From 46208815790b27d9081d5ca4a5acfb677f4f93be Mon Sep 17 00:00:00 2001 From: "ci.datadog-api-spec" Date: Thu, 14 Dec 2023 17:13:32 +0000 Subject: [PATCH] Regenerate client from commit fd0b0fcb of spec repo --- .apigentools-info | 8 +-- .generator/schemas/v1/openapi.yaml | 17 +++++- .generator/schemas/v2/openapi.yaml | 16 ++++- .../gcp-integration/CreateGCPIntegration.py | 2 + .../gcp-integration/DeleteGCPIntegration.py | 2 + .../gcp-integration/UpdateGCPIntegration.py | 2 + .../CreateGCPSTSAccount_130557025.py | 28 +++++++++ .../CreateGCPSTSAccount_2597004741.py | 28 +++++++++ .../CreateGCPSTSAccount_4235664992.py | 28 +++++++++ .../UpdateGCPSTSAccount_3205636354.py | 32 ++++++++++ .../v1/model/gcp_account.py | 18 +++++- .../gcpsts_service_account_attributes.py | 18 +++++- tests/v1/features/gcp_integration.feature | 28 ++++----- ...th_cspm_enabled_returns_ok_response.frozen | 1 + ...with_cspm_enabled_returns_ok_response.yaml | 38 ++++++++++++ ...nabled_returns_bad_request_response.frozen | 1 + ..._enabled_returns_bad_request_response.yaml | 20 +++++++ ...lection_enabled_returns_ok_response.frozen | 1 + ...ollection_enabled_returns_ok_response.yaml | 38 ++++++++++++ ..._center_enabled_returns_ok_response.frozen | 1 + ...nd_center_enabled_returns_ok_response.yaml | 38 ++++++++++++ ...nable_resource_collection_turned_on.frozen | 1 + ..._enable_resource_collection_turned_on.yaml | 58 +++++++++++++++++++ tests/v2/features/gcp_integration.feature | 54 +++++++++++++++-- 24 files changed, 450 insertions(+), 28 deletions(-) create mode 100644 examples/v2/gcp-integration/CreateGCPSTSAccount_130557025.py create mode 100644 examples/v2/gcp-integration/CreateGCPSTSAccount_2597004741.py create mode 100644 examples/v2/gcp-integration/CreateGCPSTSAccount_4235664992.py create mode 100644 examples/v2/gcp-integration/UpdateGCPSTSAccount_3205636354.py create mode 100644 tests/v2/cassettes/test_scenarios/test_create_a_new_entry_for_your_service_account_with_cspm_enabled_returns_ok_response.frozen create mode 100644 tests/v2/cassettes/test_scenarios/test_create_a_new_entry_for_your_service_account_with_cspm_enabled_returns_ok_response.yaml create mode 100644 tests/v2/cassettes/test_scenarios/test_create_a_new_entry_for_your_service_account_with_resource_collection_enabled_disabled_and_cspm_enabled_returns_bad_request_response.frozen create mode 100644 tests/v2/cassettes/test_scenarios/test_create_a_new_entry_for_your_service_account_with_resource_collection_enabled_disabled_and_cspm_enabled_returns_bad_request_response.yaml create mode 100644 tests/v2/cassettes/test_scenarios/test_create_a_new_entry_for_your_service_account_with_resource_collection_enabled_returns_ok_response.frozen create mode 100644 tests/v2/cassettes/test_scenarios/test_create_a_new_entry_for_your_service_account_with_resource_collection_enabled_returns_ok_response.yaml create mode 100644 tests/v2/cassettes/test_scenarios/test_create_a_new_entry_for_your_service_account_with_security_command_center_enabled_returns_ok_response.frozen create mode 100644 tests/v2/cassettes/test_scenarios/test_create_a_new_entry_for_your_service_account_with_security_command_center_enabled_returns_ok_response.yaml create mode 100644 tests/v2/cassettes/test_scenarios/test_update_sts_service_account_returns_ok_response_with_enable_resource_collection_turned_on.frozen create mode 100644 tests/v2/cassettes/test_scenarios/test_update_sts_service_account_returns_ok_response_with_enable_resource_collection_turned_on.yaml diff --git a/.apigentools-info b/.apigentools-info index 732efe0ebe..a302b9a747 100644 --- a/.apigentools-info +++ b/.apigentools-info @@ -4,13 +4,13 @@ "spec_versions": { "v1": { "apigentools_version": "1.6.6", - "regenerated": "2023-12-14 10:49:25.707098", - "spec_repo_commit": "43a99a56" + "regenerated": "2023-12-14 17:13:00.567226", + "spec_repo_commit": "fd0b0fcb" }, "v2": { "apigentools_version": "1.6.6", - "regenerated": "2023-12-14 10:49:25.793558", - "spec_repo_commit": "43a99a56" + "regenerated": "2023-12-14 17:13:00.585680", + "spec_repo_commit": "fd0b0fcb" } } } \ No newline at end of file diff --git a/.generator/schemas/v1/openapi.yaml b/.generator/schemas/v1/openapi.yaml index 6bea54e183..1a4826c477 100644 --- a/.generator/schemas/v1/openapi.yaml +++ b/.generator/schemas/v1/openapi.yaml @@ -3212,8 +3212,16 @@ components: type: string is_cspm_enabled: default: false - description: When enabled, Datadog performs configuration checks across - your Google Cloud environment by continuously scanning every resource. + description: 'When enabled, Datadog will activate the Cloud Security Monitoring + product for this service account. Note: This requires resource_collection_enabled + to be set to true.' + example: true + type: boolean + is_security_command_center_enabled: + default: false + description: 'When enabled, Datadog will attempt to collect Security Command + Center Findings. Note: This requires additional permissions on the service + account.' example: true type: boolean private_key: @@ -3229,6 +3237,11 @@ components: key. example: datadog-apitest type: string + resource_collection_enabled: + default: false + description: When enabled, Datadog scans for all resources in your GCP environment. + example: true + type: boolean token_uri: description: Should be `https://accounts.google.com/o/oauth2/token`. example: https://accounts.google.com/o/oauth2/token diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index db6ac7f96c..cc1d67ddf3 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -6393,8 +6393,20 @@ components: type: string type: array is_cspm_enabled: - description: When enabled, Datadog performs configuration checks across - your Google Cloud environment by continuously scanning every resource. + description: 'When enabled, Datadog will activate the Cloud Security Monitoring + product for this service account. Note: This requires resource_collection_enabled + to be set to true.' + type: boolean + is_security_command_center_enabled: + default: false + description: 'When enabled, Datadog will attempt to collect Security Command + Center Findings. Note: This requires additional permissions on the service + account.' + example: true + type: boolean + resource_collection_enabled: + default: false + description: When enabled, Datadog scans for all resources in your GCP environment. type: boolean type: object GCPSTSServiceAccountCreateRequest: diff --git a/examples/v1/gcp-integration/CreateGCPIntegration.py b/examples/v1/gcp-integration/CreateGCPIntegration.py index 138ee4b78d..d72cde916a 100644 --- a/examples/v1/gcp-integration/CreateGCPIntegration.py +++ b/examples/v1/gcp-integration/CreateGCPIntegration.py @@ -17,9 +17,11 @@ ], host_filters="key:value,filter:example", is_cspm_enabled=True, + is_security_command_center_enabled=True, private_key="private_key", private_key_id="123456789abcdefghi123456789abcdefghijklm", project_id="datadog-apitest", + resource_collection_enabled=True, token_uri="https://accounts.google.com/o/oauth2/token", type="service_account", ) diff --git a/examples/v1/gcp-integration/DeleteGCPIntegration.py b/examples/v1/gcp-integration/DeleteGCPIntegration.py index 3aea34e40d..a7a5ee90dc 100644 --- a/examples/v1/gcp-integration/DeleteGCPIntegration.py +++ b/examples/v1/gcp-integration/DeleteGCPIntegration.py @@ -17,9 +17,11 @@ ], host_filters="key:value,filter:example", is_cspm_enabled=True, + is_security_command_center_enabled=True, private_key="private_key", private_key_id="123456789abcdefghi123456789abcdefghijklm", project_id="datadog-apitest", + resource_collection_enabled=True, token_uri="https://accounts.google.com/o/oauth2/token", type="service_account", ) diff --git a/examples/v1/gcp-integration/UpdateGCPIntegration.py b/examples/v1/gcp-integration/UpdateGCPIntegration.py index 5c6b21ddde..8685b1c3c7 100644 --- a/examples/v1/gcp-integration/UpdateGCPIntegration.py +++ b/examples/v1/gcp-integration/UpdateGCPIntegration.py @@ -17,9 +17,11 @@ ], host_filters="key:value,filter:example", is_cspm_enabled=True, + is_security_command_center_enabled=True, private_key="private_key", private_key_id="123456789abcdefghi123456789abcdefghijklm", project_id="datadog-apitest", + resource_collection_enabled=True, token_uri="https://accounts.google.com/o/oauth2/token", type="service_account", ) diff --git a/examples/v2/gcp-integration/CreateGCPSTSAccount_130557025.py b/examples/v2/gcp-integration/CreateGCPSTSAccount_130557025.py new file mode 100644 index 0000000000..231497330e --- /dev/null +++ b/examples/v2/gcp-integration/CreateGCPSTSAccount_130557025.py @@ -0,0 +1,28 @@ +""" +Create a new entry for your service account with resource collection enabled returns "OK" response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.gcp_integration_api import GCPIntegrationApi +from datadog_api_client.v2.model.gcp_service_account_type import GCPServiceAccountType +from datadog_api_client.v2.model.gcpsts_service_account_attributes import GCPSTSServiceAccountAttributes +from datadog_api_client.v2.model.gcpsts_service_account_create_request import GCPSTSServiceAccountCreateRequest +from datadog_api_client.v2.model.gcpsts_service_account_data import GCPSTSServiceAccountData + +body = GCPSTSServiceAccountCreateRequest( + data=GCPSTSServiceAccountData( + attributes=GCPSTSServiceAccountAttributes( + resource_collection_enabled=True, + client_email="252bf553ef04b351@test-project.iam.gserviceaccount.com", + host_filters=[], + ), + type=GCPServiceAccountType.GCP_SERVICE_ACCOUNT, + ), +) + +configuration = Configuration() +with ApiClient(configuration) as api_client: + api_instance = GCPIntegrationApi(api_client) + response = api_instance.create_gcpsts_account(body=body) + + print(response) diff --git a/examples/v2/gcp-integration/CreateGCPSTSAccount_2597004741.py b/examples/v2/gcp-integration/CreateGCPSTSAccount_2597004741.py new file mode 100644 index 0000000000..708907f2b4 --- /dev/null +++ b/examples/v2/gcp-integration/CreateGCPSTSAccount_2597004741.py @@ -0,0 +1,28 @@ +""" +Create a new entry for your service account with security command center enabled returns "OK" response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.gcp_integration_api import GCPIntegrationApi +from datadog_api_client.v2.model.gcp_service_account_type import GCPServiceAccountType +from datadog_api_client.v2.model.gcpsts_service_account_attributes import GCPSTSServiceAccountAttributes +from datadog_api_client.v2.model.gcpsts_service_account_create_request import GCPSTSServiceAccountCreateRequest +from datadog_api_client.v2.model.gcpsts_service_account_data import GCPSTSServiceAccountData + +body = GCPSTSServiceAccountCreateRequest( + data=GCPSTSServiceAccountData( + attributes=GCPSTSServiceAccountAttributes( + is_security_command_center_enabled=True, + client_email="252bf553ef04b351@test-project.iam.gserviceaccount.com", + host_filters=[], + ), + type=GCPServiceAccountType.GCP_SERVICE_ACCOUNT, + ), +) + +configuration = Configuration() +with ApiClient(configuration) as api_client: + api_instance = GCPIntegrationApi(api_client) + response = api_instance.create_gcpsts_account(body=body) + + print(response) diff --git a/examples/v2/gcp-integration/CreateGCPSTSAccount_4235664992.py b/examples/v2/gcp-integration/CreateGCPSTSAccount_4235664992.py new file mode 100644 index 0000000000..8c5e3c1938 --- /dev/null +++ b/examples/v2/gcp-integration/CreateGCPSTSAccount_4235664992.py @@ -0,0 +1,28 @@ +""" +Create a new entry for your service account with cspm enabled returns "OK" response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.gcp_integration_api import GCPIntegrationApi +from datadog_api_client.v2.model.gcp_service_account_type import GCPServiceAccountType +from datadog_api_client.v2.model.gcpsts_service_account_attributes import GCPSTSServiceAccountAttributes +from datadog_api_client.v2.model.gcpsts_service_account_create_request import GCPSTSServiceAccountCreateRequest +from datadog_api_client.v2.model.gcpsts_service_account_data import GCPSTSServiceAccountData + +body = GCPSTSServiceAccountCreateRequest( + data=GCPSTSServiceAccountData( + attributes=GCPSTSServiceAccountAttributes( + is_cspm_enabled=True, + client_email="252bf553ef04b351@test-project.iam.gserviceaccount.com", + host_filters=[], + ), + type=GCPServiceAccountType.GCP_SERVICE_ACCOUNT, + ), +) + +configuration = Configuration() +with ApiClient(configuration) as api_client: + api_instance = GCPIntegrationApi(api_client) + response = api_instance.create_gcpsts_account(body=body) + + print(response) diff --git a/examples/v2/gcp-integration/UpdateGCPSTSAccount_3205636354.py b/examples/v2/gcp-integration/UpdateGCPSTSAccount_3205636354.py new file mode 100644 index 0000000000..d356c6460c --- /dev/null +++ b/examples/v2/gcp-integration/UpdateGCPSTSAccount_3205636354.py @@ -0,0 +1,32 @@ +""" +Update STS Service Account returns "OK" response with enable resource collection turned on +""" + +from os import environ +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.gcp_integration_api import GCPIntegrationApi +from datadog_api_client.v2.model.gcp_service_account_type import GCPServiceAccountType +from datadog_api_client.v2.model.gcpsts_service_account_attributes import GCPSTSServiceAccountAttributes +from datadog_api_client.v2.model.gcpsts_service_account_update_request import GCPSTSServiceAccountUpdateRequest +from datadog_api_client.v2.model.gcpsts_service_account_update_request_data import GCPSTSServiceAccountUpdateRequestData + +# there is a valid "gcp_sts_account" in the system +GCP_STS_ACCOUNT_DATA_ID = environ["GCP_STS_ACCOUNT_DATA_ID"] + +body = GCPSTSServiceAccountUpdateRequest( + data=GCPSTSServiceAccountUpdateRequestData( + attributes=GCPSTSServiceAccountAttributes( + client_email="252bf553ef04b351@example.com", + resource_collection_enabled=True, + ), + id=GCP_STS_ACCOUNT_DATA_ID, + type=GCPServiceAccountType.GCP_SERVICE_ACCOUNT, + ), +) + +configuration = Configuration() +with ApiClient(configuration) as api_client: + api_instance = GCPIntegrationApi(api_client) + response = api_instance.update_gcpsts_account(account_id=GCP_STS_ACCOUNT_DATA_ID, body=body) + + print(response) diff --git a/src/datadog_api_client/v1/model/gcp_account.py b/src/datadog_api_client/v1/model/gcp_account.py index 9ae067d3bb..e64e615515 100644 --- a/src/datadog_api_client/v1/model/gcp_account.py +++ b/src/datadog_api_client/v1/model/gcp_account.py @@ -26,9 +26,11 @@ def openapi_types(_): "errors": ([str],), "host_filters": (str,), "is_cspm_enabled": (bool,), + "is_security_command_center_enabled": (bool,), "private_key": (str,), "private_key_id": (str,), "project_id": (str,), + "resource_collection_enabled": (bool,), "token_uri": (str,), "type": (str,), } @@ -43,9 +45,11 @@ def openapi_types(_): "errors": "errors", "host_filters": "host_filters", "is_cspm_enabled": "is_cspm_enabled", + "is_security_command_center_enabled": "is_security_command_center_enabled", "private_key": "private_key", "private_key_id": "private_key_id", "project_id": "project_id", + "resource_collection_enabled": "resource_collection_enabled", "token_uri": "token_uri", "type": "type", } @@ -61,9 +65,11 @@ def __init__( errors: Union[List[str], UnsetType] = unset, host_filters: Union[str, UnsetType] = unset, is_cspm_enabled: Union[bool, UnsetType] = unset, + is_security_command_center_enabled: Union[bool, UnsetType] = unset, private_key: Union[str, UnsetType] = unset, private_key_id: Union[str, UnsetType] = unset, project_id: Union[str, UnsetType] = unset, + resource_collection_enabled: Union[bool, UnsetType] = unset, token_uri: Union[str, UnsetType] = unset, type: Union[str, UnsetType] = unset, **kwargs, @@ -97,9 +103,12 @@ def __init__( Only hosts that match one of the defined tags are imported into Datadog. :type host_filters: str, optional - :param is_cspm_enabled: When enabled, Datadog performs configuration checks across your Google Cloud environment by continuously scanning every resource. + :param is_cspm_enabled: When enabled, Datadog will activate the Cloud Security Monitoring product for this service account. Note: This requires resource_collection_enabled to be set to true. :type is_cspm_enabled: bool, optional + :param is_security_command_center_enabled: When enabled, Datadog will attempt to collect Security Command Center Findings. Note: This requires additional permissions on the service account. + :type is_security_command_center_enabled: bool, optional + :param private_key: Your private key name found in your JSON service account key. :type private_key: str, optional @@ -109,6 +118,9 @@ def __init__( :param project_id: Your Google Cloud project ID found in your JSON service account key. :type project_id: str, optional + :param resource_collection_enabled: When enabled, Datadog scans for all resources in your GCP environment. + :type resource_collection_enabled: bool, optional + :param token_uri: Should be ``https://accounts.google.com/o/oauth2/token``. :type token_uri: str, optional @@ -133,12 +145,16 @@ def __init__( kwargs["host_filters"] = host_filters if is_cspm_enabled is not unset: kwargs["is_cspm_enabled"] = is_cspm_enabled + if is_security_command_center_enabled is not unset: + kwargs["is_security_command_center_enabled"] = is_security_command_center_enabled if private_key is not unset: kwargs["private_key"] = private_key if private_key_id is not unset: kwargs["private_key_id"] = private_key_id if project_id is not unset: kwargs["project_id"] = project_id + if resource_collection_enabled is not unset: + kwargs["resource_collection_enabled"] = resource_collection_enabled if token_uri is not unset: kwargs["token_uri"] = token_uri if type is not unset: diff --git a/src/datadog_api_client/v2/model/gcpsts_service_account_attributes.py b/src/datadog_api_client/v2/model/gcpsts_service_account_attributes.py index 6ad585e41a..b6fdec233f 100644 --- a/src/datadog_api_client/v2/model/gcpsts_service_account_attributes.py +++ b/src/datadog_api_client/v2/model/gcpsts_service_account_attributes.py @@ -22,6 +22,8 @@ def openapi_types(_): "client_email": (str,), "host_filters": ([str],), "is_cspm_enabled": (bool,), + "is_security_command_center_enabled": (bool,), + "resource_collection_enabled": (bool,), } attribute_map = { @@ -30,6 +32,8 @@ def openapi_types(_): "client_email": "client_email", "host_filters": "host_filters", "is_cspm_enabled": "is_cspm_enabled", + "is_security_command_center_enabled": "is_security_command_center_enabled", + "resource_collection_enabled": "resource_collection_enabled", } def __init__( @@ -39,6 +43,8 @@ def __init__( client_email: Union[str, UnsetType] = unset, host_filters: Union[List[str], UnsetType] = unset, is_cspm_enabled: Union[bool, UnsetType] = unset, + is_security_command_center_enabled: Union[bool, UnsetType] = unset, + resource_collection_enabled: Union[bool, UnsetType] = unset, **kwargs, ): """ @@ -56,8 +62,14 @@ def __init__( :param host_filters: Your Host Filters. :type host_filters: [str], optional - :param is_cspm_enabled: When enabled, Datadog performs configuration checks across your Google Cloud environment by continuously scanning every resource. + :param is_cspm_enabled: When enabled, Datadog will activate the Cloud Security Monitoring product for this service account. Note: This requires resource_collection_enabled to be set to true. :type is_cspm_enabled: bool, optional + + :param is_security_command_center_enabled: When enabled, Datadog will attempt to collect Security Command Center Findings. Note: This requires additional permissions on the service account. + :type is_security_command_center_enabled: bool, optional + + :param resource_collection_enabled: When enabled, Datadog scans for all resources in your GCP environment. + :type resource_collection_enabled: bool, optional """ if account_tags is not unset: kwargs["account_tags"] = account_tags @@ -69,4 +81,8 @@ def __init__( kwargs["host_filters"] = host_filters if is_cspm_enabled is not unset: kwargs["is_cspm_enabled"] = is_cspm_enabled + if is_security_command_center_enabled is not unset: + kwargs["is_security_command_center_enabled"] = is_security_command_center_enabled + if resource_collection_enabled is not unset: + kwargs["resource_collection_enabled"] = resource_collection_enabled super().__init__(kwargs) diff --git a/tests/v1/features/gcp_integration.feature b/tests/v1/features/gcp_integration.feature index ae1f2eb902..72a1bd7dbc 100644 --- a/tests/v1/features/gcp_integration.feature +++ b/tests/v1/features/gcp_integration.feature @@ -10,56 +10,56 @@ Feature: GCP Integration And a valid "appKeyAuth" key in the system And an instance of "GCPIntegration" API - @generated @skip @team:DataDog/cloud-integrations + @generated @skip @team:DataDog/gcp-integrations Scenario: Create a GCP integration returns "Bad Request" response Given new "CreateGCPIntegration" request - And body with value {"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "client_email": "api-dev@datadog-sandbox.iam.gserviceaccount.com", "client_id": "123456712345671234567", "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/$CLIENT_EMAIL", "errors": ["*"], "host_filters": "key:value,filter:example", "is_cspm_enabled": true, "private_key": "private_key", "private_key_id": "123456789abcdefghi123456789abcdefghijklm", "project_id": "datadog-apitest", "token_uri": "https://accounts.google.com/o/oauth2/token", "type": "service_account"} + And body with value {"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "client_email": "api-dev@datadog-sandbox.iam.gserviceaccount.com", "client_id": "123456712345671234567", "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/$CLIENT_EMAIL", "errors": ["*"], "host_filters": "key:value,filter:example", "is_cspm_enabled": true, "is_security_command_center_enabled": true, "private_key": "private_key", "private_key_id": "123456789abcdefghi123456789abcdefghijklm", "project_id": "datadog-apitest", "resource_collection_enabled": true, "token_uri": "https://accounts.google.com/o/oauth2/token", "type": "service_account"} When the request is sent Then the response status is 400 Bad Request - @generated @skip @team:DataDog/cloud-integrations + @generated @skip @team:DataDog/gcp-integrations Scenario: Create a GCP integration returns "OK" response Given new "CreateGCPIntegration" request - And body with value {"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "client_email": "api-dev@datadog-sandbox.iam.gserviceaccount.com", "client_id": "123456712345671234567", "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/$CLIENT_EMAIL", "errors": ["*"], "host_filters": "key:value,filter:example", "is_cspm_enabled": true, "private_key": "private_key", "private_key_id": "123456789abcdefghi123456789abcdefghijklm", "project_id": "datadog-apitest", "token_uri": "https://accounts.google.com/o/oauth2/token", "type": "service_account"} + And body with value {"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "client_email": "api-dev@datadog-sandbox.iam.gserviceaccount.com", "client_id": "123456712345671234567", "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/$CLIENT_EMAIL", "errors": ["*"], "host_filters": "key:value,filter:example", "is_cspm_enabled": true, "is_security_command_center_enabled": true, "private_key": "private_key", "private_key_id": "123456789abcdefghi123456789abcdefghijklm", "project_id": "datadog-apitest", "resource_collection_enabled": true, "token_uri": "https://accounts.google.com/o/oauth2/token", "type": "service_account"} When the request is sent Then the response status is 200 OK - @generated @skip @team:DataDog/cloud-integrations + @generated @skip @team:DataDog/gcp-integrations Scenario: Delete a GCP integration returns "Bad Request" response Given new "DeleteGCPIntegration" request - And body with value {"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "client_email": "api-dev@datadog-sandbox.iam.gserviceaccount.com", "client_id": "123456712345671234567", "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/$CLIENT_EMAIL", "errors": ["*"], "host_filters": "key:value,filter:example", "is_cspm_enabled": true, "private_key": "private_key", "private_key_id": "123456789abcdefghi123456789abcdefghijklm", "project_id": "datadog-apitest", "token_uri": "https://accounts.google.com/o/oauth2/token", "type": "service_account"} + And body with value {"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "client_email": "api-dev@datadog-sandbox.iam.gserviceaccount.com", "client_id": "123456712345671234567", "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/$CLIENT_EMAIL", "errors": ["*"], "host_filters": "key:value,filter:example", "is_cspm_enabled": true, "is_security_command_center_enabled": true, "private_key": "private_key", "private_key_id": "123456789abcdefghi123456789abcdefghijklm", "project_id": "datadog-apitest", "resource_collection_enabled": true, "token_uri": "https://accounts.google.com/o/oauth2/token", "type": "service_account"} When the request is sent Then the response status is 400 Bad Request - @generated @skip @team:DataDog/cloud-integrations + @generated @skip @team:DataDog/gcp-integrations Scenario: Delete a GCP integration returns "OK" response Given new "DeleteGCPIntegration" request - And body with value {"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "client_email": "api-dev@datadog-sandbox.iam.gserviceaccount.com", "client_id": "123456712345671234567", "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/$CLIENT_EMAIL", "errors": ["*"], "host_filters": "key:value,filter:example", "is_cspm_enabled": true, "private_key": "private_key", "private_key_id": "123456789abcdefghi123456789abcdefghijklm", "project_id": "datadog-apitest", "token_uri": "https://accounts.google.com/o/oauth2/token", "type": "service_account"} + And body with value {"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "client_email": "api-dev@datadog-sandbox.iam.gserviceaccount.com", "client_id": "123456712345671234567", "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/$CLIENT_EMAIL", "errors": ["*"], "host_filters": "key:value,filter:example", "is_cspm_enabled": true, "is_security_command_center_enabled": true, "private_key": "private_key", "private_key_id": "123456789abcdefghi123456789abcdefghijklm", "project_id": "datadog-apitest", "resource_collection_enabled": true, "token_uri": "https://accounts.google.com/o/oauth2/token", "type": "service_account"} When the request is sent Then the response status is 200 OK - @generated @skip @team:DataDog/cloud-integrations + @generated @skip @team:DataDog/gcp-integrations Scenario: List all GCP integrations returns "Bad Request" response Given new "ListGCPIntegration" request When the request is sent Then the response status is 400 Bad Request - @generated @skip @team:DataDog/cloud-integrations + @generated @skip @team:DataDog/gcp-integrations Scenario: List all GCP integrations returns "OK" response Given new "ListGCPIntegration" request When the request is sent Then the response status is 200 OK - @generated @skip @team:DataDog/cloud-integrations + @generated @skip @team:DataDog/gcp-integrations Scenario: Update a GCP integration returns "Bad Request" response Given new "UpdateGCPIntegration" request - And body with value {"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "client_email": "api-dev@datadog-sandbox.iam.gserviceaccount.com", "client_id": "123456712345671234567", "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/$CLIENT_EMAIL", "errors": ["*"], "host_filters": "key:value,filter:example", "is_cspm_enabled": true, "private_key": "private_key", "private_key_id": "123456789abcdefghi123456789abcdefghijklm", "project_id": "datadog-apitest", "token_uri": "https://accounts.google.com/o/oauth2/token", "type": "service_account"} + And body with value {"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "client_email": "api-dev@datadog-sandbox.iam.gserviceaccount.com", "client_id": "123456712345671234567", "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/$CLIENT_EMAIL", "errors": ["*"], "host_filters": "key:value,filter:example", "is_cspm_enabled": true, "is_security_command_center_enabled": true, "private_key": "private_key", "private_key_id": "123456789abcdefghi123456789abcdefghijklm", "project_id": "datadog-apitest", "resource_collection_enabled": true, "token_uri": "https://accounts.google.com/o/oauth2/token", "type": "service_account"} When the request is sent Then the response status is 400 Bad Request - @generated @skip @team:DataDog/cloud-integrations + @generated @skip @team:DataDog/gcp-integrations Scenario: Update a GCP integration returns "OK" response Given new "UpdateGCPIntegration" request - And body with value {"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "client_email": "api-dev@datadog-sandbox.iam.gserviceaccount.com", "client_id": "123456712345671234567", "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/$CLIENT_EMAIL", "errors": ["*"], "host_filters": "key:value,filter:example", "is_cspm_enabled": true, "private_key": "private_key", "private_key_id": "123456789abcdefghi123456789abcdefghijklm", "project_id": "datadog-apitest", "token_uri": "https://accounts.google.com/o/oauth2/token", "type": "service_account"} + And body with value {"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "client_email": "api-dev@datadog-sandbox.iam.gserviceaccount.com", "client_id": "123456712345671234567", "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/$CLIENT_EMAIL", "errors": ["*"], "host_filters": "key:value,filter:example", "is_cspm_enabled": true, "is_security_command_center_enabled": true, "private_key": "private_key", "private_key_id": "123456789abcdefghi123456789abcdefghijklm", "project_id": "datadog-apitest", "resource_collection_enabled": true, "token_uri": "https://accounts.google.com/o/oauth2/token", "type": "service_account"} When the request is sent Then the response status is 200 OK diff --git a/tests/v2/cassettes/test_scenarios/test_create_a_new_entry_for_your_service_account_with_cspm_enabled_returns_ok_response.frozen b/tests/v2/cassettes/test_scenarios/test_create_a_new_entry_for_your_service_account_with_cspm_enabled_returns_ok_response.frozen new file mode 100644 index 0000000000..4c8e03a1d9 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_create_a_new_entry_for_your_service_account_with_cspm_enabled_returns_ok_response.frozen @@ -0,0 +1 @@ +2023-12-13T21:29:09.202Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_create_a_new_entry_for_your_service_account_with_cspm_enabled_returns_ok_response.yaml b/tests/v2/cassettes/test_scenarios/test_create_a_new_entry_for_your_service_account_with_cspm_enabled_returns_ok_response.yaml new file mode 100644 index 0000000000..30319103a1 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_create_a_new_entry_for_your_service_account_with_cspm_enabled_returns_ok_response.yaml @@ -0,0 +1,38 @@ +interactions: +- request: + body: '{"data":{"attributes":{"client_email":"dfb9f119aee90526@test-project.iam.gserviceaccount.com","host_filters":[],"is_cspm_enabled":true},"type":"gcp_service_account"}}' + headers: + accept: + - application/json + content-type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/integration/gcp/accounts + response: + body: + string: '{"data":{"type":"gcp_service_account","attributes":{"is_security_command_center_enabled":false,"resource_collection_enabled":true,"is_cspm_enabled":true,"client_email":"dfb9f119aee90526@test-project.iam.gserviceaccount.com","account_tags":[],"automute":false,"host_filters":[]},"id":"d2ef6458-62a4-4fbe-ad48-9429baa01867"}} + + ' + headers: + content-type: + - application/json + status: + code: 201 + message: Created +- request: + body: null + headers: + accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/integration/gcp/accounts/d2ef6458-62a4-4fbe-ad48-9429baa01867 + response: + body: + string: '' + headers: + content-type: + - text/html; charset=utf-8 + status: + code: 204 + message: No Content +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_create_a_new_entry_for_your_service_account_with_resource_collection_enabled_disabled_and_cspm_enabled_returns_bad_request_response.frozen b/tests/v2/cassettes/test_scenarios/test_create_a_new_entry_for_your_service_account_with_resource_collection_enabled_disabled_and_cspm_enabled_returns_bad_request_response.frozen new file mode 100644 index 0000000000..aad0057ee5 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_create_a_new_entry_for_your_service_account_with_resource_collection_enabled_disabled_and_cspm_enabled_returns_bad_request_response.frozen @@ -0,0 +1 @@ +2023-12-13T21:29:09.936Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_create_a_new_entry_for_your_service_account_with_resource_collection_enabled_disabled_and_cspm_enabled_returns_bad_request_response.yaml b/tests/v2/cassettes/test_scenarios/test_create_a_new_entry_for_your_service_account_with_resource_collection_enabled_disabled_and_cspm_enabled_returns_bad_request_response.yaml new file mode 100644 index 0000000000..45f4a8c8e3 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_create_a_new_entry_for_your_service_account_with_resource_collection_enabled_disabled_and_cspm_enabled_returns_bad_request_response.yaml @@ -0,0 +1,20 @@ +interactions: +- request: + body: '{"data":{"attributes":{"client_email":"328d5a676e7e2219@test-project.iam.gserviceaccount.com","host_filters":[],"is_cspm_enabled":true,"resource_collection_enabled":false},"type":"gcp_service_account"}}' + headers: + accept: + - application/json + content-type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/integration/gcp/accounts + response: + body: + string: '{"errors":["Resource Collection must be enabled for CSM to be enabled"]}' + headers: + content-type: + - application/json + status: + code: 400 + message: Bad Request +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_create_a_new_entry_for_your_service_account_with_resource_collection_enabled_returns_ok_response.frozen b/tests/v2/cassettes/test_scenarios/test_create_a_new_entry_for_your_service_account_with_resource_collection_enabled_returns_ok_response.frozen new file mode 100644 index 0000000000..b48e4fe181 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_create_a_new_entry_for_your_service_account_with_resource_collection_enabled_returns_ok_response.frozen @@ -0,0 +1 @@ +2023-12-13T21:29:10.005Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_create_a_new_entry_for_your_service_account_with_resource_collection_enabled_returns_ok_response.yaml b/tests/v2/cassettes/test_scenarios/test_create_a_new_entry_for_your_service_account_with_resource_collection_enabled_returns_ok_response.yaml new file mode 100644 index 0000000000..e586cdbd24 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_create_a_new_entry_for_your_service_account_with_resource_collection_enabled_returns_ok_response.yaml @@ -0,0 +1,38 @@ +interactions: +- request: + body: '{"data":{"attributes":{"client_email":"c200eb5fe37e7d26@test-project.iam.gserviceaccount.com","host_filters":[],"resource_collection_enabled":true},"type":"gcp_service_account"}}' + headers: + accept: + - application/json + content-type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/integration/gcp/accounts + response: + body: + string: '{"data":{"type":"gcp_service_account","attributes":{"automute":false,"is_security_command_center_enabled":false,"host_filters":[],"client_email":"c200eb5fe37e7d26@test-project.iam.gserviceaccount.com","resource_collection_enabled":true,"account_tags":[],"is_cspm_enabled":false},"id":"e0e0b030-aba8-4eff-bcf2-7d4266d0d7fd"}} + + ' + headers: + content-type: + - application/json + status: + code: 201 + message: Created +- request: + body: null + headers: + accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/integration/gcp/accounts/e0e0b030-aba8-4eff-bcf2-7d4266d0d7fd + response: + body: + string: '' + headers: + content-type: + - text/html; charset=utf-8 + status: + code: 204 + message: No Content +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_create_a_new_entry_for_your_service_account_with_security_command_center_enabled_returns_ok_response.frozen b/tests/v2/cassettes/test_scenarios/test_create_a_new_entry_for_your_service_account_with_security_command_center_enabled_returns_ok_response.frozen new file mode 100644 index 0000000000..a70b525b6e --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_create_a_new_entry_for_your_service_account_with_security_command_center_enabled_returns_ok_response.frozen @@ -0,0 +1 @@ +2023-12-13T21:29:10.722Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_create_a_new_entry_for_your_service_account_with_security_command_center_enabled_returns_ok_response.yaml b/tests/v2/cassettes/test_scenarios/test_create_a_new_entry_for_your_service_account_with_security_command_center_enabled_returns_ok_response.yaml new file mode 100644 index 0000000000..c0d3cb8892 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_create_a_new_entry_for_your_service_account_with_security_command_center_enabled_returns_ok_response.yaml @@ -0,0 +1,38 @@ +interactions: +- request: + body: '{"data":{"attributes":{"client_email":"bce3b7c65fce9a71@test-project.iam.gserviceaccount.com","host_filters":[],"is_security_command_center_enabled":true},"type":"gcp_service_account"}}' + headers: + accept: + - application/json + content-type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/integration/gcp/accounts + response: + body: + string: '{"data":{"type":"gcp_service_account","attributes":{"automute":false,"account_tags":[],"host_filters":[],"client_email":"bce3b7c65fce9a71@test-project.iam.gserviceaccount.com","is_security_command_center_enabled":true,"resource_collection_enabled":false,"is_cspm_enabled":false},"id":"e72611ce-c7eb-4411-bc0e-04fa12a8cb6c"}} + + ' + headers: + content-type: + - application/json + status: + code: 201 + message: Created +- request: + body: null + headers: + accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/integration/gcp/accounts/e72611ce-c7eb-4411-bc0e-04fa12a8cb6c + response: + body: + string: '' + headers: + content-type: + - text/html; charset=utf-8 + status: + code: 204 + message: No Content +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_update_sts_service_account_returns_ok_response_with_enable_resource_collection_turned_on.frozen b/tests/v2/cassettes/test_scenarios/test_update_sts_service_account_returns_ok_response_with_enable_resource_collection_turned_on.frozen new file mode 100644 index 0000000000..bb19b14446 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_update_sts_service_account_returns_ok_response_with_enable_resource_collection_turned_on.frozen @@ -0,0 +1 @@ +2023-12-13T21:29:11.135Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_update_sts_service_account_returns_ok_response_with_enable_resource_collection_turned_on.yaml b/tests/v2/cassettes/test_scenarios/test_update_sts_service_account_returns_ok_response_with_enable_resource_collection_turned_on.yaml new file mode 100644 index 0000000000..2c549929fc --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_update_sts_service_account_returns_ok_response_with_enable_resource_collection_turned_on.yaml @@ -0,0 +1,58 @@ +interactions: +- request: + body: '{"data":{"attributes":{"client_email":"78489d28e3cca21b@example.com","host_filters":[]},"type":"gcp_service_account"}}' + headers: + accept: + - application/json + content-type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/integration/gcp/accounts + response: + body: + string: '{"data":{"type":"gcp_service_account","attributes":{"client_email":"78489d28e3cca21b@example.com","host_filters":[],"account_tags":[],"is_cspm_enabled":false,"automute":false,"is_security_command_center_enabled":false,"resource_collection_enabled":false},"id":"1ce480d7-4006-418e-b627-167af0586d7e"}} + + ' + headers: + content-type: + - application/json + status: + code: 201 + message: Created +- request: + body: '{"data":{"attributes":{"client_email":"78489d28e3cca21b@example.com","resource_collection_enabled":true},"id":"1ce480d7-4006-418e-b627-167af0586d7e","type":"gcp_service_account"}}' + headers: + accept: + - application/json + content-type: + - application/json + method: PATCH + uri: https://api.datadoghq.com/api/v2/integration/gcp/accounts/1ce480d7-4006-418e-b627-167af0586d7e + response: + body: + string: '{"data":{"type":"gcp_service_account","attributes":{"resource_collection_enabled":true,"is_security_command_center_enabled":false,"automute":false,"account_tags":[],"host_filters":[],"client_email":"78489d28e3cca21b@example.com","is_cspm_enabled":false},"id":"1ce480d7-4006-418e-b627-167af0586d7e"}} + + ' + headers: + content-type: + - application/json + status: + code: 201 + message: Created +- request: + body: null + headers: + accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/integration/gcp/accounts/1ce480d7-4006-418e-b627-167af0586d7e + response: + body: + string: '' + headers: + content-type: + - text/html; charset=utf-8 + status: + code: 204 + message: No Content +version: 1 diff --git a/tests/v2/features/gcp_integration.feature b/tests/v2/features/gcp_integration.feature index 994a17e727..5414ae350b 100644 --- a/tests/v2/features/gcp_integration.feature +++ b/tests/v2/features/gcp_integration.feature @@ -34,14 +34,14 @@ Feature: GCP Integration @generated @skip @team:DataDog/gcp-integrations Scenario: Create a new entry for your service account returns "Bad Request" response Given new "CreateGCPSTSAccount" request - And body with value {"data": {"attributes": {"account_tags": [], "client_email": "datadog-service-account@test-project.iam.gserviceaccount.com", "host_filters": []}, "type": "gcp_service_account"}} + And body with value {"data": {"attributes": {"account_tags": [], "client_email": "datadog-service-account@test-project.iam.gserviceaccount.com", "host_filters": [], "is_security_command_center_enabled": true, "resource_collection_enabled": false}, "type": "gcp_service_account"}} When the request is sent Then the response status is 400 Bad Request @generated @skip @team:DataDog/gcp-integrations Scenario: Create a new entry for your service account returns "Conflict" response Given new "CreateGCPSTSAccount" request - And body with value {"data": {"attributes": {"account_tags": [], "client_email": "datadog-service-account@test-project.iam.gserviceaccount.com", "host_filters": []}, "type": "gcp_service_account"}} + And body with value {"data": {"attributes": {"account_tags": [], "client_email": "datadog-service-account@test-project.iam.gserviceaccount.com", "host_filters": [], "is_security_command_center_enabled": true, "resource_collection_enabled": false}, "type": "gcp_service_account"}} When the request is sent Then the response status is 409 Conflict @@ -64,6 +64,43 @@ Feature: GCP Integration And the response "data.attributes.client_email" is equal to "{{ unique_hash }}@test-project.iam.gserviceaccount.com" And the response "data.attributes.account_tags" is equal to ["lorem", "ipsum"] + @team:DataDog/gcp-integrations + Scenario: Create a new entry for your service account with cspm enabled returns "OK" response + Given new "CreateGCPSTSAccount" request + And body with value {"data": {"attributes": {"is_cspm_enabled": true, "client_email": "{{ unique_hash }}@test-project.iam.gserviceaccount.com", "host_filters": []}, "type": "gcp_service_account"}} + When the request is sent + Then the response status is 201 OK + And the response "data.type" is equal to "gcp_service_account" + And the response "data.attributes.client_email" is equal to "{{ unique_hash }}@test-project.iam.gserviceaccount.com" + And the response "data.attributes.is_cspm_enabled" is equal to true + + @team:DataDog/gcp-integrations + Scenario: Create a new entry for your service account with resource collection enabled disabled and cspm enabled returns "Bad Request" response + Given new "CreateGCPSTSAccount" request + And body with value {"data": {"attributes": {"resource_collection_enabled": false, "is_cspm_enabled": true, "client_email": "{{ unique_hash }}@test-project.iam.gserviceaccount.com", "host_filters": []}, "type": "gcp_service_account"}} + When the request is sent + Then the response status is 400 Bad Request + + @team:DataDog/gcp-integrations + Scenario: Create a new entry for your service account with resource collection enabled returns "OK" response + Given new "CreateGCPSTSAccount" request + And body with value {"data": {"attributes": {"resource_collection_enabled": true, "client_email": "{{ unique_hash }}@test-project.iam.gserviceaccount.com", "host_filters": []}, "type": "gcp_service_account"}} + When the request is sent + Then the response status is 201 OK + And the response "data.type" is equal to "gcp_service_account" + And the response "data.attributes.client_email" is equal to "{{ unique_hash }}@test-project.iam.gserviceaccount.com" + And the response "data.attributes.resource_collection_enabled" is equal to true + + @team:DataDog/gcp-integrations + Scenario: Create a new entry for your service account with security command center enabled returns "OK" response + Given new "CreateGCPSTSAccount" request + And body with value {"data": {"attributes": {"is_security_command_center_enabled": true, "client_email": "{{ unique_hash }}@test-project.iam.gserviceaccount.com", "host_filters": []}, "type": "gcp_service_account"}} + When the request is sent + Then the response status is 201 OK + And the response "data.type" is equal to "gcp_service_account" + And the response "data.attributes.client_email" is equal to "{{ unique_hash }}@test-project.iam.gserviceaccount.com" + And the response "data.attributes.is_security_command_center_enabled" is equal to true + @generated @skip @team:DataDog/gcp-integrations Scenario: Delete an STS enabled GCP Account returns "Bad Request" response Given new "DeleteGCPSTSAccount" request @@ -103,7 +140,7 @@ Feature: GCP Integration Scenario: Update STS Service Account returns "Bad Request" response Given new "UpdateGCPSTSAccount" request And request contains "account_id" parameter from "REPLACE.ME" - And body with value {"data": {"attributes": {"account_tags": [], "client_email": "datadog-service-account@test-project.iam.gserviceaccount.com", "host_filters": []}, "id": "d291291f-12c2-22g4-j290-123456678897", "type": "gcp_service_account"}} + And body with value {"data": {"attributes": {"account_tags": [], "client_email": "datadog-service-account@test-project.iam.gserviceaccount.com", "host_filters": [], "is_security_command_center_enabled": true, "resource_collection_enabled": false}, "id": "d291291f-12c2-22g4-j290-123456678897", "type": "gcp_service_account"}} When the request is sent Then the response status is 400 Bad Request @@ -111,7 +148,7 @@ Feature: GCP Integration Scenario: Update STS Service Account returns "Not Found" response Given new "UpdateGCPSTSAccount" request And request contains "account_id" parameter from "REPLACE.ME" - And body with value {"data": {"attributes": {"account_tags": [], "client_email": "datadog-service-account@test-project.iam.gserviceaccount.com", "host_filters": []}, "id": "d291291f-12c2-22g4-j290-123456678897", "type": "gcp_service_account"}} + And body with value {"data": {"attributes": {"account_tags": [], "client_email": "datadog-service-account@test-project.iam.gserviceaccount.com", "host_filters": [], "is_security_command_center_enabled": true, "resource_collection_enabled": false}, "id": "d291291f-12c2-22g4-j290-123456678897", "type": "gcp_service_account"}} When the request is sent Then the response status is 404 Not Found @@ -123,3 +160,12 @@ Feature: GCP Integration And body with value {"data": {"attributes": {"client_email": "{{ unique_hash }}@example.com", "host_filters": ["foo:bar"]}, "id": "{{ gcp_sts_account.data.id }}", "type": "gcp_service_account"}} When the request is sent Then the response status is 201 OK + + @team:DataDog/gcp-integrations + Scenario: Update STS Service Account returns "OK" response with enable resource collection turned on + Given there is a valid "gcp_sts_account" in the system + And new "UpdateGCPSTSAccount" request + And request contains "account_id" parameter from "gcp_sts_account.data.id" + And body with value {"data": {"attributes": {"client_email": "{{ unique_hash }}@example.com", "resource_collection_enabled": true}, "id": "{{ gcp_sts_account.data.id }}", "type": "gcp_service_account"}} + When the request is sent + Then the response status is 201 OK