudConfigurationRuleOptions { + this := CloudConfigurationRuleOptions{} + this.ComplianceRuleOptions = complianceRuleOptions + return &this +} + +// NewCloudConfigurationRuleOptionsWithDefaults instantiates a new CloudConfigurationRuleOptions object. +// This constructor will only assign default values to properties that have it defined, +// but it doesn't guarantee that properties required by API are set. +func NewCloudConfigurationRuleOptionsWithDefaults() *CloudConfigurationRuleOptions { + this := CloudConfigurationRuleOptions{} + return &this +} + +// GetComplianceRuleOptions returns the ComplianceRuleOptions field value. +func (o *CloudConfigurationRuleOptions) GetComplianceRuleOptions() CloudConfigurationComplianceRuleOptions { + if o == nil { + var ret CloudConfigurationComplianceRuleOptions + return ret + } + return o.ComplianceRuleOptions +} + +// GetComplianceRuleOptionsOk returns a tuple with the ComplianceRuleOptions field value +// and a boolean to check if the value has been set. +func (o *CloudConfigurationRuleOptions) GetComplianceRuleOptionsOk() (*CloudConfigurationComplianceRuleOptions, bool) { + if o == nil { + return nil, false + } + return &o.ComplianceRuleOptions, true +} + +// SetComplianceRuleOptions sets field value. +func (o *CloudConfigurationRuleOptions) SetComplianceRuleOptions(v CloudConfigurationComplianceRuleOptions) { + o.ComplianceRuleOptions = v +} + +// MarshalJSON serializes the struct using spec logic. +func (o CloudConfigurationRuleOptions) MarshalJSON() ([]byte, error) { + toSerialize := map[string]interface{}{} + if o.UnparsedObject != nil { + return json.Marshal(o.UnparsedObject) + } + toSerialize["complianceRuleOptions"] = o.ComplianceRuleOptions + + for key, value := range o.AdditionalProperties { + toSerialize[key] = value + } + return json.Marshal(toSerialize) +} + +// UnmarshalJSON deserializes the given payload. +func (o *CloudConfigurationRuleOptions) UnmarshalJSON(bytes []byte) (err error) { + raw := map[string]interface{}{} + required := struct { + ComplianceRuleOptions *CloudConfigurationComplianceRuleOptions `json:"complianceRuleOptions"` + }{} + all := struct { + ComplianceRuleOptions CloudConfigurationComplianceRuleOptions `json:"complianceRuleOptions"` + }{} + err = json.Unmarshal(bytes, &required) + if err != nil { + return err + } + if required.ComplianceRuleOptions == nil { + return fmt.Errorf("required field complianceRuleOptions missing") + } + err = json.Unmarshal(bytes, &all) + if err != nil { + err = json.Unmarshal(bytes, &raw) + if err != nil { + return err + } + o.UnparsedObject = raw + return nil + } + if all.ComplianceRuleOptions.UnparsedObject != nil && o.UnparsedObject == nil { + err = json.Unmarshal(bytes, &raw) + if err != nil { + return err + } + o.UnparsedObject = raw + } + o.ComplianceRuleOptions = all.ComplianceRuleOptions + return nil +} diff --git a/api/datadogV2/model_cloud_configuration_rule_type.go b/api/datadogV2/model_cloud_configuration_rule_type.go new file mode 100644 index 00000000000..4b591ce1628 --- /dev/null +++ b/api/datadogV2/model_cloud_configuration_rule_type.go @@ -0,0 +1,107 @@ +// Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +// This product includes software developed at Datadog (https://www.datadoghq.com/). +// Copyright 2019-Present Datadog, Inc. + +package datadogV2 + +import ( + "encoding/json" + "fmt" +) + +// CloudConfigurationRuleType The rule type. +type CloudConfigurationRuleType string + +// List of CloudConfigurationRuleType. +const ( + CLOUDCONFIGURATIONRULETYPE_CLOUD_CONFIGURATION CloudConfigurationRuleType = "cloud_configuration" +) + +var allowedCloudConfigurationRuleTypeEnumValues = []CloudConfigurationRuleType{ + CLOUDCONFIGURATIONRULETYPE_CLOUD_CONFIGURATION, +} + +// GetAllowedValues reeturns the list of possible values. +func (v *CloudConfigurationRuleType) GetAllowedValues() []CloudConfigurationRuleType { + return allowedCloudConfigurationRuleTypeEnumValues +} + +// UnmarshalJSON deserializes the given payload. +func (v *CloudConfigurationRuleType) UnmarshalJSON(src []byte) error { + var value string + err := json.Unmarshal(src, &value) + if err != nil { + return err + } + *v = CloudConfigurationRuleType(value) + return nil +} + +// NewCloudConfigurationRuleTypeFromValue returns a pointer to a valid CloudConfigurationRuleType +// for the value passed as argument, or an error if the value passed is not allowed by the enum. +func NewCloudConfigurationRuleTypeFromValue(v string) (*CloudConfigurationRuleType, error) { + ev := CloudConfigurationRuleType(v) + if ev.IsValid() { + return &ev, nil + } + return nil, fmt.Errorf("invalid value '%v' for CloudConfigurationRuleType: valid values are %v", v, allowedCloudConfigurationRuleTypeEnumValues) +} + +// IsValid return true if the value is valid for the enum, false otherwise. +func (v CloudConfigurationRuleType) IsValid() bool { + for _, existing := range allowedCloudConfigurationRuleTypeEnumValues { + if existing == v { + return true + } + } + return false +} + +// Ptr returns reference to CloudConfigurationRuleType value. +func (v CloudConfigurationRuleType) Ptr() *CloudConfigurationRuleType { + return &v +} + +// NullableCloudConfigurationRuleType handles when a null is used for CloudConfigurationRuleType. +type NullableCloudConfigurationRuleType struct { + value *CloudConfigurationRuleType + isSet bool +} + +// Get returns the associated value. +func (v NullableCloudConfigurationRuleType) Get() *CloudConfigurationRuleType { + return v.value +} + +// Set changes the value and indicates it's been called. +func (v *NullableCloudConfigurationRuleType) Set(val *CloudConfigurationRuleType) { + v.value = val + v.isSet = true +} + +// IsSet returns whether Set has been called. +func (v NullableCloudConfigurationRuleType) IsSet() bool { + return v.isSet +} + +// Unset sets the value to nil and resets the set flag. +func (v *NullableCloudConfigurationRuleType) Unset() { + v.value = nil + v.isSet = false +} + +// NewNullableCloudConfigurationRuleType initializes the struct as if Set has been called. +func NewNullableCloudConfigurationRuleType(val *CloudConfigurationRuleType) *NullableCloudConfigurationRuleType { + return &NullableCloudConfigurationRuleType{value: val, isSet: true} +} + +// MarshalJSON serializes the associated value. +func (v NullableCloudConfigurationRuleType) MarshalJSON() ([]byte, error) { + return json.Marshal(v.value) +} + +// UnmarshalJSON deserializes the payload and sets the flag as if Set has been called. +func (v *NullableCloudConfigurationRuleType) UnmarshalJSON(src []byte) error { + v.isSet = true + return json.Unmarshal(src, &v.value) +} diff --git a/api/datadogV2/model_security_monitoring_rule_create_payload.go b/api/datadogV2/model_security_monitoring_rule_create_payload.go index 4de8c6f4738..ffa7505be86 100644 --- a/api/datadogV2/model_security_monitoring_rule_create_payload.go +++ b/api/datadogV2/model_security_monitoring_rule_create_payload.go @@ -12,6 +12,7 @@ import ( type SecurityMonitoringRuleCreatePayload struct { SecurityMonitoringStandardRuleCreatePayload *SecurityMonitoringStandardRuleCreatePayload SecurityMonitoringSignalRuleCreatePayload *SecurityMonitoringSignalRuleCreatePayload + CloudConfigurationRuleCreatePayload *CloudConfigurationRuleCreatePayload // UnparsedObject contains the raw value of the object if there was an error when deserializing into the struct UnparsedObject interface{} @@ -27,6 +28,11 @@ func SecurityMonitoringSignalRuleCreatePayloadAsSecurityMonitoringRuleCreatePayl return SecurityMonitoringRuleCreatePayload{SecurityMonitoringSignalRuleCreatePayload: v} } +// CloudConfigurationRuleCreatePayloadAsSecurityMonitoringRuleCreatePayload is a convenience function that returns CloudConfigurationRuleCreatePayload wrapped in SecurityMonitoringRuleCreatePayload. +func CloudConfigurationRuleCreatePayloadAsSecurityMonitoringRuleCreatePayload(v *CloudConfigurationRuleCreatePayload) SecurityMonitoringRuleCreatePayload { + return SecurityMonitoringRuleCreatePayload{CloudConfigurationRuleCreatePayload: v} +} + // UnmarshalJSON turns data into one of the pointers in the struct. func (obj *SecurityMonitoringRuleCreatePayload) UnmarshalJSON(data []byte) error { var err error @@ -65,10 +71,28 @@ func (obj *SecurityMonitoringRuleCreatePayload) UnmarshalJSON(data []byte) error obj.SecurityMonitoringSignalRuleCreatePayload = nil } + // try to unmarshal data into CloudConfigurationRuleCreatePayload + err = json.Unmarshal(data, &obj.CloudConfigurationRuleCreatePayload) + if err == nil { + if obj.CloudConfigurationRuleCreatePayload != nil && obj.CloudConfigurationRuleCreatePayload.UnparsedObject == nil { + jsonCloudConfigurationRuleCreatePayload, _ := json.Marshal(obj.CloudConfigurationRuleCreatePayload) + if string(jsonCloudConfigurationRuleCreatePayload) == "{}" { // empty struct + obj.CloudConfigurationRuleCreatePayload = nil + } else { + match++ + } + } else { + obj.CloudConfigurationRuleCreatePayload = nil + } + } else { + obj.CloudConfigurationRuleCreatePayload = nil + } + if match != 1 { // more than 1 match // reset to nil obj.SecurityMonitoringStandardRuleCreatePayload = nil obj.SecurityMonitoringSignalRuleCreatePayload = nil + obj.CloudConfigurationRuleCreatePayload = nil return json.Unmarshal(data, &obj.UnparsedObject) } return nil // exactly one match @@ -84,6 +108,10 @@ func (obj SecurityMonitoringRuleCreatePayload) MarshalJSON() ([]byte, error) { return json.Marshal(&obj.SecurityMonitoringSignalRuleCreatePayload) } + if obj.CloudConfigurationRuleCreatePayload != nil { + return json.Marshal(&obj.CloudConfigurationRuleCreatePayload) + } + if obj.UnparsedObject != nil { return json.Marshal(obj.UnparsedObject) } @@ -100,6 +128,10 @@ func (obj *SecurityMonitoringRuleCreatePayload) GetActualInstance() interface{} return obj.SecurityMonitoringSignalRuleCreatePayload } + if obj.CloudConfigurationRuleCreatePayload != nil { + return obj.CloudConfigurationRuleCreatePayload + } + // all schemas are nil return nil } diff --git a/api/datadogV2/model_security_monitoring_rule_options.go b/api/datadogV2/model_security_monitoring_rule_options.go index 7d8a1106de1..a2f2aa98345 100644 --- a/api/datadogV2/model_security_monitoring_rule_options.go +++ b/api/datadogV2/model_security_monitoring_rule_options.go @@ -10,6 +10,8 @@ import ( // SecurityMonitoringRuleOptions Options on rules. type SecurityMonitoringRuleOptions struct { + // Options for cloud_configuration rules. + ComplianceRuleOptions *CloudConfigurationComplianceRuleOptions `json:"complianceRuleOptions,omitempty"` // If true, signals in non-production environments have a lower severity than what is defined by the rule case, which can reduce signal noise. // The severity is decreased by one level: `CRITICAL` in production becomes `HIGH` in non-production, `HIGH` becomes `MEDIUM` and so on. `INFO` remains `INFO`. // The decrement is applied when the environment tag of the signal starts with `staging`, `test` or `dev`. @@ -53,6 +55,34 @@ func NewSecurityMonitoringRuleOptionsWithDefaults() *SecurityMonitoringRuleOptio return &this } +// GetComplianceRuleOptions returns the ComplianceRuleOptions field value if set, zero value otherwise. +func (o *SecurityMonitoringRuleOptions) GetComplianceRuleOptions() CloudConfigurationComplianceRuleOptions { + if o == nil || o.ComplianceRuleOptions == nil { + var ret CloudConfigurationComplianceRuleOptions + return ret + } + return *o.ComplianceRuleOptions +} + +// GetComplianceRuleOptionsOk returns a tuple with the ComplianceRuleOptions field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *SecurityMonitoringRuleOptions) GetComplianceRuleOptionsOk() (*CloudConfigurationComplianceRuleOptions, bool) { + if o == nil || o.ComplianceRuleOptions == nil { + return nil, false + } + return o.ComplianceRuleOptions, true +} + +// HasComplianceRuleOptions returns a boolean if a field has been set. +func (o *SecurityMonitoringRuleOptions) HasComplianceRuleOptions() bool { + return o != nil && o.ComplianceRuleOptions != nil +} + +// SetComplianceRuleOptions gets a reference to the given CloudConfigurationComplianceRuleOptions and assigns it to the ComplianceRuleOptions field. +func (o *SecurityMonitoringRuleOptions) SetComplianceRuleOptions(v CloudConfigurationComplianceRuleOptions) { + o.ComplianceRuleOptions = &v +} + // GetDecreaseCriticalityBasedOnEnv returns the DecreaseCriticalityBasedOnEnv field value if set, zero value otherwise. func (o *SecurityMonitoringRuleOptions) GetDecreaseCriticalityBasedOnEnv() bool { if o == nil || o.DecreaseCriticalityBasedOnEnv == nil { @@ -283,6 +313,9 @@ func (o SecurityMonitoringRuleOptions) MarshalJSON() ([]byte, error) { if o.UnparsedObject != nil { return json.Marshal(o.UnparsedObject) } + if o.ComplianceRuleOptions != nil { + toSerialize["complianceRuleOptions"] = o.ComplianceRuleOptions + } if o.DecreaseCriticalityBasedOnEnv != nil { toSerialize["decreaseCriticalityBasedOnEnv"] = o.DecreaseCriticalityBasedOnEnv } @@ -318,6 +351,7 @@ func (o SecurityMonitoringRuleOptions) MarshalJSON() ([]byte, error) { func (o *SecurityMonitoringRuleOptions) UnmarshalJSON(bytes []byte) (err error) { raw := map[string]interface{}{} all := struct { + ComplianceRuleOptions *CloudConfigurationComplianceRuleOptions `json:"complianceRuleOptions,omitempty"` DecreaseCriticalityBasedOnEnv *bool `json:"decreaseCriticalityBasedOnEnv,omitempty"` DetectionMethod *SecurityMonitoringRuleDetectionMethod `json:"detectionMethod,omitempty"` EvaluationWindow *SecurityMonitoringRuleEvaluationWindow `json:"evaluationWindow,omitempty"` @@ -376,6 +410,14 @@ func (o *SecurityMonitoringRuleOptions) UnmarshalJSON(bytes []byte) (err error) o.UnparsedObject = raw return nil } + if all.ComplianceRuleOptions != nil && all.ComplianceRuleOptions.UnparsedObject != nil && o.UnparsedObject == nil { + err = json.Unmarshal(bytes, &raw) + if err != nil { + return err + } + o.UnparsedObject = raw + } + o.ComplianceRuleOptions = all.ComplianceRuleOptions o.DecreaseCriticalityBasedOnEnv = all.DecreaseCriticalityBasedOnEnv o.DetectionMethod = all.DetectionMethod o.EvaluationWindow = all.EvaluationWindow diff --git a/api/datadogV2/model_security_monitoring_rule_update_payload.go b/api/datadogV2/model_security_monitoring_rule_update_payload.go index 58fe9c846f4..bd020f332e0 100644 --- a/api/datadogV2/model_security_monitoring_rule_update_payload.go +++ b/api/datadogV2/model_security_monitoring_rule_update_payload.go @@ -12,6 +12,8 @@ import ( type SecurityMonitoringRuleUpdatePayload struct { // Cases for generating signals. Cases []SecurityMonitoringRuleCase `json:"cases,omitempty"` + // How to generate compliance signals. Useful for cloud_configuration rules only. + ComplianceSignalOptions *CloudConfigurationRuleComplianceSignalOptions `json:"complianceSignalOptions,omitempty"` // Additional queries to filter matched events before they are processed. Filters []SecurityMonitoringFilter `json:"filters,omitempty"` // Whether the notifications include the triggering group-by values in their title. @@ -80,6 +82,34 @@ func (o *SecurityMonitoringRuleUpdatePayload) SetCases(v []SecurityMonitoringRul o.Cases = v } +// GetComplianceSignalOptions returns the ComplianceSignalOptions field value if set, zero value otherwise. +func (o *SecurityMonitoringRuleUpdatePayload) GetComplianceSignalOptions() CloudConfigurationRuleComplianceSignalOptions { + if o == nil || o.ComplianceSignalOptions == nil { + var ret CloudConfigurationRuleComplianceSignalOptions + return ret + } + return *o.ComplianceSignalOptions +} + +// GetComplianceSignalOptionsOk returns a tuple with the ComplianceSignalOptions field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *SecurityMonitoringRuleUpdatePayload) GetComplianceSignalOptionsOk() (*CloudConfigurationRuleComplianceSignalOptions, bool) { + if o == nil || o.ComplianceSignalOptions == nil { + return nil, false + } + return o.ComplianceSignalOptions, true +} + +// HasComplianceSignalOptions returns a boolean if a field has been set. +func (o *SecurityMonitoringRuleUpdatePayload) HasComplianceSignalOptions() bool { + return o != nil && o.ComplianceSignalOptions != nil +} + +// SetComplianceSignalOptions gets a reference to the given CloudConfigurationRuleComplianceSignalOptions and assigns it to the ComplianceSignalOptions field. +func (o *SecurityMonitoringRuleUpdatePayload) SetComplianceSignalOptions(v CloudConfigurationRuleComplianceSignalOptions) { + o.ComplianceSignalOptions = &v +} + // GetFilters returns the Filters field value if set, zero value otherwise. func (o *SecurityMonitoringRuleUpdatePayload) GetFilters() []SecurityMonitoringFilter { if o == nil || o.Filters == nil { @@ -341,6 +371,9 @@ func (o SecurityMonitoringRuleUpdatePayload) MarshalJSON() ([]byte, error) { if o.Cases != nil { toSerialize["cases"] = o.Cases } + if o.ComplianceSignalOptions != nil { + toSerialize["complianceSignalOptions"] = o.ComplianceSignalOptions + } if o.Filters != nil { toSerialize["filters"] = o.Filters } @@ -379,16 +412,17 @@ func (o SecurityMonitoringRuleUpdatePayload) MarshalJSON() ([]byte, error) { func (o *SecurityMonitoringRuleUpdatePayload) UnmarshalJSON(bytes []byte) (err error) { raw := map[string]interface{}{} all := struct { - Cases []SecurityMonitoringRuleCase `json:"cases,omitempty"` - Filters []SecurityMonitoringFilter `json:"filters,omitempty"` - HasExtendedTitle *bool `json:"hasExtendedTitle,omitempty"` - IsEnabled *bool `json:"isEnabled,omitempty"` - Message *string `json:"message,omitempty"` - Name *string `json:"name,omitempty"` - Options *SecurityMonitoringRuleOptions `json:"options,omitempty"` - Queries []SecurityMonitoringRuleQuery `json:"queries,omitempty"` - Tags []string `json:"tags,omitempty"` - Version *int32 `json:"version,omitempty"` + Cases []SecurityMonitoringRuleCase `json:"cases,omitempty"` + ComplianceSignalOptions *CloudConfigurationRuleComplianceSignalOptions `json:"complianceSignalOptions,omitempty"` + Filters []SecurityMonitoringFilter `json:"filters,omitempty"` + HasExtendedTitle *bool `json:"hasExtendedTitle,omitempty"` + IsEnabled *bool `json:"isEnabled,omitempty"` + Message *string `json:"message,omitempty"` + Name *string `json:"name,omitempty"` + Options *SecurityMonitoringRuleOptions `json:"options,omitempty"` + Queries []SecurityMonitoringRuleQuery `json:"queries,omitempty"` + Tags []string `json:"tags,omitempty"` + Version *int32 `json:"version,omitempty"` }{} err = json.Unmarshal(bytes, &all) if err != nil { @@ -400,6 +434,14 @@ func (o *SecurityMonitoringRuleUpdatePayload) UnmarshalJSON(bytes []byte) (err e return nil } o.Cases = all.Cases + if all.ComplianceSignalOptions != nil && all.ComplianceSignalOptions.UnparsedObject != nil && o.UnparsedObject == nil { + err = json.Unmarshal(bytes, &raw) + if err != nil { + return err + } + o.UnparsedObject = raw + } + o.ComplianceSignalOptions = all.ComplianceSignalOptions o.Filters = all.Filters o.HasExtendedTitle = all.HasExtendedTitle o.IsEnabled = all.IsEnabled diff --git a/api/datadogV2/model_security_monitoring_standard_rule_response.go b/api/datadogV2/model_security_monitoring_standard_rule_response.go index 3a52fa6a5c1..4171a0024ae 100644 --- a/api/datadogV2/model_security_monitoring_standard_rule_response.go +++ b/api/datadogV2/model_security_monitoring_standard_rule_response.go @@ -12,6 +12,8 @@ import ( type SecurityMonitoringStandardRuleResponse struct { // Cases for generating signals. Cases []SecurityMonitoringRuleCase `json:"cases,omitempty"` + // How to generate compliance signals. Useful for cloud_configuration rules only. + ComplianceSignalOptions *CloudConfigurationRuleComplianceSignalOptions `json:"complianceSignalOptions,omitempty"` // When the rule was created, timestamp in milliseconds. CreatedAt *int64 `json:"createdAt,omitempty"` // User ID of the user who created the rule. @@ -94,6 +96,34 @@ func (o *SecurityMonitoringStandardRuleResponse) SetCases(v []SecurityMonitoring o.Cases = v } +// GetComplianceSignalOptions returns the ComplianceSignalOptions field value if set, zero value otherwise. +func (o *SecurityMonitoringStandardRuleResponse) GetComplianceSignalOptions() CloudConfigurationRuleComplianceSignalOptions { + if o == nil || o.ComplianceSignalOptions == nil { + var ret CloudConfigurationRuleComplianceSignalOptions + return ret + } + return *o.ComplianceSignalOptions +} + +// GetComplianceSignalOptionsOk returns a tuple with the ComplianceSignalOptions field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *SecurityMonitoringStandardRuleResponse) GetComplianceSignalOptionsOk() (*CloudConfigurationRuleComplianceSignalOptions, bool) { + if o == nil || o.ComplianceSignalOptions == nil { + return nil, false + } + return o.ComplianceSignalOptions, true +} + +// HasComplianceSignalOptions returns a boolean if a field has been set. +func (o *SecurityMonitoringStandardRuleResponse) HasComplianceSignalOptions() bool { + return o != nil && o.ComplianceSignalOptions != nil +} + +// SetComplianceSignalOptions gets a reference to the given CloudConfigurationRuleComplianceSignalOptions and assigns it to the ComplianceSignalOptions field. +func (o *SecurityMonitoringStandardRuleResponse) SetComplianceSignalOptions(v CloudConfigurationRuleComplianceSignalOptions) { + o.ComplianceSignalOptions = &v +} + // GetCreatedAt returns the CreatedAt field value if set, zero value otherwise. func (o *SecurityMonitoringStandardRuleResponse) GetCreatedAt() int64 { if o == nil || o.CreatedAt == nil { @@ -551,6 +581,9 @@ func (o SecurityMonitoringStandardRuleResponse) MarshalJSON() ([]byte, error) { if o.Cases != nil { toSerialize["cases"] = o.Cases } + if o.ComplianceSignalOptions != nil { + toSerialize["complianceSignalOptions"] = o.ComplianceSignalOptions + } if o.CreatedAt != nil { toSerialize["createdAt"] = o.CreatedAt } @@ -610,23 +643,24 @@ func (o SecurityMonitoringStandardRuleResponse) MarshalJSON() ([]byte, error) { func (o *SecurityMonitoringStandardRuleResponse) UnmarshalJSON(bytes []byte) (err error) { raw := map[string]interface{}{} all := struct { - Cases []SecurityMonitoringRuleCase `json:"cases,omitempty"` - CreatedAt *int64 `json:"createdAt,omitempty"` - CreationAuthorId *int64 `json:"creationAuthorId,omitempty"` - Filters []SecurityMonitoringFilter `json:"filters,omitempty"` - HasExtendedTitle *bool `json:"hasExtendedTitle,omitempty"` - Id *string `json:"id,omitempty"` - IsDefault *bool `json:"isDefault,omitempty"` - IsDeleted *bool `json:"isDeleted,omitempty"` - IsEnabled *bool `json:"isEnabled,omitempty"` - Message *string `json:"message,omitempty"` - Name *string `json:"name,omitempty"` - Options *SecurityMonitoringRuleOptions `json:"options,omitempty"` - Queries []SecurityMonitoringStandardRuleQuery `json:"queries,omitempty"` - Tags []string `json:"tags,omitempty"` - Type *SecurityMonitoringRuleTypeRead `json:"type,omitempty"` - UpdateAuthorId *int64 `json:"updateAuthorId,omitempty"` - Version *int64 `json:"version,omitempty"` + Cases []SecurityMonitoringRuleCase `json:"cases,omitempty"` + ComplianceSignalOptions *CloudConfigurationRuleComplianceSignalOptions `json:"complianceSignalOptions,omitempty"` + CreatedAt *int64 `json:"createdAt,omitempty"` + CreationAuthorId *int64 `json:"creationAuthorId,omitempty"` + Filters []SecurityMonitoringFilter `json:"filters,omitempty"` + HasExtendedTitle *bool `json:"hasExtendedTitle,omitempty"` + Id *string `json:"id,omitempty"` + IsDefault *bool `json:"isDefault,omitempty"` + IsDeleted *bool `json:"isDeleted,omitempty"` + IsEnabled *bool `json:"isEnabled,omitempty"` + Message *string `json:"message,omitempty"` + Name *string `json:"name,omitempty"` + Options *SecurityMonitoringRuleOptions `json:"options,omitempty"` + Queries []SecurityMonitoringStandardRuleQuery `json:"queries,omitempty"` + Tags []string `json:"tags,omitempty"` + Type *SecurityMonitoringRuleTypeRead `json:"type,omitempty"` + UpdateAuthorId *int64 `json:"updateAuthorId,omitempty"` + Version *int64 `json:"version,omitempty"` }{} err = json.Unmarshal(bytes, &all) if err != nil { @@ -646,6 +680,14 @@ func (o *SecurityMonitoringStandardRuleResponse) UnmarshalJSON(bytes []byte) (er return nil } o.Cases = all.Cases + if all.ComplianceSignalOptions != nil && all.ComplianceSignalOptions.UnparsedObject != nil && o.UnparsedObject == nil { + err = json.Unmarshal(bytes, &raw) + if err != nil { + return err + } + o.UnparsedObject = raw + } + o.ComplianceSignalOptions = all.ComplianceSignalOptions o.CreatedAt = all.CreatedAt o.CreationAuthorId = all.CreationAuthorId o.Filters = all.Filters diff --git a/examples/v2/security-monitoring/CreateSecurityMonitoringRule_1092490364.go b/examples/v2/security-monitoring/CreateSecurityMonitoringRule_1092490364.go new file mode 100644 index 00000000000..a8cde715c75 --- /dev/null +++ b/examples/v2/security-monitoring/CreateSecurityMonitoringRule_1092490364.go @@ -0,0 +1,65 @@ +// Create a cloud_configuration rule returns "OK" response + +package main + +import ( + "context" + "encoding/json" + "fmt" + "os" + + "github.com/DataDog/datadog-api-client-go/v2/api/datadog" + "github.com/DataDog/datadog-api-client-go/v2/api/datadogV2" +) + +func main() { + body := datadogV2.SecurityMonitoringRuleCreatePayload{ + CloudConfigurationRuleCreatePayload: &datadogV2.CloudConfigurationRuleCreatePayload{ + Type: datadogV2.CLOUDCONFIGURATIONRULETYPE_CLOUD_CONFIGURATION.Ptr(), + Name: "Example-Create_a_cloud_configuration_rule_returns_OK_response_cloud", + IsEnabled: false, + Cases: []datadogV2.CloudConfigurationRuleCaseCreate{ + { + Status: datadogV2.SECURITYMONITORINGRULESEVERITY_INFO, + Notifications: []string{ + "channel", + }, + }, + }, + Options: datadogV2.CloudConfigurationRuleOptions{ + ComplianceRuleOptions: datadogV2.CloudConfigurationComplianceRuleOptions{ + ComplexRule: datadog.PtrBool(false), + RegoRule: datadogV2.CloudConfigurationRegoRule{ + Policy: `package datadog +`, + ResourceTypes: []string{ + "gcp_compute_disk", + }, + }, + }, + }, + Message: "ddd", + Tags: []string{ + "my:tag", + }, + ComplianceSignalOptions: datadogV2.CloudConfigurationRuleComplianceSignalOptions{ + UserActivationStatus: datadog.PtrBool(true), + UserGroupByFields: []string{ + "@account_id", + }, + }, + }} + ctx := datadog.NewDefaultContext(context.Background()) + configuration := datadog.NewConfiguration() + apiClient := datadog.NewAPIClient(configuration) + api := datadogV2.NewSecurityMonitoringApi(apiClient) + resp, r, err := api.CreateSecurityMonitoringRule(ctx, body) + + if err != nil { + fmt.Fprintf(os.Stderr, "Error when calling `SecurityMonitoringApi.CreateSecurityMonitoringRule`: %v\n", err) + fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) + } + + responseContent, _ := json.MarshalIndent(resp, "", " ") + fmt.Fprintf(os.Stdout, "Response from `SecurityMonitoringApi.CreateSecurityMonitoringRule`:\n%s\n", responseContent) +} diff --git a/examples/v2/security-monitoring/GetSecurityMonitoringRule_3370522281.go b/examples/v2/security-monitoring/GetSecurityMonitoringRule_3370522281.go new file mode 100644 index 00000000000..a702f208503 --- /dev/null +++ b/examples/v2/security-monitoring/GetSecurityMonitoringRule_3370522281.go @@ -0,0 +1,32 @@ +// Get a cloud configuration rule's details returns "OK" response + +package main + +import ( + "context" + "encoding/json" + "fmt" + "os" + + "github.com/DataDog/datadog-api-client-go/v2/api/datadog" + "github.com/DataDog/datadog-api-client-go/v2/api/datadogV2" +) + +func main() { + // there is a valid "cloud_configuration_rule" in the system + CloudConfigurationRuleID := os.Getenv("CLOUD_CONFIGURATION_RULE_ID") + + ctx := datadog.NewDefaultContext(context.Background()) + configuration := datadog.NewConfiguration() + apiClient := datadog.NewAPIClient(configuration) + api := datadogV2.NewSecurityMonitoringApi(apiClient) + resp, r, err := api.GetSecurityMonitoringRule(ctx, CloudConfigurationRuleID) + + if err != nil { + fmt.Fprintf(os.Stderr, "Error when calling `SecurityMonitoringApi.GetSecurityMonitoringRule`: %v\n", err) + fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) + } + + responseContent, _ := json.MarshalIndent(resp, "", " ") + fmt.Fprintf(os.Stdout, "Response from `SecurityMonitoringApi.GetSecurityMonitoringRule`:\n%s\n", responseContent) +} diff --git a/examples/v2/security-monitoring/UpdateSecurityMonitoringRule_428087276.go b/examples/v2/security-monitoring/UpdateSecurityMonitoringRule_428087276.go new file mode 100644 index 00000000000..9e9d24f1584 --- /dev/null +++ b/examples/v2/security-monitoring/UpdateSecurityMonitoringRule_428087276.go @@ -0,0 +1,59 @@ +// Update a cloud configuration rule's details returns "OK" response + +package main + +import ( + "context" + "encoding/json" + "fmt" + "os" + + "github.com/DataDog/datadog-api-client-go/v2/api/datadog" + "github.com/DataDog/datadog-api-client-go/v2/api/datadogV2" +) + +func main() { + // there is a valid "cloud_configuration_rule" in the system + CloudConfigurationRuleID := os.Getenv("CLOUD_CONFIGURATION_RULE_ID") + + body := datadogV2.SecurityMonitoringRuleUpdatePayload{ + Name: datadog.PtrString("Example-Update_a_cloud_configuration_rule_s_details_returns_OK_response_cloud_updated"), + IsEnabled: datadog.PtrBool(false), + Cases: []datadogV2.SecurityMonitoringRuleCase{ + { + Status: datadogV2.SECURITYMONITORINGRULESEVERITY_INFO.Ptr(), + Notifications: []string{}, + }, + }, + Options: &datadogV2.SecurityMonitoringRuleOptions{ + ComplianceRuleOptions: &datadogV2.CloudConfigurationComplianceRuleOptions{ + RegoRule: datadogV2.CloudConfigurationRegoRule{ + Policy: `package datadog +`, + ResourceTypes: []string{ + "gcp_compute_disk", + }, + }, + }, + }, + Message: datadog.PtrString("ddd"), + Tags: []string{}, + ComplianceSignalOptions: &datadogV2.CloudConfigurationRuleComplianceSignalOptions{ + UserActivationStatus: datadog.PtrBool(false), + UserGroupByFields: []string{}, + }, + } + ctx := datadog.NewDefaultContext(context.Background()) + configuration := datadog.NewConfiguration() + apiClient := datadog.NewAPIClient(configuration) + api := datadogV2.NewSecurityMonitoringApi(apiClient) + resp, r, err := api.UpdateSecurityMonitoringRule(ctx, CloudConfigurationRuleID, body) + + if err != nil { + fmt.Fprintf(os.Stderr, "Error when calling `SecurityMonitoringApi.UpdateSecurityMonitoringRule`: %v\n", err) + fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) + } + + responseContent, _ := json.MarshalIndent(resp, "", " ") + fmt.Fprintf(os.Stdout, "Response from `SecurityMonitoringApi.UpdateSecurityMonitoringRule`:\n%s\n", responseContent) +} diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_cloud_configuration_rule_returns_OK_response.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_cloud_configuration_rule_returns_OK_response.freeze new file mode 100644 index 00000000000..3d0e67fa15d --- /dev/null +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_cloud_configuration_rule_returns_OK_response.freeze @@ -0,0 +1 @@ +2022-12-14T08:46:48.145Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_cloud_configuration_rule_returns_OK_response.yaml b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_cloud_configuration_rule_returns_OK_response.yaml new file mode 100644 index 00000000000..40dac8f1f04 --- /dev/null +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Create_a_cloud_configuration_rule_returns_OK_response.yaml @@ -0,0 +1,39 @@ +interactions: +- request: + body: | + {"cases":[{"notifications":["channel"],"status":"info"}],"complianceSignalOptions":{"userActivationStatus":true,"userGroupByFields":["@account_id"]},"isEnabled":false,"message":"ddd","name":"Test-Create_a_cloud_configuration_rule_returns_OK_response-1671007608_cloud","options":{"complianceRuleOptions":{"complexRule":false,"regoRule":{"policy":"package datadog\n","resourceTypes":["gcp_compute_disk"]}}},"tags":["my:tag"],"type":"cloud_configuration"} + form: {} + headers: + Accept: + - application/json + Content-Type: + - application/json + method: POST + url: https://api.datadoghq.com/api/v2/security_monitoring/rules + response: + body: '{"creationAuthorId":1445416,"tags":["my:tag"],"type":"cloud_configuration","isEnabled":false,"hasExtendedTitle":true,"message":"ddd","options":{"detectionMethod":"threshold","evaluationWindow":7200,"maxSignalDuration":86400,"complianceRuleOptions":{"regoRule":{"policy":"package + datadog\n","resourceTypes":["gcp_compute_disk"]},"complexRule":false},"keepAlive":21600},"version":1,"createdAt":1671007608778,"filters":[],"queries":[{"query":"resource_type:gcp_compute_disk","groupByFields":["resource_type","resource_id"],"aggregation":"count","name":"a","distinctFields":[]}],"isDeleted":false,"complianceSignalOptions":{"defaultActivationStatus":null,"userActivationStatus":true,"defaultGroupByFields":null,"userGroupByFields":["@account_id"]},"cases":[{"status":"info","notifications":["channel"],"name":"","condition":"a + > 0"}],"id":"azn-bwu-qdq","isDefault":false,"name":"Test-Create_a_cloud_configuration_rule_returns_OK_response-1671007608_cloud"} + + ' + code: 200 + duration: '' + headers: + Content-Type: + - application/json + status: 200 OK +- request: + body: '' + form: {} + headers: + Accept: + - '*/*' + method: DELETE + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/azn-bwu-qdq + response: + body: '' + code: 204 + duration: '' + headers: {} + status: 204 No Content +version: 1 diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_cloud_configuration_rules_details_returns_OK_response.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_cloud_configuration_rules_details_returns_OK_response.freeze new file mode 100644 index 00000000000..84da67a3e43 --- /dev/null +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_cloud_configuration_rules_details_returns_OK_response.freeze @@ -0,0 +1 @@ +2022-12-14T08:46:49.009Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_cloud_configuration_rules_details_returns_OK_response.yaml b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_cloud_configuration_rules_details_returns_OK_response.yaml new file mode 100644 index 00000000000..e3fcbbfaeb2 --- /dev/null +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Get_a_cloud_configuration_rules_details_returns_OK_response.yaml @@ -0,0 +1,61 @@ +interactions: +- request: + body: | + {"cases":[{"notifications":["channel"],"status":"info"}],"complianceSignalOptions":{"userActivationStatus":true,"userGroupByFields":["@account_id"]},"isEnabled":false,"message":"Cloud configuration rule","name":"Test-Get_a_cloud_configuration_rule_s_details_returns_OK_response-1671007609_cloud","options":{"complianceRuleOptions":{"complexRule":false,"regoRule":{"policy":"package datadog\n","resourceTypes":["gcp_compute_disk"]}}},"tags":["a:tag"],"type":"cloud_configuration"} + form: {} + headers: + Accept: + - application/json + Content-Type: + - application/json + method: POST + url: https://api.datadoghq.com/api/v2/security_monitoring/rules + response: + body: '{"creationAuthorId":1445416,"tags":["a:tag"],"type":"cloud_configuration","isEnabled":false,"hasExtendedTitle":true,"message":"Cloud + configuration rule","options":{"detectionMethod":"threshold","evaluationWindow":7200,"maxSignalDuration":86400,"complianceRuleOptions":{"regoRule":{"policy":"package + datadog\n","resourceTypes":["gcp_compute_disk"]},"complexRule":false},"keepAlive":21600},"version":1,"createdAt":1671007609108,"filters":[],"queries":[{"query":"resource_type:gcp_compute_disk","groupByFields":["resource_type","resource_id"],"aggregation":"count","name":"a","distinctFields":[]}],"isDeleted":false,"complianceSignalOptions":{"defaultActivationStatus":null,"userActivationStatus":true,"defaultGroupByFields":null,"userGroupByFields":["@account_id"]},"cases":[{"status":"info","notifications":["channel"],"name":"","condition":"a + > 0"}],"id":"jxe-vmy-pef","isDefault":false,"name":"Test-Get_a_cloud_configuration_rule_s_details_returns_OK_response-1671007609_cloud"} + + ' + code: 200 + duration: '' + headers: + Content-Type: + - application/json + status: 200 OK +- request: + body: '' + form: {} + headers: + Accept: + - application/json + method: GET + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/jxe-vmy-pef + response: + body: '{"creationAuthorId":1445416,"tags":["a:tag"],"type":"cloud_configuration","isEnabled":false,"hasExtendedTitle":true,"message":"Cloud + configuration rule","options":{"detectionMethod":"threshold","evaluationWindow":7200,"maxSignalDuration":86400,"complianceRuleOptions":{"regoRule":{"policy":"package + datadog\n","resourceTypes":["gcp_compute_disk"]},"complexRule":false},"keepAlive":21600},"version":1,"createdAt":1671007609108,"filters":[],"queries":[{"query":"resource_type:gcp_compute_disk","groupByFields":["resource_type","resource_id"],"aggregation":"count","name":"a","distinctFields":[]}],"isDeleted":false,"complianceSignalOptions":{"defaultActivationStatus":null,"userActivationStatus":true,"defaultGroupByFields":null,"userGroupByFields":["@account_id"]},"cases":[{"status":"info","notifications":["channel"],"name":"","condition":"a + > 0"}],"id":"jxe-vmy-pef","isDefault":false,"name":"Test-Get_a_cloud_configuration_rule_s_details_returns_OK_response-1671007609_cloud"} + + ' + code: 200 + duration: '' + headers: + Content-Type: + - application/json + status: 200 OK +- request: + body: '' + form: {} + headers: + Accept: + - '*/*' + method: DELETE + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/jxe-vmy-pef + response: + body: '' + code: 204 + duration: '' + headers: {} + status: 204 No Content +version: 1 diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Update_a_cloud_configuration_rules_details_returns_OK_response.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Update_a_cloud_configuration_rules_details_returns_OK_response.freeze new file mode 100644 index 00000000000..7e6aef0bf4d --- /dev/null +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Update_a_cloud_configuration_rules_details_returns_OK_response.freeze @@ -0,0 +1 @@ +2022-12-14T08:46:49.424Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Update_a_cloud_configuration_rules_details_returns_OK_response.yaml b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Update_a_cloud_configuration_rules_details_returns_OK_response.yaml new file mode 100644 index 00000000000..2c1f06b9764 --- /dev/null +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_Security_Monitoring/Scenario_Update_a_cloud_configuration_rules_details_returns_OK_response.yaml @@ -0,0 +1,63 @@ +interactions: +- request: + body: | + {"cases":[{"notifications":["channel"],"status":"info"}],"complianceSignalOptions":{"userActivationStatus":true,"userGroupByFields":["@account_id"]},"isEnabled":false,"message":"Cloud configuration rule","name":"Test-Update_a_cloud_configuration_rule_s_details_returns_OK_response-1671007609_cloud","options":{"complianceRuleOptions":{"complexRule":false,"regoRule":{"policy":"package datadog\n","resourceTypes":["gcp_compute_disk"]}}},"tags":["a:tag"],"type":"cloud_configuration"} + form: {} + headers: + Accept: + - application/json + Content-Type: + - application/json + method: POST + url: https://api.datadoghq.com/api/v2/security_monitoring/rules + response: + body: '{"creationAuthorId":1445416,"tags":["a:tag"],"type":"cloud_configuration","isEnabled":false,"hasExtendedTitle":true,"message":"Cloud + configuration rule","options":{"detectionMethod":"threshold","evaluationWindow":7200,"maxSignalDuration":86400,"complianceRuleOptions":{"regoRule":{"policy":"package + datadog\n","resourceTypes":["gcp_compute_disk"]},"complexRule":false},"keepAlive":21600},"version":1,"createdAt":1671007609528,"filters":[],"queries":[{"query":"resource_type:gcp_compute_disk","groupByFields":["resource_type","resource_id"],"aggregation":"count","name":"a","distinctFields":[]}],"isDeleted":false,"complianceSignalOptions":{"defaultActivationStatus":null,"userActivationStatus":true,"defaultGroupByFields":null,"userGroupByFields":["@account_id"]},"cases":[{"status":"info","notifications":["channel"],"name":"","condition":"a + > 0"}],"id":"kuz-yjz-o3n","isDefault":false,"name":"Test-Update_a_cloud_configuration_rule_s_details_returns_OK_response-1671007609_cloud"} + + ' + code: 200 + duration: '' + headers: + Content-Type: + - application/json + status: 200 OK +- request: + body: | + {"cases":[{"notifications":[],"status":"info"}],"complianceSignalOptions":{"userActivationStatus":false,"userGroupByFields":[]},"isEnabled":false,"message":"ddd","name":"Test-Update_a_cloud_configuration_rule_s_details_returns_OK_response-1671007609_cloud_updated","options":{"complianceRuleOptions":{"regoRule":{"policy":"package datadog\n","resourceTypes":["gcp_compute_disk"]}}},"tags":[]} + form: {} + headers: + Accept: + - application/json + Content-Type: + - application/json + method: PUT + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/kuz-yjz-o3n + response: + body: '{"updateAuthorId":1445416,"creationAuthorId":1445416,"tags":[],"type":"cloud_configuration","isEnabled":false,"hasExtendedTitle":true,"message":"ddd","options":{"detectionMethod":"threshold","evaluationWindow":7200,"maxSignalDuration":86400,"complianceRuleOptions":{"regoRule":{"policy":"package + datadog\n","resourceTypes":["gcp_compute_disk"]},"complexRule":false},"keepAlive":21600},"version":2,"isDefault":false,"filters":[],"queries":[{"query":"resource_type:gcp_compute_disk","groupByFields":["resource_type","resource_id"],"aggregation":"count","name":"a","distinctFields":[]}],"isDeleted":false,"complianceSignalOptions":{"defaultActivationStatus":null,"userActivationStatus":false,"defaultGroupByFields":null,"userGroupByFields":[]},"cases":[{"status":"info","notifications":[],"name":"","condition":"a + > 0"}],"id":"kuz-yjz-o3n","createdAt":1671007609528,"name":"Test-Update_a_cloud_configuration_rule_s_details_returns_OK_response-1671007609_cloud_updated"} + + ' + code: 200 + duration: '' + headers: + Content-Type: + - application/json + status: 200 OK +- request: + body: '' + form: {} + headers: + Accept: + - '*/*' + method: DELETE + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/kuz-yjz-o3n + response: + body: '' + code: 204 + duration: '' + headers: {} + status: 204 No Content +version: 1 diff --git a/tests/scenarios/features/v2/given.json b/tests/scenarios/features/v2/given.json index e586addfc0b..773a352653c 100644 --- a/tests/scenarios/features/v2/given.json +++ b/tests/scenarios/features/v2/given.json @@ -246,6 +246,18 @@ "tag": "Security Monitoring", "operationId": "CreateSecurityFilter" }, + { + "parameters": [ + { + "name": "body", + "value": "{\n \"name\": \"{{ unique }}_cloud\",\n \"tags\": [\"a:tag\"],\n \"type\": \"cloud_configuration\",\n \"isEnabled\": false,\n \"message\": \"Cloud configuration rule\",\n \"options\": {\n \"complianceRuleOptions\": {\n \"regoRule\": {\n \"policy\": \"package datadog\\n\",\n \"resourceTypes\": [\n \"gcp_compute_disk\"\n ]\n },\n \"complexRule\": false\n }\n },\n \"complianceSignalOptions\": {\n \"userActivationStatus\": true,\n \"userGroupByFields\": [\"@account_id\"]\n },\n \"cases\": [\n {\n \"status\": \"info\",\n \"notifications\": [\"channel\"]\n }\n ]\n}" + } + ], + "step": "there is a valid \"cloud_configuration_rule\" in the system", + "key": "cloud_configuration_rule", + "tag": "Security Monitoring", + "operationId": "CreateSecurityMonitoringRule" + }, { "parameters": [ { diff --git a/tests/scenarios/features/v2/security_monitoring.feature b/tests/scenarios/features/v2/security_monitoring.feature index 610993cdfac..a803401ae16 100644 --- a/tests/scenarios/features/v2/security_monitoring.feature +++ b/tests/scenarios/features/v2/security_monitoring.feature @@ -55,6 +55,13 @@ Feature: Security Monitoring When the request is sent Then the response status is 200 OK + @team:DataDog/k9-cloud-security-platform + Scenario: Create a cloud_configuration rule returns "OK" response + Given new "CreateSecurityMonitoringRule" request + And body with value {"type":"cloud_configuration","name":"{{ unique }}_cloud","isEnabled":false,"cases":[{"status":"info","notifications":["channel"]}],"options":{"complianceRuleOptions":{"complexRule": false,"regoRule":{"policy":"package datadog\n","resourceTypes":["gcp_compute_disk"]}}},"message":"ddd","tags":["my:tag"],"complianceSignalOptions":{"userActivationStatus":true,"userGroupByFields":["@account_id"]}} + When the request is sent + Then the response status is 200 OK + @team:DataDog/k9-cloud-security-platform Scenario: Create a detection rule returns "Bad Request" response Given new "CreateSecurityMonitoringRule" request @@ -157,6 +164,16 @@ Feature: Security Monitoring When the request is sent Then the response status is 204 OK + @team:DataDog/k9-cloud-security-platform + Scenario: Get a cloud configuration rule's details returns "OK" response + Given there is a valid "cloud_configuration_rule" in the system + And new "GetSecurityMonitoringRule" request + And request contains "rule_id" parameter from "cloud_configuration_rule.id" + When the request is sent + Then the response status is 200 OK + And the response "name" is equal to "{{ unique }}_cloud" + And the response "id" has the same value as "cloud_configuration_rule.id" + @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Get a list of security signals returns "Bad Request" response Given new "SearchSecurityMonitoringSignals" request @@ -287,6 +304,17 @@ Feature: Security Monitoring When the request is sent Then the response status is 200 OK + @team:DataDog/k9-cloud-security-platform + Scenario: Update a cloud configuration rule's details returns "OK" response + Given new "UpdateSecurityMonitoringRule" request + And there is a valid "cloud_configuration_rule" in the system + And request contains "rule_id" parameter from "cloud_configuration_rule.id" + And body with value {"name":"{{ unique }}_cloud_updated","isEnabled":false,"cases":[{"status":"info","notifications":[]}],"options":{"complianceRuleOptions":{"regoRule":{"policy":"package datadog\n","resourceTypes":["gcp_compute_disk"]}}},"message":"ddd","tags":[],"complianceSignalOptions":{"userActivationStatus":false,"userGroupByFields":[]}} + When the request is sent + Then the response status is 200 OK + And the response "name" is equal to "{{ unique }}_cloud_updated" + And the response "id" has the same value as "cloud_configuration_rule.id" + @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Update a security filter returns "Bad Request" response Given new "UpdateSecurityFilter" request