From e8bfcbddb759cc8c2316aa7cb322c7aa577fc81e Mon Sep 17 00:00:00 2001 From: "ci.datadog-api-spec" Date: Wed, 12 Nov 2025 18:27:27 +0000 Subject: [PATCH] Regenerate client from commit 46390f1 of spec repo --- .generator/schemas/v2/openapi.yaml | 24 +++++++++++++ ...uppression-rule-returns-OK-response.frozen | 2 +- ...a-suppression-rule-returns-OK-response.yml | 22 ++++++------ ...uppression-rule-returns-OK-response.frozen | 2 +- ...a-suppression-rule-returns-OK-response.yml | 28 +++++++-------- ...uppression-rule-returns-OK-response.frozen | 2 +- ...a-suppression-rule-returns-OK-response.yml | 32 ++++++++--------- ...uppression-rule-returns-OK-response.frozen | 2 +- ...a-suppression-rule-returns-OK-response.yml | 34 +++++++++---------- .../CreateSecurityMonitoringSuppression.rb | 4 +++ features/v2/given.json | 2 +- features/v2/security_monitoring.feature | 12 +++---- ...urity_monitoring_suppression_attributes.rb | 14 +++++++- ...onitoring_suppression_create_attributes.rb | 18 ++++++++-- ...onitoring_suppression_update_attributes.rb | 14 +++++++- 15 files changed, 135 insertions(+), 77 deletions(-) diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index 922424a28dcb..f9a4ea8590d2 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -46991,6 +46991,14 @@ components: the queries to search signals in the signal explorer. example: env:staging status:low type: string + tags: + description: List of tags associated with the suppression rule. + example: + - technique:T1110-brute-force + - source:cloudtrail + items: + type: string + type: array update_date: description: A Unix millisecond timestamp given the update date of the suppression rule. @@ -47052,6 +47060,14 @@ components: same syntax as the queries to search signals in the Signals Explorer. example: env:staging status:low type: string + tags: + description: List of tags associated with the suppression rule. + example: + - technique:T1110-brute-force + - source:cloudtrail + items: + type: string + type: array required: - name - enabled @@ -47147,6 +47163,14 @@ components: the queries to search signals in the signal explorer. example: env:staging status:low type: string + tags: + description: List of tags associated with the suppression rule. + example: + - technique:T1110-brute-force + - source:cloudtrail + items: + type: string + type: array version: description: The current version of the suppression. This is optional, but it can help prevent concurrent modifications. diff --git a/cassettes/features/v2/security_monitoring/Create-a-suppression-rule-returns-OK-response.frozen b/cassettes/features/v2/security_monitoring/Create-a-suppression-rule-returns-OK-response.frozen index 28bfbcc2df0d..0a54330ca5af 100644 --- a/cassettes/features/v2/security_monitoring/Create-a-suppression-rule-returns-OK-response.frozen +++ b/cassettes/features/v2/security_monitoring/Create-a-suppression-rule-returns-OK-response.frozen @@ -1 +1 @@ -2024-11-27T15:22:34.711Z \ No newline at end of file +2025-11-07T12:27:25.514Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Create-a-suppression-rule-returns-OK-response.yml b/cassettes/features/v2/security_monitoring/Create-a-suppression-rule-returns-OK-response.yml index f3167ba68135..b463816d6ff5 100644 --- a/cassettes/features/v2/security_monitoring/Create-a-suppression-rule-returns-OK-response.yml +++ b/cassettes/features/v2/security_monitoring/Create-a-suppression-rule-returns-OK-response.yml @@ -1,12 +1,12 @@ http_interactions: -- recorded_at: Wed, 27 Nov 2024 15:22:34 GMT +- recorded_at: Fri, 07 Nov 2025 12:27:25 GMT request: body: encoding: UTF-8 string: '{"data":{"attributes":{"description":"This rule suppresses low-severity - signals in staging environments.","enabled":true,"expiration_date":1734535354000,"name":"Test-Create_a_suppression_rule_returns_OK_response-1732720954","rule_query":"type:log_detection - source:cloudtrail","start_date":1733584954000,"suppression_query":"env:staging - status:low"},"type":"suppressions"}}' + signals in staging environments.","enabled":true,"expiration_date":1764332845000,"name":"Test-Create_a_suppression_rule_returns_OK_response-1762518445","rule_query":"type:log_detection + source:cloudtrail","start_date":1763382445000,"suppression_query":"env:staging + status:low","tags":["technique:T1110-brute-force","source:cloudtrail"]},"type":"suppressions"}}' headers: Accept: - application/json @@ -17,24 +17,26 @@ http_interactions: response: body: encoding: UTF-8 - string: '{"data":{"id":"ejv-ksi-r4j","type":"suppressions","attributes":{"creation_date":1732720954868,"creator":{"handle":"frog@datadoghq.com","name":""},"data_exclusion_query":"","description":"This - rule suppresses low-severity signals in staging environments.","editable":true,"enabled":true,"expiration_date":1734535354000,"name":"Test-Create_a_suppression_rule_returns_OK_response-1732720954","rule_query":"type:log_detection - source:cloudtrail","start_date":1733584954000,"suppression_query":"env:staging - status:low","update_date":1732720954868,"updater":{"handle":"frog@datadoghq.com","name":""},"version":1}}}' + string: '{"data":{"id":"oxk-jlo-pc8","type":"suppressions","attributes":{"creation_date":1762518446390,"creator":{"handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca","name":"CI + Account"},"data_exclusion_query":"","description":"This rule suppresses low-severity + signals in staging environments.","editable":true,"enabled":true,"expiration_date":1764332845000,"name":"Test-Create_a_suppression_rule_returns_OK_response-1762518445","rule_query":"type:log_detection + source:cloudtrail","start_date":1763382445000,"suppression_query":"env:staging + status:low","tags":["source:cloudtrail","technique:T1110-brute-force"],"update_date":1762518446390,"updater":{"handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca","name":"CI + Account"},"version":1}}}' headers: Content-Type: - application/vnd.api+json status: code: 200 message: OK -- recorded_at: Wed, 27 Nov 2024 15:22:34 GMT +- recorded_at: Fri, 07 Nov 2025 12:27:25 GMT request: body: null headers: Accept: - '*/*' method: DELETE - uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/ejv-ksi-r4j + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/oxk-jlo-pc8 response: body: encoding: UTF-8 diff --git a/cassettes/features/v2/security_monitoring/Delete-a-suppression-rule-returns-OK-response.frozen b/cassettes/features/v2/security_monitoring/Delete-a-suppression-rule-returns-OK-response.frozen index 603587527a84..3f3e3c99f212 100644 --- a/cassettes/features/v2/security_monitoring/Delete-a-suppression-rule-returns-OK-response.frozen +++ b/cassettes/features/v2/security_monitoring/Delete-a-suppression-rule-returns-OK-response.frozen @@ -1 +1 @@ -2024-05-10T16:34:39.853Z \ No newline at end of file +2025-11-07T12:27:26.759Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Delete-a-suppression-rule-returns-OK-response.yml b/cassettes/features/v2/security_monitoring/Delete-a-suppression-rule-returns-OK-response.yml index 31dfde5448fd..e3828707dc72 100644 --- a/cassettes/features/v2/security_monitoring/Delete-a-suppression-rule-returns-OK-response.yml +++ b/cassettes/features/v2/security_monitoring/Delete-a-suppression-rule-returns-OK-response.yml @@ -1,9 +1,9 @@ http_interactions: -- recorded_at: Fri, 10 May 2024 16:34:39 GMT +- recorded_at: Fri, 07 Nov 2025 12:27:26 GMT request: body: encoding: UTF-8 - string: '{"data":{"attributes":{"description":"Test-Delete_a_suppression_rule_returns_OK_response-1715358879","enabled":true,"name":"Test-Delete_a_suppression_rule_returns_OK_response-1715358879","rule_query":"source:cloudtrail","suppression_query":"env:test"},"type":"suppressions"}}' + string: '{"data":{"attributes":{"description":"Test-Delete_a_suppression_rule_returns_OK_response-1762518446","enabled":true,"name":"Test-Delete_a_suppression_rule_returns_OK_response-1762518446","rule_query":"source:cloudtrail","suppression_query":"env:test","tags":["technique:T1110-brute-force","source:cloudtrail"]},"type":"suppressions"}}' headers: Accept: - application/json @@ -14,47 +14,43 @@ http_interactions: response: body: encoding: UTF-8 - string: '{"data":{"id":"csf-zrg-af0","attributes":{"name":"Test-Delete_a_suppression_rule_returns_OK_response-1715358879","enabled":true,"description":"Test-Delete_a_suppression_rule_returns_OK_response-1715358879","rule_query":"source:cloudtrail","suppression_query":"env:test","data_exclusion_query":"","version":1,"creation_date":1715358880145,"update_date":1715358880145,"creator":{"name":null,"handle":"frog@datadoghq.com"},"updater":{"name":null,"handle":"frog@datadoghq.com"}},"type":"suppressions"}} - - ' + string: '{"data":{"id":"uea-lab-big","type":"suppressions","attributes":{"creation_date":1762518447002,"creator":{"handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca","name":"CI + Account"},"data_exclusion_query":"","description":"Test-Delete_a_suppression_rule_returns_OK_response-1762518446","editable":true,"enabled":true,"name":"Test-Delete_a_suppression_rule_returns_OK_response-1762518446","rule_query":"source:cloudtrail","suppression_query":"env:test","tags":["source:cloudtrail","technique:T1110-brute-force"],"update_date":1762518447002,"updater":{"handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca","name":"CI + Account"},"version":1}}}' headers: Content-Type: - - application/json + - application/vnd.api+json status: code: 200 message: OK -- recorded_at: Fri, 10 May 2024 16:34:39 GMT +- recorded_at: Fri, 07 Nov 2025 12:27:26 GMT request: body: null headers: Accept: - '*/*' method: DELETE - uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/csf-zrg-af0 + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/uea-lab-big response: body: encoding: UTF-8 string: '' - headers: - Content-Type: - - text/html; charset=utf-8 + headers: {} status: code: 204 message: No Content -- recorded_at: Fri, 10 May 2024 16:34:39 GMT +- recorded_at: Fri, 07 Nov 2025 12:27:26 GMT request: body: null headers: Accept: - '*/*' method: DELETE - uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/csf-zrg-af0 + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/uea-lab-big response: body: encoding: UTF-8 - string: '{"errors":["not_found(Suppression with ID csf-zrg-af0 not found)"]} - - ' + string: '{"errors":["not_found(Suppression with ID uea-lab-big not found)"]}' headers: Content-Type: - application/json diff --git a/cassettes/features/v2/security_monitoring/Get-a-suppression-rule-returns-OK-response.frozen b/cassettes/features/v2/security_monitoring/Get-a-suppression-rule-returns-OK-response.frozen index f47bd5ef3782..a93a4d20e755 100644 --- a/cassettes/features/v2/security_monitoring/Get-a-suppression-rule-returns-OK-response.frozen +++ b/cassettes/features/v2/security_monitoring/Get-a-suppression-rule-returns-OK-response.frozen @@ -1 +1 @@ -2024-05-10T16:34:46.398Z \ No newline at end of file +2025-11-07T12:27:27.654Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Get-a-suppression-rule-returns-OK-response.yml b/cassettes/features/v2/security_monitoring/Get-a-suppression-rule-returns-OK-response.yml index c9ea4d81653f..21d50015e7c7 100644 --- a/cassettes/features/v2/security_monitoring/Get-a-suppression-rule-returns-OK-response.yml +++ b/cassettes/features/v2/security_monitoring/Get-a-suppression-rule-returns-OK-response.yml @@ -1,9 +1,9 @@ http_interactions: -- recorded_at: Fri, 10 May 2024 16:34:46 GMT +- recorded_at: Fri, 07 Nov 2025 12:27:27 GMT request: body: encoding: UTF-8 - string: '{"data":{"attributes":{"description":"Test-Get_a_suppression_rule_returns_OK_response-1715358886","enabled":true,"name":"Test-Get_a_suppression_rule_returns_OK_response-1715358886","rule_query":"source:cloudtrail","suppression_query":"env:test"},"type":"suppressions"}}' + string: '{"data":{"attributes":{"description":"Test-Get_a_suppression_rule_returns_OK_response-1762518447","enabled":true,"name":"Test-Get_a_suppression_rule_returns_OK_response-1762518447","rule_query":"source:cloudtrail","suppression_query":"env:test","tags":["technique:T1110-brute-force","source:cloudtrail"]},"type":"suppressions"}}' headers: Accept: - application/json @@ -14,50 +14,48 @@ http_interactions: response: body: encoding: UTF-8 - string: '{"data":{"id":"ol3-0o2-rrp","attributes":{"name":"Test-Get_a_suppression_rule_returns_OK_response-1715358886","enabled":true,"description":"Test-Get_a_suppression_rule_returns_OK_response-1715358886","rule_query":"source:cloudtrail","suppression_query":"env:test","data_exclusion_query":"","version":1,"creation_date":1715358886671,"update_date":1715358886671,"creator":{"name":null,"handle":"frog@datadoghq.com"},"updater":{"name":null,"handle":"frog@datadoghq.com"}},"type":"suppressions"}} - - ' + string: '{"data":{"id":"ylq-igi-icg","type":"suppressions","attributes":{"creation_date":1762518447901,"creator":{"handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca","name":"CI + Account"},"data_exclusion_query":"","description":"Test-Get_a_suppression_rule_returns_OK_response-1762518447","editable":true,"enabled":true,"name":"Test-Get_a_suppression_rule_returns_OK_response-1762518447","rule_query":"source:cloudtrail","suppression_query":"env:test","tags":["source:cloudtrail","technique:T1110-brute-force"],"update_date":1762518447901,"updater":{"handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca","name":"CI + Account"},"version":1}}}' headers: Content-Type: - - application/json + - application/vnd.api+json status: code: 200 message: OK -- recorded_at: Fri, 10 May 2024 16:34:46 GMT +- recorded_at: Fri, 07 Nov 2025 12:27:27 GMT request: body: null headers: Accept: - application/json method: GET - uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/ol3-0o2-rrp + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/ylq-igi-icg response: body: encoding: UTF-8 - string: '{"data":{"id":"ol3-0o2-rrp","attributes":{"name":"Test-Get_a_suppression_rule_returns_OK_response-1715358886","enabled":true,"description":"Test-Get_a_suppression_rule_returns_OK_response-1715358886","rule_query":"source:cloudtrail","suppression_query":"env:test","data_exclusion_query":"","version":1,"creation_date":1715358886671,"update_date":1715358886671,"creator":{"name":null,"handle":"frog@datadoghq.com"},"updater":{"name":null,"handle":"frog@datadoghq.com"}},"type":"suppressions"}} - - ' + string: '{"data":{"id":"ylq-igi-icg","type":"suppressions","attributes":{"creation_date":1762518447901,"creator":{"handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca","name":"CI + Account"},"data_exclusion_query":"","description":"Test-Get_a_suppression_rule_returns_OK_response-1762518447","editable":true,"enabled":true,"name":"Test-Get_a_suppression_rule_returns_OK_response-1762518447","rule_query":"source:cloudtrail","suppression_query":"env:test","tags":["source:cloudtrail","technique:T1110-brute-force"],"update_date":1762518447901,"updater":{"handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca","name":"CI + Account"},"version":1}}}' headers: Content-Type: - - application/json + - application/vnd.api+json status: code: 200 message: OK -- recorded_at: Fri, 10 May 2024 16:34:46 GMT +- recorded_at: Fri, 07 Nov 2025 12:27:27 GMT request: body: null headers: Accept: - '*/*' method: DELETE - uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/ol3-0o2-rrp + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/ylq-igi-icg response: body: encoding: UTF-8 string: '' - headers: - Content-Type: - - text/html; charset=utf-8 + headers: {} status: code: 204 message: No Content diff --git a/cassettes/features/v2/security_monitoring/Update-a-suppression-rule-returns-OK-response.frozen b/cassettes/features/v2/security_monitoring/Update-a-suppression-rule-returns-OK-response.frozen index a2d489e44191..8839a50677d9 100644 --- a/cassettes/features/v2/security_monitoring/Update-a-suppression-rule-returns-OK-response.frozen +++ b/cassettes/features/v2/security_monitoring/Update-a-suppression-rule-returns-OK-response.frozen @@ -1 +1 @@ -2024-05-10T16:34:51.901Z \ No newline at end of file +2025-11-07T12:27:28.613Z \ No newline at end of file diff --git a/cassettes/features/v2/security_monitoring/Update-a-suppression-rule-returns-OK-response.yml b/cassettes/features/v2/security_monitoring/Update-a-suppression-rule-returns-OK-response.yml index 350ecc47dd57..4fb6f154adef 100644 --- a/cassettes/features/v2/security_monitoring/Update-a-suppression-rule-returns-OK-response.yml +++ b/cassettes/features/v2/security_monitoring/Update-a-suppression-rule-returns-OK-response.yml @@ -1,9 +1,9 @@ http_interactions: -- recorded_at: Fri, 10 May 2024 16:34:51 GMT +- recorded_at: Fri, 07 Nov 2025 12:27:28 GMT request: body: encoding: UTF-8 - string: '{"data":{"attributes":{"description":"Test-Update_a_suppression_rule_returns_OK_response-1715358891","enabled":true,"name":"Test-Update_a_suppression_rule_returns_OK_response-1715358891","rule_query":"source:cloudtrail","suppression_query":"env:test"},"type":"suppressions"}}' + string: '{"data":{"attributes":{"description":"Test-Update_a_suppression_rule_returns_OK_response-1762518448","enabled":true,"name":"Test-Update_a_suppression_rule_returns_OK_response-1762518448","rule_query":"source:cloudtrail","suppression_query":"env:test","tags":["technique:T1110-brute-force","source:cloudtrail"]},"type":"suppressions"}}' headers: Accept: - application/json @@ -14,16 +14,16 @@ http_interactions: response: body: encoding: UTF-8 - string: '{"data":{"id":"pej-nbn-ai7","attributes":{"name":"Test-Update_a_suppression_rule_returns_OK_response-1715358891","enabled":true,"description":"Test-Update_a_suppression_rule_returns_OK_response-1715358891","rule_query":"source:cloudtrail","suppression_query":"env:test","data_exclusion_query":"","version":1,"creation_date":1715358892289,"update_date":1715358892289,"creator":{"name":null,"handle":"frog@datadoghq.com"},"updater":{"name":null,"handle":"frog@datadoghq.com"}},"type":"suppressions"}} - - ' + string: '{"data":{"id":"uqt-hh6-qbq","type":"suppressions","attributes":{"creation_date":1762518448839,"creator":{"handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca","name":"CI + Account"},"data_exclusion_query":"","description":"Test-Update_a_suppression_rule_returns_OK_response-1762518448","editable":true,"enabled":true,"name":"Test-Update_a_suppression_rule_returns_OK_response-1762518448","rule_query":"source:cloudtrail","suppression_query":"env:test","tags":["source:cloudtrail","technique:T1110-brute-force"],"update_date":1762518448839,"updater":{"handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca","name":"CI + Account"},"version":1}}}' headers: Content-Type: - - application/json + - application/vnd.api+json status: code: 200 message: OK -- recorded_at: Fri, 10 May 2024 16:34:51 GMT +- recorded_at: Fri, 07 Nov 2025 12:27:28 GMT request: body: encoding: UTF-8 @@ -34,35 +34,33 @@ http_interactions: Content-Type: - application/json method: PATCH - uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/pej-nbn-ai7 + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/uqt-hh6-qbq response: body: encoding: UTF-8 - string: '{"data":{"id":"pej-nbn-ai7","attributes":{"name":"Test-Update_a_suppression_rule_returns_OK_response-1715358891","enabled":true,"description":"Test-Update_a_suppression_rule_returns_OK_response-1715358891","rule_query":"source:cloudtrail","suppression_query":"env:staging - status:low","data_exclusion_query":"","version":2,"creation_date":1715358892289,"update_date":1715358892759,"creator":{"name":null,"handle":"frog@datadoghq.com"},"updater":{"name":null,"handle":"frog@datadoghq.com"}},"type":"suppressions"}} - - ' + string: '{"data":{"id":"uqt-hh6-qbq","type":"suppressions","attributes":{"creation_date":1762518448839,"creator":{"handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca","name":"CI + Account"},"data_exclusion_query":"","description":"Test-Update_a_suppression_rule_returns_OK_response-1762518448","editable":true,"enabled":true,"name":"Test-Update_a_suppression_rule_returns_OK_response-1762518448","rule_query":"source:cloudtrail","suppression_query":"env:staging + status:low","tags":["source:cloudtrail","technique:T1110-brute-force"],"update_date":1762518449150,"updater":{"handle":"9919ec9b-ebc7-49ee-8dc8-03626e717cca","name":"CI + Account"},"version":2}}}' headers: Content-Type: - - application/json + - application/vnd.api+json status: code: 200 message: OK -- recorded_at: Fri, 10 May 2024 16:34:51 GMT +- recorded_at: Fri, 07 Nov 2025 12:27:28 GMT request: body: null headers: Accept: - '*/*' method: DELETE - uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/pej-nbn-ai7 + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/suppressions/uqt-hh6-qbq response: body: encoding: UTF-8 string: '' - headers: - Content-Type: - - text/html; charset=utf-8 + headers: {} status: code: 204 message: No Content diff --git a/examples/v2/security-monitoring/CreateSecurityMonitoringSuppression.rb b/examples/v2/security-monitoring/CreateSecurityMonitoringSuppression.rb index 641d2e65d875..509e21647cfe 100644 --- a/examples/v2/security-monitoring/CreateSecurityMonitoringSuppression.rb +++ b/examples/v2/security-monitoring/CreateSecurityMonitoringSuppression.rb @@ -13,6 +13,10 @@ name: "Example-Security-Monitoring", rule_query: "type:log_detection source:cloudtrail", suppression_query: "env:staging status:low", + tags: [ + "technique:T1110-brute-force", + "source:cloudtrail", + ], }), type: DatadogAPIClient::V2::SecurityMonitoringSuppressionType::SUPPRESSIONS, }), diff --git a/features/v2/given.json b/features/v2/given.json index 12852be0f21b..4ee7b3a6f955 100644 --- a/features/v2/given.json +++ b/features/v2/given.json @@ -967,7 +967,7 @@ "parameters": [ { "name": "body", - "value": "{\n \"data\": {\n \"type\": \"suppressions\",\n \"attributes\": {\n \"enabled\": true,\n \"name\": \"{{ unique }}\",\n \"description\": \"{{ unique }}\",\n \"rule_query\": \"source:cloudtrail\",\n \"suppression_query\": \"env:test\"\n }\n }\n}" + "value": "{\n \"data\": {\n \"type\": \"suppressions\",\n \"attributes\": {\n \"enabled\": true,\n \"name\": \"{{ unique }}\",\n \"description\": \"{{ unique }}\",\n \"rule_query\": \"source:cloudtrail\",\n \"suppression_query\": \"env:test\",\n \"tags\": [\"technique:T1110-brute-force\", \"source:cloudtrail\"]\n }\n }\n}" } ], "step": "there is a valid \"suppression\" in the system", diff --git a/features/v2/security_monitoring.feature b/features/v2/security_monitoring.feature index 2937151efb2b..531c84c19c11 100644 --- a/features/v2/security_monitoring.feature +++ b/features/v2/security_monitoring.feature @@ -376,21 +376,21 @@ Feature: Security Monitoring @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Create a suppression rule returns "Bad Request" response Given new "CreateSecurityMonitoringSuppression" request - And body with value {"data": {"attributes": {"data_exclusion_query": "source:cloudtrail account_id:12345", "description": "This rule suppresses low-severity signals in staging environments.", "enabled": true, "expiration_date": 1703187336000, "name": "Custom suppression", "rule_query": "type:log_detection source:cloudtrail", "start_date": 1703187336000, "suppression_query": "env:staging status:low"}, "type": "suppressions"}} + And body with value {"data": {"attributes": {"data_exclusion_query": "source:cloudtrail account_id:12345", "description": "This rule suppresses low-severity signals in staging environments.", "enabled": true, "expiration_date": 1703187336000, "name": "Custom suppression", "rule_query": "type:log_detection source:cloudtrail", "start_date": 1703187336000, "suppression_query": "env:staging status:low", "tags": ["technique:T1110-brute-force", "source:cloudtrail"]}, "type": "suppressions"}} When the request is sent Then the response status is 400 Bad Request @generated @skip @team:DataDog/k9-cloud-security-platform Scenario: Create a suppression rule returns "Conflict" response Given new "CreateSecurityMonitoringSuppression" request - And body with value {"data": {"attributes": {"data_exclusion_query": "source:cloudtrail account_id:12345", "description": "This rule suppresses low-severity signals in staging environments.", "enabled": true, "expiration_date": 1703187336000, "name": "Custom suppression", "rule_query": "type:log_detection source:cloudtrail", "start_date": 1703187336000, "suppression_query": "env:staging status:low"}, "type": "suppressions"}} + And body with value {"data": {"attributes": {"data_exclusion_query": "source:cloudtrail account_id:12345", "description": "This rule suppresses low-severity signals in staging environments.", "enabled": true, "expiration_date": 1703187336000, "name": "Custom suppression", "rule_query": "type:log_detection source:cloudtrail", "start_date": 1703187336000, "suppression_query": "env:staging status:low", "tags": ["technique:T1110-brute-force", "source:cloudtrail"]}, "type": "suppressions"}} When the request is sent Then the response status is 409 Conflict @skip-validation @team:DataDog/k9-cloud-security-platform Scenario: Create a suppression rule returns "OK" response Given new "CreateSecurityMonitoringSuppression" request - And body with value {"data": {"attributes": {"description": "This rule suppresses low-severity signals in staging environments.", "enabled": true, "start_date": {{ timestamp('now + 10d') }}000, "expiration_date": {{ timestamp('now + 21d') }}000, "name": "{{ unique }}", "rule_query": "type:log_detection source:cloudtrail", "suppression_query": "env:staging status:low"}, "type": "suppressions"}} + And body with value {"data": {"attributes": {"description": "This rule suppresses low-severity signals in staging environments.", "enabled": true, "start_date": {{ timestamp('now + 10d') }}000, "expiration_date": {{ timestamp('now + 21d') }}000, "name": "{{ unique }}", "rule_query": "type:log_detection source:cloudtrail", "suppression_query": "env:staging status:low", "tags": ["technique:T1110-brute-force", "source:cloudtrail"]}, "type": "suppressions"}} When the request is sent Then the response status is 200 OK And the response "data.type" is equal to "suppressions" @@ -1474,7 +1474,7 @@ Feature: Security Monitoring Scenario: Update a suppression rule returns "Bad Request" response Given new "UpdateSecurityMonitoringSuppression" request And request contains "suppression_id" parameter from "REPLACE.ME" - And body with value {"data": {"attributes": {"data_exclusion_query": "source:cloudtrail account_id:12345", "description": "This rule suppresses low-severity signals in staging environments.", "enabled": true, "expiration_date": 1703187336000, "name": "Custom suppression", "rule_query": "type:log_detection source:cloudtrail", "start_date": 1703187336000, "suppression_query": "env:staging status:low"}, "type": "suppressions"}} + And body with value {"data": {"attributes": {"data_exclusion_query": "source:cloudtrail account_id:12345", "description": "This rule suppresses low-severity signals in staging environments.", "enabled": true, "expiration_date": 1703187336000, "name": "Custom suppression", "rule_query": "type:log_detection source:cloudtrail", "start_date": 1703187336000, "suppression_query": "env:staging status:low", "tags": ["technique:T1110-brute-force", "source:cloudtrail"]}, "type": "suppressions"}} When the request is sent Then the response status is 400 Bad Request @@ -1482,7 +1482,7 @@ Feature: Security Monitoring Scenario: Update a suppression rule returns "Concurrent Modification" response Given new "UpdateSecurityMonitoringSuppression" request And request contains "suppression_id" parameter from "REPLACE.ME" - And body with value {"data": {"attributes": {"data_exclusion_query": "source:cloudtrail account_id:12345", "description": "This rule suppresses low-severity signals in staging environments.", "enabled": true, "expiration_date": 1703187336000, "name": "Custom suppression", "rule_query": "type:log_detection source:cloudtrail", "start_date": 1703187336000, "suppression_query": "env:staging status:low"}, "type": "suppressions"}} + And body with value {"data": {"attributes": {"data_exclusion_query": "source:cloudtrail account_id:12345", "description": "This rule suppresses low-severity signals in staging environments.", "enabled": true, "expiration_date": 1703187336000, "name": "Custom suppression", "rule_query": "type:log_detection source:cloudtrail", "start_date": 1703187336000, "suppression_query": "env:staging status:low", "tags": ["technique:T1110-brute-force", "source:cloudtrail"]}, "type": "suppressions"}} When the request is sent Then the response status is 409 Concurrent Modification @@ -1490,7 +1490,7 @@ Feature: Security Monitoring Scenario: Update a suppression rule returns "Not Found" response Given new "UpdateSecurityMonitoringSuppression" request And request contains "suppression_id" parameter from "REPLACE.ME" - And body with value {"data": {"attributes": {"data_exclusion_query": "source:cloudtrail account_id:12345", "description": "This rule suppresses low-severity signals in staging environments.", "enabled": true, "expiration_date": 1703187336000, "name": "Custom suppression", "rule_query": "type:log_detection source:cloudtrail", "start_date": 1703187336000, "suppression_query": "env:staging status:low"}, "type": "suppressions"}} + And body with value {"data": {"attributes": {"data_exclusion_query": "source:cloudtrail account_id:12345", "description": "This rule suppresses low-severity signals in staging environments.", "enabled": true, "expiration_date": 1703187336000, "name": "Custom suppression", "rule_query": "type:log_detection source:cloudtrail", "start_date": 1703187336000, "suppression_query": "env:staging status:low", "tags": ["technique:T1110-brute-force", "source:cloudtrail"]}, "type": "suppressions"}} When the request is sent Then the response status is 404 Not Found diff --git a/lib/datadog_api_client/v2/models/security_monitoring_suppression_attributes.rb b/lib/datadog_api_client/v2/models/security_monitoring_suppression_attributes.rb index ba252144d97a..8d2583d6a1b9 100644 --- a/lib/datadog_api_client/v2/models/security_monitoring_suppression_attributes.rb +++ b/lib/datadog_api_client/v2/models/security_monitoring_suppression_attributes.rb @@ -54,6 +54,9 @@ class SecurityMonitoringSuppressionAttributes # The suppression query of the suppression rule. If a signal matches this query, it is suppressed and not triggered. Same syntax as the queries to search signals in the signal explorer. attr_accessor :suppression_query + # List of tags associated with the suppression rule. + attr_accessor :tags + # A Unix millisecond timestamp given the update date of the suppression rule. attr_accessor :update_date @@ -80,6 +83,7 @@ def self.attribute_map :'rule_query' => :'rule_query', :'start_date' => :'start_date', :'suppression_query' => :'suppression_query', + :'tags' => :'tags', :'update_date' => :'update_date', :'updater' => :'updater', :'version' => :'version' @@ -101,6 +105,7 @@ def self.openapi_types :'rule_query' => :'String', :'start_date' => :'Integer', :'suppression_query' => :'String', + :'tags' => :'Array', :'update_date' => :'Integer', :'updater' => :'SecurityMonitoringUser', :'version' => :'Integer' @@ -169,6 +174,12 @@ def initialize(attributes = {}) self.suppression_query = attributes[:'suppression_query'] end + if attributes.key?(:'tags') + if (value = attributes[:'tags']).is_a?(Array) + self.tags = value + end + end + if attributes.key?(:'update_date') self.update_date = attributes[:'update_date'] end @@ -237,6 +248,7 @@ def ==(o) rule_query == o.rule_query && start_date == o.start_date && suppression_query == o.suppression_query && + tags == o.tags && update_date == o.update_date && updater == o.updater && version == o.version && @@ -247,7 +259,7 @@ def ==(o) # @return [Integer] Hash code # @!visibility private def hash - [creation_date, creator, data_exclusion_query, description, editable, enabled, expiration_date, name, rule_query, start_date, suppression_query, update_date, updater, version, additional_properties].hash + [creation_date, creator, data_exclusion_query, description, editable, enabled, expiration_date, name, rule_query, start_date, suppression_query, tags, update_date, updater, version, additional_properties].hash end end end diff --git a/lib/datadog_api_client/v2/models/security_monitoring_suppression_create_attributes.rb b/lib/datadog_api_client/v2/models/security_monitoring_suppression_create_attributes.rb index d0cbca049db2..a828fe397fdf 100644 --- a/lib/datadog_api_client/v2/models/security_monitoring_suppression_create_attributes.rb +++ b/lib/datadog_api_client/v2/models/security_monitoring_suppression_create_attributes.rb @@ -45,6 +45,9 @@ class SecurityMonitoringSuppressionCreateAttributes # The suppression query of the suppression rule. If a signal matches this query, it is suppressed and is not triggered. It uses the same syntax as the queries to search signals in the Signals Explorer. attr_accessor :suppression_query + # List of tags associated with the suppression rule. + attr_accessor :tags + attr_accessor :additional_properties # Attribute mapping from ruby-style variable name to JSON key. @@ -58,7 +61,8 @@ def self.attribute_map :'name' => :'name', :'rule_query' => :'rule_query', :'start_date' => :'start_date', - :'suppression_query' => :'suppression_query' + :'suppression_query' => :'suppression_query', + :'tags' => :'tags' } end @@ -73,7 +77,8 @@ def self.openapi_types :'name' => :'String', :'rule_query' => :'String', :'start_date' => :'Integer', - :'suppression_query' => :'String' + :'suppression_query' => :'String', + :'tags' => :'Array' } end @@ -126,6 +131,12 @@ def initialize(attributes = {}) if attributes.key?(:'suppression_query') self.suppression_query = attributes[:'suppression_query'] end + + if attributes.key?(:'tags') + if (value = attributes[:'tags']).is_a?(Array) + self.tags = value + end + end end # Check to see if the all the properties in the model are valid @@ -202,6 +213,7 @@ def ==(o) rule_query == o.rule_query && start_date == o.start_date && suppression_query == o.suppression_query && + tags == o.tags && additional_properties == o.additional_properties end @@ -209,7 +221,7 @@ def ==(o) # @return [Integer] Hash code # @!visibility private def hash - [data_exclusion_query, description, enabled, expiration_date, name, rule_query, start_date, suppression_query, additional_properties].hash + [data_exclusion_query, description, enabled, expiration_date, name, rule_query, start_date, suppression_query, tags, additional_properties].hash end end end diff --git a/lib/datadog_api_client/v2/models/security_monitoring_suppression_update_attributes.rb b/lib/datadog_api_client/v2/models/security_monitoring_suppression_update_attributes.rb index 051d273c1728..43303a26d43d 100644 --- a/lib/datadog_api_client/v2/models/security_monitoring_suppression_update_attributes.rb +++ b/lib/datadog_api_client/v2/models/security_monitoring_suppression_update_attributes.rb @@ -45,6 +45,9 @@ class SecurityMonitoringSuppressionUpdateAttributes # The suppression query of the suppression rule. If a signal matches this query, it is suppressed and not triggered. Same syntax as the queries to search signals in the signal explorer. attr_accessor :suppression_query + # List of tags associated with the suppression rule. + attr_accessor :tags + # The current version of the suppression. This is optional, but it can help prevent concurrent modifications. attr_reader :version @@ -62,6 +65,7 @@ def self.attribute_map :'rule_query' => :'rule_query', :'start_date' => :'start_date', :'suppression_query' => :'suppression_query', + :'tags' => :'tags', :'version' => :'version' } end @@ -78,6 +82,7 @@ def self.openapi_types :'rule_query' => :'String', :'start_date' => :'Integer', :'suppression_query' => :'String', + :'tags' => :'Array', :'version' => :'Integer' } end @@ -141,6 +146,12 @@ def initialize(attributes = {}) self.suppression_query = attributes[:'suppression_query'] end + if attributes.key?(:'tags') + if (value = attributes[:'tags']).is_a?(Array) + self.tags = value + end + end + if attributes.key?(:'version') self.version = attributes[:'version'] end @@ -198,6 +209,7 @@ def ==(o) rule_query == o.rule_query && start_date == o.start_date && suppression_query == o.suppression_query && + tags == o.tags && version == o.version && additional_properties == o.additional_properties end @@ -206,7 +218,7 @@ def ==(o) # @return [Integer] Hash code # @!visibility private def hash - [data_exclusion_query, description, enabled, expiration_date, name, rule_query, start_date, suppression_query, version, additional_properties].hash + [data_exclusion_query, description, enabled, expiration_date, name, rule_query, start_date, suppression_query, tags, version, additional_properties].hash end end end