From 9561f8ea5c5e70127d283ba9c276197fa6c1c3b2 Mon Sep 17 00:00:00 2001 From: "ci.datadog-api-spec" Date: Thu, 10 Apr 2025 18:07:04 +0000 Subject: [PATCH] Regenerate client from commit c0a45137 of spec repo --- .apigentools-info | 8 +++---- .generator/schemas/v2/openapi.yaml | 9 ++++++++ ...CreateSecurityMonitoringRule_1965169892.rs | 16 +++++++++++--- ...ity_monitoring_rule_case_action_options.rs | 18 +++++++++++++++ ...curity_monitoring_rule_case_action_type.rs | 3 +++ ...cation-security-returns-OK-response.frozen | 2 +- ...lication-security-returns-OK-response.json | 22 ++++++++----------- .../features/v2/security_monitoring.feature | 2 +- 8 files changed, 58 insertions(+), 22 deletions(-) diff --git a/.apigentools-info b/.apigentools-info index 7afa6ed97..b98f9972a 100644 --- a/.apigentools-info +++ b/.apigentools-info @@ -4,13 +4,13 @@ "spec_versions": { "v1": { "apigentools_version": "1.6.6", - "regenerated": "2025-04-10 11:41:51.981428", - "spec_repo_commit": "7f98e0a9" + "regenerated": "2025-04-10 18:01:28.069893", + "spec_repo_commit": "c0a45137" }, "v2": { "apigentools_version": "1.6.6", - "regenerated": "2025-04-10 11:41:52.001570", - "spec_repo_commit": "7f98e0a9" + "regenerated": "2025-04-10 18:01:28.087415", + "spec_repo_commit": "c0a45137" } } } \ No newline at end of file diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index cc558ab24..d2075b54e 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -27215,6 +27215,7 @@ components: $ref: '#/components/schemas/SecurityMonitoringRuleCaseActionType' type: object SecurityMonitoringRuleCaseActionOptions: + additionalProperties: {} description: Options for the rule action properties: duration: @@ -27223,16 +27224,24 @@ components: format: int64 minimum: 0 type: integer + userBehaviorName: + $ref: '#/components/schemas/SecurityMonitoringRuleCaseActionOptionsUserBehaviorName' type: object + SecurityMonitoringRuleCaseActionOptionsUserBehaviorName: + description: Used with the case action of type 'user_behavior'. The value specified + in this field is applied as a risk tag to all users affected by the rule. + type: string SecurityMonitoringRuleCaseActionType: description: The action type. enum: - block_ip - block_user + - user_behavior type: string x-enum-varnames: - BLOCK_IP - BLOCK_USER + - USER_BEHAVIOR SecurityMonitoringRuleCaseCreate: description: Case when signal is generated. properties: diff --git a/examples/v2_security-monitoring_CreateSecurityMonitoringRule_1965169892.rs b/examples/v2_security-monitoring_CreateSecurityMonitoringRule_1965169892.rs index c3f69a61e..250692654 100644 --- a/examples/v2_security-monitoring_CreateSecurityMonitoringRule_1965169892.rs +++ b/examples/v2_security-monitoring_CreateSecurityMonitoringRule_1965169892.rs @@ -24,9 +24,19 @@ async fn main() { SecurityMonitoringStandardRuleCreatePayload::new( vec![ SecurityMonitoringRuleCaseCreate::new(SecurityMonitoringRuleSeverity::INFO) - .actions(vec![SecurityMonitoringRuleCaseAction::new() - .options(SecurityMonitoringRuleCaseActionOptions::new().duration(900)) - .type_(SecurityMonitoringRuleCaseActionType::BLOCK_IP)]) + .actions(vec![ + SecurityMonitoringRuleCaseAction::new() + .options( + SecurityMonitoringRuleCaseActionOptions::new().duration(900), + ) + .type_(SecurityMonitoringRuleCaseActionType::BLOCK_IP), + SecurityMonitoringRuleCaseAction::new() + .options( + SecurityMonitoringRuleCaseActionOptions::new() + .user_behavior_name("behavior".to_string()), + ) + .type_(SecurityMonitoringRuleCaseActionType::USER_BEHAVIOR), + ]) .condition("a > 100000".to_string()) .name("".to_string()) .notifications(vec![]), diff --git a/src/datadogV2/model/model_security_monitoring_rule_case_action_options.rs b/src/datadogV2/model/model_security_monitoring_rule_case_action_options.rs index c33883818..d465a0634 100644 --- a/src/datadogV2/model/model_security_monitoring_rule_case_action_options.rs +++ b/src/datadogV2/model/model_security_monitoring_rule_case_action_options.rs @@ -14,6 +14,9 @@ pub struct SecurityMonitoringRuleCaseActionOptions { /// Duration of the action in seconds. 0 indicates no expiration. #[serde(rename = "duration")] pub duration: Option, + /// Used with the case action of type 'user_behavior'. The value specified in this field is applied as a risk tag to all users affected by the rule. + #[serde(rename = "userBehaviorName")] + pub user_behavior_name: Option, #[serde(flatten)] pub additional_properties: std::collections::BTreeMap, #[serde(skip)] @@ -25,6 +28,7 @@ impl SecurityMonitoringRuleCaseActionOptions { pub fn new() -> SecurityMonitoringRuleCaseActionOptions { SecurityMonitoringRuleCaseActionOptions { duration: None, + user_behavior_name: None, additional_properties: std::collections::BTreeMap::new(), _unparsed: false, } @@ -35,6 +39,11 @@ impl SecurityMonitoringRuleCaseActionOptions { self } + pub fn user_behavior_name(mut self, value: String) -> Self { + self.user_behavior_name = Some(value); + self + } + pub fn additional_properties( mut self, value: std::collections::BTreeMap, @@ -68,6 +77,7 @@ impl<'de> Deserialize<'de> for SecurityMonitoringRuleCaseActionOptions { M: MapAccess<'a>, { let mut duration: Option = None; + let mut user_behavior_name: Option = None; let mut additional_properties: std::collections::BTreeMap< String, serde_json::Value, @@ -82,6 +92,13 @@ impl<'de> Deserialize<'de> for SecurityMonitoringRuleCaseActionOptions { } duration = Some(serde_json::from_value(v).map_err(M::Error::custom)?); } + "userBehaviorName" => { + if v.is_null() { + continue; + } + user_behavior_name = + Some(serde_json::from_value(v).map_err(M::Error::custom)?); + } &_ => { if let Ok(value) = serde_json::from_value(v.clone()) { additional_properties.insert(k, value); @@ -92,6 +109,7 @@ impl<'de> Deserialize<'de> for SecurityMonitoringRuleCaseActionOptions { let content = SecurityMonitoringRuleCaseActionOptions { duration, + user_behavior_name, additional_properties, _unparsed, }; diff --git a/src/datadogV2/model/model_security_monitoring_rule_case_action_type.rs b/src/datadogV2/model/model_security_monitoring_rule_case_action_type.rs index 33778d9e8..f9ef68a0d 100644 --- a/src/datadogV2/model/model_security_monitoring_rule_case_action_type.rs +++ b/src/datadogV2/model/model_security_monitoring_rule_case_action_type.rs @@ -9,6 +9,7 @@ use serde::{Deserialize, Deserializer, Serialize, Serializer}; pub enum SecurityMonitoringRuleCaseActionType { BLOCK_IP, BLOCK_USER, + USER_BEHAVIOR, UnparsedObject(crate::datadog::UnparsedObject), } @@ -17,6 +18,7 @@ impl ToString for SecurityMonitoringRuleCaseActionType { match self { Self::BLOCK_IP => String::from("block_ip"), Self::BLOCK_USER => String::from("block_user"), + Self::USER_BEHAVIOR => String::from("user_behavior"), Self::UnparsedObject(v) => v.value.to_string(), } } @@ -43,6 +45,7 @@ impl<'de> Deserialize<'de> for SecurityMonitoringRuleCaseActionType { Ok(match s.as_str() { "block_ip" => Self::BLOCK_IP, "block_user" => Self::BLOCK_USER, + "user_behavior" => Self::USER_BEHAVIOR, _ => Self::UnparsedObject(crate::datadog::UnparsedObject { value: serde_json::Value::String(s.into()), }), diff --git a/tests/scenarios/cassettes/v2/security_monitoring/Create-a-detection-rule-with-type-application-security-returns-OK-response.frozen b/tests/scenarios/cassettes/v2/security_monitoring/Create-a-detection-rule-with-type-application-security-returns-OK-response.frozen index 7a935c142..3dfeb208e 100644 --- a/tests/scenarios/cassettes/v2/security_monitoring/Create-a-detection-rule-with-type-application-security-returns-OK-response.frozen +++ b/tests/scenarios/cassettes/v2/security_monitoring/Create-a-detection-rule-with-type-application-security-returns-OK-response.frozen @@ -1 +1 @@ -2025-02-06T16:50:39.787Z \ No newline at end of file +2025-04-09T15:02:05.047Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/v2/security_monitoring/Create-a-detection-rule-with-type-application-security-returns-OK-response.json b/tests/scenarios/cassettes/v2/security_monitoring/Create-a-detection-rule-with-type-application-security-returns-OK-response.json index a63815a11..14cbd8077 100644 --- a/tests/scenarios/cassettes/v2/security_monitoring/Create-a-detection-rule-with-type-application-security-returns-OK-response.json +++ b/tests/scenarios/cassettes/v2/security_monitoring/Create-a-detection-rule-with-type-application-security-returns-OK-response.json @@ -3,7 +3,7 @@ { "request": { "body": { - "string": "{\"cases\":[{\"actions\":[{\"options\":{\"duration\":900},\"type\":\"block_ip\"}],\"condition\":\"a > 100000\",\"name\":\"\",\"notifications\":[],\"status\":\"info\"}],\"filters\":[],\"groupSignalsBy\":[\"service\"],\"isEnabled\":true,\"message\":\"Test rule\",\"name\":\"Test-Create_a_detection_rule_with_type_application_security_returns_OK_response-1738860639_appsec_rule\",\"options\":{\"detectionMethod\":\"threshold\",\"evaluationWindow\":900,\"keepAlive\":3600,\"maxSignalDuration\":86400},\"queries\":[{\"aggregation\":\"count\",\"distinctFields\":[],\"groupByFields\":[\"service\",\"@http.client_ip\"],\"query\":\"@appsec.security_activity:business_logic.users.login.failure\"}],\"tags\":[],\"type\":\"application_security\"}", + "string": "{\"cases\":[{\"actions\":[{\"options\":{\"duration\":900},\"type\":\"block_ip\"},{\"options\":{\"userBehaviorName\":\"behavior\"},\"type\":\"user_behavior\"}],\"condition\":\"a > 100000\",\"name\":\"\",\"notifications\":[],\"status\":\"info\"}],\"filters\":[],\"groupSignalsBy\":[\"service\"],\"isEnabled\":true,\"message\":\"Test rule\",\"name\":\"Test-Create_a_detection_rule_with_type_application_security_returns_OK_response-1744210925_appsec_rule\",\"options\":{\"detectionMethod\":\"threshold\",\"evaluationWindow\":900,\"keepAlive\":3600,\"maxSignalDuration\":86400},\"queries\":[{\"aggregation\":\"count\",\"distinctFields\":[],\"groupByFields\":[\"service\",\"@http.client_ip\"],\"query\":\"@appsec.security_activity:business_logic.users.login.failure\"}],\"tags\":[],\"type\":\"application_security\"}", "encoding": null }, "headers": { @@ -19,7 +19,7 @@ }, "response": { "body": { - "string": "{\"name\":\"Test-Create_a_detection_rule_with_type_application_security_returns_OK_response-1738860639_appsec_rule\",\"createdAt\":1738860640426,\"isDefault\":false,\"isPartner\":false,\"isEnabled\":true,\"isBeta\":false,\"isDeleted\":false,\"isDeprecated\":false,\"queries\":[{\"query\":\"@appsec.security_activity:business_logic.users.login.failure\",\"groupByFields\":[\"service\",\"@http.client_ip\"],\"hasOptionalGroupByFields\":false,\"distinctFields\":[],\"aggregation\":\"count\",\"name\":\"\",\"dataSource\":\"app_sec_spans\"}],\"options\":{\"evaluationWindow\":900,\"detectionMethod\":\"threshold\",\"maxSignalDuration\":86400,\"keepAlive\":3600},\"cases\":[{\"name\":\"\",\"status\":\"info\",\"notifications\":[],\"condition\":\"a \\u003e 100000\",\"actions\":[{\"type\":\"block_ip\",\"options\":{\"duration\":900}}]}],\"message\":\"Test rule\",\"tags\":[],\"hasExtendedTitle\":false,\"type\":\"application_security\",\"filters\":[],\"version\":1,\"id\":\"rfn-h2v-udr\",\"blocking\":true,\"groupSignalsBy\":[\"service\"],\"casesActions\":[[{\"type\":\"block_ip\",\"options\":{\"duration\":900}}]],\"dependencies\":[\"business_logic.users.login.failure\"],\"metadata\":{\"entities\":null,\"sources\":null},\"creator\":{\"handle\":\"\",\"name\":\"\"},\"updater\":{\"handle\":\"\",\"name\":\"\"}}", + "string": "{\"name\":\"Test-Create_a_detection_rule_with_type_application_security_returns_OK_response-1744210925_appsec_rule\",\"createdAt\":1744210925675,\"isDefault\":false,\"isPartner\":false,\"isEnabled\":true,\"isBeta\":false,\"isDeleted\":false,\"isDeprecated\":false,\"queries\":[{\"query\":\"@appsec.security_activity:business_logic.users.login.failure\",\"groupByFields\":[\"service\",\"@http.client_ip\"],\"hasOptionalGroupByFields\":false,\"distinctFields\":[],\"aggregation\":\"count\",\"name\":\"\",\"dataSource\":\"app_sec_spans\"}],\"options\":{\"evaluationWindow\":900,\"detectionMethod\":\"threshold\",\"maxSignalDuration\":86400,\"keepAlive\":3600},\"cases\":[{\"name\":\"\",\"status\":\"info\",\"notifications\":[],\"condition\":\"a \\u003e 100000\",\"actions\":[{\"type\":\"block_ip\",\"options\":{\"duration\":900}},{\"type\":\"user_behavior\",\"options\":{\"userBehaviorName\":\"behavior\"}}]}],\"message\":\"Test rule\",\"tags\":[],\"hasExtendedTitle\":false,\"type\":\"application_security\",\"filters\":[],\"version\":1,\"id\":\"lfr-zxg-fyc\",\"blocking\":true,\"groupSignalsBy\":[\"service\"],\"dependencies\":[\"business_logic.users.login.failure\"],\"metadata\":{\"entities\":null,\"sources\":null},\"creationAuthorId\":2320499,\"creator\":{\"handle\":\"9919ec9b-ebc7-49ee-8dc8-03626e717cca\",\"name\":\"CI Account\"},\"updater\":{\"handle\":\"\",\"name\":\"\"}}", "encoding": null }, "headers": { @@ -32,7 +32,7 @@ "message": "OK" } }, - "recorded_at": "Thu, 06 Feb 2025 16:50:39 GMT" + "recorded_at": "Wed, 09 Apr 2025 15:02:05 GMT" }, { "request": { @@ -43,24 +43,20 @@ ] }, "method": "delete", - "uri": "https://api.datadoghq.com/api/v2/security_monitoring/rules/rfn-h2v-udr" + "uri": "https://api.datadoghq.com/api/v2/security_monitoring/rules/lfr-zxg-fyc" }, "response": { "body": { - "string": "{\"status\":\"404\",\"title\":\"Not Found\"}", + "string": "", "encoding": null }, - "headers": { - "Content-Type": [ - "application/json" - ] - }, + "headers": {}, "status": { - "code": 404, - "message": "Not Found" + "code": 204, + "message": "No Content" } }, - "recorded_at": "Thu, 06 Feb 2025 16:50:39 GMT" + "recorded_at": "Wed, 09 Apr 2025 15:02:05 GMT" } ], "recorded_with": "VCR 6.0.0" diff --git a/tests/scenarios/features/v2/security_monitoring.feature b/tests/scenarios/features/v2/security_monitoring.feature index f30d22b3a..1d7b0efc0 100644 --- a/tests/scenarios/features/v2/security_monitoring.feature +++ b/tests/scenarios/features/v2/security_monitoring.feature @@ -203,7 +203,7 @@ Feature: Security Monitoring @skip-validation @team:DataDog/k9-cloud-security-platform Scenario: Create a detection rule with type 'application_security 'returns "OK" response Given new "CreateSecurityMonitoringRule" request - And body with value {"type":"application_security","name":"{{unique}}_appsec_rule","queries":[{"query":"@appsec.security_activity:business_logic.users.login.failure","aggregation":"count","groupByFields":["service","@http.client_ip"],"distinctFields":[]}],"filters":[],"cases":[{"name":"","status":"info","notifications":[],"condition":"a > 100000","actions":[{"type":"block_ip","options":{"duration":900}}]}],"options":{"keepAlive":3600,"maxSignalDuration":86400,"evaluationWindow":900,"detectionMethod":"threshold"},"isEnabled":true,"message":"Test rule","tags":[],"groupSignalsBy":["service"]} + And body with value {"type":"application_security","name":"{{unique}}_appsec_rule","queries":[{"query":"@appsec.security_activity:business_logic.users.login.failure","aggregation":"count","groupByFields":["service","@http.client_ip"],"distinctFields":[]}],"filters":[],"cases":[{"name":"","status":"info","notifications":[],"condition":"a > 100000","actions":[{"type":"block_ip","options":{"duration":900}}, {"type":"user_behavior","options":{"userBehaviorName":"behavior"}}]}],"options":{"keepAlive":3600,"maxSignalDuration":86400,"evaluationWindow":900,"detectionMethod":"threshold"},"isEnabled":true,"message":"Test rule","tags":[],"groupSignalsBy":["service"]} When the request is sent Then the response status is 200 OK And the response "name" is equal to "{{ unique }}_appsec_rule"