diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index 7ab82fd266..d19e2dd378 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -63313,6 +63313,63 @@ components: - TWO_DAYS - ONE_WEEK - TWO_WEEKS + SecurityMonitoringRuleBulkDeleteAttributes: + description: Attributes for bulk deleting security monitoring rules. + properties: + ruleIds: + description: List of rule IDs to delete. + example: + - abc-000-u7q + - abc-000-7dd + items: + description: A rule ID to delete. + type: string + minItems: 1 + type: array + required: + - ruleIds + type: object + SecurityMonitoringRuleBulkDeleteData: + description: Data for bulk deleting security monitoring rules. + properties: + attributes: + $ref: "#/components/schemas/SecurityMonitoringRuleBulkDeleteAttributes" + type: + $ref: "#/components/schemas/SecurityMonitoringRuleBulkDeleteRequestDataType" + required: + - attributes + - type + type: object + SecurityMonitoringRuleBulkDeletePayload: + description: Payload for bulk deleting security monitoring rules. + properties: + data: + $ref: "#/components/schemas/SecurityMonitoringRuleBulkDeleteData" + required: + - data + type: object + SecurityMonitoringRuleBulkDeleteRequestDataType: + description: The resource type for a bulk delete request. + enum: + - bulk_delete_rules + example: bulk_delete_rules + type: string + x-enum-varnames: + - BULK_DELETE_RULES + SecurityMonitoringRuleBulkDeleteResponse: + description: Response for bulk deleting security monitoring rules. + properties: + deletedRules: + description: List of successfully deleted rule IDs. + items: + type: string + type: array + failedRules: + description: List of rule IDs that could not be deleted. + items: + type: string + type: array + type: object SecurityMonitoringRuleBulkExportAttributes: description: Attributes for bulk exporting security monitoring rules. properties: @@ -121305,6 +121362,53 @@ paths: operator: OR permissions: - security_monitoring_rules_write + /api/v2/security_monitoring/rules/bulk_delete: + delete: + description: |- + Delete multiple security monitoring rules in a single request. Default rules cannot be deleted. + operationId: BulkDeleteSecurityMonitoringRules + requestBody: + content: + application/json: + examples: + default: + value: + data: + attributes: + ruleIds: + - abc-000-u7q + - abc-000-7dd + type: bulk_delete_rules + schema: + $ref: "#/components/schemas/SecurityMonitoringRuleBulkDeletePayload" + required: true + responses: + "200": + content: + "application/json": + schema: + $ref: "#/components/schemas/SecurityMonitoringRuleBulkDeleteResponse" + description: OK + "400": + $ref: "#/components/responses/BadRequestResponse" + "403": + $ref: "#/components/responses/NotAuthorizedResponse" + "404": + $ref: "#/components/responses/NotFoundResponse" + "429": + $ref: "#/components/responses/TooManyRequestsResponse" + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_rules_write + summary: Bulk delete security monitoring rules + tags: ["Security Monitoring"] + x-codegen-request-body-name: body + "x-permission": + operator: OR + permissions: + - security_monitoring_rules_write /api/v2/security_monitoring/rules/bulk_export: post: description: |- diff --git a/docs/datadog_api_client.v2.model.rst b/docs/datadog_api_client.v2.model.rst index 8881ab2d99..d333fdf0ec 100644 --- a/docs/datadog_api_client.v2.model.rst +++ b/docs/datadog_api_client.v2.model.rst @@ -28221,6 +28221,41 @@ datadog\_api\_client.v2.model.security\_monitoring\_rule\_anomaly\_detection\_op :members: :show-inheritance: +datadog\_api\_client.v2.model.security\_monitoring\_rule\_bulk\_delete\_attributes module +----------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.security_monitoring_rule_bulk_delete_attributes + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.security\_monitoring\_rule\_bulk\_delete\_data module +----------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.security_monitoring_rule_bulk_delete_data + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.security\_monitoring\_rule\_bulk\_delete\_payload module +-------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.security_monitoring_rule_bulk_delete_payload + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.security\_monitoring\_rule\_bulk\_delete\_request\_data\_type module +-------------------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.security_monitoring_rule_bulk_delete_request_data_type + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.security\_monitoring\_rule\_bulk\_delete\_response module +--------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.security_monitoring_rule_bulk_delete_response + :members: + :show-inheritance: + datadog\_api\_client.v2.model.security\_monitoring\_rule\_bulk\_export\_attributes module ----------------------------------------------------------------------------------------- diff --git a/examples/v2/security-monitoring/BulkDeleteSecurityMonitoringRules.py b/examples/v2/security-monitoring/BulkDeleteSecurityMonitoringRules.py new file mode 100644 index 0000000000..7524f11910 --- /dev/null +++ b/examples/v2/security-monitoring/BulkDeleteSecurityMonitoringRules.py @@ -0,0 +1,35 @@ +""" +Bulk delete security monitoring rules returns "OK" response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi +from datadog_api_client.v2.model.security_monitoring_rule_bulk_delete_attributes import ( + SecurityMonitoringRuleBulkDeleteAttributes, +) +from datadog_api_client.v2.model.security_monitoring_rule_bulk_delete_data import SecurityMonitoringRuleBulkDeleteData +from datadog_api_client.v2.model.security_monitoring_rule_bulk_delete_payload import ( + SecurityMonitoringRuleBulkDeletePayload, +) +from datadog_api_client.v2.model.security_monitoring_rule_bulk_delete_request_data_type import ( + SecurityMonitoringRuleBulkDeleteRequestDataType, +) + +body = SecurityMonitoringRuleBulkDeletePayload( + data=SecurityMonitoringRuleBulkDeleteData( + attributes=SecurityMonitoringRuleBulkDeleteAttributes( + rule_ids=[ + "abc-000-u7q", + "abc-000-7dd", + ], + ), + type=SecurityMonitoringRuleBulkDeleteRequestDataType.BULK_DELETE_RULES, + ), +) + +configuration = Configuration() +with ApiClient(configuration) as api_client: + api_instance = SecurityMonitoringApi(api_client) + response = api_instance.bulk_delete_security_monitoring_rules(body=body) + + print(response) diff --git a/src/datadog_api_client/v2/api/security_monitoring_api.py b/src/datadog_api_client/v2/api/security_monitoring_api.py index 1ea82d4bcc..66f12b64c0 100644 --- a/src/datadog_api_client/v2/api/security_monitoring_api.py +++ b/src/datadog_api_client/v2/api/security_monitoring_api.py @@ -111,6 +111,12 @@ from datadog_api_client.v2.model.security_monitoring_list_rules_response import SecurityMonitoringListRulesResponse from datadog_api_client.v2.model.security_monitoring_rule_sort import SecurityMonitoringRuleSort from datadog_api_client.v2.model.security_monitoring_rule_response import SecurityMonitoringRuleResponse +from datadog_api_client.v2.model.security_monitoring_rule_bulk_delete_response import ( + SecurityMonitoringRuleBulkDeleteResponse, +) +from datadog_api_client.v2.model.security_monitoring_rule_bulk_delete_payload import ( + SecurityMonitoringRuleBulkDeletePayload, +) from datadog_api_client.v2.model.security_monitoring_rule_bulk_export_payload import ( SecurityMonitoringRuleBulkExportPayload, ) @@ -258,6 +264,26 @@ def __init__(self, api_client=None): api_client=api_client, ) + self._bulk_delete_security_monitoring_rules_endpoint = _Endpoint( + settings={ + "response_type": (SecurityMonitoringRuleBulkDeleteResponse,), + "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"], + "endpoint_path": "/api/v2/security_monitoring/rules/bulk_delete", + "operation_id": "bulk_delete_security_monitoring_rules", + "http_method": "DELETE", + "version": "v2", + }, + params_map={ + "body": { + "required": True, + "openapi_types": (SecurityMonitoringRuleBulkDeletePayload,), + "location": "body", + }, + }, + headers_map={"accept": ["application/json"], "content_type": ["application/json"]}, + api_client=api_client, + ) + self._bulk_edit_security_monitoring_signals_endpoint = _Endpoint( settings={ "response_type": (SecurityMonitoringSignalsBulkTriageUpdateResponse,), @@ -3045,6 +3071,22 @@ def attach_jira_issue( return self._attach_jira_issue_endpoint.call_with_http_info(**kwargs) + def bulk_delete_security_monitoring_rules( + self, + body: SecurityMonitoringRuleBulkDeletePayload, + ) -> SecurityMonitoringRuleBulkDeleteResponse: + """Bulk delete security monitoring rules. + + Delete multiple security monitoring rules in a single request. Default rules cannot be deleted. + + :type body: SecurityMonitoringRuleBulkDeletePayload + :rtype: SecurityMonitoringRuleBulkDeleteResponse + """ + kwargs: Dict[str, Any] = {} + kwargs["body"] = body + + return self._bulk_delete_security_monitoring_rules_endpoint.call_with_http_info(**kwargs) + def bulk_edit_security_monitoring_signals( self, body: SecurityMonitoringSignalsBulkUpdateRequest, diff --git a/src/datadog_api_client/v2/model/security_monitoring_rule_bulk_delete_attributes.py b/src/datadog_api_client/v2/model/security_monitoring_rule_bulk_delete_attributes.py new file mode 100644 index 0000000000..f2e65b3b71 --- /dev/null +++ b/src/datadog_api_client/v2/model/security_monitoring_rule_bulk_delete_attributes.py @@ -0,0 +1,40 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import List + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +class SecurityMonitoringRuleBulkDeleteAttributes(ModelNormal): + validations = { + "rule_ids": { + "min_items": 1, + }, + } + + @cached_property + def openapi_types(_): + return { + "rule_ids": ([str],), + } + + attribute_map = { + "rule_ids": "ruleIds", + } + + def __init__(self_, rule_ids: List[str], **kwargs): + """ + Attributes for bulk deleting security monitoring rules. + + :param rule_ids: List of rule IDs to delete. + :type rule_ids: [str] + """ + super().__init__(kwargs) + + self_.rule_ids = rule_ids diff --git a/src/datadog_api_client/v2/model/security_monitoring_rule_bulk_delete_data.py b/src/datadog_api_client/v2/model/security_monitoring_rule_bulk_delete_data.py new file mode 100644 index 0000000000..1d1c575a32 --- /dev/null +++ b/src/datadog_api_client/v2/model/security_monitoring_rule_bulk_delete_data.py @@ -0,0 +1,61 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.security_monitoring_rule_bulk_delete_attributes import ( + SecurityMonitoringRuleBulkDeleteAttributes, + ) + from datadog_api_client.v2.model.security_monitoring_rule_bulk_delete_request_data_type import ( + SecurityMonitoringRuleBulkDeleteRequestDataType, + ) + + +class SecurityMonitoringRuleBulkDeleteData(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.security_monitoring_rule_bulk_delete_attributes import ( + SecurityMonitoringRuleBulkDeleteAttributes, + ) + from datadog_api_client.v2.model.security_monitoring_rule_bulk_delete_request_data_type import ( + SecurityMonitoringRuleBulkDeleteRequestDataType, + ) + + return { + "attributes": (SecurityMonitoringRuleBulkDeleteAttributes,), + "type": (SecurityMonitoringRuleBulkDeleteRequestDataType,), + } + + attribute_map = { + "attributes": "attributes", + "type": "type", + } + + def __init__( + self_, + attributes: SecurityMonitoringRuleBulkDeleteAttributes, + type: SecurityMonitoringRuleBulkDeleteRequestDataType, + **kwargs, + ): + """ + Data for bulk deleting security monitoring rules. + + :param attributes: Attributes for bulk deleting security monitoring rules. + :type attributes: SecurityMonitoringRuleBulkDeleteAttributes + + :param type: The resource type for a bulk delete request. + :type type: SecurityMonitoringRuleBulkDeleteRequestDataType + """ + super().__init__(kwargs) + + self_.attributes = attributes + self_.type = type diff --git a/src/datadog_api_client/v2/model/security_monitoring_rule_bulk_delete_payload.py b/src/datadog_api_client/v2/model/security_monitoring_rule_bulk_delete_payload.py new file mode 100644 index 0000000000..7f7ec003aa --- /dev/null +++ b/src/datadog_api_client/v2/model/security_monitoring_rule_bulk_delete_payload.py @@ -0,0 +1,44 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.security_monitoring_rule_bulk_delete_data import ( + SecurityMonitoringRuleBulkDeleteData, + ) + + +class SecurityMonitoringRuleBulkDeletePayload(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.security_monitoring_rule_bulk_delete_data import ( + SecurityMonitoringRuleBulkDeleteData, + ) + + return { + "data": (SecurityMonitoringRuleBulkDeleteData,), + } + + attribute_map = { + "data": "data", + } + + def __init__(self_, data: SecurityMonitoringRuleBulkDeleteData, **kwargs): + """ + Payload for bulk deleting security monitoring rules. + + :param data: Data for bulk deleting security monitoring rules. + :type data: SecurityMonitoringRuleBulkDeleteData + """ + super().__init__(kwargs) + + self_.data = data diff --git a/src/datadog_api_client/v2/model/security_monitoring_rule_bulk_delete_request_data_type.py b/src/datadog_api_client/v2/model/security_monitoring_rule_bulk_delete_request_data_type.py new file mode 100644 index 0000000000..cef62a1b9e --- /dev/null +++ b/src/datadog_api_client/v2/model/security_monitoring_rule_bulk_delete_request_data_type.py @@ -0,0 +1,37 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelSimple, + cached_property, +) + +from typing import ClassVar + + +class SecurityMonitoringRuleBulkDeleteRequestDataType(ModelSimple): + """ + The resource type for a bulk delete request. + + :param value: If omitted defaults to "bulk_delete_rules". Must be one of ["bulk_delete_rules"]. + :type value: str + """ + + allowed_values = { + "bulk_delete_rules", + } + BULK_DELETE_RULES: ClassVar["SecurityMonitoringRuleBulkDeleteRequestDataType"] + + @cached_property + def openapi_types(_): + return { + "value": (str,), + } + + +SecurityMonitoringRuleBulkDeleteRequestDataType.BULK_DELETE_RULES = SecurityMonitoringRuleBulkDeleteRequestDataType( + "bulk_delete_rules" +) diff --git a/src/datadog_api_client/v2/model/security_monitoring_rule_bulk_delete_response.py b/src/datadog_api_client/v2/model/security_monitoring_rule_bulk_delete_response.py new file mode 100644 index 0000000000..d79ab9caa4 --- /dev/null +++ b/src/datadog_api_client/v2/model/security_monitoring_rule_bulk_delete_response.py @@ -0,0 +1,48 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import List, Union + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +class SecurityMonitoringRuleBulkDeleteResponse(ModelNormal): + @cached_property + def openapi_types(_): + return { + "deleted_rules": ([str],), + "failed_rules": ([str],), + } + + attribute_map = { + "deleted_rules": "deletedRules", + "failed_rules": "failedRules", + } + + def __init__( + self_, + deleted_rules: Union[List[str], UnsetType] = unset, + failed_rules: Union[List[str], UnsetType] = unset, + **kwargs, + ): + """ + Response for bulk deleting security monitoring rules. + + :param deleted_rules: List of successfully deleted rule IDs. + :type deleted_rules: [str], optional + + :param failed_rules: List of rule IDs that could not be deleted. + :type failed_rules: [str], optional + """ + if deleted_rules is not unset: + kwargs["deleted_rules"] = deleted_rules + if failed_rules is not unset: + kwargs["failed_rules"] = failed_rules + super().__init__(kwargs) diff --git a/src/datadog_api_client/v2/models/__init__.py b/src/datadog_api_client/v2/models/__init__.py index 2eb9447a65..76ee4104de 100644 --- a/src/datadog_api_client/v2/models/__init__.py +++ b/src/datadog_api_client/v2/models/__init__.py @@ -5684,6 +5684,19 @@ from datadog_api_client.v2.model.security_monitoring_rule_anomaly_detection_options_learning_duration import ( SecurityMonitoringRuleAnomalyDetectionOptionsLearningDuration, ) +from datadog_api_client.v2.model.security_monitoring_rule_bulk_delete_attributes import ( + SecurityMonitoringRuleBulkDeleteAttributes, +) +from datadog_api_client.v2.model.security_monitoring_rule_bulk_delete_data import SecurityMonitoringRuleBulkDeleteData +from datadog_api_client.v2.model.security_monitoring_rule_bulk_delete_payload import ( + SecurityMonitoringRuleBulkDeletePayload, +) +from datadog_api_client.v2.model.security_monitoring_rule_bulk_delete_request_data_type import ( + SecurityMonitoringRuleBulkDeleteRequestDataType, +) +from datadog_api_client.v2.model.security_monitoring_rule_bulk_delete_response import ( + SecurityMonitoringRuleBulkDeleteResponse, +) from datadog_api_client.v2.model.security_monitoring_rule_bulk_export_attributes import ( SecurityMonitoringRuleBulkExportAttributes, ) @@ -11427,6 +11440,11 @@ "SecurityMonitoringRuleAnomalyDetectionOptionsBucketDuration", "SecurityMonitoringRuleAnomalyDetectionOptionsDetectionTolerance", "SecurityMonitoringRuleAnomalyDetectionOptionsLearningDuration", + "SecurityMonitoringRuleBulkDeleteAttributes", + "SecurityMonitoringRuleBulkDeleteData", + "SecurityMonitoringRuleBulkDeletePayload", + "SecurityMonitoringRuleBulkDeleteRequestDataType", + "SecurityMonitoringRuleBulkDeleteResponse", "SecurityMonitoringRuleBulkExportAttributes", "SecurityMonitoringRuleBulkExportData", "SecurityMonitoringRuleBulkExportDataType", diff --git a/tests/v2/features/security_monitoring.feature b/tests/v2/features/security_monitoring.feature index 9c65c8a95b..d276ec4d8a 100644 --- a/tests/v2/features/security_monitoring.feature +++ b/tests/v2/features/security_monitoring.feature @@ -99,6 +99,27 @@ Feature: Security Monitoring And the response "data.attributes.insights" has item with field "resource_id" with value "ZGZhMDI3ZjdjMDM3YjJmNzcxNTlhZGMwMjdmZWNiNTZ-MTVlYTNmYWU3NjNlOTNlYTE2YjM4N2JmZmI4Yjk5N2Y=" And the response "data.attributes.insights" has item with field "resource_id" with value "MmUzMzZkODQ2YTI3NDU0OTk4NDk3NzhkOTY5YjU2Zjh-YWJjZGI1ODI4OTYzNWM3ZmUwZTBlOWRkYTRiMGUyOGQ=" + @generated @skip @team:DataDog/k9-cloud-siem + Scenario: Bulk delete security monitoring rules returns "Bad Request" response + Given new "BulkDeleteSecurityMonitoringRules" request + And body with value {"data": {"attributes": {"ruleIds": ["abc-000-u7q", "abc-000-7dd"]}, "type": "bulk_delete_rules"}} + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/k9-cloud-siem + Scenario: Bulk delete security monitoring rules returns "Not Found" response + Given new "BulkDeleteSecurityMonitoringRules" request + And body with value {"data": {"attributes": {"ruleIds": ["abc-000-u7q", "abc-000-7dd"]}, "type": "bulk_delete_rules"}} + When the request is sent + Then the response status is 404 Not Found + + @generated @skip @team:DataDog/k9-cloud-siem + Scenario: Bulk delete security monitoring rules returns "OK" response + Given new "BulkDeleteSecurityMonitoringRules" request + And body with value {"data": {"attributes": {"ruleIds": ["abc-000-u7q", "abc-000-7dd"]}, "type": "bulk_delete_rules"}} + When the request is sent + Then the response status is 200 OK + @skip @team:DataDog/k9-cloud-siem Scenario: Bulk export security monitoring rules returns "Bad Request" response Given new "BulkExportSecurityMonitoringRules" request diff --git a/tests/v2/features/undo.json b/tests/v2/features/undo.json index 71b0e9ba7a..8decf6f940 100644 --- a/tests/v2/features/undo.json +++ b/tests/v2/features/undo.json @@ -5639,6 +5639,12 @@ "type": "unsafe" } }, + "BulkDeleteSecurityMonitoringRules": { + "tag": "Security Monitoring", + "undo": { + "type": "idempotent" + } + }, "BulkExportSecurityMonitoringRules": { "tag": "Security Monitoring", "undo": {