diff --git a/.apigentools-info b/.apigentools-info index fb42f18ea8..96cc860638 100644 --- a/.apigentools-info +++ b/.apigentools-info @@ -4,13 +4,13 @@ "spec_versions": { "v1": { "apigentools_version": "1.6.6", - "regenerated": "2025-01-23 22:24:31.115985", - "spec_repo_commit": "6a31fa8c" + "regenerated": "2025-01-24 15:02:20.845983", + "spec_repo_commit": "582cdbd4" }, "v2": { "apigentools_version": "1.6.6", - "regenerated": "2025-01-23 22:24:31.131010", - "spec_repo_commit": "6a31fa8c" + "regenerated": "2025-01-24 15:02:20.862368", + "spec_repo_commit": "582cdbd4" } } } \ No newline at end of file diff --git a/.generator/schemas/v1/openapi.yaml b/.generator/schemas/v1/openapi.yaml index d19602bb8e..2c7c126ce5 100644 --- a/.generator/schemas/v1/openapi.yaml +++ b/.generator/schemas/v1/openapi.yaml @@ -23747,6 +23747,10 @@ components: security_monitoring_filters_write: Create, edit, and delete Security Filters. security_monitoring_findings_read: View a list of findings that include both misconfigurations and identity risks. + security_monitoring_notification_profiles_read: View Rule Security Notification + rules. + security_monitoring_notification_profiles_write: Create, edit, and delete + Security Notification rules. security_monitoring_rules_read: Read Detection Rules. security_monitoring_rules_write: Create and edit Detection Rules. security_monitoring_signals_read: View Security Signals. diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index 1f5214bdc2..c8e2261b21 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -794,6 +794,17 @@ components: schema: $ref: '#/components/schemas/APIErrorResponse' description: Not Found + NotificationRulesList: + content: + application/json: + schema: + properties: + data: + items: + $ref: '#/components/schemas/NotificationRule' + type: array + type: object + description: The list of notification rules. PreconditionFailedResponse: content: application/json: @@ -836,6 +847,13 @@ components: schema: $ref: '#/components/schemas/APIErrorResponse' description: Unauthorized + UnprocessableEntityResponse: + content: + application/json: + schema: + $ref: '#/components/schemas/JSONAPIErrorResponse' + description: The server cannot process the request because it contains invalid + data. schemas: APIErrorResponse: description: API error response. @@ -7403,6 +7421,42 @@ components: meta: $ref: '#/components/schemas/DataDeletionResponseMeta' type: object + CreateNotificationRuleParameters: + description: Body of the notification rule create request. + properties: + data: + $ref: '#/components/schemas/CreateNotificationRuleParametersData' + type: object + CreateNotificationRuleParametersData: + description: 'Data of the notification rule create request: the rule type, and + the rule attributes. All fields are required.' + properties: + attributes: + $ref: '#/components/schemas/CreateNotificationRuleParametersDataAttributes' + type: + $ref: '#/components/schemas/NotificationRulesType' + required: + - attributes + - type + type: object + CreateNotificationRuleParametersDataAttributes: + description: Attributes of the notification rule create request. + properties: + enabled: + $ref: '#/components/schemas/Enabled' + name: + $ref: '#/components/schemas/RuleName' + selectors: + $ref: '#/components/schemas/Selectors' + targets: + $ref: '#/components/schemas/Targets' + time_aggregation: + $ref: '#/components/schemas/TimeAggregation' + required: + - selectors + - name + - targets + type: object CreateOpenAPIResponse: description: Response for `CreateOpenAPI` operation. properties: @@ -9115,6 +9169,11 @@ components: type: number type: array type: object + Date: + description: Date as Unix timestamp in milliseconds. + example: 1722439510282 + format: int64 + type: integer DeleteAppResponse: description: The definition of `DeleteAppResponse` object. properties: @@ -10297,6 +10356,10 @@ components: - score - severity type: object + Enabled: + description: Field used to enable or disable the rule. + example: true + type: boolean EntityAttributes: description: Entity attributes. properties: @@ -13245,6 +13308,10 @@ components: - APP_SEC_HOST_COUNT - OBSERVABILITY_PIPELINES_BYTES_PROCESSSED - LAMBDA_TRACED_INVOCATIONS_COUNT + ID: + description: The ID of a notification rule. + example: aaa-bbb-ccc + type: string IPAllowlistAttributes: description: Attributes of the IP allowlist. properties: @@ -19407,6 +19474,84 @@ components: meta: $ref: '#/components/schemas/MonthlyCostAttributionMeta' type: object + NotificationRule: + description: 'Notification rules allow full control over notifications generated + by the various Datadog security products. + + They allow users to define the conditions under which a notification should + be generated (based on rule severities, + + rule types, rule tags, and so on), and the targets to notify. + + A notification rule is composed of a rule ID, a rule type, and the rule attributes. + All fields are required. + + ' + properties: + attributes: + $ref: '#/components/schemas/NotificationRuleAttributes' + id: + $ref: '#/components/schemas/ID' + type: + $ref: '#/components/schemas/NotificationRulesType' + required: + - attributes + - id + - type + type: object + NotificationRuleAttributes: + description: Attributes of the notification rule. + properties: + created_at: + $ref: '#/components/schemas/Date' + created_by: + $ref: '#/components/schemas/RuleUser' + enabled: + $ref: '#/components/schemas/Enabled' + modified_at: + $ref: '#/components/schemas/Date' + modified_by: + $ref: '#/components/schemas/RuleUser' + name: + $ref: '#/components/schemas/RuleName' + selectors: + $ref: '#/components/schemas/Selectors' + targets: + $ref: '#/components/schemas/Targets' + time_aggregation: + $ref: '#/components/schemas/TimeAggregation' + version: + $ref: '#/components/schemas/Version' + required: + - created_at + - created_by + - enabled + - modified_at + - modified_by + - name + - selectors + - targets + - version + type: object + NotificationRuleQuery: + description: The query is composed of one or several key:value pairs, which + can be used to filter security issues on tags and attributes. + example: (source:production_service OR env:prod) + type: string + NotificationRuleResponse: + description: Response object which includes a notification rule. + properties: + data: + $ref: '#/components/schemas/NotificationRule' + type: object + NotificationRulesType: + description: The rule type associated to notification rules. + enum: + - notification_rules + example: notification_rules + type: string + x-enum-varnames: + - NOTIFICATION_RULES NullableRelationshipToUser: description: Relationship to user. nullable: true @@ -20260,6 +20405,44 @@ components: $ref: '#/components/schemas/ApplicationKeyResponseIncludedItem' type: array type: object + PatchNotificationRuleParameters: + description: Body of the notification rule patch request. + properties: + data: + $ref: '#/components/schemas/PatchNotificationRuleParametersData' + type: object + PatchNotificationRuleParametersData: + description: 'Data of the notification rule patch request: the rule ID, the + rule type, and the rule attributes. All fields are required.' + properties: + attributes: + $ref: '#/components/schemas/PatchNotificationRuleParametersDataAttributes' + id: + $ref: '#/components/schemas/ID' + type: + $ref: '#/components/schemas/NotificationRulesType' + required: + - attributes + - id + - type + type: object + PatchNotificationRuleParametersDataAttributes: + description: Attributes of the notification rule patch request. It is required + to update the version of the rule when patching it. + properties: + enabled: + $ref: '#/components/schemas/Enabled' + name: + $ref: '#/components/schemas/RuleName' + selectors: + $ref: '#/components/schemas/Selectors' + targets: + $ref: '#/components/schemas/Targets' + time_aggregation: + $ref: '#/components/schemas/TimeAggregation' + version: + $ref: '#/components/schemas/Version' + type: object Permission: description: Permission object. properties: @@ -22941,12 +23124,34 @@ components: description: The unique ID for a scorecard rule. example: q8MQxk8TCqrHnWkx type: string + RuleName: + description: Name of the notification rule. + example: Rule 1 + type: string RuleOutcomeRelationships: description: The JSON:API relationship to a scorecard rule. properties: rule: $ref: '#/components/schemas/RelationshipToOutcome' type: object + RuleSeverity: + description: Severity of a security rule. + enum: + - critical + - high + - medium + - low + - unknown + - info + example: critical + type: string + x-enum-varnames: + - CRITICAL + - HIGH + - MEDIUM + - LOW + - UNKNOWN + - INFO RuleType: default: rule description: The JSON:API type for scorecard rules. @@ -22956,6 +23161,69 @@ components: type: string x-enum-varnames: - RULE + RuleTypes: + description: Security rule types used to filter signals and vulnerabilities + generating notifications. + example: + - misconfiguration + - attack_path + items: + $ref: '#/components/schemas/RuleTypesItems' + type: array + RuleTypesItems: + description: 'Security rule types which can be used in notification rules. + + Signal-based notification rules can filter signals based on rule types application_security, + log_detection, + + workload_security, signal_correlation, cloud_configuration and infrastructure_configuration. + + Vulnerability-based notification rules can filter vulnerabilities based on + rule types application_code_vulnerability, + + application_library_vulnerability, attack_path, container_image_vulnerability, + identity_risk, misconfiguration, and api_security.' + enum: + - application_security + - log_detection + - workload_security + - signal_correlation + - cloud_configuration + - infrastructure_configuration + - application_code_vulnerability + - application_library_vulnerability + - attack_path + - container_image_vulnerability + - identity_risk + - misconfiguration + - api_security + type: string + x-enum-varnames: + - APPLICATION_SECURITY + - LOG_DETECTION + - WORKLOAD_SECURITY + - SIGNAL_CORRELATION + - CLOUD_CONFIGURATION + - INFRASTRUCTURE_CONFIGURATION + - APPLICATION_CODE_VULNERABILITY + - APPLICATION_LIBRARY_VULNERABILITY + - ATTACK_PATH + - CONTAINER_IMAGE_VULNERABILITY + - IDENTITY_RISK + - MISCONFIGURATION + - API_SECURITY + RuleUser: + description: User creating or modifying a rule. + properties: + handle: + description: The user handle. + example: john.doe@domain.com + type: string + name: + description: The user name. + example: John Doe + type: string + type: object RumMetricCompute: description: The compute rule to compute the rum-based metric. properties: @@ -25873,6 +26141,29 @@ components: nullable: true type: string type: object + Selectors: + description: 'Selectors are used to filter security issues for which notifications + should be generated. + + Users can specify rule severities, rule types, a query to filter security + issues on tags and attributes, and the trigger source. + + Only the trigger_source field is required.' + properties: + query: + $ref: '#/components/schemas/NotificationRuleQuery' + rule_types: + $ref: '#/components/schemas/RuleTypes' + severities: + description: The security rules severities to consider. + items: + $ref: '#/components/schemas/RuleSeverity' + type: array + trigger_source: + $ref: '#/components/schemas/TriggerSource' + required: + - trigger_source + type: object SensitiveDataScannerConfigRequest: description: Group reorder request. properties: @@ -28565,6 +28856,20 @@ components: description: Tag associated with your event. type: string type: array + Targets: + description: 'List of recipients to notify when a notification rule is triggered. + Many different target types are supported, + + such as email addresses, Slack channels, and PagerDuty services. + + The appropriate integrations need to be properly configured to send notifications + to the specified targets.' + example: + - '@john.doe@email.com' + items: + description: Recipients to notify. + type: string + type: array Team: description: A team properties: @@ -29141,6 +29446,22 @@ components: description: Offset type. type: string type: object + TimeAggregation: + description: 'Time aggregation period (in seconds) is used to aggregate the + results of the notification rule evaluation. + + Results are aggregated over a selected time frame using a rolling window, + which updates with each new evaluation. + + Notifications are only sent for new issues discovered during the window. + + Time aggregation is only available for vulnerability-based notification rules. + When omitted or set to 0, no aggregation + + is done.' + example: 86400 + format: int64 + type: integer TimeseriesFormulaQueryRequest: description: A request wrapper around a single timeseries query to be executed. properties: @@ -29333,6 +29654,20 @@ components: type: string x-enum-varnames: - SECRET + TriggerSource: + description: 'The type of security issues on which the rule applies. Notification + rules based on security signals need to use the trigger source "security_signals", + + while notification rules based on security vulnerabilities need to use the + trigger source "security_findings".' + enum: + - security_findings + - security_signals + example: security_findings + type: string + x-enum-varnames: + - SECURITY_FINDINGS + - SECURITY_SIGNALS Unit: description: Object containing the metric unit family, scale factor, name, and short name. @@ -30258,6 +30593,12 @@ components: type: string x-enum-varnames: - USERS + Version: + description: Version of the notification rule. It is updated when the rule is + modified. + example: 1 + format: int64 + type: integer VulnerabilitiesType: description: The JSON:API type. enum: @@ -30849,6 +31190,10 @@ components: security_monitoring_filters_write: Create, edit, and delete Security Filters. security_monitoring_findings_read: View a list of findings that include both misconfigurations and identity risks. + security_monitoring_notification_profiles_read: View Rule Security Notification + rules. + security_monitoring_notification_profiles_write: Create, edit, and delete + Security Notification rules. security_monitoring_rules_read: Read Detection Rules. security_monitoring_rules_write: Create and edit Detection Rules. security_monitoring_signals_read: View Security Signals. @@ -43576,6 +43921,188 @@ paths: x-unstable: '**Note**: This endpoint is a private preview. If you are interested in accessing this API, please [fill out this form](https://forms.gle/kMYC1sDr6WDUBDsx9).' + /api/v2/security/signals/notification_rules: + get: + description: Returns the list of notification rules for security signals. + operationId: GetSignalNotificationRules + responses: + '200': + $ref: '#/components/responses/NotificationRulesList' + '403': + $ref: '#/components/responses/ForbiddenResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_notification_profiles_read + summary: Get the list of signal-based rules + tags: + - Security Monitoring + x-permission: + operator: OR + permissions: + - security_monitoring_notification_profiles_read + post: + description: Create a new notification rule for security signals and return + the created rule. + operationId: CreateSignalNotificationRule + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CreateNotificationRuleParameters' + description: 'The body of the create notification rule request is composed + of the rule type and the rule attributes: + + the rule name, the selectors, the notification targets, and the rule enabled + status. + + ' + required: true + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationRuleResponse' + description: Successfully created the notification rule. + '400': + $ref: '#/components/responses/BadRequestResponse' + '403': + $ref: '#/components/responses/ForbiddenResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_notification_profiles_write + summary: Create a new signal-based rule + tags: + - Security Monitoring + x-codegen-request-body-name: body + x-permission: + operator: OR + permissions: + - security_monitoring_notification_profiles_write + /api/v2/security/signals/notification_rules/{id}: + delete: + description: Delete a notification rule for security signals. + operationId: DeleteSignalNotificationRule + parameters: + - description: ID of the notification rule. + in: path + name: id + required: true + schema: + type: string + responses: + '204': + description: Rule successfully deleted. + '403': + $ref: '#/components/responses/ForbiddenResponse' + '404': + $ref: '#/components/responses/NotFoundResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_notification_profiles_write + summary: Delete a signal-based rule + tags: + - Security Monitoring + x-permission: + operator: OR + permissions: + - security_monitoring_notification_profiles_write + get: + description: Get the details of a notification rule for security signals. + operationId: GetSignalNotificationRule + parameters: + - description: ID of the notification rule. + in: path + name: id + required: true + schema: + type: string + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationRuleResponse' + description: Notification rule details. + '400': + $ref: '#/components/responses/BadRequestResponse' + '403': + $ref: '#/components/responses/ForbiddenResponse' + '404': + $ref: '#/components/responses/NotFoundResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_notification_profiles_read + summary: Get details of a signal-based rule + tags: + - Security Monitoring + x-permission: + operator: OR + permissions: + - security_monitoring_notification_profiles_read + patch: + description: Partially update the notification rule. All fields are optional; + if a field is not provided, it is not updated. + operationId: PatchSignalNotificationRule + parameters: + - description: ID of the notification rule. + in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchNotificationRuleParameters' + required: true + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationRuleResponse' + description: Notification rule successfully patched. + '400': + $ref: '#/components/responses/BadRequestResponse' + '403': + $ref: '#/components/responses/ForbiddenResponse' + '404': + $ref: '#/components/responses/NotFoundResponse' + '422': + $ref: '#/components/responses/UnprocessableEntityResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_notification_profiles_write + summary: Patch a signal-based rule + tags: + - Security Monitoring + x-codegen-request-body-name: body + x-permission: + operator: OR + permissions: + - security_monitoring_notification_profiles_write /api/v2/security/vulnerabilities: get: description: "Get a list of vulnerabilities.\n\n### Pagination\n\nPagination @@ -43955,6 +44482,188 @@ paths: x-unstable: '**Note**: This endpoint is a private preview. If you are interested in accessing this API, please [fill out this form](https://forms.gle/kMYC1sDr6WDUBDsx9).' + /api/v2/security/vulnerabilities/notification_rules: + get: + description: Returns the list of notification rules for security vulnerabilities. + operationId: GetVulnerabilityNotificationRules + responses: + '200': + $ref: '#/components/responses/NotificationRulesList' + '403': + $ref: '#/components/responses/ForbiddenResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_notification_profiles_read + summary: Get the list of vulnerability-based rules + tags: + - Security Monitoring + x-permission: + operator: OR + permissions: + - security_monitoring_notification_profiles_read + post: + description: Create a new notification rule for security vulnerabilities and + return the created rule. + operationId: CreateVulnerabilityNotificationRule + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CreateNotificationRuleParameters' + description: 'The body of the create notification rule request is composed + of the rule type and the rule attributes: + + the rule name, the selectors, the notification targets, and the rule enabled + status. + + ' + required: true + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationRuleResponse' + description: Successfully created the notification rule. + '400': + $ref: '#/components/responses/BadRequestResponse' + '403': + $ref: '#/components/responses/ForbiddenResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_notification_profiles_write + summary: Create a new vulnerability-based rule + tags: + - Security Monitoring + x-codegen-request-body-name: body + x-permission: + operator: OR + permissions: + - security_monitoring_notification_profiles_write + /api/v2/security/vulnerabilities/notification_rules/{id}: + delete: + description: Delete a notification rule for security vulnerabilities. + operationId: DeleteVulnerabilityNotificationRule + parameters: + - description: ID of the notification rule. + in: path + name: id + required: true + schema: + type: string + responses: + '204': + description: Rule successfully deleted. + '403': + $ref: '#/components/responses/ForbiddenResponse' + '404': + $ref: '#/components/responses/NotFoundResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_notification_profiles_write + summary: Delete a vulnerability-based rule + tags: + - Security Monitoring + x-permission: + operator: OR + permissions: + - security_monitoring_notification_profiles_write + get: + description: Get the details of a notification rule for security vulnerabilities. + operationId: GetVulnerabilityNotificationRule + parameters: + - description: ID of the notification rule. + in: path + name: id + required: true + schema: + type: string + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationRuleResponse' + description: Notification rule details. + '400': + $ref: '#/components/responses/BadRequestResponse' + '403': + $ref: '#/components/responses/ForbiddenResponse' + '404': + $ref: '#/components/responses/NotFoundResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_notification_profiles_read + summary: Get details of a vulnerability-based rule + tags: + - Security Monitoring + x-permission: + operator: OR + permissions: + - security_monitoring_notification_profiles_read + patch: + description: Partially update the notification rule. All fields are optional; + if a field is not provided, it is not updated. + operationId: PatchVulnerabilityNotificationRule + parameters: + - description: ID of the notification rule. + in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchNotificationRuleParameters' + required: true + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationRuleResponse' + description: Notification rule successfully patched. + '400': + $ref: '#/components/responses/BadRequestResponse' + '403': + $ref: '#/components/responses/ForbiddenResponse' + '404': + $ref: '#/components/responses/NotFoundResponse' + '422': + $ref: '#/components/responses/UnprocessableEntityResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_notification_profiles_write + summary: Patch a vulnerability-based rule + tags: + - Security Monitoring + x-codegen-request-body-name: body + x-permission: + operator: OR + permissions: + - security_monitoring_notification_profiles_write /api/v2/security_monitoring/cloud_workload_security/agent_rules: get: description: Get the list of Agent rules. diff --git a/docs/datadog_api_client.v2.model.rst b/docs/datadog_api_client.v2.model.rst index 30b0f30281..a5906d7ea3 100644 --- a/docs/datadog_api_client.v2.model.rst +++ b/docs/datadog_api_client.v2.model.rst @@ -2881,6 +2881,27 @@ datadog\_api\_client.v2.model.create\_data\_deletion\_response\_body module :members: :show-inheritance: +datadog\_api\_client.v2.model.create\_notification\_rule\_parameters module +--------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.create_notification_rule_parameters + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.create\_notification\_rule\_parameters\_data module +--------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.create_notification_rule_parameters_data + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.create\_notification\_rule\_parameters\_data\_attributes module +--------------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.create_notification_rule_parameters_data_attributes + :members: + :show-inheritance: + datadog\_api\_client.v2.model.create\_open\_api\_response module ---------------------------------------------------------------- @@ -8411,6 +8432,34 @@ datadog\_api\_client.v2.model.ms\_teams\_integration\_metadata\_teams\_item modu :members: :show-inheritance: +datadog\_api\_client.v2.model.notification\_rule module +------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.notification_rule + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.notification\_rule\_attributes module +------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.notification_rule_attributes + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.notification\_rule\_response module +----------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.notification_rule_response + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.notification\_rules\_type module +-------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.notification_rules_type + :members: + :show-inheritance: + datadog\_api\_client.v2.model.nullable\_relationship\_to\_user module --------------------------------------------------------------------- @@ -8859,6 +8908,27 @@ datadog\_api\_client.v2.model.partial\_application\_key\_response module :members: :show-inheritance: +datadog\_api\_client.v2.model.patch\_notification\_rule\_parameters module +-------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.patch_notification_rule_parameters + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.patch\_notification\_rule\_parameters\_data module +-------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.patch_notification_rule_parameters_data + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.patch\_notification\_rule\_parameters\_data\_attributes module +-------------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.patch_notification_rule_parameters_data_attributes + :members: + :show-inheritance: + datadog\_api\_client.v2.model.permission module ----------------------------------------------- @@ -9797,6 +9867,13 @@ datadog\_api\_client.v2.model.rule\_outcome\_relationships module :members: :show-inheritance: +datadog\_api\_client.v2.model.rule\_severity module +--------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.rule_severity + :members: + :show-inheritance: + datadog\_api\_client.v2.model.rule\_type module ----------------------------------------------- @@ -9804,6 +9881,20 @@ datadog\_api\_client.v2.model.rule\_type module :members: :show-inheritance: +datadog\_api\_client.v2.model.rule\_types\_items module +------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.rule_types_items + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.rule\_user module +----------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.rule_user + :members: + :show-inheritance: + datadog\_api\_client.v2.model.rum\_aggregate\_bucket\_value module ------------------------------------------------------------------ @@ -11267,6 +11358,13 @@ datadog\_api\_client.v2.model.security\_monitoring\_user module :members: :show-inheritance: +datadog\_api\_client.v2.model.selectors module +---------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.selectors + :members: + :show-inheritance: + datadog\_api\_client.v2.model.sensitive\_data\_scanner\_config\_request module ------------------------------------------------------------------------------ @@ -12975,6 +13073,13 @@ datadog\_api\_client.v2.model.token\_type module :members: :show-inheritance: +datadog\_api\_client.v2.model.trigger\_source module +---------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.trigger_source + :members: + :show-inheritance: + datadog\_api\_client.v2.model.unit module ----------------------------------------- diff --git a/examples/v2/security-monitoring/CreateSignalNotificationRule.py b/examples/v2/security-monitoring/CreateSignalNotificationRule.py new file mode 100644 index 0000000000..07927514af --- /dev/null +++ b/examples/v2/security-monitoring/CreateSignalNotificationRule.py @@ -0,0 +1,48 @@ +""" +Create a new signal-based rule returns "Successfully created the notification rule." response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi +from datadog_api_client.v2.model.create_notification_rule_parameters import CreateNotificationRuleParameters +from datadog_api_client.v2.model.create_notification_rule_parameters_data import CreateNotificationRuleParametersData +from datadog_api_client.v2.model.create_notification_rule_parameters_data_attributes import ( + CreateNotificationRuleParametersDataAttributes, +) +from datadog_api_client.v2.model.notification_rules_type import NotificationRulesType +from datadog_api_client.v2.model.rule_severity import RuleSeverity +from datadog_api_client.v2.model.rule_types_items import RuleTypesItems +from datadog_api_client.v2.model.selectors import Selectors +from datadog_api_client.v2.model.trigger_source import TriggerSource + +body = CreateNotificationRuleParameters( + data=CreateNotificationRuleParametersData( + attributes=CreateNotificationRuleParametersDataAttributes( + enabled=True, + name="Rule 1", + selectors=Selectors( + query="(source:production_service OR env:prod)", + rule_types=[ + RuleTypesItems.MISCONFIGURATION, + RuleTypesItems.ATTACK_PATH, + ], + severities=[ + RuleSeverity.CRITICAL, + ], + trigger_source=TriggerSource.SECURITY_FINDINGS, + ), + targets=[ + "@john.doe@email.com", + ], + time_aggregation=86400, + ), + type=NotificationRulesType.NOTIFICATION_RULES, + ), +) + +configuration = Configuration() +with ApiClient(configuration) as api_client: + api_instance = SecurityMonitoringApi(api_client) + response = api_instance.create_signal_notification_rule(body=body) + + print(response) diff --git a/examples/v2/security-monitoring/CreateVulnerabilityNotificationRule.py b/examples/v2/security-monitoring/CreateVulnerabilityNotificationRule.py new file mode 100644 index 0000000000..10c46c4480 --- /dev/null +++ b/examples/v2/security-monitoring/CreateVulnerabilityNotificationRule.py @@ -0,0 +1,48 @@ +""" +Create a new vulnerability-based rule returns "Successfully created the notification rule." response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi +from datadog_api_client.v2.model.create_notification_rule_parameters import CreateNotificationRuleParameters +from datadog_api_client.v2.model.create_notification_rule_parameters_data import CreateNotificationRuleParametersData +from datadog_api_client.v2.model.create_notification_rule_parameters_data_attributes import ( + CreateNotificationRuleParametersDataAttributes, +) +from datadog_api_client.v2.model.notification_rules_type import NotificationRulesType +from datadog_api_client.v2.model.rule_severity import RuleSeverity +from datadog_api_client.v2.model.rule_types_items import RuleTypesItems +from datadog_api_client.v2.model.selectors import Selectors +from datadog_api_client.v2.model.trigger_source import TriggerSource + +body = CreateNotificationRuleParameters( + data=CreateNotificationRuleParametersData( + attributes=CreateNotificationRuleParametersDataAttributes( + enabled=True, + name="Rule 1", + selectors=Selectors( + query="(source:production_service OR env:prod)", + rule_types=[ + RuleTypesItems.MISCONFIGURATION, + RuleTypesItems.ATTACK_PATH, + ], + severities=[ + RuleSeverity.CRITICAL, + ], + trigger_source=TriggerSource.SECURITY_FINDINGS, + ), + targets=[ + "@john.doe@email.com", + ], + time_aggregation=86400, + ), + type=NotificationRulesType.NOTIFICATION_RULES, + ), +) + +configuration = Configuration() +with ApiClient(configuration) as api_client: + api_instance = SecurityMonitoringApi(api_client) + response = api_instance.create_vulnerability_notification_rule(body=body) + + print(response) diff --git a/examples/v2/security-monitoring/DeleteSignalNotificationRule.py b/examples/v2/security-monitoring/DeleteSignalNotificationRule.py new file mode 100644 index 0000000000..8ab1a31f98 --- /dev/null +++ b/examples/v2/security-monitoring/DeleteSignalNotificationRule.py @@ -0,0 +1,17 @@ +""" +Delete a signal-based rule returns "Rule successfully deleted." response +""" + +from os import environ +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi + +# there is a valid "valid_signal_notification_rule" in the system +VALID_SIGNAL_NOTIFICATION_RULE_DATA_ID = environ["VALID_SIGNAL_NOTIFICATION_RULE_DATA_ID"] + +configuration = Configuration() +with ApiClient(configuration) as api_client: + api_instance = SecurityMonitoringApi(api_client) + api_instance.delete_signal_notification_rule( + id=VALID_SIGNAL_NOTIFICATION_RULE_DATA_ID, + ) diff --git a/examples/v2/security-monitoring/DeleteVulnerabilityNotificationRule.py b/examples/v2/security-monitoring/DeleteVulnerabilityNotificationRule.py new file mode 100644 index 0000000000..75a47af6c7 --- /dev/null +++ b/examples/v2/security-monitoring/DeleteVulnerabilityNotificationRule.py @@ -0,0 +1,17 @@ +""" +Delete a vulnerability-based rule returns "Rule successfully deleted." response +""" + +from os import environ +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi + +# there is a valid "valid_vulnerability_notification_rule" in the system +VALID_VULNERABILITY_NOTIFICATION_RULE_DATA_ID = environ["VALID_VULNERABILITY_NOTIFICATION_RULE_DATA_ID"] + +configuration = Configuration() +with ApiClient(configuration) as api_client: + api_instance = SecurityMonitoringApi(api_client) + api_instance.delete_vulnerability_notification_rule( + id=VALID_VULNERABILITY_NOTIFICATION_RULE_DATA_ID, + ) diff --git a/examples/v2/security-monitoring/GetSignalNotificationRule.py b/examples/v2/security-monitoring/GetSignalNotificationRule.py new file mode 100644 index 0000000000..113e16dd5f --- /dev/null +++ b/examples/v2/security-monitoring/GetSignalNotificationRule.py @@ -0,0 +1,19 @@ +""" +Get details of a signal-based rule returns "Notification rule details." response +""" + +from os import environ +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi + +# there is a valid "valid_signal_notification_rule" in the system +VALID_SIGNAL_NOTIFICATION_RULE_DATA_ID = environ["VALID_SIGNAL_NOTIFICATION_RULE_DATA_ID"] + +configuration = Configuration() +with ApiClient(configuration) as api_client: + api_instance = SecurityMonitoringApi(api_client) + response = api_instance.get_signal_notification_rule( + id=VALID_SIGNAL_NOTIFICATION_RULE_DATA_ID, + ) + + print(response) diff --git a/examples/v2/security-monitoring/GetSignalNotificationRules.py b/examples/v2/security-monitoring/GetSignalNotificationRules.py new file mode 100644 index 0000000000..fcbc917cca --- /dev/null +++ b/examples/v2/security-monitoring/GetSignalNotificationRules.py @@ -0,0 +1,13 @@ +""" +Get the list of signal-based rules returns "The list of notification rules." response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi + +configuration = Configuration() +with ApiClient(configuration) as api_client: + api_instance = SecurityMonitoringApi(api_client) + response = api_instance.get_signal_notification_rules() + + print(response) diff --git a/examples/v2/security-monitoring/GetVulnerabilityNotificationRule.py b/examples/v2/security-monitoring/GetVulnerabilityNotificationRule.py new file mode 100644 index 0000000000..bd4fef653e --- /dev/null +++ b/examples/v2/security-monitoring/GetVulnerabilityNotificationRule.py @@ -0,0 +1,19 @@ +""" +Get details of a vulnerability-based rule returns "Notification rule details." response +""" + +from os import environ +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi + +# there is a valid "valid_vulnerability_notification_rule" in the system +VALID_VULNERABILITY_NOTIFICATION_RULE_DATA_ID = environ["VALID_VULNERABILITY_NOTIFICATION_RULE_DATA_ID"] + +configuration = Configuration() +with ApiClient(configuration) as api_client: + api_instance = SecurityMonitoringApi(api_client) + response = api_instance.get_vulnerability_notification_rule( + id=VALID_VULNERABILITY_NOTIFICATION_RULE_DATA_ID, + ) + + print(response) diff --git a/examples/v2/security-monitoring/GetVulnerabilityNotificationRules.py b/examples/v2/security-monitoring/GetVulnerabilityNotificationRules.py new file mode 100644 index 0000000000..699fe5528d --- /dev/null +++ b/examples/v2/security-monitoring/GetVulnerabilityNotificationRules.py @@ -0,0 +1,13 @@ +""" +Get the list of vulnerability-based rules returns "The list of notification rules." response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi + +configuration = Configuration() +with ApiClient(configuration) as api_client: + api_instance = SecurityMonitoringApi(api_client) + response = api_instance.get_vulnerability_notification_rules() + + print(response) diff --git a/examples/v2/security-monitoring/PatchSignalNotificationRule.py b/examples/v2/security-monitoring/PatchSignalNotificationRule.py new file mode 100644 index 0000000000..dfabc38d07 --- /dev/null +++ b/examples/v2/security-monitoring/PatchSignalNotificationRule.py @@ -0,0 +1,54 @@ +""" +Patch a signal-based rule returns "Notification rule successfully patched." response +""" + +from os import environ +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi +from datadog_api_client.v2.model.notification_rules_type import NotificationRulesType +from datadog_api_client.v2.model.patch_notification_rule_parameters import PatchNotificationRuleParameters +from datadog_api_client.v2.model.patch_notification_rule_parameters_data import PatchNotificationRuleParametersData +from datadog_api_client.v2.model.patch_notification_rule_parameters_data_attributes import ( + PatchNotificationRuleParametersDataAttributes, +) +from datadog_api_client.v2.model.rule_severity import RuleSeverity +from datadog_api_client.v2.model.rule_types_items import RuleTypesItems +from datadog_api_client.v2.model.selectors import Selectors +from datadog_api_client.v2.model.trigger_source import TriggerSource + +# there is a valid "valid_signal_notification_rule" in the system +VALID_SIGNAL_NOTIFICATION_RULE_DATA_ID = environ["VALID_SIGNAL_NOTIFICATION_RULE_DATA_ID"] + +body = PatchNotificationRuleParameters( + data=PatchNotificationRuleParametersData( + attributes=PatchNotificationRuleParametersDataAttributes( + enabled=True, + name="Rule 1", + selectors=Selectors( + query="(source:production_service OR env:prod)", + rule_types=[ + RuleTypesItems.MISCONFIGURATION, + RuleTypesItems.ATTACK_PATH, + ], + severities=[ + RuleSeverity.CRITICAL, + ], + trigger_source=TriggerSource.SECURITY_FINDINGS, + ), + targets=[ + "@john.doe@email.com", + ], + time_aggregation=86400, + version=1, + ), + id=VALID_SIGNAL_NOTIFICATION_RULE_DATA_ID, + type=NotificationRulesType.NOTIFICATION_RULES, + ), +) + +configuration = Configuration() +with ApiClient(configuration) as api_client: + api_instance = SecurityMonitoringApi(api_client) + response = api_instance.patch_signal_notification_rule(id=VALID_SIGNAL_NOTIFICATION_RULE_DATA_ID, body=body) + + print(response) diff --git a/examples/v2/security-monitoring/PatchVulnerabilityNotificationRule.py b/examples/v2/security-monitoring/PatchVulnerabilityNotificationRule.py new file mode 100644 index 0000000000..2735fb6159 --- /dev/null +++ b/examples/v2/security-monitoring/PatchVulnerabilityNotificationRule.py @@ -0,0 +1,56 @@ +""" +Patch a vulnerability-based rule returns "Notification rule successfully patched." response +""" + +from os import environ +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi +from datadog_api_client.v2.model.notification_rules_type import NotificationRulesType +from datadog_api_client.v2.model.patch_notification_rule_parameters import PatchNotificationRuleParameters +from datadog_api_client.v2.model.patch_notification_rule_parameters_data import PatchNotificationRuleParametersData +from datadog_api_client.v2.model.patch_notification_rule_parameters_data_attributes import ( + PatchNotificationRuleParametersDataAttributes, +) +from datadog_api_client.v2.model.rule_severity import RuleSeverity +from datadog_api_client.v2.model.rule_types_items import RuleTypesItems +from datadog_api_client.v2.model.selectors import Selectors +from datadog_api_client.v2.model.trigger_source import TriggerSource + +# there is a valid "valid_vulnerability_notification_rule" in the system +VALID_VULNERABILITY_NOTIFICATION_RULE_DATA_ID = environ["VALID_VULNERABILITY_NOTIFICATION_RULE_DATA_ID"] + +body = PatchNotificationRuleParameters( + data=PatchNotificationRuleParametersData( + attributes=PatchNotificationRuleParametersDataAttributes( + enabled=True, + name="Rule 1", + selectors=Selectors( + query="(source:production_service OR env:prod)", + rule_types=[ + RuleTypesItems.MISCONFIGURATION, + RuleTypesItems.ATTACK_PATH, + ], + severities=[ + RuleSeverity.CRITICAL, + ], + trigger_source=TriggerSource.SECURITY_FINDINGS, + ), + targets=[ + "@john.doe@email.com", + ], + time_aggregation=86400, + version=1, + ), + id=VALID_VULNERABILITY_NOTIFICATION_RULE_DATA_ID, + type=NotificationRulesType.NOTIFICATION_RULES, + ), +) + +configuration = Configuration() +with ApiClient(configuration) as api_client: + api_instance = SecurityMonitoringApi(api_client) + response = api_instance.patch_vulnerability_notification_rule( + id=VALID_VULNERABILITY_NOTIFICATION_RULE_DATA_ID, body=body + ) + + print(response) diff --git a/src/datadog_api_client/v2/api/security_monitoring_api.py b/src/datadog_api_client/v2/api/security_monitoring_api.py index f2ebb7f35a..9eae3d68cb 100644 --- a/src/datadog_api_client/v2/api/security_monitoring_api.py +++ b/src/datadog_api_client/v2/api/security_monitoring_api.py @@ -26,6 +26,9 @@ from datadog_api_client.v2.model.list_vulnerable_assets_response import ListVulnerableAssetsResponse from datadog_api_client.v2.model.asset_type import AssetType from datadog_api_client.v2.model.get_sbom_response import GetSBOMResponse +from datadog_api_client.v2.model.notification_rule_response import NotificationRuleResponse +from datadog_api_client.v2.model.create_notification_rule_parameters import CreateNotificationRuleParameters +from datadog_api_client.v2.model.patch_notification_rule_parameters import PatchNotificationRuleParameters from datadog_api_client.v2.model.list_vulnerabilities_response import ListVulnerabilitiesResponse from datadog_api_client.v2.model.vulnerability_type import VulnerabilityType from datadog_api_client.v2.model.vulnerability_severity import VulnerabilitySeverity @@ -243,6 +246,46 @@ def __init__(self, api_client=None): api_client=api_client, ) + self._create_signal_notification_rule_endpoint = _Endpoint( + settings={ + "response_type": (NotificationRuleResponse,), + "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"], + "endpoint_path": "/api/v2/security/signals/notification_rules", + "operation_id": "create_signal_notification_rule", + "http_method": "POST", + "version": "v2", + }, + params_map={ + "body": { + "required": True, + "openapi_types": (CreateNotificationRuleParameters,), + "location": "body", + }, + }, + headers_map={"accept": ["application/json"], "content_type": ["application/json"]}, + api_client=api_client, + ) + + self._create_vulnerability_notification_rule_endpoint = _Endpoint( + settings={ + "response_type": (NotificationRuleResponse,), + "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"], + "endpoint_path": "/api/v2/security/vulnerabilities/notification_rules", + "operation_id": "create_vulnerability_notification_rule", + "http_method": "POST", + "version": "v2", + }, + params_map={ + "body": { + "required": True, + "openapi_types": (CreateNotificationRuleParameters,), + "location": "body", + }, + }, + headers_map={"accept": ["application/json"], "content_type": ["application/json"]}, + api_client=api_client, + ) + self._delete_historical_job_endpoint = _Endpoint( settings={ "response_type": None, @@ -335,6 +378,52 @@ def __init__(self, api_client=None): api_client=api_client, ) + self._delete_signal_notification_rule_endpoint = _Endpoint( + settings={ + "response_type": None, + "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"], + "endpoint_path": "/api/v2/security/signals/notification_rules/{id}", + "operation_id": "delete_signal_notification_rule", + "http_method": "DELETE", + "version": "v2", + }, + params_map={ + "id": { + "required": True, + "openapi_types": (str,), + "attribute": "id", + "location": "path", + }, + }, + headers_map={ + "accept": ["*/*"], + }, + api_client=api_client, + ) + + self._delete_vulnerability_notification_rule_endpoint = _Endpoint( + settings={ + "response_type": None, + "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"], + "endpoint_path": "/api/v2/security/vulnerabilities/notification_rules/{id}", + "operation_id": "delete_vulnerability_notification_rule", + "http_method": "DELETE", + "version": "v2", + }, + params_map={ + "id": { + "required": True, + "openapi_types": (str,), + "attribute": "id", + "location": "path", + }, + }, + headers_map={ + "accept": ["*/*"], + }, + api_client=api_client, + ) + self._edit_security_monitoring_signal_assignee_endpoint = _Endpoint( settings={ "response_type": (SecurityMonitoringSignalTriageUpdateResponse,), @@ -593,6 +682,84 @@ def __init__(self, api_client=None): api_client=api_client, ) + self._get_signal_notification_rule_endpoint = _Endpoint( + settings={ + "response_type": (NotificationRuleResponse,), + "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"], + "endpoint_path": "/api/v2/security/signals/notification_rules/{id}", + "operation_id": "get_signal_notification_rule", + "http_method": "GET", + "version": "v2", + }, + params_map={ + "id": { + "required": True, + "openapi_types": (str,), + "attribute": "id", + "location": "path", + }, + }, + headers_map={ + "accept": ["application/json"], + }, + api_client=api_client, + ) + + self._get_signal_notification_rules_endpoint = _Endpoint( + settings={ + "response_type": (dict,), + "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"], + "endpoint_path": "/api/v2/security/signals/notification_rules", + "operation_id": "get_signal_notification_rules", + "http_method": "GET", + "version": "v2", + }, + params_map={}, + headers_map={ + "accept": ["application/json"], + }, + api_client=api_client, + ) + + self._get_vulnerability_notification_rule_endpoint = _Endpoint( + settings={ + "response_type": (NotificationRuleResponse,), + "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"], + "endpoint_path": "/api/v2/security/vulnerabilities/notification_rules/{id}", + "operation_id": "get_vulnerability_notification_rule", + "http_method": "GET", + "version": "v2", + }, + params_map={ + "id": { + "required": True, + "openapi_types": (str,), + "attribute": "id", + "location": "path", + }, + }, + headers_map={ + "accept": ["application/json"], + }, + api_client=api_client, + ) + + self._get_vulnerability_notification_rules_endpoint = _Endpoint( + settings={ + "response_type": (dict,), + "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"], + "endpoint_path": "/api/v2/security/vulnerabilities/notification_rules", + "operation_id": "get_vulnerability_notification_rules", + "http_method": "GET", + "version": "v2", + }, + params_map={}, + headers_map={ + "accept": ["application/json"], + }, + api_client=api_client, + ) + self._list_findings_endpoint = _Endpoint( settings={ "response_type": (ListFindingsResponse,), @@ -1181,6 +1348,58 @@ def __init__(self, api_client=None): api_client=api_client, ) + self._patch_signal_notification_rule_endpoint = _Endpoint( + settings={ + "response_type": (NotificationRuleResponse,), + "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"], + "endpoint_path": "/api/v2/security/signals/notification_rules/{id}", + "operation_id": "patch_signal_notification_rule", + "http_method": "PATCH", + "version": "v2", + }, + params_map={ + "id": { + "required": True, + "openapi_types": (str,), + "attribute": "id", + "location": "path", + }, + "body": { + "required": True, + "openapi_types": (PatchNotificationRuleParameters,), + "location": "body", + }, + }, + headers_map={"accept": ["application/json"], "content_type": ["application/json"]}, + api_client=api_client, + ) + + self._patch_vulnerability_notification_rule_endpoint = _Endpoint( + settings={ + "response_type": (NotificationRuleResponse,), + "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"], + "endpoint_path": "/api/v2/security/vulnerabilities/notification_rules/{id}", + "operation_id": "patch_vulnerability_notification_rule", + "http_method": "PATCH", + "version": "v2", + }, + params_map={ + "id": { + "required": True, + "openapi_types": (str,), + "attribute": "id", + "location": "path", + }, + "body": { + "required": True, + "openapi_types": (PatchNotificationRuleParameters,), + "location": "body", + }, + }, + headers_map={"accept": ["application/json"], "content_type": ["application/json"]}, + api_client=api_client, + ) + self._run_historical_job_endpoint = _Endpoint( settings={ "response_type": (JobCreateResponse,), @@ -1494,6 +1713,42 @@ def create_security_monitoring_suppression( return self._create_security_monitoring_suppression_endpoint.call_with_http_info(**kwargs) + def create_signal_notification_rule( + self, + body: CreateNotificationRuleParameters, + ) -> NotificationRuleResponse: + """Create a new signal-based rule. + + Create a new notification rule for security signals and return the created rule. + + :param body: The body of the create notification rule request is composed of the rule type and the rule attributes: + the rule name, the selectors, the notification targets, and the rule enabled status. + :type body: CreateNotificationRuleParameters + :rtype: NotificationRuleResponse + """ + kwargs: Dict[str, Any] = {} + kwargs["body"] = body + + return self._create_signal_notification_rule_endpoint.call_with_http_info(**kwargs) + + def create_vulnerability_notification_rule( + self, + body: CreateNotificationRuleParameters, + ) -> NotificationRuleResponse: + """Create a new vulnerability-based rule. + + Create a new notification rule for security vulnerabilities and return the created rule. + + :param body: The body of the create notification rule request is composed of the rule type and the rule attributes: + the rule name, the selectors, the notification targets, and the rule enabled status. + :type body: CreateNotificationRuleParameters + :rtype: NotificationRuleResponse + """ + kwargs: Dict[str, Any] = {} + kwargs["body"] = body + + return self._create_vulnerability_notification_rule_endpoint.call_with_http_info(**kwargs) + def delete_historical_job( self, job_id: str, @@ -1562,6 +1817,40 @@ def delete_security_monitoring_suppression( return self._delete_security_monitoring_suppression_endpoint.call_with_http_info(**kwargs) + def delete_signal_notification_rule( + self, + id: str, + ) -> None: + """Delete a signal-based rule. + + Delete a notification rule for security signals. + + :param id: ID of the notification rule. + :type id: str + :rtype: None + """ + kwargs: Dict[str, Any] = {} + kwargs["id"] = id + + return self._delete_signal_notification_rule_endpoint.call_with_http_info(**kwargs) + + def delete_vulnerability_notification_rule( + self, + id: str, + ) -> None: + """Delete a vulnerability-based rule. + + Delete a notification rule for security vulnerabilities. + + :param id: ID of the notification rule. + :type id: str + :rtype: None + """ + kwargs: Dict[str, Any] = {} + kwargs["id"] = id + + return self._delete_vulnerability_notification_rule_endpoint.call_with_http_info(**kwargs) + def edit_security_monitoring_signal_assignee( self, signal_id: str, @@ -1769,6 +2058,64 @@ def get_security_monitoring_suppression( return self._get_security_monitoring_suppression_endpoint.call_with_http_info(**kwargs) + def get_signal_notification_rule( + self, + id: str, + ) -> NotificationRuleResponse: + """Get details of a signal-based rule. + + Get the details of a notification rule for security signals. + + :param id: ID of the notification rule. + :type id: str + :rtype: NotificationRuleResponse + """ + kwargs: Dict[str, Any] = {} + kwargs["id"] = id + + return self._get_signal_notification_rule_endpoint.call_with_http_info(**kwargs) + + def get_signal_notification_rules( + self, + ) -> dict: + """Get the list of signal-based rules. + + Returns the list of notification rules for security signals. + + :rtype: dict + """ + kwargs: Dict[str, Any] = {} + return self._get_signal_notification_rules_endpoint.call_with_http_info(**kwargs) + + def get_vulnerability_notification_rule( + self, + id: str, + ) -> NotificationRuleResponse: + """Get details of a vulnerability-based rule. + + Get the details of a notification rule for security vulnerabilities. + + :param id: ID of the notification rule. + :type id: str + :rtype: NotificationRuleResponse + """ + kwargs: Dict[str, Any] = {} + kwargs["id"] = id + + return self._get_vulnerability_notification_rule_endpoint.call_with_http_info(**kwargs) + + def get_vulnerability_notification_rules( + self, + ) -> dict: + """Get the list of vulnerability-based rules. + + Returns the list of notification rules for security vulnerabilities. + + :rtype: dict + """ + kwargs: Dict[str, Any] = {} + return self._get_vulnerability_notification_rules_endpoint.call_with_http_info(**kwargs) + def list_findings( self, *, @@ -2673,6 +3020,48 @@ def mute_findings( return self._mute_findings_endpoint.call_with_http_info(**kwargs) + def patch_signal_notification_rule( + self, + id: str, + body: PatchNotificationRuleParameters, + ) -> NotificationRuleResponse: + """Patch a signal-based rule. + + Partially update the notification rule. All fields are optional; if a field is not provided, it is not updated. + + :param id: ID of the notification rule. + :type id: str + :type body: PatchNotificationRuleParameters + :rtype: NotificationRuleResponse + """ + kwargs: Dict[str, Any] = {} + kwargs["id"] = id + + kwargs["body"] = body + + return self._patch_signal_notification_rule_endpoint.call_with_http_info(**kwargs) + + def patch_vulnerability_notification_rule( + self, + id: str, + body: PatchNotificationRuleParameters, + ) -> NotificationRuleResponse: + """Patch a vulnerability-based rule. + + Partially update the notification rule. All fields are optional; if a field is not provided, it is not updated. + + :param id: ID of the notification rule. + :type id: str + :type body: PatchNotificationRuleParameters + :rtype: NotificationRuleResponse + """ + kwargs: Dict[str, Any] = {} + kwargs["id"] = id + + kwargs["body"] = body + + return self._patch_vulnerability_notification_rule_endpoint.call_with_http_info(**kwargs) + def run_historical_job( self, body: RunHistoricalJobRequest, diff --git a/src/datadog_api_client/v2/model/create_notification_rule_parameters.py b/src/datadog_api_client/v2/model/create_notification_rule_parameters.py new file mode 100644 index 0000000000..2c2c227c3a --- /dev/null +++ b/src/datadog_api_client/v2/model/create_notification_rule_parameters.py @@ -0,0 +1,46 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import Union, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.create_notification_rule_parameters_data import ( + CreateNotificationRuleParametersData, + ) + + +class CreateNotificationRuleParameters(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.create_notification_rule_parameters_data import ( + CreateNotificationRuleParametersData, + ) + + return { + "data": (CreateNotificationRuleParametersData,), + } + + attribute_map = { + "data": "data", + } + + def __init__(self_, data: Union[CreateNotificationRuleParametersData, UnsetType] = unset, **kwargs): + """ + Body of the notification rule create request. + + :param data: Data of the notification rule create request: the rule type, and the rule attributes. All fields are required. + :type data: CreateNotificationRuleParametersData, optional + """ + if data is not unset: + kwargs["data"] = data + super().__init__(kwargs) diff --git a/src/datadog_api_client/v2/model/create_notification_rule_parameters_data.py b/src/datadog_api_client/v2/model/create_notification_rule_parameters_data.py new file mode 100644 index 0000000000..2063fb46b3 --- /dev/null +++ b/src/datadog_api_client/v2/model/create_notification_rule_parameters_data.py @@ -0,0 +1,54 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.create_notification_rule_parameters_data_attributes import ( + CreateNotificationRuleParametersDataAttributes, + ) + from datadog_api_client.v2.model.notification_rules_type import NotificationRulesType + + +class CreateNotificationRuleParametersData(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.create_notification_rule_parameters_data_attributes import ( + CreateNotificationRuleParametersDataAttributes, + ) + from datadog_api_client.v2.model.notification_rules_type import NotificationRulesType + + return { + "attributes": (CreateNotificationRuleParametersDataAttributes,), + "type": (NotificationRulesType,), + } + + attribute_map = { + "attributes": "attributes", + "type": "type", + } + + def __init__( + self_, attributes: CreateNotificationRuleParametersDataAttributes, type: NotificationRulesType, **kwargs + ): + """ + Data of the notification rule create request: the rule type, and the rule attributes. All fields are required. + + :param attributes: Attributes of the notification rule create request. + :type attributes: CreateNotificationRuleParametersDataAttributes + + :param type: The rule type associated to notification rules. + :type type: NotificationRulesType + """ + super().__init__(kwargs) + + self_.attributes = attributes + self_.type = type diff --git a/src/datadog_api_client/v2/model/create_notification_rule_parameters_data_attributes.py b/src/datadog_api_client/v2/model/create_notification_rule_parameters_data_attributes.py new file mode 100644 index 0000000000..5bb5837e38 --- /dev/null +++ b/src/datadog_api_client/v2/model/create_notification_rule_parameters_data_attributes.py @@ -0,0 +1,84 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import List, Union, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.selectors import Selectors + + +class CreateNotificationRuleParametersDataAttributes(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.selectors import Selectors + + return { + "enabled": (bool,), + "name": (str,), + "selectors": (Selectors,), + "targets": ([str],), + "time_aggregation": (int,), + } + + attribute_map = { + "enabled": "enabled", + "name": "name", + "selectors": "selectors", + "targets": "targets", + "time_aggregation": "time_aggregation", + } + + def __init__( + self_, + name: str, + selectors: Selectors, + targets: List[str], + enabled: Union[bool, UnsetType] = unset, + time_aggregation: Union[int, UnsetType] = unset, + **kwargs, + ): + """ + Attributes of the notification rule create request. + + :param enabled: Field used to enable or disable the rule. + :type enabled: bool, optional + + :param name: Name of the notification rule. + :type name: str + + :param selectors: Selectors are used to filter security issues for which notifications should be generated. + Users can specify rule severities, rule types, a query to filter security issues on tags and attributes, and the trigger source. + Only the trigger_source field is required. + :type selectors: Selectors + + :param targets: List of recipients to notify when a notification rule is triggered. Many different target types are supported, + such as email addresses, Slack channels, and PagerDuty services. + The appropriate integrations need to be properly configured to send notifications to the specified targets. + :type targets: [str] + + :param time_aggregation: Time aggregation period (in seconds) is used to aggregate the results of the notification rule evaluation. + Results are aggregated over a selected time frame using a rolling window, which updates with each new evaluation. + Notifications are only sent for new issues discovered during the window. + Time aggregation is only available for vulnerability-based notification rules. When omitted or set to 0, no aggregation + is done. + :type time_aggregation: int, optional + """ + if enabled is not unset: + kwargs["enabled"] = enabled + if time_aggregation is not unset: + kwargs["time_aggregation"] = time_aggregation + super().__init__(kwargs) + + self_.name = name + self_.selectors = selectors + self_.targets = targets diff --git a/src/datadog_api_client/v2/model/notification_rule.py b/src/datadog_api_client/v2/model/notification_rule.py new file mode 100644 index 0000000000..2ef48a2cc8 --- /dev/null +++ b/src/datadog_api_client/v2/model/notification_rule.py @@ -0,0 +1,57 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.notification_rule_attributes import NotificationRuleAttributes + from datadog_api_client.v2.model.notification_rules_type import NotificationRulesType + + +class NotificationRule(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.notification_rule_attributes import NotificationRuleAttributes + from datadog_api_client.v2.model.notification_rules_type import NotificationRulesType + + return { + "attributes": (NotificationRuleAttributes,), + "id": (str,), + "type": (NotificationRulesType,), + } + + attribute_map = { + "attributes": "attributes", + "id": "id", + "type": "type", + } + + def __init__(self_, attributes: NotificationRuleAttributes, id: str, type: NotificationRulesType, **kwargs): + """ + Notification rules allow full control over notifications generated by the various Datadog security products. + They allow users to define the conditions under which a notification should be generated (based on rule severities, + rule types, rule tags, and so on), and the targets to notify. + A notification rule is composed of a rule ID, a rule type, and the rule attributes. All fields are required. + + :param attributes: Attributes of the notification rule. + :type attributes: NotificationRuleAttributes + + :param id: The ID of a notification rule. + :type id: str + + :param type: The rule type associated to notification rules. + :type type: NotificationRulesType + """ + super().__init__(kwargs) + + self_.attributes = attributes + self_.id = id + self_.type = type diff --git a/src/datadog_api_client/v2/model/notification_rule_attributes.py b/src/datadog_api_client/v2/model/notification_rule_attributes.py new file mode 100644 index 0000000000..7552fa8b17 --- /dev/null +++ b/src/datadog_api_client/v2/model/notification_rule_attributes.py @@ -0,0 +1,120 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import List, Union, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.rule_user import RuleUser + from datadog_api_client.v2.model.selectors import Selectors + + +class NotificationRuleAttributes(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.rule_user import RuleUser + from datadog_api_client.v2.model.selectors import Selectors + + return { + "created_at": (int,), + "created_by": (RuleUser,), + "enabled": (bool,), + "modified_at": (int,), + "modified_by": (RuleUser,), + "name": (str,), + "selectors": (Selectors,), + "targets": ([str],), + "time_aggregation": (int,), + "version": (int,), + } + + attribute_map = { + "created_at": "created_at", + "created_by": "created_by", + "enabled": "enabled", + "modified_at": "modified_at", + "modified_by": "modified_by", + "name": "name", + "selectors": "selectors", + "targets": "targets", + "time_aggregation": "time_aggregation", + "version": "version", + } + + def __init__( + self_, + created_at: int, + created_by: RuleUser, + enabled: bool, + modified_at: int, + modified_by: RuleUser, + name: str, + selectors: Selectors, + targets: List[str], + version: int, + time_aggregation: Union[int, UnsetType] = unset, + **kwargs, + ): + """ + Attributes of the notification rule. + + :param created_at: Date as Unix timestamp in milliseconds. + :type created_at: int + + :param created_by: User creating or modifying a rule. + :type created_by: RuleUser + + :param enabled: Field used to enable or disable the rule. + :type enabled: bool + + :param modified_at: Date as Unix timestamp in milliseconds. + :type modified_at: int + + :param modified_by: User creating or modifying a rule. + :type modified_by: RuleUser + + :param name: Name of the notification rule. + :type name: str + + :param selectors: Selectors are used to filter security issues for which notifications should be generated. + Users can specify rule severities, rule types, a query to filter security issues on tags and attributes, and the trigger source. + Only the trigger_source field is required. + :type selectors: Selectors + + :param targets: List of recipients to notify when a notification rule is triggered. Many different target types are supported, + such as email addresses, Slack channels, and PagerDuty services. + The appropriate integrations need to be properly configured to send notifications to the specified targets. + :type targets: [str] + + :param time_aggregation: Time aggregation period (in seconds) is used to aggregate the results of the notification rule evaluation. + Results are aggregated over a selected time frame using a rolling window, which updates with each new evaluation. + Notifications are only sent for new issues discovered during the window. + Time aggregation is only available for vulnerability-based notification rules. When omitted or set to 0, no aggregation + is done. + :type time_aggregation: int, optional + + :param version: Version of the notification rule. It is updated when the rule is modified. + :type version: int + """ + if time_aggregation is not unset: + kwargs["time_aggregation"] = time_aggregation + super().__init__(kwargs) + + self_.created_at = created_at + self_.created_by = created_by + self_.enabled = enabled + self_.modified_at = modified_at + self_.modified_by = modified_by + self_.name = name + self_.selectors = selectors + self_.targets = targets + self_.version = version diff --git a/src/datadog_api_client/v2/model/notification_rule_response.py b/src/datadog_api_client/v2/model/notification_rule_response.py new file mode 100644 index 0000000000..1dcc78d285 --- /dev/null +++ b/src/datadog_api_client/v2/model/notification_rule_response.py @@ -0,0 +1,45 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import Union, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.notification_rule import NotificationRule + + +class NotificationRuleResponse(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.notification_rule import NotificationRule + + return { + "data": (NotificationRule,), + } + + attribute_map = { + "data": "data", + } + + def __init__(self_, data: Union[NotificationRule, UnsetType] = unset, **kwargs): + """ + Response object which includes a notification rule. + + :param data: Notification rules allow full control over notifications generated by the various Datadog security products. + They allow users to define the conditions under which a notification should be generated (based on rule severities, + rule types, rule tags, and so on), and the targets to notify. + A notification rule is composed of a rule ID, a rule type, and the rule attributes. All fields are required. + :type data: NotificationRule, optional + """ + if data is not unset: + kwargs["data"] = data + super().__init__(kwargs) diff --git a/src/datadog_api_client/v2/model/notification_rules_type.py b/src/datadog_api_client/v2/model/notification_rules_type.py new file mode 100644 index 0000000000..ee375b12a5 --- /dev/null +++ b/src/datadog_api_client/v2/model/notification_rules_type.py @@ -0,0 +1,35 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelSimple, + cached_property, +) + +from typing import ClassVar + + +class NotificationRulesType(ModelSimple): + """ + The rule type associated to notification rules. + + :param value: If omitted defaults to "notification_rules". Must be one of ["notification_rules"]. + :type value: str + """ + + allowed_values = { + "notification_rules", + } + NOTIFICATION_RULES: ClassVar["NotificationRulesType"] + + @cached_property + def openapi_types(_): + return { + "value": (str,), + } + + +NotificationRulesType.NOTIFICATION_RULES = NotificationRulesType("notification_rules") diff --git a/src/datadog_api_client/v2/model/patch_notification_rule_parameters.py b/src/datadog_api_client/v2/model/patch_notification_rule_parameters.py new file mode 100644 index 0000000000..eca361bb36 --- /dev/null +++ b/src/datadog_api_client/v2/model/patch_notification_rule_parameters.py @@ -0,0 +1,44 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import Union, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.patch_notification_rule_parameters_data import PatchNotificationRuleParametersData + + +class PatchNotificationRuleParameters(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.patch_notification_rule_parameters_data import ( + PatchNotificationRuleParametersData, + ) + + return { + "data": (PatchNotificationRuleParametersData,), + } + + attribute_map = { + "data": "data", + } + + def __init__(self_, data: Union[PatchNotificationRuleParametersData, UnsetType] = unset, **kwargs): + """ + Body of the notification rule patch request. + + :param data: Data of the notification rule patch request: the rule ID, the rule type, and the rule attributes. All fields are required. + :type data: PatchNotificationRuleParametersData, optional + """ + if data is not unset: + kwargs["data"] = data + super().__init__(kwargs) diff --git a/src/datadog_api_client/v2/model/patch_notification_rule_parameters_data.py b/src/datadog_api_client/v2/model/patch_notification_rule_parameters_data.py new file mode 100644 index 0000000000..68ecda6ed6 --- /dev/null +++ b/src/datadog_api_client/v2/model/patch_notification_rule_parameters_data.py @@ -0,0 +1,60 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.patch_notification_rule_parameters_data_attributes import ( + PatchNotificationRuleParametersDataAttributes, + ) + from datadog_api_client.v2.model.notification_rules_type import NotificationRulesType + + +class PatchNotificationRuleParametersData(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.patch_notification_rule_parameters_data_attributes import ( + PatchNotificationRuleParametersDataAttributes, + ) + from datadog_api_client.v2.model.notification_rules_type import NotificationRulesType + + return { + "attributes": (PatchNotificationRuleParametersDataAttributes,), + "id": (str,), + "type": (NotificationRulesType,), + } + + attribute_map = { + "attributes": "attributes", + "id": "id", + "type": "type", + } + + def __init__( + self_, attributes: PatchNotificationRuleParametersDataAttributes, id: str, type: NotificationRulesType, **kwargs + ): + """ + Data of the notification rule patch request: the rule ID, the rule type, and the rule attributes. All fields are required. + + :param attributes: Attributes of the notification rule patch request. It is required to update the version of the rule when patching it. + :type attributes: PatchNotificationRuleParametersDataAttributes + + :param id: The ID of a notification rule. + :type id: str + + :param type: The rule type associated to notification rules. + :type type: NotificationRulesType + """ + super().__init__(kwargs) + + self_.attributes = attributes + self_.id = id + self_.type = type diff --git a/src/datadog_api_client/v2/model/patch_notification_rule_parameters_data_attributes.py b/src/datadog_api_client/v2/model/patch_notification_rule_parameters_data_attributes.py new file mode 100644 index 0000000000..4d37c94b2e --- /dev/null +++ b/src/datadog_api_client/v2/model/patch_notification_rule_parameters_data_attributes.py @@ -0,0 +1,94 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import List, Union, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.selectors import Selectors + + +class PatchNotificationRuleParametersDataAttributes(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.selectors import Selectors + + return { + "enabled": (bool,), + "name": (str,), + "selectors": (Selectors,), + "targets": ([str],), + "time_aggregation": (int,), + "version": (int,), + } + + attribute_map = { + "enabled": "enabled", + "name": "name", + "selectors": "selectors", + "targets": "targets", + "time_aggregation": "time_aggregation", + "version": "version", + } + + def __init__( + self_, + enabled: Union[bool, UnsetType] = unset, + name: Union[str, UnsetType] = unset, + selectors: Union[Selectors, UnsetType] = unset, + targets: Union[List[str], UnsetType] = unset, + time_aggregation: Union[int, UnsetType] = unset, + version: Union[int, UnsetType] = unset, + **kwargs, + ): + """ + Attributes of the notification rule patch request. It is required to update the version of the rule when patching it. + + :param enabled: Field used to enable or disable the rule. + :type enabled: bool, optional + + :param name: Name of the notification rule. + :type name: str, optional + + :param selectors: Selectors are used to filter security issues for which notifications should be generated. + Users can specify rule severities, rule types, a query to filter security issues on tags and attributes, and the trigger source. + Only the trigger_source field is required. + :type selectors: Selectors, optional + + :param targets: List of recipients to notify when a notification rule is triggered. Many different target types are supported, + such as email addresses, Slack channels, and PagerDuty services. + The appropriate integrations need to be properly configured to send notifications to the specified targets. + :type targets: [str], optional + + :param time_aggregation: Time aggregation period (in seconds) is used to aggregate the results of the notification rule evaluation. + Results are aggregated over a selected time frame using a rolling window, which updates with each new evaluation. + Notifications are only sent for new issues discovered during the window. + Time aggregation is only available for vulnerability-based notification rules. When omitted or set to 0, no aggregation + is done. + :type time_aggregation: int, optional + + :param version: Version of the notification rule. It is updated when the rule is modified. + :type version: int, optional + """ + if enabled is not unset: + kwargs["enabled"] = enabled + if name is not unset: + kwargs["name"] = name + if selectors is not unset: + kwargs["selectors"] = selectors + if targets is not unset: + kwargs["targets"] = targets + if time_aggregation is not unset: + kwargs["time_aggregation"] = time_aggregation + if version is not unset: + kwargs["version"] = version + super().__init__(kwargs) diff --git a/src/datadog_api_client/v2/model/rule_severity.py b/src/datadog_api_client/v2/model/rule_severity.py new file mode 100644 index 0000000000..2428b5b42e --- /dev/null +++ b/src/datadog_api_client/v2/model/rule_severity.py @@ -0,0 +1,50 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelSimple, + cached_property, +) + +from typing import ClassVar + + +class RuleSeverity(ModelSimple): + """ + Severity of a security rule. + + :param value: Must be one of ["critical", "high", "medium", "low", "unknown", "info"]. + :type value: str + """ + + allowed_values = { + "critical", + "high", + "medium", + "low", + "unknown", + "info", + } + CRITICAL: ClassVar["RuleSeverity"] + HIGH: ClassVar["RuleSeverity"] + MEDIUM: ClassVar["RuleSeverity"] + LOW: ClassVar["RuleSeverity"] + UNKNOWN: ClassVar["RuleSeverity"] + INFO: ClassVar["RuleSeverity"] + + @cached_property + def openapi_types(_): + return { + "value": (str,), + } + + +RuleSeverity.CRITICAL = RuleSeverity("critical") +RuleSeverity.HIGH = RuleSeverity("high") +RuleSeverity.MEDIUM = RuleSeverity("medium") +RuleSeverity.LOW = RuleSeverity("low") +RuleSeverity.UNKNOWN = RuleSeverity("unknown") +RuleSeverity.INFO = RuleSeverity("info") diff --git a/src/datadog_api_client/v2/model/rule_types_items.py b/src/datadog_api_client/v2/model/rule_types_items.py new file mode 100644 index 0000000000..43981ece9e --- /dev/null +++ b/src/datadog_api_client/v2/model/rule_types_items.py @@ -0,0 +1,75 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelSimple, + cached_property, +) + +from typing import ClassVar + + +class RuleTypesItems(ModelSimple): + """ + Security rule types which can be used in notification rules. + Signal-based notification rules can filter signals based on rule types application_security, log_detection, + workload_security, signal_correlation, cloud_configuration and infrastructure_configuration. + Vulnerability-based notification rules can filter vulnerabilities based on rule types application_code_vulnerability, + application_library_vulnerability, attack_path, container_image_vulnerability, identity_risk, misconfiguration, and api_security. + + :param value: Must be one of ["application_security", "log_detection", "workload_security", "signal_correlation", "cloud_configuration", "infrastructure_configuration", "application_code_vulnerability", "application_library_vulnerability", "attack_path", "container_image_vulnerability", "identity_risk", "misconfiguration", "api_security"]. + :type value: str + """ + + allowed_values = { + "application_security", + "log_detection", + "workload_security", + "signal_correlation", + "cloud_configuration", + "infrastructure_configuration", + "application_code_vulnerability", + "application_library_vulnerability", + "attack_path", + "container_image_vulnerability", + "identity_risk", + "misconfiguration", + "api_security", + } + APPLICATION_SECURITY: ClassVar["RuleTypesItems"] + LOG_DETECTION: ClassVar["RuleTypesItems"] + WORKLOAD_SECURITY: ClassVar["RuleTypesItems"] + SIGNAL_CORRELATION: ClassVar["RuleTypesItems"] + CLOUD_CONFIGURATION: ClassVar["RuleTypesItems"] + INFRASTRUCTURE_CONFIGURATION: ClassVar["RuleTypesItems"] + APPLICATION_CODE_VULNERABILITY: ClassVar["RuleTypesItems"] + APPLICATION_LIBRARY_VULNERABILITY: ClassVar["RuleTypesItems"] + ATTACK_PATH: ClassVar["RuleTypesItems"] + CONTAINER_IMAGE_VULNERABILITY: ClassVar["RuleTypesItems"] + IDENTITY_RISK: ClassVar["RuleTypesItems"] + MISCONFIGURATION: ClassVar["RuleTypesItems"] + API_SECURITY: ClassVar["RuleTypesItems"] + + @cached_property + def openapi_types(_): + return { + "value": (str,), + } + + +RuleTypesItems.APPLICATION_SECURITY = RuleTypesItems("application_security") +RuleTypesItems.LOG_DETECTION = RuleTypesItems("log_detection") +RuleTypesItems.WORKLOAD_SECURITY = RuleTypesItems("workload_security") +RuleTypesItems.SIGNAL_CORRELATION = RuleTypesItems("signal_correlation") +RuleTypesItems.CLOUD_CONFIGURATION = RuleTypesItems("cloud_configuration") +RuleTypesItems.INFRASTRUCTURE_CONFIGURATION = RuleTypesItems("infrastructure_configuration") +RuleTypesItems.APPLICATION_CODE_VULNERABILITY = RuleTypesItems("application_code_vulnerability") +RuleTypesItems.APPLICATION_LIBRARY_VULNERABILITY = RuleTypesItems("application_library_vulnerability") +RuleTypesItems.ATTACK_PATH = RuleTypesItems("attack_path") +RuleTypesItems.CONTAINER_IMAGE_VULNERABILITY = RuleTypesItems("container_image_vulnerability") +RuleTypesItems.IDENTITY_RISK = RuleTypesItems("identity_risk") +RuleTypesItems.MISCONFIGURATION = RuleTypesItems("misconfiguration") +RuleTypesItems.API_SECURITY = RuleTypesItems("api_security") diff --git a/src/datadog_api_client/v2/model/rule_user.py b/src/datadog_api_client/v2/model/rule_user.py new file mode 100644 index 0000000000..a3f746b641 --- /dev/null +++ b/src/datadog_api_client/v2/model/rule_user.py @@ -0,0 +1,43 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import Union + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +class RuleUser(ModelNormal): + @cached_property + def openapi_types(_): + return { + "handle": (str,), + "name": (str,), + } + + attribute_map = { + "handle": "handle", + "name": "name", + } + + def __init__(self_, handle: Union[str, UnsetType] = unset, name: Union[str, UnsetType] = unset, **kwargs): + """ + User creating or modifying a rule. + + :param handle: The user handle. + :type handle: str, optional + + :param name: The user name. + :type name: str, optional + """ + if handle is not unset: + kwargs["handle"] = handle + if name is not unset: + kwargs["name"] = name + super().__init__(kwargs) diff --git a/src/datadog_api_client/v2/model/selectors.py b/src/datadog_api_client/v2/model/selectors.py new file mode 100644 index 0000000000..e154cf04b8 --- /dev/null +++ b/src/datadog_api_client/v2/model/selectors.py @@ -0,0 +1,77 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import List, Union, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.rule_types_items import RuleTypesItems + from datadog_api_client.v2.model.rule_severity import RuleSeverity + from datadog_api_client.v2.model.trigger_source import TriggerSource + + +class Selectors(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.rule_types_items import RuleTypesItems + from datadog_api_client.v2.model.rule_severity import RuleSeverity + from datadog_api_client.v2.model.trigger_source import TriggerSource + + return { + "query": (str,), + "rule_types": ([RuleTypesItems],), + "severities": ([RuleSeverity],), + "trigger_source": (TriggerSource,), + } + + attribute_map = { + "query": "query", + "rule_types": "rule_types", + "severities": "severities", + "trigger_source": "trigger_source", + } + + def __init__( + self_, + trigger_source: TriggerSource, + query: Union[str, UnsetType] = unset, + rule_types: Union[List[RuleTypesItems], UnsetType] = unset, + severities: Union[List[RuleSeverity], UnsetType] = unset, + **kwargs, + ): + """ + Selectors are used to filter security issues for which notifications should be generated. + Users can specify rule severities, rule types, a query to filter security issues on tags and attributes, and the trigger source. + Only the trigger_source field is required. + + :param query: The query is composed of one or several key:value pairs, which can be used to filter security issues on tags and attributes. + :type query: str, optional + + :param rule_types: Security rule types used to filter signals and vulnerabilities generating notifications. + :type rule_types: [RuleTypesItems], optional + + :param severities: The security rules severities to consider. + :type severities: [RuleSeverity], optional + + :param trigger_source: The type of security issues on which the rule applies. Notification rules based on security signals need to use the trigger source "security_signals", + while notification rules based on security vulnerabilities need to use the trigger source "security_findings". + :type trigger_source: TriggerSource + """ + if query is not unset: + kwargs["query"] = query + if rule_types is not unset: + kwargs["rule_types"] = rule_types + if severities is not unset: + kwargs["severities"] = severities + super().__init__(kwargs) + + self_.trigger_source = trigger_source diff --git a/src/datadog_api_client/v2/model/trigger_source.py b/src/datadog_api_client/v2/model/trigger_source.py new file mode 100644 index 0000000000..7efd4da0f3 --- /dev/null +++ b/src/datadog_api_client/v2/model/trigger_source.py @@ -0,0 +1,39 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelSimple, + cached_property, +) + +from typing import ClassVar + + +class TriggerSource(ModelSimple): + """ + The type of security issues on which the rule applies. Notification rules based on security signals need to use the trigger source "security_signals", + while notification rules based on security vulnerabilities need to use the trigger source "security_findings". + + :param value: Must be one of ["security_findings", "security_signals"]. + :type value: str + """ + + allowed_values = { + "security_findings", + "security_signals", + } + SECURITY_FINDINGS: ClassVar["TriggerSource"] + SECURITY_SIGNALS: ClassVar["TriggerSource"] + + @cached_property + def openapi_types(_): + return { + "value": (str,), + } + + +TriggerSource.SECURITY_FINDINGS = TriggerSource("security_findings") +TriggerSource.SECURITY_SIGNALS = TriggerSource("security_signals") diff --git a/src/datadog_api_client/v2/models/__init__.py b/src/datadog_api_client/v2/models/__init__.py index 597d3ae491..ae4d4c901f 100644 --- a/src/datadog_api_client/v2/models/__init__.py +++ b/src/datadog_api_client/v2/models/__init__.py @@ -481,6 +481,11 @@ CreateDataDeletionRequestBodyDataType, ) from datadog_api_client.v2.model.create_data_deletion_response_body import CreateDataDeletionResponseBody +from datadog_api_client.v2.model.create_notification_rule_parameters import CreateNotificationRuleParameters +from datadog_api_client.v2.model.create_notification_rule_parameters_data import CreateNotificationRuleParametersData +from datadog_api_client.v2.model.create_notification_rule_parameters_data_attributes import ( + CreateNotificationRuleParametersDataAttributes, +) from datadog_api_client.v2.model.create_open_api_response import CreateOpenAPIResponse from datadog_api_client.v2.model.create_open_api_response_attributes import CreateOpenAPIResponseAttributes from datadog_api_client.v2.model.create_open_api_response_data import CreateOpenAPIResponseData @@ -1463,6 +1468,10 @@ from datadog_api_client.v2.model.monthly_cost_attribution_meta import MonthlyCostAttributionMeta from datadog_api_client.v2.model.monthly_cost_attribution_pagination import MonthlyCostAttributionPagination from datadog_api_client.v2.model.monthly_cost_attribution_response import MonthlyCostAttributionResponse +from datadog_api_client.v2.model.notification_rule import NotificationRule +from datadog_api_client.v2.model.notification_rule_attributes import NotificationRuleAttributes +from datadog_api_client.v2.model.notification_rule_response import NotificationRuleResponse +from datadog_api_client.v2.model.notification_rules_type import NotificationRulesType from datadog_api_client.v2.model.nullable_relationship_to_user import NullableRelationshipToUser from datadog_api_client.v2.model.nullable_relationship_to_user_data import NullableRelationshipToUserData from datadog_api_client.v2.model.nullable_user_relationship import NullableUserRelationship @@ -1529,6 +1538,11 @@ from datadog_api_client.v2.model.partial_application_key import PartialApplicationKey from datadog_api_client.v2.model.partial_application_key_attributes import PartialApplicationKeyAttributes from datadog_api_client.v2.model.partial_application_key_response import PartialApplicationKeyResponse +from datadog_api_client.v2.model.patch_notification_rule_parameters import PatchNotificationRuleParameters +from datadog_api_client.v2.model.patch_notification_rule_parameters_data import PatchNotificationRuleParametersData +from datadog_api_client.v2.model.patch_notification_rule_parameters_data_attributes import ( + PatchNotificationRuleParametersDataAttributes, +) from datadog_api_client.v2.model.permission import Permission from datadog_api_client.v2.model.permission_attributes import PermissionAttributes from datadog_api_client.v2.model.permissions_response import PermissionsResponse @@ -1722,7 +1736,10 @@ from datadog_api_client.v2.model.roles_type import RolesType from datadog_api_client.v2.model.rule_attributes import RuleAttributes from datadog_api_client.v2.model.rule_outcome_relationships import RuleOutcomeRelationships +from datadog_api_client.v2.model.rule_severity import RuleSeverity from datadog_api_client.v2.model.rule_type import RuleType +from datadog_api_client.v2.model.rule_types_items import RuleTypesItems +from datadog_api_client.v2.model.rule_user import RuleUser from datadog_api_client.v2.model.rum_metric_compute import RumMetricCompute from datadog_api_client.v2.model.rum_metric_compute_aggregation_type import RumMetricComputeAggregationType from datadog_api_client.v2.model.rum_metric_create_attributes import RumMetricCreateAttributes @@ -1974,6 +1991,7 @@ ) from datadog_api_client.v2.model.security_monitoring_triage_user import SecurityMonitoringTriageUser from datadog_api_client.v2.model.security_monitoring_user import SecurityMonitoringUser +from datadog_api_client.v2.model.selectors import Selectors from datadog_api_client.v2.model.sensitive_data_scanner_config_request import SensitiveDataScannerConfigRequest from datadog_api_client.v2.model.sensitive_data_scanner_configuration import SensitiveDataScannerConfiguration from datadog_api_client.v2.model.sensitive_data_scanner_configuration_data import SensitiveDataScannerConfigurationData @@ -2264,6 +2282,7 @@ from datadog_api_client.v2.model.timeseries_response_values import TimeseriesResponseValues from datadog_api_client.v2.model.timeseries_response_values_list import TimeseriesResponseValuesList from datadog_api_client.v2.model.token_type import TokenType +from datadog_api_client.v2.model.trigger_source import TriggerSource from datadog_api_client.v2.model.unit import Unit from datadog_api_client.v2.model.update_action_connection_request import UpdateActionConnectionRequest from datadog_api_client.v2.model.update_action_connection_response import UpdateActionConnectionResponse @@ -2791,6 +2810,9 @@ "CreateDataDeletionRequestBodyData", "CreateDataDeletionRequestBodyDataType", "CreateDataDeletionResponseBody", + "CreateNotificationRuleParameters", + "CreateNotificationRuleParametersData", + "CreateNotificationRuleParametersDataAttributes", "CreateOpenAPIResponse", "CreateOpenAPIResponseAttributes", "CreateOpenAPIResponseData", @@ -3579,6 +3601,10 @@ "MonthlyCostAttributionMeta", "MonthlyCostAttributionPagination", "MonthlyCostAttributionResponse", + "NotificationRule", + "NotificationRuleAttributes", + "NotificationRuleResponse", + "NotificationRulesType", "NullableRelationshipToUser", "NullableRelationshipToUserData", "NullableUserRelationship", @@ -3643,6 +3669,9 @@ "PartialApplicationKey", "PartialApplicationKeyAttributes", "PartialApplicationKeyResponse", + "PatchNotificationRuleParameters", + "PatchNotificationRuleParametersData", + "PatchNotificationRuleParametersDataAttributes", "Permission", "PermissionAttributes", "PermissionsResponse", @@ -3824,7 +3853,10 @@ "RolesType", "RuleAttributes", "RuleOutcomeRelationships", + "RuleSeverity", "RuleType", + "RuleTypesItems", + "RuleUser", "RumMetricCompute", "RumMetricComputeAggregationType", "RumMetricCreateAttributes", @@ -3994,6 +4026,7 @@ "SecurityMonitoringThirdPartyRuleCaseCreate", "SecurityMonitoringTriageUser", "SecurityMonitoringUser", + "Selectors", "SensitiveDataScannerConfigRequest", "SensitiveDataScannerConfiguration", "SensitiveDataScannerConfigurationData", @@ -4236,6 +4269,7 @@ "TimeseriesResponseValues", "TimeseriesResponseValuesList", "TokenType", + "TriggerSource", "Unit", "UpdateActionConnectionRequest", "UpdateActionConnectionResponse", diff --git a/tests/v2/cassettes/test_scenarios/test_create_a_new_signalbased_rule_returns_successfully_created_the_notification_rule_response.frozen b/tests/v2/cassettes/test_scenarios/test_create_a_new_signalbased_rule_returns_successfully_created_the_notification_rule_response.frozen new file mode 100644 index 0000000000..b050340484 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_create_a_new_signalbased_rule_returns_successfully_created_the_notification_rule_response.frozen @@ -0,0 +1 @@ +2025-01-23T10:35:59.157Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_create_a_new_signalbased_rule_returns_successfully_created_the_notification_rule_response.yaml b/tests/v2/cassettes/test_scenarios/test_create_a_new_signalbased_rule_returns_successfully_created_the_notification_rule_response.yaml new file mode 100644 index 0000000000..2055b153c9 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_create_a_new_signalbased_rule_returns_successfully_created_the_notification_rule_response.yaml @@ -0,0 +1,38 @@ +interactions: +- request: + body: '{"data":{"attributes":{"enabled":true,"name":"Rule 1","selectors":{"query":"(source:production_service + OR env:prod)","rule_types":["misconfiguration","attack_path"],"severities":["critical"],"trigger_source":"security_findings"},"targets":["@john.doe@email.com"],"time_aggregation":86400},"type":"notification_rules"}}' + headers: + accept: + - application/json + content-type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules + response: + body: + string: '{"data":{"id":"xen-2ux-w4q","type":"notification_rules","attributes":{"created_at":1737628559636,"created_by":{"name":"CI + Account","handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca"},"enabled":true,"modified_at":1737628559636,"modified_by":{"name":"CI + Account","handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca"},"name":"Rule 1","selectors":{"severities":["critical"],"rule_types":["misconfiguration","attack_path"],"query":"(source:production_service + OR env:prod)","trigger_source":"security_findings"},"targets":["@john.doe@email.com"],"time_aggregation":86400,"version":1}}}' + headers: + content-type: + - application/vnd.api+json + status: + code: 201 + message: Created +- request: + body: null + headers: + accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules/xen-2ux-w4q + response: + body: + string: '' + headers: {} + status: + code: 204 + message: No Content +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_create_a_new_vulnerabilitybased_rule_returns_successfully_created_the_notification_rule_response.frozen b/tests/v2/cassettes/test_scenarios/test_create_a_new_vulnerabilitybased_rule_returns_successfully_created_the_notification_rule_response.frozen new file mode 100644 index 0000000000..4df775f848 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_create_a_new_vulnerabilitybased_rule_returns_successfully_created_the_notification_rule_response.frozen @@ -0,0 +1 @@ +2025-01-23T10:35:59.776Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_create_a_new_vulnerabilitybased_rule_returns_successfully_created_the_notification_rule_response.yaml b/tests/v2/cassettes/test_scenarios/test_create_a_new_vulnerabilitybased_rule_returns_successfully_created_the_notification_rule_response.yaml new file mode 100644 index 0000000000..44bead0944 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_create_a_new_vulnerabilitybased_rule_returns_successfully_created_the_notification_rule_response.yaml @@ -0,0 +1,38 @@ +interactions: +- request: + body: '{"data":{"attributes":{"enabled":true,"name":"Rule 1","selectors":{"query":"(source:production_service + OR env:prod)","rule_types":["misconfiguration","attack_path"],"severities":["critical"],"trigger_source":"security_findings"},"targets":["@john.doe@email.com"],"time_aggregation":86400},"type":"notification_rules"}}' + headers: + accept: + - application/json + content-type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules + response: + body: + string: '{"data":{"id":"757-rvr-pnu","type":"notification_rules","attributes":{"created_at":1737628559864,"created_by":{"name":"CI + Account","handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca"},"enabled":true,"modified_at":1737628559864,"modified_by":{"name":"CI + Account","handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca"},"name":"Rule 1","selectors":{"severities":["critical"],"rule_types":["misconfiguration","attack_path"],"query":"(source:production_service + OR env:prod)","trigger_source":"security_findings"},"targets":["@john.doe@email.com"],"time_aggregation":86400,"version":1}}}' + headers: + content-type: + - application/vnd.api+json + status: + code: 201 + message: Created +- request: + body: null + headers: + accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/757-rvr-pnu + response: + body: + string: '' + headers: {} + status: + code: 204 + message: No Content +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_delete_a_signalbased_rule_returns_not_found_response.frozen b/tests/v2/cassettes/test_scenarios/test_delete_a_signalbased_rule_returns_not_found_response.frozen new file mode 100644 index 0000000000..5ed3da9969 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_delete_a_signalbased_rule_returns_not_found_response.frozen @@ -0,0 +1 @@ +2025-01-22T09:50:04.605Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_delete_a_signalbased_rule_returns_not_found_response.yaml b/tests/v2/cassettes/test_scenarios/test_delete_a_signalbased_rule_returns_not_found_response.yaml new file mode 100644 index 0000000000..78f3f1d939 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_delete_a_signalbased_rule_returns_not_found_response.yaml @@ -0,0 +1,19 @@ +interactions: +- request: + body: null + headers: + accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules/000-000-000 + response: + body: + string: '{"errors":["not_found(Notification rule with id ''000-000-000'' not + found)"]}' + headers: + content-type: + - application/json + status: + code: 404 + message: Not Found +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_delete_a_signalbased_rule_returns_rule_successfully_deleted_response.frozen b/tests/v2/cassettes/test_scenarios/test_delete_a_signalbased_rule_returns_rule_successfully_deleted_response.frozen new file mode 100644 index 0000000000..5b9cab2f5f --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_delete_a_signalbased_rule_returns_rule_successfully_deleted_response.frozen @@ -0,0 +1 @@ +2025-01-22T09:50:05.107Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_delete_a_signalbased_rule_returns_rule_successfully_deleted_response.yaml b/tests/v2/cassettes/test_scenarios/test_delete_a_signalbased_rule_returns_rule_successfully_deleted_response.yaml new file mode 100644 index 0000000000..3c04479337 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_delete_a_signalbased_rule_returns_rule_successfully_deleted_response.yaml @@ -0,0 +1,51 @@ +interactions: +- request: + body: '{"data":{"attributes":{"enabled":true,"name":"Test-Delete_a_signal_based_rule_returns_Rule_successfully_deleted_response-1737539405","selectors":{"query":"env:test","rule_types":["signal_correlation"],"severities":["critical"],"trigger_source":"security_signals"},"targets":["@email@email.com"]},"type":"notification_rules"}}' + headers: + accept: + - application/json + content-type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules + response: + body: + string: '{"data":{"id":"ukc-0jn-maf","type":"notification_rules","attributes":{"created_at":1737539405540,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1737539405540,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Delete_a_signal_based_rule_returns_Rule_successfully_deleted_response-1737539405","selectors":{"severities":["critical"],"rule_types":["signal_correlation"],"query":"env:test","trigger_source":"security_signals"},"targets":["@email@email.com"],"time_aggregation":0,"version":1}}}' + headers: + content-type: + - application/vnd.api+json + status: + code: 201 + message: Created +- request: + body: null + headers: + accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules/ukc-0jn-maf + response: + body: + string: '' + headers: {} + status: + code: 204 + message: No Content +- request: + body: null + headers: + accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules/ukc-0jn-maf + response: + body: + string: '{"errors":["not_found(Notification rule with id ''ukc-0jn-maf'' not + found)"]}' + headers: + content-type: + - application/json + status: + code: 404 + message: Not Found +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_delete_a_vulnerabilitybased_rule_returns_not_found_response.frozen b/tests/v2/cassettes/test_scenarios/test_delete_a_vulnerabilitybased_rule_returns_not_found_response.frozen new file mode 100644 index 0000000000..31d1497fde --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_delete_a_vulnerabilitybased_rule_returns_not_found_response.frozen @@ -0,0 +1 @@ +2025-01-22T09:50:08.134Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_delete_a_vulnerabilitybased_rule_returns_not_found_response.yaml b/tests/v2/cassettes/test_scenarios/test_delete_a_vulnerabilitybased_rule_returns_not_found_response.yaml new file mode 100644 index 0000000000..68f4f225ee --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_delete_a_vulnerabilitybased_rule_returns_not_found_response.yaml @@ -0,0 +1,19 @@ +interactions: +- request: + body: null + headers: + accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/000-000-000 + response: + body: + string: '{"errors":["not_found(Notification rule with id ''000-000-000'' not + found)"]}' + headers: + content-type: + - application/json + status: + code: 404 + message: Not Found +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_delete_a_vulnerabilitybased_rule_returns_rule_successfully_deleted_response.frozen b/tests/v2/cassettes/test_scenarios/test_delete_a_vulnerabilitybased_rule_returns_rule_successfully_deleted_response.frozen new file mode 100644 index 0000000000..f80fa53089 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_delete_a_vulnerabilitybased_rule_returns_rule_successfully_deleted_response.frozen @@ -0,0 +1 @@ +2025-01-22T09:50:08.640Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_delete_a_vulnerabilitybased_rule_returns_rule_successfully_deleted_response.yaml b/tests/v2/cassettes/test_scenarios/test_delete_a_vulnerabilitybased_rule_returns_rule_successfully_deleted_response.yaml new file mode 100644 index 0000000000..b4d6ec909b --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_delete_a_vulnerabilitybased_rule_returns_rule_successfully_deleted_response.yaml @@ -0,0 +1,51 @@ +interactions: +- request: + body: '{"data":{"attributes":{"enabled":true,"name":"Test-Delete_a_vulnerability_based_rule_returns_Rule_successfully_deleted_response-1737539408","selectors":{"query":"env:test","rule_types":["misconfiguration","attack_path"],"severities":["critical"],"trigger_source":"security_findings"},"targets":["@email@email.com"],"time_aggregation":86400},"type":"notification_rules"}}' + headers: + accept: + - application/json + content-type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules + response: + body: + string: '{"data":{"id":"qip-ygy-7ke","type":"notification_rules","attributes":{"created_at":1737539409090,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1737539409090,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Delete_a_vulnerability_based_rule_returns_Rule_successfully_deleted_response-1737539408","selectors":{"severities":["critical"],"rule_types":["misconfiguration","attack_path"],"query":"env:test","trigger_source":"security_findings"},"targets":["@email@email.com"],"time_aggregation":86400,"version":1}}}' + headers: + content-type: + - application/vnd.api+json + status: + code: 201 + message: Created +- request: + body: null + headers: + accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/qip-ygy-7ke + response: + body: + string: '' + headers: {} + status: + code: 204 + message: No Content +- request: + body: null + headers: + accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/qip-ygy-7ke + response: + body: + string: '{"errors":["not_found(Notification rule with id ''qip-ygy-7ke'' not + found)"]}' + headers: + content-type: + - application/json + status: + code: 404 + message: Not Found +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_get_details_of_a_signalbased_rule_returns_not_found_response.frozen b/tests/v2/cassettes/test_scenarios/test_get_details_of_a_signalbased_rule_returns_not_found_response.frozen new file mode 100644 index 0000000000..6d4de62a52 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_get_details_of_a_signalbased_rule_returns_not_found_response.frozen @@ -0,0 +1 @@ +2025-01-22T09:50:23.414Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_get_details_of_a_signalbased_rule_returns_not_found_response.yaml b/tests/v2/cassettes/test_scenarios/test_get_details_of_a_signalbased_rule_returns_not_found_response.yaml new file mode 100644 index 0000000000..d689f8247a --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_get_details_of_a_signalbased_rule_returns_not_found_response.yaml @@ -0,0 +1,19 @@ +interactions: +- request: + body: null + headers: + accept: + - application/json + method: GET + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules/000-000-000 + response: + body: + string: '{"errors":["not_found(Notification rule with id ''000-000-000'' not + found)"]}' + headers: + content-type: + - application/json + status: + code: 404 + message: Not Found +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_get_details_of_a_signalbased_rule_returns_notification_rule_details_response.frozen b/tests/v2/cassettes/test_scenarios/test_get_details_of_a_signalbased_rule_returns_notification_rule_details_response.frozen new file mode 100644 index 0000000000..fe7b63784c --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_get_details_of_a_signalbased_rule_returns_notification_rule_details_response.frozen @@ -0,0 +1 @@ +2025-01-22T09:50:23.939Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_get_details_of_a_signalbased_rule_returns_notification_rule_details_response.yaml b/tests/v2/cassettes/test_scenarios/test_get_details_of_a_signalbased_rule_returns_notification_rule_details_response.yaml new file mode 100644 index 0000000000..7ea6f8502a --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_get_details_of_a_signalbased_rule_returns_notification_rule_details_response.yaml @@ -0,0 +1,50 @@ +interactions: +- request: + body: '{"data":{"attributes":{"enabled":true,"name":"Test-Get_details_of_a_signal_based_rule_returns_Notification_rule_details_response-1737539423","selectors":{"query":"env:test","rule_types":["signal_correlation"],"severities":["critical"],"trigger_source":"security_signals"},"targets":["@email@email.com"]},"type":"notification_rules"}}' + headers: + accept: + - application/json + content-type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules + response: + body: + string: '{"data":{"id":"t8x-amt-d52","type":"notification_rules","attributes":{"created_at":1737539424372,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1737539424372,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Get_details_of_a_signal_based_rule_returns_Notification_rule_details_response-1737539423","selectors":{"severities":["critical"],"rule_types":["signal_correlation"],"query":"env:test","trigger_source":"security_signals"},"targets":["@email@email.com"],"time_aggregation":0,"version":1}}}' + headers: + content-type: + - application/vnd.api+json + status: + code: 201 + message: Created +- request: + body: null + headers: + accept: + - application/json + method: GET + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules/t8x-amt-d52 + response: + body: + string: '{"data":{"id":"t8x-amt-d52","type":"notification_rules","attributes":{"created_at":1737539424372,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1737539424372,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Get_details_of_a_signal_based_rule_returns_Notification_rule_details_response-1737539423","selectors":{"severities":["critical"],"rule_types":["signal_correlation"],"query":"env:test","trigger_source":"security_signals"},"targets":["@email@email.com"],"time_aggregation":0,"version":1}}}' + headers: + content-type: + - application/vnd.api+json + status: + code: 200 + message: OK +- request: + body: null + headers: + accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules/t8x-amt-d52 + response: + body: + string: '' + headers: {} + status: + code: 204 + message: No Content +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_get_details_of_a_vulnerabilitybased_rule_returns_not_found_response.frozen b/tests/v2/cassettes/test_scenarios/test_get_details_of_a_vulnerabilitybased_rule_returns_not_found_response.frozen new file mode 100644 index 0000000000..d1e8767198 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_get_details_of_a_vulnerabilitybased_rule_returns_not_found_response.frozen @@ -0,0 +1 @@ +2025-01-22T09:50:25.480Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_get_details_of_a_vulnerabilitybased_rule_returns_not_found_response.yaml b/tests/v2/cassettes/test_scenarios/test_get_details_of_a_vulnerabilitybased_rule_returns_not_found_response.yaml new file mode 100644 index 0000000000..5bd7a58b51 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_get_details_of_a_vulnerabilitybased_rule_returns_not_found_response.yaml @@ -0,0 +1,19 @@ +interactions: +- request: + body: null + headers: + accept: + - application/json + method: GET + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/000-000-000 + response: + body: + string: '{"errors":["not_found(Notification rule with id ''000-000-000'' not + found)"]}' + headers: + content-type: + - application/json + status: + code: 404 + message: Not Found +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_get_details_of_a_vulnerabilitybased_rule_returns_notification_rule_details_response.frozen b/tests/v2/cassettes/test_scenarios/test_get_details_of_a_vulnerabilitybased_rule_returns_notification_rule_details_response.frozen new file mode 100644 index 0000000000..1aed5057f5 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_get_details_of_a_vulnerabilitybased_rule_returns_notification_rule_details_response.frozen @@ -0,0 +1 @@ +2025-01-22T09:50:25.988Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_get_details_of_a_vulnerabilitybased_rule_returns_notification_rule_details_response.yaml b/tests/v2/cassettes/test_scenarios/test_get_details_of_a_vulnerabilitybased_rule_returns_notification_rule_details_response.yaml new file mode 100644 index 0000000000..de723cb150 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_get_details_of_a_vulnerabilitybased_rule_returns_notification_rule_details_response.yaml @@ -0,0 +1,50 @@ +interactions: +- request: + body: '{"data":{"attributes":{"enabled":true,"name":"Test-Get_details_of_a_vulnerability_based_rule_returns_Notification_rule_details_response-1737539425","selectors":{"query":"env:test","rule_types":["misconfiguration","attack_path"],"severities":["critical"],"trigger_source":"security_findings"},"targets":["@email@email.com"],"time_aggregation":86400},"type":"notification_rules"}}' + headers: + accept: + - application/json + content-type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules + response: + body: + string: '{"data":{"id":"aqq-x71-k2h","type":"notification_rules","attributes":{"created_at":1737539426417,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1737539426417,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Get_details_of_a_vulnerability_based_rule_returns_Notification_rule_details_response-1737539425","selectors":{"severities":["critical"],"rule_types":["misconfiguration","attack_path"],"query":"env:test","trigger_source":"security_findings"},"targets":["@email@email.com"],"time_aggregation":86400,"version":1}}}' + headers: + content-type: + - application/vnd.api+json + status: + code: 201 + message: Created +- request: + body: null + headers: + accept: + - application/json + method: GET + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/aqq-x71-k2h + response: + body: + string: '{"data":{"id":"aqq-x71-k2h","type":"notification_rules","attributes":{"created_at":1737539426417,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1737539426417,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Get_details_of_a_vulnerability_based_rule_returns_Notification_rule_details_response-1737539425","selectors":{"severities":["critical"],"rule_types":["misconfiguration","attack_path"],"query":"env:test","trigger_source":"security_findings"},"targets":["@email@email.com"],"time_aggregation":86400,"version":1}}}' + headers: + content-type: + - application/vnd.api+json + status: + code: 200 + message: OK +- request: + body: null + headers: + accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/aqq-x71-k2h + response: + body: + string: '' + headers: {} + status: + code: 204 + message: No Content +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_get_the_list_of_signalbased_rules_returns_the_list_of_notification_rules_response.frozen b/tests/v2/cassettes/test_scenarios/test_get_the_list_of_signalbased_rules_returns_the_list_of_notification_rules_response.frozen new file mode 100644 index 0000000000..3f0d8fa076 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_get_the_list_of_signalbased_rules_returns_the_list_of_notification_rules_response.frozen @@ -0,0 +1 @@ +2025-01-23T10:36:01.381Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_get_the_list_of_signalbased_rules_returns_the_list_of_notification_rules_response.yaml b/tests/v2/cassettes/test_scenarios/test_get_the_list_of_signalbased_rules_returns_the_list_of_notification_rules_response.yaml new file mode 100644 index 0000000000..05609fe15e --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_get_the_list_of_signalbased_rules_returns_the_list_of_notification_rules_response.yaml @@ -0,0 +1,63 @@ +interactions: +- request: + body: '{"data":{"attributes":{"enabled":true,"name":"Test-Get_the_list_of_signal_based_rules_returns_The_list_of_notification_rules_response-1737628561","selectors":{"query":"env:test","rule_types":["signal_correlation"],"severities":["critical"],"trigger_source":"security_signals"},"targets":["@email@email.com"]},"type":"notification_rules"}}' + headers: + accept: + - application/json + content-type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules + response: + body: + string: '{"data":{"id":"wt5-y8s-3fa","type":"notification_rules","attributes":{"created_at":1737628561456,"created_by":{"name":"CI + Account","handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca"},"enabled":true,"modified_at":1737628561456,"modified_by":{"name":"CI + Account","handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca"},"name":"Test-Get_the_list_of_signal_based_rules_returns_The_list_of_notification_rules_response-1737628561","selectors":{"severities":["critical"],"rule_types":["signal_correlation"],"query":"env:test","trigger_source":"security_signals"},"targets":["@email@email.com"],"time_aggregation":0,"version":1}}}' + headers: + content-type: + - application/vnd.api+json + status: + code: 201 + message: Created +- request: + body: null + headers: + accept: + - application/json + method: GET + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules + response: + body: + string: '{"data":[{"id":"hwk-zqh-vg4","type":"notification_rules","attributes":{"created_at":1699905830776,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-List_notification_profiles_returns_OK_response-1699905830","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"","trigger_source":"security_signals"},"targets":["test"],"time_aggregation":0,"version":2}},{"id":"fsm-4am-ozw","type":"notification_rules","attributes":{"created_at":1699905832107,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Update_a_notification_profile_returns_OK_response-1699905832","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"","trigger_source":"security_signals"},"targets":["test"],"time_aggregation":0,"version":2}},{"id":"px4-xrb-b9v","type":"notification_rules","attributes":{"created_at":1699905992485,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Create_a_notification_profile_returns_OK_response-1699905992","selectors":{"severities":["high"],"rule_types":["application_security","log_detection"],"query":"(env:\"prod\" + OR @env:\"prod\") AND (test:\"123\" OR @test:\"123\")","trigger_source":"security_signals"},"targets":["@slack-test"],"time_aggregation":0,"version":2}},{"id":"ukt-yim-ouw","type":"notification_rules","attributes":{"created_at":1699905996937,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Get_notification_profile_by_ID_returns_OK_response-1699905996","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"","trigger_source":"security_signals"},"targets":["test"],"time_aggregation":0,"version":2}},{"id":"tpj-yqn-fcw","type":"notification_rules","attributes":{"created_at":1699905997240,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-List_notification_profiles_returns_OK_response-1699905997","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"","trigger_source":"security_signals"},"targets":["test"],"time_aggregation":0,"version":2}},{"id":"tv9-9dw-fbd","type":"notification_rules","attributes":{"created_at":1699905998529,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Update_a_notification_profile_returns_OK_response-1699905998","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"","trigger_source":"security_signals"},"targets":["test"],"time_aggregation":0,"version":2}},{"id":"pdt-i8z-vcs","type":"notification_rules","attributes":{"created_at":1699906082093,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Create_a_notification_profile_returns_OK_response-1699906081","selectors":{"severities":["high"],"rule_types":["application_security","log_detection"],"query":"(env:\"prod\" + OR @env:\"prod\") AND (test:\"123\" OR @test:\"123\")","trigger_source":"security_signals"},"targets":["@slack-test"],"time_aggregation":0,"version":2}},{"id":"tlb-cvk-wup","type":"notification_rules","attributes":{"created_at":1699906087769,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Get_notification_profile_by_ID_returns_OK_response-1699906087","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"","trigger_source":"security_signals"},"targets":["test"],"time_aggregation":0,"version":2}},{"id":"sqp-oih-tp8","type":"notification_rules","attributes":{"created_at":1699906088050,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-List_notification_profiles_returns_OK_response-1699906087","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"","trigger_source":"security_signals"},"targets":["test"],"time_aggregation":0,"version":2}},{"id":"zll-nff-pbx","type":"notification_rules","attributes":{"created_at":1699906089134,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Update_a_notification_profile_returns_OK_response-1699906089","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"","trigger_source":"security_signals"},"targets":["test"],"time_aggregation":0,"version":2}},{"id":"4u9-ooz-fwf","type":"notification_rules","attributes":{"created_at":1699906572841,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Create_a_notification_profile_returns_OK_response-1699906572","selectors":{"severities":["high"],"rule_types":["application_security","log_detection"],"query":"(env:\"prod\" + OR @env:\"prod\") AND (test:\"123\" OR @test:\"123\")","trigger_source":"security_signals"},"targets":["@slack-test"],"time_aggregation":0,"version":2}},{"id":"lny-xec-2r7","type":"notification_rules","attributes":{"created_at":1699906577427,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Get_notification_profile_by_ID_returns_OK_response-1699906577","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"","trigger_source":"security_signals"},"targets":["test"],"time_aggregation":0,"version":2}},{"id":"qfa-6nt-wn2","type":"notification_rules","attributes":{"created_at":1699906577706,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-List_notification_profiles_returns_OK_response-1699906577","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"","trigger_source":"security_signals"},"targets":["test"],"time_aggregation":0,"version":2}},{"id":"zcr-tja-rut","type":"notification_rules","attributes":{"created_at":1699906578815,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Update_a_notification_profile_returns_OK_response-1699906578","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"","trigger_source":"security_signals"},"targets":["test"],"time_aggregation":0,"version":3}},{"id":"rca-ogs-ckx","type":"notification_rules","attributes":{"created_at":1699906789206,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Create_a_notification_profile_returns_OK_response-1699906789","selectors":{"severities":["high"],"rule_types":["application_security","log_detection"],"query":"(env:\"prod\" + OR @env:\"prod\") AND (test:\"123\" OR @test:\"123\")","trigger_source":"security_signals"},"targets":["@slack-test"],"time_aggregation":0,"version":2}},{"id":"dis-abp-grp","type":"notification_rules","attributes":{"created_at":1699906793874,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Get_notification_profile_by_ID_returns_OK_response-1699906793","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"","trigger_source":"security_signals"},"targets":["test"],"time_aggregation":0,"version":2}},{"id":"n5i-avj-8br","type":"notification_rules","attributes":{"created_at":1699906794201,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-List_notification_profiles_returns_OK_response-1699906794","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"","trigger_source":"security_signals"},"targets":["test"],"time_aggregation":0,"version":2}},{"id":"wct-cix-3ay","type":"notification_rules","attributes":{"created_at":1699906795311,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":false,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Update_a_notification_profile_returns_OK_response-1699906795","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"","trigger_source":"security_signals"},"targets":["test2"],"time_aggregation":0,"version":3}},{"id":"pyf-t6u-dxp","type":"notification_rules","attributes":{"created_at":1699907487559,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Create_a_notification_profile_returns_OK_response-1699907487","selectors":{"severities":["high"],"rule_types":["application_security","log_detection"],"query":"(env:\"prod\" + OR @env:\"prod\") AND (test:\"123\" OR @test:\"123\")","trigger_source":"security_signals"},"targets":["@slack-test"],"time_aggregation":0,"version":2}},{"id":"vwj-uew-mas","type":"notification_rules","attributes":{"created_at":1699907492243,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Get_notification_profile_by_ID_returns_OK_response-1699907492","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"","trigger_source":"security_signals"},"targets":["test"],"time_aggregation":0,"version":2}},{"id":"a1y-ysu-rvw","type":"notification_rules","attributes":{"created_at":1699907492600,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-List_notification_profiles_returns_OK_response-1699907492","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"","trigger_source":"security_signals"},"targets":["test"],"time_aggregation":0,"version":2}},{"id":"kq1-edx-tkt","type":"notification_rules","attributes":{"created_at":1699907493778,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":false,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Update_a_notification_profile_returns_OK_response-1699907493","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"","trigger_source":"security_signals"},"targets":["test2"],"time_aggregation":0,"version":3}},{"id":"4i4-raj-t0a","type":"notification_rules","attributes":{"created_at":1699908569876,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Create_a_notification_profile_returns_OK_response-1699908569","selectors":{"severities":["high"],"rule_types":["application_security","log_detection"],"query":"(env:\"prod\" + OR @env:\"prod\") AND (test:\"123\" OR @test:\"123\")","trigger_source":"security_signals"},"targets":["@slack-test"],"time_aggregation":0,"version":2}},{"id":"ncy-2zl-jge","type":"notification_rules","attributes":{"created_at":1699908575238,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Get_notification_profile_by_ID_returns_OK_response-1699908575","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"(fim:\"true\" + OR @fim:\"true\")","trigger_source":"security_signals"},"targets":["test"],"time_aggregation":0,"version":2}},{"id":"tiq-glx-quq","type":"notification_rules","attributes":{"created_at":1699908575600,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-List_notification_profiles_returns_OK_response-1699908575","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"(fim:\"true\" + OR @fim:\"true\")","trigger_source":"security_signals"},"targets":["test"],"time_aggregation":0,"version":2}},{"id":"ue7-0sv-du1","type":"notification_rules","attributes":{"created_at":1699908576920,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":false,"modified_at":1725452072048,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Update_a_notification_profile_returns_OK_response-1699908576","selectors":{"severities":["high"],"rule_types":["log_detection","cloud_configuration"],"query":"(fim:\"true\" + OR @fim:\"true\")","trigger_source":"security_signals"},"targets":["test2"],"time_aggregation":0,"version":3}},{"id":"wt5-y8s-3fa","type":"notification_rules","attributes":{"created_at":1737628561456,"created_by":{"name":"CI + Account","handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca"},"enabled":true,"modified_at":1737628561456,"modified_by":{"name":"CI + Account","handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca"},"name":"Test-Get_the_list_of_signal_based_rules_returns_The_list_of_notification_rules_response-1737628561","selectors":{"severities":["critical"],"rule_types":["signal_correlation"],"query":"env:test","trigger_source":"security_signals"},"targets":["@email@email.com"],"time_aggregation":0,"version":1}}]}' + headers: + content-type: + - application/vnd.api+json + status: + code: 200 + message: OK +- request: + body: null + headers: + accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules/wt5-y8s-3fa + response: + body: + string: '' + headers: {} + status: + code: 204 + message: No Content +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_get_the_list_of_vulnerabilitybased_rules_returns_the_list_of_notification_rules_response.frozen b/tests/v2/cassettes/test_scenarios/test_get_the_list_of_vulnerabilitybased_rules_returns_the_list_of_notification_rules_response.frozen new file mode 100644 index 0000000000..1c559ecb18 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_get_the_list_of_vulnerabilitybased_rules_returns_the_list_of_notification_rules_response.frozen @@ -0,0 +1 @@ +2025-01-23T10:36:01.893Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_get_the_list_of_vulnerabilitybased_rules_returns_the_list_of_notification_rules_response.yaml b/tests/v2/cassettes/test_scenarios/test_get_the_list_of_vulnerabilitybased_rules_returns_the_list_of_notification_rules_response.yaml new file mode 100644 index 0000000000..43421d3261 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_get_the_list_of_vulnerabilitybased_rules_returns_the_list_of_notification_rules_response.yaml @@ -0,0 +1,54 @@ +interactions: +- request: + body: '{"data":{"attributes":{"enabled":true,"name":"Test-Get_the_list_of_vulnerability_based_rules_returns_The_list_of_notification_rules_response-1737628561","selectors":{"query":"env:test","rule_types":["misconfiguration","attack_path"],"severities":["critical"],"trigger_source":"security_findings"},"targets":["@email@email.com"],"time_aggregation":86400},"type":"notification_rules"}}' + headers: + accept: + - application/json + content-type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules + response: + body: + string: '{"data":{"id":"hrp-9cl-j7q","type":"notification_rules","attributes":{"created_at":1737628561955,"created_by":{"name":"CI + Account","handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca"},"enabled":true,"modified_at":1737628561955,"modified_by":{"name":"CI + Account","handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca"},"name":"Test-Get_the_list_of_vulnerability_based_rules_returns_The_list_of_notification_rules_response-1737628561","selectors":{"severities":["critical"],"rule_types":["misconfiguration","attack_path"],"query":"env:test","trigger_source":"security_findings"},"targets":["@email@email.com"],"time_aggregation":86400,"version":1}}}' + headers: + content-type: + - application/vnd.api+json + status: + code: 201 + message: Created +- request: + body: null + headers: + accept: + - application/json + method: GET + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules + response: + body: + string: '{"data":[{"id":"hrp-9cl-j7q","type":"notification_rules","attributes":{"created_at":1737628561955,"created_by":{"name":"CI + Account","handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca"},"enabled":true,"modified_at":1737628561955,"modified_by":{"name":"CI + Account","handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca"},"name":"Test-Get_the_list_of_vulnerability_based_rules_returns_The_list_of_notification_rules_response-1737628561","selectors":{"severities":["critical"],"rule_types":["misconfiguration","attack_path"],"query":"env:test","trigger_source":"security_findings"},"targets":["@email@email.com"],"time_aggregation":86400,"version":1}}]}' + headers: + content-type: + - application/vnd.api+json + status: + code: 200 + message: OK +- request: + body: null + headers: + accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/hrp-9cl-j7q + response: + body: + string: '' + headers: {} + status: + code: 204 + message: No Content +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_patch_a_signalbased_rule_returns_bad_request_response.frozen b/tests/v2/cassettes/test_scenarios/test_patch_a_signalbased_rule_returns_bad_request_response.frozen new file mode 100644 index 0000000000..50ebef7d38 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_patch_a_signalbased_rule_returns_bad_request_response.frozen @@ -0,0 +1 @@ +2025-01-22T09:50:35.238Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_patch_a_signalbased_rule_returns_bad_request_response.yaml b/tests/v2/cassettes/test_scenarios/test_patch_a_signalbased_rule_returns_bad_request_response.yaml new file mode 100644 index 0000000000..d493930c7b --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_patch_a_signalbased_rule_returns_bad_request_response.yaml @@ -0,0 +1,55 @@ +interactions: +- request: + body: '{"data":{"attributes":{"enabled":true,"name":"Test-Patch_a_signal_based_rule_returns_Bad_Request_response-1737539435","selectors":{"query":"env:test","rule_types":["signal_correlation"],"severities":["critical"],"trigger_source":"security_signals"},"targets":["@email@email.com"]},"type":"notification_rules"}}' + headers: + accept: + - application/json + content-type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules + response: + body: + string: '{"data":{"id":"urx-vcd-58d","type":"notification_rules","attributes":{"created_at":1737539435658,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1737539435658,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Patch_a_signal_based_rule_returns_Bad_Request_response-1737539435","selectors":{"severities":["critical"],"rule_types":["signal_correlation"],"query":"env:test","trigger_source":"security_signals"},"targets":["@email@email.com"],"time_aggregation":0,"version":1}}}' + headers: + content-type: + - application/vnd.api+json + status: + code: 201 + message: Created +- request: + body: '{"data":{"attributes":{"enabled":true,"name":"Rule 1","selectors":{"query":"(source:production_service + OR env:prod)","rule_types":["misconfiguration","attack_path"],"severities":["critical"],"trigger_source":"security_findings"},"targets":["@john.doe@email.com"],"time_aggregation":86400},"id":"aaa-bbb-ccc","type":"notification_rules"}}' + headers: + accept: + - application/json + content-type: + - application/json + method: PATCH + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules/urx-vcd-58d + response: + body: + string: '{"errors":["input_validation_error(Field ''data.attributes.version'' + is invalid: Specify the notification rule version to update, it cannot be + 0.)"]}' + headers: + content-type: + - application/json + status: + code: 400 + message: Bad Request +- request: + body: null + headers: + accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules/urx-vcd-58d + response: + body: + string: '' + headers: {} + status: + code: 204 + message: No Content +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_patch_a_signalbased_rule_returns_not_found_response.frozen b/tests/v2/cassettes/test_scenarios/test_patch_a_signalbased_rule_returns_not_found_response.frozen new file mode 100644 index 0000000000..cbf78aceab --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_patch_a_signalbased_rule_returns_not_found_response.frozen @@ -0,0 +1 @@ +2025-01-22T09:50:36.599Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_patch_a_signalbased_rule_returns_not_found_response.yaml b/tests/v2/cassettes/test_scenarios/test_patch_a_signalbased_rule_returns_not_found_response.yaml new file mode 100644 index 0000000000..0bb872c32a --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_patch_a_signalbased_rule_returns_not_found_response.yaml @@ -0,0 +1,22 @@ +interactions: +- request: + body: '{"data":{"attributes":{"enabled":true,"name":"Rule 1","selectors":{"query":"(source:production_service + OR env:prod)","rule_types":["misconfiguration","attack_path"],"severities":["critical"],"trigger_source":"security_findings"},"targets":["@john.doe@email.com"],"time_aggregation":86400,"version":1},"id":"aaa-bbb-ccc","type":"notification_rules"}}' + headers: + accept: + - application/json + content-type: + - application/json + method: PATCH + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules/000-000-000 + response: + body: + string: '{"errors":["not_found(Notification rule with id ''000-000-000'' not + found)"]}' + headers: + content-type: + - application/json + status: + code: 404 + message: Not Found +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_patch_a_signalbased_rule_returns_notification_rule_successfully_patched_response.frozen b/tests/v2/cassettes/test_scenarios/test_patch_a_signalbased_rule_returns_notification_rule_successfully_patched_response.frozen new file mode 100644 index 0000000000..dbfecb7971 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_patch_a_signalbased_rule_returns_notification_rule_successfully_patched_response.frozen @@ -0,0 +1 @@ +2025-01-22T09:50:37.086Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_patch_a_signalbased_rule_returns_notification_rule_successfully_patched_response.yaml b/tests/v2/cassettes/test_scenarios/test_patch_a_signalbased_rule_returns_notification_rule_successfully_patched_response.yaml new file mode 100644 index 0000000000..3adebf92f0 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_patch_a_signalbased_rule_returns_notification_rule_successfully_patched_response.yaml @@ -0,0 +1,55 @@ +interactions: +- request: + body: '{"data":{"attributes":{"enabled":true,"name":"Test-Patch_a_signal_based_rule_returns_Notification_rule_successfully_patched_response-1737539437","selectors":{"query":"env:test","rule_types":["signal_correlation"],"severities":["critical"],"trigger_source":"security_signals"},"targets":["@email@email.com"]},"type":"notification_rules"}}' + headers: + accept: + - application/json + content-type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules + response: + body: + string: '{"data":{"id":"h6x-nyx-fkm","type":"notification_rules","attributes":{"created_at":1737539437401,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1737539437401,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Patch_a_signal_based_rule_returns_Notification_rule_successfully_patched_response-1737539437","selectors":{"severities":["critical"],"rule_types":["signal_correlation"],"query":"env:test","trigger_source":"security_signals"},"targets":["@email@email.com"],"time_aggregation":0,"version":1}}}' + headers: + content-type: + - application/vnd.api+json + status: + code: 201 + message: Created +- request: + body: '{"data":{"attributes":{"enabled":true,"name":"Rule 1","selectors":{"query":"(source:production_service + OR env:prod)","rule_types":["misconfiguration","attack_path"],"severities":["critical"],"trigger_source":"security_findings"},"targets":["@john.doe@email.com"],"time_aggregation":86400,"version":1},"id":"aaa-bbb-ccc","type":"notification_rules"}}' + headers: + accept: + - application/json + content-type: + - application/json + method: PATCH + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules/h6x-nyx-fkm + response: + body: + string: '{"data":{"id":"h6x-nyx-fkm","type":"notification_rules","attributes":{"created_at":1737539437401,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1737539437810,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Rule + 1","selectors":{"severities":["critical"],"rule_types":["misconfiguration","attack_path"],"query":"(source:production_service + OR env:prod)","trigger_source":"security_findings"},"targets":["@john.doe@email.com"],"time_aggregation":86400,"version":2}}}' + headers: + content-type: + - application/vnd.api+json + status: + code: 200 + message: OK +- request: + body: null + headers: + accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security/signals/notification_rules/h6x-nyx-fkm + response: + body: + string: '' + headers: {} + status: + code: 204 + message: No Content +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_patch_a_vulnerabilitybased_rule_returns_bad_request_response.frozen b/tests/v2/cassettes/test_scenarios/test_patch_a_vulnerabilitybased_rule_returns_bad_request_response.frozen new file mode 100644 index 0000000000..fcdc31ed0f --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_patch_a_vulnerabilitybased_rule_returns_bad_request_response.frozen @@ -0,0 +1 @@ +2025-01-22T09:50:38.399Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_patch_a_vulnerabilitybased_rule_returns_bad_request_response.yaml b/tests/v2/cassettes/test_scenarios/test_patch_a_vulnerabilitybased_rule_returns_bad_request_response.yaml new file mode 100644 index 0000000000..57f7bfeeab --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_patch_a_vulnerabilitybased_rule_returns_bad_request_response.yaml @@ -0,0 +1,55 @@ +interactions: +- request: + body: '{"data":{"attributes":{"enabled":true,"name":"Test-Patch_a_vulnerability_based_rule_returns_Bad_Request_response-1737539438","selectors":{"query":"env:test","rule_types":["misconfiguration","attack_path"],"severities":["critical"],"trigger_source":"security_findings"},"targets":["@email@email.com"],"time_aggregation":86400},"type":"notification_rules"}}' + headers: + accept: + - application/json + content-type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules + response: + body: + string: '{"data":{"id":"ks5-ywq-grp","type":"notification_rules","attributes":{"created_at":1737539438831,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1737539438831,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Patch_a_vulnerability_based_rule_returns_Bad_Request_response-1737539438","selectors":{"severities":["critical"],"rule_types":["misconfiguration","attack_path"],"query":"env:test","trigger_source":"security_findings"},"targets":["@email@email.com"],"time_aggregation":86400,"version":1}}}' + headers: + content-type: + - application/vnd.api+json + status: + code: 201 + message: Created +- request: + body: '{"data":{"attributes":{"enabled":true,"name":"Rule 1","selectors":{"query":"(source:production_service + OR env:prod)","rule_types":["misconfiguration","attack_path"],"severities":["critical"],"trigger_source":"security_findings"},"targets":["@john.doe@email.com"],"time_aggregation":86400},"id":"aaa-bbb-ccc","type":"notification_rules"}}' + headers: + accept: + - application/json + content-type: + - application/json + method: PATCH + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/ks5-ywq-grp + response: + body: + string: '{"errors":["input_validation_error(Field ''data.attributes.version'' + is invalid: Specify the notification rule version to update, it cannot be + 0.)"]}' + headers: + content-type: + - application/json + status: + code: 400 + message: Bad Request +- request: + body: null + headers: + accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/ks5-ywq-grp + response: + body: + string: '' + headers: {} + status: + code: 204 + message: No Content +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_patch_a_vulnerabilitybased_rule_returns_not_found_response.frozen b/tests/v2/cassettes/test_scenarios/test_patch_a_vulnerabilitybased_rule_returns_not_found_response.frozen new file mode 100644 index 0000000000..f24abb9c92 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_patch_a_vulnerabilitybased_rule_returns_not_found_response.frozen @@ -0,0 +1 @@ +2025-01-22T09:50:39.942Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_patch_a_vulnerabilitybased_rule_returns_not_found_response.yaml b/tests/v2/cassettes/test_scenarios/test_patch_a_vulnerabilitybased_rule_returns_not_found_response.yaml new file mode 100644 index 0000000000..83b0d29adf --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_patch_a_vulnerabilitybased_rule_returns_not_found_response.yaml @@ -0,0 +1,22 @@ +interactions: +- request: + body: '{"data":{"attributes":{"enabled":true,"name":"Rule 1","selectors":{"query":"(source:production_service + OR env:prod)","rule_types":["misconfiguration","attack_path"],"severities":["critical"],"trigger_source":"security_findings"},"targets":["@john.doe@email.com"],"time_aggregation":86400,"version":1},"id":"aaa-bbb-ccc","type":"notification_rules"}}' + headers: + accept: + - application/json + content-type: + - application/json + method: PATCH + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/000-000-000 + response: + body: + string: '{"errors":["not_found(Notification rule with id ''000-000-000'' not + found)"]}' + headers: + content-type: + - application/json + status: + code: 404 + message: Not Found +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_patch_a_vulnerabilitybased_rule_returns_notification_rule_successfully_patched_response.frozen b/tests/v2/cassettes/test_scenarios/test_patch_a_vulnerabilitybased_rule_returns_notification_rule_successfully_patched_response.frozen new file mode 100644 index 0000000000..e2e97276a9 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_patch_a_vulnerabilitybased_rule_returns_notification_rule_successfully_patched_response.frozen @@ -0,0 +1 @@ +2025-01-22T09:50:40.442Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_patch_a_vulnerabilitybased_rule_returns_notification_rule_successfully_patched_response.yaml b/tests/v2/cassettes/test_scenarios/test_patch_a_vulnerabilitybased_rule_returns_notification_rule_successfully_patched_response.yaml new file mode 100644 index 0000000000..11db9e5872 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_patch_a_vulnerabilitybased_rule_returns_notification_rule_successfully_patched_response.yaml @@ -0,0 +1,55 @@ +interactions: +- request: + body: '{"data":{"attributes":{"enabled":true,"name":"Test-Patch_a_vulnerability_based_rule_returns_Notification_rule_successfully_patched_response-1737539440","selectors":{"query":"env:test","rule_types":["misconfiguration","attack_path"],"severities":["critical"],"trigger_source":"security_findings"},"targets":["@email@email.com"],"time_aggregation":86400},"type":"notification_rules"}}' + headers: + accept: + - application/json + content-type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules + response: + body: + string: '{"data":{"id":"a40-xl3-95h","type":"notification_rules","attributes":{"created_at":1737539440872,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1737539440872,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Test-Patch_a_vulnerability_based_rule_returns_Notification_rule_successfully_patched_response-1737539440","selectors":{"severities":["critical"],"rule_types":["misconfiguration","attack_path"],"query":"env:test","trigger_source":"security_findings"},"targets":["@email@email.com"],"time_aggregation":86400,"version":1}}}' + headers: + content-type: + - application/vnd.api+json + status: + code: 201 + message: Created +- request: + body: '{"data":{"attributes":{"enabled":true,"name":"Rule 1","selectors":{"query":"(source:production_service + OR env:prod)","rule_types":["misconfiguration","attack_path"],"severities":["critical"],"trigger_source":"security_findings"},"targets":["@john.doe@email.com"],"time_aggregation":86400,"version":1},"id":"aaa-bbb-ccc","type":"notification_rules"}}' + headers: + accept: + - application/json + content-type: + - application/json + method: PATCH + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/a40-xl3-95h + response: + body: + string: '{"data":{"id":"a40-xl3-95h","type":"notification_rules","attributes":{"created_at":1737539440872,"created_by":{"name":"frog","handle":"frog@datadoghq.com"},"enabled":true,"modified_at":1737539441254,"modified_by":{"name":"frog","handle":"frog@datadoghq.com"},"name":"Rule + 1","selectors":{"severities":["critical"],"rule_types":["misconfiguration","attack_path"],"query":"(source:production_service + OR env:prod)","trigger_source":"security_findings"},"targets":["@john.doe@email.com"],"time_aggregation":86400,"version":2}}}' + headers: + content-type: + - application/vnd.api+json + status: + code: 200 + message: OK +- request: + body: null + headers: + accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/security/vulnerabilities/notification_rules/a40-xl3-95h + response: + body: + string: '' + headers: {} + status: + code: 204 + message: No Content +version: 1 diff --git a/tests/v2/features/given.json b/tests/v2/features/given.json index e5c2cbcc48..a4729ae0c5 100644 --- a/tests/v2/features/given.json +++ b/tests/v2/features/given.json @@ -547,6 +547,30 @@ "tag": "Service Scorecards", "operationId": "CreateScorecardRule" }, + { + "parameters": [ + { + "name": "body", + "value": "{\n \"data\": {\n \"type\": \"notification_rules\",\n \"attributes\": {\n \"name\": \"{{ unique }}\",\n \"selectors\": {\n \"rule_types\": [\"signal_correlation\"],\n \"trigger_source\": \"security_signals\",\n \"severities\": [\"critical\"],\n \"query\": \"env:test\"\n },\n \"targets\": [\"@email@email.com\"],\n \"enabled\": true\n }\n }\n}" + } + ], + "step": "there is a valid \"valid_signal_notification_rule\" in the system", + "key": "valid_signal_notification_rule", + "tag": "Security Monitoring", + "operationId": "CreateSignalNotificationRule" + }, + { + "parameters": [ + { + "name": "body", + "value": "{\n \"data\": {\n \"type\": \"notification_rules\",\n \"attributes\": {\n \"name\": \"{{ unique }}\",\n \"selectors\": {\n \"rule_types\": [\"misconfiguration\", \"attack_path\"],\n \"trigger_source\": \"security_findings\",\n \"severities\": [\"critical\"],\n \"query\": \"env:test\"\n },\n \"time_aggregation\": 86400,\n \"targets\": [\"@email@email.com\"],\n \"enabled\": true\n }\n }\n}" + } + ], + "step": "there is a valid \"valid_vulnerability_notification_rule\" in the system", + "key": "valid_vulnerability_notification_rule", + "tag": "Security Monitoring", + "operationId": "CreateVulnerabilityNotificationRule" + }, { "parameters": [ { diff --git a/tests/v2/features/security_monitoring.feature b/tests/v2/features/security_monitoring.feature index 5a2330a8f3..a82f2a3dcd 100644 --- a/tests/v2/features/security_monitoring.feature +++ b/tests/v2/features/security_monitoring.feature @@ -235,6 +235,34 @@ Feature: Security Monitoring And the response "message" is equal to "Test rule" And the response "isEnabled" is equal to true + @generated @skip @team:DataDog/cloud-security-posture-management + Scenario: Create a new signal-based rule returns "Bad Request" response + Given new "CreateSignalNotificationRule" request + And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400}, "type": "notification_rules"}} + When the request is sent + Then the response status is 400 Bad Request + + @team:DataDog/cloud-security-posture-management + Scenario: Create a new signal-based rule returns "Successfully created the notification rule." response + Given new "CreateSignalNotificationRule" request + And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400}, "type": "notification_rules"}} + When the request is sent + Then the response status is 201 Successfully created the notification rule. + + @generated @skip @team:DataDog/cloud-security-posture-management + Scenario: Create a new vulnerability-based rule returns "Bad Request" response + Given new "CreateVulnerabilityNotificationRule" request + And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400}, "type": "notification_rules"}} + When the request is sent + Then the response status is 400 Bad Request + + @team:DataDog/cloud-security-posture-management + Scenario: Create a new vulnerability-based rule returns "Successfully created the notification rule." response + Given new "CreateVulnerabilityNotificationRule" request + And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400}, "type": "notification_rules"}} + When the request is sent + Then the response status is 201 Successfully created the notification rule. + @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Create a security filter returns "Bad Request" response Given new "CreateSecurityFilter" request @@ -325,6 +353,21 @@ Feature: Security Monitoring When the request is sent Then the response status is 204 OK + @team:DataDog/cloud-security-posture-management + Scenario: Delete a signal-based rule returns "Not Found" response + Given new "DeleteSignalNotificationRule" request + And request contains "id" parameter with value "000-000-000" + When the request is sent + Then the response status is 404 Not Found + + @team:DataDog/cloud-security-posture-management + Scenario: Delete a signal-based rule returns "Rule successfully deleted." response + Given there is a valid "valid_signal_notification_rule" in the system + And new "DeleteSignalNotificationRule" request + And request contains "id" parameter from "valid_signal_notification_rule.data.id" + When the request is sent + Then the response status is 204 Rule successfully deleted. + @skip @team:DataDog/k9-cloud-security-platform Scenario: Delete a suppression rule returns "Not Found" response Given new "DeleteSecurityMonitoringSuppression" request @@ -340,6 +383,21 @@ Feature: Security Monitoring When the request is sent Then the response status is 204 OK + @team:DataDog/cloud-security-posture-management + Scenario: Delete a vulnerability-based rule returns "Not Found" response + Given new "DeleteVulnerabilityNotificationRule" request + And request contains "id" parameter with value "000-000-000" + When the request is sent + Then the response status is 404 Not Found + + @team:DataDog/cloud-security-posture-management + Scenario: Delete a vulnerability-based rule returns "Rule successfully deleted." response + Given there is a valid "valid_vulnerability_notification_rule" in the system + And new "DeleteVulnerabilityNotificationRule" request + And request contains "id" parameter from "valid_vulnerability_notification_rule.data.id" + When the request is sent + Then the response status is 204 Rule successfully deleted. + @team:DataDog/k9-cloud-security-platform Scenario: Delete an existing job returns "Bad Request" response Given operation "DeleteHistoricalJob" enabled @@ -599,6 +657,64 @@ Feature: Security Monitoring When the request is sent Then the response status is 200 OK + @generated @skip @team:DataDog/cloud-security-posture-management + Scenario: Get details of a signal-based rule returns "Bad Request" response + Given new "GetSignalNotificationRule" request + And request contains "id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 400 Bad Request + + @team:DataDog/cloud-security-posture-management + Scenario: Get details of a signal-based rule returns "Not Found" response + Given new "GetSignalNotificationRule" request + And request contains "id" parameter with value "000-000-000" + When the request is sent + Then the response status is 404 Not Found + + @team:DataDog/cloud-security-posture-management + Scenario: Get details of a signal-based rule returns "Notification rule details." response + Given there is a valid "valid_signal_notification_rule" in the system + And new "GetSignalNotificationRule" request + And request contains "id" parameter from "valid_signal_notification_rule.data.id" + When the request is sent + Then the response status is 200 Notification rule details. + + @generated @skip @team:DataDog/cloud-security-posture-management + Scenario: Get details of a vulnerability-based rule returns "Bad Request" response + Given new "GetVulnerabilityNotificationRule" request + And request contains "id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 400 Bad Request + + @team:DataDog/cloud-security-posture-management + Scenario: Get details of a vulnerability-based rule returns "Not Found" response + Given new "GetVulnerabilityNotificationRule" request + And request contains "id" parameter with value "000-000-000" + When the request is sent + Then the response status is 404 Not Found + + @team:DataDog/cloud-security-posture-management + Scenario: Get details of a vulnerability-based rule returns "Notification rule details." response + Given there is a valid "valid_vulnerability_notification_rule" in the system + And new "GetVulnerabilityNotificationRule" request + And request contains "id" parameter from "valid_vulnerability_notification_rule.data.id" + When the request is sent + Then the response status is 200 Notification rule details. + + @team:DataDog/cloud-security-posture-management + Scenario: Get the list of signal-based rules returns "The list of notification rules." response + Given there is a valid "valid_signal_notification_rule" in the system + And new "GetSignalNotificationRules" request + When the request is sent + Then the response status is 200 The list of notification rules. + + @team:DataDog/cloud-security-posture-management + Scenario: Get the list of vulnerability-based rules returns "The list of notification rules." response + Given there is a valid "valid_vulnerability_notification_rule" in the system + And new "GetVulnerabilityNotificationRules" request + When the request is sent + Then the response status is 200 The list of notification rules. + @generated @skip @team:DataDog/cloud-security-posture-management Scenario: List findings returns "Bad Request: The server cannot process the request due to invalid syntax in the request." response Given operation "ListFindings" enabled @@ -773,6 +889,74 @@ Feature: Security Monitoring When the request is sent Then the response status is 200 OK + @team:DataDog/cloud-security-posture-management + Scenario: Patch a signal-based rule returns "Bad Request" response + Given new "PatchSignalNotificationRule" request + And there is a valid "valid_signal_notification_rule" in the system + And request contains "id" parameter from "valid_signal_notification_rule.data.id" + And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400}, "id": "aaa-bbb-ccc", "type": "notification_rules"}} + When the request is sent + Then the response status is 400 Bad Request + + @team:DataDog/cloud-security-posture-management + Scenario: Patch a signal-based rule returns "Not Found" response + Given new "PatchSignalNotificationRule" request + And request contains "id" parameter with value "000-000-000" + And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400, "version": 1}, "id": "aaa-bbb-ccc", "type": "notification_rules"}} + When the request is sent + Then the response status is 404 Not Found + + @team:DataDog/cloud-security-posture-management + Scenario: Patch a signal-based rule returns "Notification rule successfully patched." response + Given new "PatchSignalNotificationRule" request + And there is a valid "valid_signal_notification_rule" in the system + And request contains "id" parameter from "valid_signal_notification_rule.data.id" + And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400, "version": 1}, "id": "aaa-bbb-ccc", "type": "notification_rules"}} + When the request is sent + Then the response status is 200 Notification rule successfully patched. + + @generated @skip @team:DataDog/cloud-security-posture-management + Scenario: Patch a signal-based rule returns "The server cannot process the request because it contains invalid data." response + Given new "PatchSignalNotificationRule" request + And request contains "id" parameter from "REPLACE.ME" + And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400, "version": 1}, "id": "aaa-bbb-ccc", "type": "notification_rules"}} + When the request is sent + Then the response status is 422 The server cannot process the request because it contains invalid data. + + @team:DataDog/cloud-security-posture-management + Scenario: Patch a vulnerability-based rule returns "Bad Request" response + Given new "PatchVulnerabilityNotificationRule" request + And there is a valid "valid_vulnerability_notification_rule" in the system + And request contains "id" parameter from "valid_vulnerability_notification_rule.data.id" + And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400}, "id": "aaa-bbb-ccc", "type": "notification_rules"}} + When the request is sent + Then the response status is 400 Bad Request + + @team:DataDog/cloud-security-posture-management + Scenario: Patch a vulnerability-based rule returns "Not Found" response + Given new "PatchVulnerabilityNotificationRule" request + And request contains "id" parameter with value "000-000-000" + And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400, "version": 1}, "id": "aaa-bbb-ccc", "type": "notification_rules"}} + When the request is sent + Then the response status is 404 Not Found + + @team:DataDog/cloud-security-posture-management + Scenario: Patch a vulnerability-based rule returns "Notification rule successfully patched." response + Given new "PatchVulnerabilityNotificationRule" request + And there is a valid "valid_vulnerability_notification_rule" in the system + And request contains "id" parameter from "valid_vulnerability_notification_rule.data.id" + And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400, "version": 1}, "id": "aaa-bbb-ccc", "type": "notification_rules"}} + When the request is sent + Then the response status is 200 Notification rule successfully patched. + + @generated @skip @team:DataDog/cloud-security-posture-management + Scenario: Patch a vulnerability-based rule returns "The server cannot process the request because it contains invalid data." response + Given new "PatchVulnerabilityNotificationRule" request + And request contains "id" parameter from "REPLACE.ME" + And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400, "version": 1}, "id": "aaa-bbb-ccc", "type": "notification_rules"}} + When the request is sent + Then the response status is 422 The server cannot process the request because it contains invalid data. + @team:DataDog/k9-cloud-security-platform Scenario: Run a historical job returns "Bad Request" response Given operation "RunHistoricalJob" enabled diff --git a/tests/v2/features/undo.json b/tests/v2/features/undo.json index a195ddc9e5..d8ddf129a0 100644 --- a/tests/v2/features/undo.json +++ b/tests/v2/features/undo.json @@ -2067,12 +2067,86 @@ "type": "safe" } }, + "GetSignalNotificationRules": { + "tag": "Security Monitoring", + "undo": { + "type": "safe" + } + }, + "CreateSignalNotificationRule": { + "tag": "Security Monitoring", + "undo": { + "operationId": "DeleteSignalNotificationRule", + "parameters": [ + { + "name": "id", + "source": "data.id" + } + ], + "type": "unsafe" + } + }, + "DeleteSignalNotificationRule": { + "tag": "Security Monitoring", + "undo": { + "type": "idempotent" + } + }, + "GetSignalNotificationRule": { + "tag": "Security Monitoring", + "undo": { + "type": "safe" + } + }, + "PatchSignalNotificationRule": { + "tag": "Security Monitoring", + "undo": { + "type": "idempotent" + } + }, "ListVulnerabilities": { "tag": "Security Monitoring", "undo": { "type": "safe" } }, + "GetVulnerabilityNotificationRules": { + "tag": "Security Monitoring", + "undo": { + "type": "safe" + } + }, + "CreateVulnerabilityNotificationRule": { + "tag": "Security Monitoring", + "undo": { + "operationId": "DeleteVulnerabilityNotificationRule", + "parameters": [ + { + "name": "id", + "source": "data.id" + } + ], + "type": "unsafe" + } + }, + "DeleteVulnerabilityNotificationRule": { + "tag": "Security Monitoring", + "undo": { + "type": "idempotent" + } + }, + "GetVulnerabilityNotificationRule": { + "tag": "Security Monitoring", + "undo": { + "type": "safe" + } + }, + "PatchVulnerabilityNotificationRule": { + "tag": "Security Monitoring", + "undo": { + "type": "idempotent" + } + }, "ListCloudWorkloadSecurityAgentRules": { "tag": "CSM Threats", "undo": {