diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index e694506b53..3359e9a375 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -23518,6 +23518,8 @@ components: $ref: "#/components/schemas/Enabled" name: $ref: "#/components/schemas/RuleName" + routing: + $ref: "#/components/schemas/NotificationRuleRouting" selectors: $ref: "#/components/schemas/Selectors" targets: @@ -59051,6 +59053,76 @@ components: - targets - version type: object + NotificationRulePreviewNotificationStatus: + description: The notification status for the given rule type. `SUCCESS` means a matching event was found and the notification was sent successfully. `DEFAULT` means no matching event was found and a default placeholder notification was sent instead. `ERROR` means an error occurred while sending the notification. + enum: + - SUCCESS + - DEFAULT + - ERROR + example: SUCCESS + type: string + x-enum-varnames: + - SUCCESS + - DEFAULT + - ERROR + NotificationRulePreviewResponse: + description: Response from the notification preview request. + properties: + data: + $ref: "#/components/schemas/NotificationRulePreviewResponseData" + required: + - data + type: object + NotificationRulePreviewResponseAttributes: + description: Attributes of the notification preview response. + properties: + preview_results: + $ref: "#/components/schemas/NotificationRulePreviewResults" + required: + - preview_results + type: object + NotificationRulePreviewResponseData: + description: The notification preview response data. + properties: + attributes: + $ref: "#/components/schemas/NotificationRulePreviewResponseAttributes" + id: + description: The ID of the notification preview response. + example: rka-loa-zwu + type: string + type: + $ref: "#/components/schemas/NotificationRulePreviewResponseType" + required: + - type + - attributes + type: object + NotificationRulePreviewResponseType: + description: The type of the notification preview response. + enum: + - notification_preview_response + example: notification_preview_response + type: string + x-enum-varnames: + - NOTIFICATION_PREVIEW_RESPONSE + NotificationRulePreviewResult: + description: The preview result for a single rule type. + properties: + notification_status: + $ref: "#/components/schemas/NotificationRulePreviewNotificationStatus" + rule_type: + $ref: "#/components/schemas/RuleTypesItems" + required: + - rule_type + - notification_status + type: object + NotificationRulePreviewResults: + description: List of preview results for each rule type matched by the notification rule. + example: + - notification_status: DEFAULT + rule_type: log_detection + items: + $ref: "#/components/schemas/NotificationRulePreviewResult" + type: array NotificationRuleQuery: description: The query is composed of one or several key:value pairs, which can be used to filter security issues on tags and attributes. example: (source:production_service OR env:prod) @@ -59061,6 +59133,22 @@ components: data: $ref: "#/components/schemas/NotificationRule" type: object + NotificationRuleRouting: + description: Routing configuration for the notification rule. + properties: + mode: + $ref: "#/components/schemas/NotificationRuleRoutingMode" + required: + - mode + type: object + NotificationRuleRoutingMode: + description: The routing mode for the notification rule. `manual` sends notifications to the configured targets. + enum: + - manual + example: manual + type: string + x-enum-varnames: + - MANUAL NotificationRulesListResponse: description: The list of notification rules. properties: @@ -68865,6 +68953,8 @@ components: $ref: "#/components/schemas/Enabled" name: $ref: "#/components/schemas/RuleName" + routing: + $ref: "#/components/schemas/NotificationRuleRouting" selectors: $ref: "#/components/schemas/Selectors" targets: @@ -75175,6 +75265,7 @@ components: - iac_misconfiguration - sast_vulnerability - secret_vulnerability + example: log_detection type: string x-enum-varnames: - APPLICATION_SECURITY @@ -164024,6 +164115,73 @@ paths: x-unstable: |- **Note**: This endpoint is in preview and is subject to change. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). + /api/v2/security_monitoring/configuration/notification_rules/send_notification_preview: + post: + description: Send a notification preview to test that a notification rule's targets are properly configured. + operationId: SendSecurityMonitoringNotificationPreview + requestBody: + content: + application/json: + examples: + default: + value: + data: + attributes: + enabled: true + name: Rule 1 + selectors: + query: env:prod + rule_types: + - log_detection + severities: + - critical + trigger_source: security_signals + targets: + - "@john.doe@email.com" + type: notification_rules + schema: + $ref: "#/components/schemas/CreateNotificationRuleParameters" + required: true + responses: + "200": + content: + application/json: + examples: + default: + value: + data: + attributes: + preview_results: + - notification_status: DEFAULT + rule_type: log_detection + id: rka-loa-zwu + type: notification_preview_response + schema: + $ref: "#/components/schemas/NotificationRulePreviewResponse" + description: OK + "400": + content: + application/json: + schema: + $ref: "#/components/schemas/JSONAPIErrorResponse" + description: Bad Request + "403": + $ref: "#/components/responses/NotAuthorizedResponse" + "429": + $ref: "#/components/responses/TooManyRequestsResponse" + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - security_monitoring_notification_profiles_write + summary: Test a notification rule + tags: + - Security Monitoring + x-codegen-request-body-name: body + "x-permission": + operator: OR + permissions: + - security_monitoring_notification_profiles_write /api/v2/security_monitoring/configuration/security_filters: get: description: Get the list of configured security filters with their definitions. diff --git a/docs/datadog_api_client.v2.model.rst b/docs/datadog_api_client.v2.model.rst index a033bedadb..ddf77aef1c 100644 --- a/docs/datadog_api_client.v2.model.rst +++ b/docs/datadog_api_client.v2.model.rst @@ -24819,6 +24819,48 @@ datadog\_api\_client.v2.model.notification\_rule\_attributes module :members: :show-inheritance: +datadog\_api\_client.v2.model.notification\_rule\_preview\_notification\_status module +-------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.notification_rule_preview_notification_status + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.notification\_rule\_preview\_response module +-------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.notification_rule_preview_response + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.notification\_rule\_preview\_response\_attributes module +-------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.notification_rule_preview_response_attributes + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.notification\_rule\_preview\_response\_data module +-------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.notification_rule_preview_response_data + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.notification\_rule\_preview\_response\_type module +-------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.notification_rule_preview_response_type + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.notification\_rule\_preview\_result module +------------------------------------------------------------------------ + +.. automodule:: datadog_api_client.v2.model.notification_rule_preview_result + :members: + :show-inheritance: + datadog\_api\_client.v2.model.notification\_rule\_response module ----------------------------------------------------------------- @@ -24826,6 +24868,20 @@ datadog\_api\_client.v2.model.notification\_rule\_response module :members: :show-inheritance: +datadog\_api\_client.v2.model.notification\_rule\_routing module +---------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.notification_rule_routing + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.notification\_rule\_routing\_mode module +---------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.notification_rule_routing_mode + :members: + :show-inheritance: + datadog\_api\_client.v2.model.notification\_rules\_list\_response module ------------------------------------------------------------------------ diff --git a/examples/v2/security-monitoring/SendSecurityMonitoringNotificationPreview.py b/examples/v2/security-monitoring/SendSecurityMonitoringNotificationPreview.py new file mode 100644 index 0000000000..895765bf5e --- /dev/null +++ b/examples/v2/security-monitoring/SendSecurityMonitoringNotificationPreview.py @@ -0,0 +1,46 @@ +""" +Test a notification rule returns "OK" response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi +from datadog_api_client.v2.model.create_notification_rule_parameters import CreateNotificationRuleParameters +from datadog_api_client.v2.model.create_notification_rule_parameters_data import CreateNotificationRuleParametersData +from datadog_api_client.v2.model.create_notification_rule_parameters_data_attributes import ( + CreateNotificationRuleParametersDataAttributes, +) +from datadog_api_client.v2.model.notification_rules_type import NotificationRulesType +from datadog_api_client.v2.model.rule_severity import RuleSeverity +from datadog_api_client.v2.model.rule_types_items import RuleTypesItems +from datadog_api_client.v2.model.selectors import Selectors +from datadog_api_client.v2.model.trigger_source import TriggerSource + +body = CreateNotificationRuleParameters( + data=CreateNotificationRuleParametersData( + attributes=CreateNotificationRuleParametersDataAttributes( + enabled=True, + name="Rule 1", + selectors=Selectors( + query="env:prod", + rule_types=[ + RuleTypesItems.LOG_DETECTION, + ], + severities=[ + RuleSeverity.CRITICAL, + ], + trigger_source=TriggerSource.SECURITY_SIGNALS, + ), + targets=[ + "@john.doe@email.com", + ], + ), + type=NotificationRulesType.NOTIFICATION_RULES, + ), +) + +configuration = Configuration() +with ApiClient(configuration) as api_client: + api_instance = SecurityMonitoringApi(api_client) + response = api_instance.send_security_monitoring_notification_preview(body=body) + + print(response) diff --git a/src/datadog_api_client/v2/api/security_monitoring_api.py b/src/datadog_api_client/v2/api/security_monitoring_api.py index a37b6f997c..c417965079 100644 --- a/src/datadog_api_client/v2/api/security_monitoring_api.py +++ b/src/datadog_api_client/v2/api/security_monitoring_api.py @@ -103,6 +103,7 @@ from datadog_api_client.v2.model.security_monitoring_integration_config_update_request import ( SecurityMonitoringIntegrationConfigUpdateRequest, ) +from datadog_api_client.v2.model.notification_rule_preview_response import NotificationRulePreviewResponse from datadog_api_client.v2.model.security_filters_response import SecurityFiltersResponse from datadog_api_client.v2.model.security_filter_response import SecurityFilterResponse from datadog_api_client.v2.model.security_filter_create_request import SecurityFilterCreateRequest @@ -3548,6 +3549,26 @@ def __init__(self, api_client=None): api_client=api_client, ) + self._send_security_monitoring_notification_preview_endpoint = _Endpoint( + settings={ + "response_type": (NotificationRulePreviewResponse,), + "auth": ["apiKeyAuth", "appKeyAuth", "AuthZ"], + "endpoint_path": "/api/v2/security_monitoring/configuration/notification_rules/send_notification_preview", + "operation_id": "send_security_monitoring_notification_preview", + "http_method": "POST", + "version": "v2", + }, + params_map={ + "body": { + "required": True, + "openapi_types": (CreateNotificationRuleParameters,), + "location": "body", + }, + }, + headers_map={"accept": ["application/json"], "content_type": ["application/json"]}, + api_client=api_client, + ) + self._test_existing_security_monitoring_rule_endpoint = _Endpoint( settings={ "response_type": (SecurityMonitoringRuleTestResponse,), @@ -7403,6 +7424,22 @@ def search_security_monitoring_signals_with_pagination( } return endpoint.call_with_http_info_paginated(pagination) + def send_security_monitoring_notification_preview( + self, + body: CreateNotificationRuleParameters, + ) -> NotificationRulePreviewResponse: + """Test a notification rule. + + Send a notification preview to test that a notification rule's targets are properly configured. + + :type body: CreateNotificationRuleParameters + :rtype: NotificationRulePreviewResponse + """ + kwargs: Dict[str, Any] = {} + kwargs["body"] = body + + return self._send_security_monitoring_notification_preview_endpoint.call_with_http_info(**kwargs) + def test_existing_security_monitoring_rule( self, rule_id: str, diff --git a/src/datadog_api_client/v2/model/create_notification_rule_parameters_data_attributes.py b/src/datadog_api_client/v2/model/create_notification_rule_parameters_data_attributes.py index 5bb5837e38..5fb9b7be1d 100644 --- a/src/datadog_api_client/v2/model/create_notification_rule_parameters_data_attributes.py +++ b/src/datadog_api_client/v2/model/create_notification_rule_parameters_data_attributes.py @@ -14,17 +14,20 @@ if TYPE_CHECKING: + from datadog_api_client.v2.model.notification_rule_routing import NotificationRuleRouting from datadog_api_client.v2.model.selectors import Selectors class CreateNotificationRuleParametersDataAttributes(ModelNormal): @cached_property def openapi_types(_): + from datadog_api_client.v2.model.notification_rule_routing import NotificationRuleRouting from datadog_api_client.v2.model.selectors import Selectors return { "enabled": (bool,), "name": (str,), + "routing": (NotificationRuleRouting,), "selectors": (Selectors,), "targets": ([str],), "time_aggregation": (int,), @@ -33,6 +36,7 @@ def openapi_types(_): attribute_map = { "enabled": "enabled", "name": "name", + "routing": "routing", "selectors": "selectors", "targets": "targets", "time_aggregation": "time_aggregation", @@ -44,6 +48,7 @@ def __init__( selectors: Selectors, targets: List[str], enabled: Union[bool, UnsetType] = unset, + routing: Union[NotificationRuleRouting, UnsetType] = unset, time_aggregation: Union[int, UnsetType] = unset, **kwargs, ): @@ -56,6 +61,9 @@ def __init__( :param name: Name of the notification rule. :type name: str + :param routing: Routing configuration for the notification rule. + :type routing: NotificationRuleRouting, optional + :param selectors: Selectors are used to filter security issues for which notifications should be generated. Users can specify rule severities, rule types, a query to filter security issues on tags and attributes, and the trigger source. Only the trigger_source field is required. @@ -75,6 +83,8 @@ def __init__( """ if enabled is not unset: kwargs["enabled"] = enabled + if routing is not unset: + kwargs["routing"] = routing if time_aggregation is not unset: kwargs["time_aggregation"] = time_aggregation super().__init__(kwargs) diff --git a/src/datadog_api_client/v2/model/notification_rule_preview_notification_status.py b/src/datadog_api_client/v2/model/notification_rule_preview_notification_status.py new file mode 100644 index 0000000000..cbad8f8982 --- /dev/null +++ b/src/datadog_api_client/v2/model/notification_rule_preview_notification_status.py @@ -0,0 +1,41 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelSimple, + cached_property, +) + +from typing import ClassVar + + +class NotificationRulePreviewNotificationStatus(ModelSimple): + """ + The notification status for the given rule type. `SUCCESS` means a matching event was found and the notification was sent successfully. `DEFAULT` means no matching event was found and a default placeholder notification was sent instead. `ERROR` means an error occurred while sending the notification. + + :param value: Must be one of ["SUCCESS", "DEFAULT", "ERROR"]. + :type value: str + """ + + allowed_values = { + "SUCCESS", + "DEFAULT", + "ERROR", + } + SUCCESS: ClassVar["NotificationRulePreviewNotificationStatus"] + DEFAULT: ClassVar["NotificationRulePreviewNotificationStatus"] + ERROR: ClassVar["NotificationRulePreviewNotificationStatus"] + + @cached_property + def openapi_types(_): + return { + "value": (str,), + } + + +NotificationRulePreviewNotificationStatus.SUCCESS = NotificationRulePreviewNotificationStatus("SUCCESS") +NotificationRulePreviewNotificationStatus.DEFAULT = NotificationRulePreviewNotificationStatus("DEFAULT") +NotificationRulePreviewNotificationStatus.ERROR = NotificationRulePreviewNotificationStatus("ERROR") diff --git a/src/datadog_api_client/v2/model/notification_rule_preview_response.py b/src/datadog_api_client/v2/model/notification_rule_preview_response.py new file mode 100644 index 0000000000..ca3c41d710 --- /dev/null +++ b/src/datadog_api_client/v2/model/notification_rule_preview_response.py @@ -0,0 +1,42 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.notification_rule_preview_response_data import NotificationRulePreviewResponseData + + +class NotificationRulePreviewResponse(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.notification_rule_preview_response_data import ( + NotificationRulePreviewResponseData, + ) + + return { + "data": (NotificationRulePreviewResponseData,), + } + + attribute_map = { + "data": "data", + } + + def __init__(self_, data: NotificationRulePreviewResponseData, **kwargs): + """ + Response from the notification preview request. + + :param data: The notification preview response data. + :type data: NotificationRulePreviewResponseData + """ + super().__init__(kwargs) + + self_.data = data diff --git a/src/datadog_api_client/v2/model/notification_rule_preview_response_attributes.py b/src/datadog_api_client/v2/model/notification_rule_preview_response_attributes.py new file mode 100644 index 0000000000..55b1c0dc3b --- /dev/null +++ b/src/datadog_api_client/v2/model/notification_rule_preview_response_attributes.py @@ -0,0 +1,40 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import List, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.notification_rule_preview_result import NotificationRulePreviewResult + + +class NotificationRulePreviewResponseAttributes(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.notification_rule_preview_result import NotificationRulePreviewResult + + return { + "preview_results": ([NotificationRulePreviewResult],), + } + + attribute_map = { + "preview_results": "preview_results", + } + + def __init__(self_, preview_results: List[NotificationRulePreviewResult], **kwargs): + """ + Attributes of the notification preview response. + + :param preview_results: List of preview results for each rule type matched by the notification rule. + :type preview_results: [NotificationRulePreviewResult] + """ + super().__init__(kwargs) + + self_.preview_results = preview_results diff --git a/src/datadog_api_client/v2/model/notification_rule_preview_response_data.py b/src/datadog_api_client/v2/model/notification_rule_preview_response_data.py new file mode 100644 index 0000000000..2709f215c7 --- /dev/null +++ b/src/datadog_api_client/v2/model/notification_rule_preview_response_data.py @@ -0,0 +1,69 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import Union, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.notification_rule_preview_response_attributes import ( + NotificationRulePreviewResponseAttributes, + ) + from datadog_api_client.v2.model.notification_rule_preview_response_type import NotificationRulePreviewResponseType + + +class NotificationRulePreviewResponseData(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.notification_rule_preview_response_attributes import ( + NotificationRulePreviewResponseAttributes, + ) + from datadog_api_client.v2.model.notification_rule_preview_response_type import ( + NotificationRulePreviewResponseType, + ) + + return { + "attributes": (NotificationRulePreviewResponseAttributes,), + "id": (str,), + "type": (NotificationRulePreviewResponseType,), + } + + attribute_map = { + "attributes": "attributes", + "id": "id", + "type": "type", + } + + def __init__( + self_, + attributes: NotificationRulePreviewResponseAttributes, + type: NotificationRulePreviewResponseType, + id: Union[str, UnsetType] = unset, + **kwargs, + ): + """ + The notification preview response data. + + :param attributes: Attributes of the notification preview response. + :type attributes: NotificationRulePreviewResponseAttributes + + :param id: The ID of the notification preview response. + :type id: str, optional + + :param type: The type of the notification preview response. + :type type: NotificationRulePreviewResponseType + """ + if id is not unset: + kwargs["id"] = id + super().__init__(kwargs) + + self_.attributes = attributes + self_.type = type diff --git a/src/datadog_api_client/v2/model/notification_rule_preview_response_type.py b/src/datadog_api_client/v2/model/notification_rule_preview_response_type.py new file mode 100644 index 0000000000..1f2d07684a --- /dev/null +++ b/src/datadog_api_client/v2/model/notification_rule_preview_response_type.py @@ -0,0 +1,37 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelSimple, + cached_property, +) + +from typing import ClassVar + + +class NotificationRulePreviewResponseType(ModelSimple): + """ + The type of the notification preview response. + + :param value: If omitted defaults to "notification_preview_response". Must be one of ["notification_preview_response"]. + :type value: str + """ + + allowed_values = { + "notification_preview_response", + } + NOTIFICATION_PREVIEW_RESPONSE: ClassVar["NotificationRulePreviewResponseType"] + + @cached_property + def openapi_types(_): + return { + "value": (str,), + } + + +NotificationRulePreviewResponseType.NOTIFICATION_PREVIEW_RESPONSE = NotificationRulePreviewResponseType( + "notification_preview_response" +) diff --git a/src/datadog_api_client/v2/model/notification_rule_preview_result.py b/src/datadog_api_client/v2/model/notification_rule_preview_result.py new file mode 100644 index 0000000000..8cd5ae1051 --- /dev/null +++ b/src/datadog_api_client/v2/model/notification_rule_preview_result.py @@ -0,0 +1,59 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.notification_rule_preview_notification_status import ( + NotificationRulePreviewNotificationStatus, + ) + from datadog_api_client.v2.model.rule_types_items import RuleTypesItems + + +class NotificationRulePreviewResult(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.notification_rule_preview_notification_status import ( + NotificationRulePreviewNotificationStatus, + ) + from datadog_api_client.v2.model.rule_types_items import RuleTypesItems + + return { + "notification_status": (NotificationRulePreviewNotificationStatus,), + "rule_type": (RuleTypesItems,), + } + + attribute_map = { + "notification_status": "notification_status", + "rule_type": "rule_type", + } + + def __init__( + self_, notification_status: NotificationRulePreviewNotificationStatus, rule_type: RuleTypesItems, **kwargs + ): + """ + The preview result for a single rule type. + + :param notification_status: The notification status for the given rule type. ``SUCCESS`` means a matching event was found and the notification was sent successfully. ``DEFAULT`` means no matching event was found and a default placeholder notification was sent instead. ``ERROR`` means an error occurred while sending the notification. + :type notification_status: NotificationRulePreviewNotificationStatus + + :param rule_type: Security rule type which can be used in security rules. + Signal-based notification rules can filter signals based on rule types application_security, log_detection, + workload_security, signal_correlation, cloud_configuration and infrastructure_configuration. + Vulnerability-based notification rules can filter vulnerabilities based on rule types application_code_vulnerability, + application_library_vulnerability, attack_path, container_image_vulnerability, identity_risk, misconfiguration, + api_security, host_vulnerability, iac_misconfiguration, sast_vulnerability and secret_vulnerability. + :type rule_type: RuleTypesItems + """ + super().__init__(kwargs) + + self_.notification_status = notification_status + self_.rule_type = rule_type diff --git a/src/datadog_api_client/v2/model/notification_rule_routing.py b/src/datadog_api_client/v2/model/notification_rule_routing.py new file mode 100644 index 0000000000..cb35b9b0a5 --- /dev/null +++ b/src/datadog_api_client/v2/model/notification_rule_routing.py @@ -0,0 +1,40 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.notification_rule_routing_mode import NotificationRuleRoutingMode + + +class NotificationRuleRouting(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.notification_rule_routing_mode import NotificationRuleRoutingMode + + return { + "mode": (NotificationRuleRoutingMode,), + } + + attribute_map = { + "mode": "mode", + } + + def __init__(self_, mode: NotificationRuleRoutingMode, **kwargs): + """ + Routing configuration for the notification rule. + + :param mode: The routing mode for the notification rule. ``manual`` sends notifications to the configured targets. + :type mode: NotificationRuleRoutingMode + """ + super().__init__(kwargs) + + self_.mode = mode diff --git a/src/datadog_api_client/v2/model/notification_rule_routing_mode.py b/src/datadog_api_client/v2/model/notification_rule_routing_mode.py new file mode 100644 index 0000000000..53cdf98acc --- /dev/null +++ b/src/datadog_api_client/v2/model/notification_rule_routing_mode.py @@ -0,0 +1,35 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelSimple, + cached_property, +) + +from typing import ClassVar + + +class NotificationRuleRoutingMode(ModelSimple): + """ + The routing mode for the notification rule. `manual` sends notifications to the configured targets. + + :param value: If omitted defaults to "manual". Must be one of ["manual"]. + :type value: str + """ + + allowed_values = { + "manual", + } + MANUAL: ClassVar["NotificationRuleRoutingMode"] + + @cached_property + def openapi_types(_): + return { + "value": (str,), + } + + +NotificationRuleRoutingMode.MANUAL = NotificationRuleRoutingMode("manual") diff --git a/src/datadog_api_client/v2/model/patch_notification_rule_parameters_data_attributes.py b/src/datadog_api_client/v2/model/patch_notification_rule_parameters_data_attributes.py index 4d37c94b2e..b0fae6ed4d 100644 --- a/src/datadog_api_client/v2/model/patch_notification_rule_parameters_data_attributes.py +++ b/src/datadog_api_client/v2/model/patch_notification_rule_parameters_data_attributes.py @@ -14,17 +14,20 @@ if TYPE_CHECKING: + from datadog_api_client.v2.model.notification_rule_routing import NotificationRuleRouting from datadog_api_client.v2.model.selectors import Selectors class PatchNotificationRuleParametersDataAttributes(ModelNormal): @cached_property def openapi_types(_): + from datadog_api_client.v2.model.notification_rule_routing import NotificationRuleRouting from datadog_api_client.v2.model.selectors import Selectors return { "enabled": (bool,), "name": (str,), + "routing": (NotificationRuleRouting,), "selectors": (Selectors,), "targets": ([str],), "time_aggregation": (int,), @@ -34,6 +37,7 @@ def openapi_types(_): attribute_map = { "enabled": "enabled", "name": "name", + "routing": "routing", "selectors": "selectors", "targets": "targets", "time_aggregation": "time_aggregation", @@ -44,6 +48,7 @@ def __init__( self_, enabled: Union[bool, UnsetType] = unset, name: Union[str, UnsetType] = unset, + routing: Union[NotificationRuleRouting, UnsetType] = unset, selectors: Union[Selectors, UnsetType] = unset, targets: Union[List[str], UnsetType] = unset, time_aggregation: Union[int, UnsetType] = unset, @@ -59,6 +64,9 @@ def __init__( :param name: Name of the notification rule. :type name: str, optional + :param routing: Routing configuration for the notification rule. + :type routing: NotificationRuleRouting, optional + :param selectors: Selectors are used to filter security issues for which notifications should be generated. Users can specify rule severities, rule types, a query to filter security issues on tags and attributes, and the trigger source. Only the trigger_source field is required. @@ -83,6 +91,8 @@ def __init__( kwargs["enabled"] = enabled if name is not unset: kwargs["name"] = name + if routing is not unset: + kwargs["routing"] = routing if selectors is not unset: kwargs["selectors"] = selectors if targets is not unset: diff --git a/src/datadog_api_client/v2/models/__init__.py b/src/datadog_api_client/v2/models/__init__.py index f25d09e870..f8523fc5ab 100644 --- a/src/datadog_api_client/v2/models/__init__.py +++ b/src/datadog_api_client/v2/models/__init__.py @@ -4633,7 +4633,19 @@ from datadog_api_client.v2.model.notification_channel_type import NotificationChannelType from datadog_api_client.v2.model.notification_rule import NotificationRule from datadog_api_client.v2.model.notification_rule_attributes import NotificationRuleAttributes +from datadog_api_client.v2.model.notification_rule_preview_notification_status import ( + NotificationRulePreviewNotificationStatus, +) +from datadog_api_client.v2.model.notification_rule_preview_response import NotificationRulePreviewResponse +from datadog_api_client.v2.model.notification_rule_preview_response_attributes import ( + NotificationRulePreviewResponseAttributes, +) +from datadog_api_client.v2.model.notification_rule_preview_response_data import NotificationRulePreviewResponseData +from datadog_api_client.v2.model.notification_rule_preview_response_type import NotificationRulePreviewResponseType +from datadog_api_client.v2.model.notification_rule_preview_result import NotificationRulePreviewResult from datadog_api_client.v2.model.notification_rule_response import NotificationRuleResponse +from datadog_api_client.v2.model.notification_rule_routing import NotificationRuleRouting +from datadog_api_client.v2.model.notification_rule_routing_mode import NotificationRuleRoutingMode from datadog_api_client.v2.model.notification_rules_list_response import NotificationRulesListResponse from datadog_api_client.v2.model.notification_rules_type import NotificationRulesType from datadog_api_client.v2.model.notion_api_key import NotionAPIKey @@ -12560,7 +12572,15 @@ "NotificationChannelType", "NotificationRule", "NotificationRuleAttributes", + "NotificationRulePreviewNotificationStatus", + "NotificationRulePreviewResponse", + "NotificationRulePreviewResponseAttributes", + "NotificationRulePreviewResponseData", + "NotificationRulePreviewResponseType", + "NotificationRulePreviewResult", "NotificationRuleResponse", + "NotificationRuleRouting", + "NotificationRuleRoutingMode", "NotificationRulesListResponse", "NotificationRulesType", "NotionAPIKey", diff --git a/tests/v2/cassettes/test_scenarios/test_test_a_notification_rule_returns_ok_response.frozen b/tests/v2/cassettes/test_scenarios/test_test_a_notification_rule_returns_ok_response.frozen new file mode 100644 index 0000000000..dbdcb687da --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_test_a_notification_rule_returns_ok_response.frozen @@ -0,0 +1 @@ +2026-06-10T09:27:59.116Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_test_a_notification_rule_returns_ok_response.yaml b/tests/v2/cassettes/test_scenarios/test_test_a_notification_rule_returns_ok_response.yaml new file mode 100644 index 0000000000..55740cef69 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_test_a_notification_rule_returns_ok_response.yaml @@ -0,0 +1,20 @@ +interactions: +- request: + body: '{"data":{"attributes":{"enabled":true,"name":"Rule 1","selectors":{"query":"env:prod","rule_types":["log_detection"],"severities":["critical"],"trigger_source":"security_signals"},"targets":["@john.doe@email.com"]},"type":"notification_rules"}}' + headers: + accept: + - application/json + content-type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/security_monitoring/configuration/notification_rules/send_notification_preview + response: + body: + string: '{"data":{"id":"rka-loa-zwu","attributes":{"preview_results":[{"rule_type":"log_detection","notification_status":"DEFAULT"}]},"type":"notification_preview_response"}}' + headers: + content-type: + - application/json + status: + code: 200 + message: OK +version: 1 diff --git a/tests/v2/features/security_monitoring.feature b/tests/v2/features/security_monitoring.feature index bae8918780..7e93f0077a 100644 --- a/tests/v2/features/security_monitoring.feature +++ b/tests/v2/features/security_monitoring.feature @@ -759,7 +759,7 @@ Feature: Security Monitoring @generated @skip @team:DataDog/cloud-security-posture-management Scenario: Create a new signal-based notification rule returns "Bad Request" response Given new "CreateSignalNotificationRule" request - And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400}, "type": "notification_rules"}} + And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "routing": {"mode": "manual"}, "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400}, "type": "notification_rules"}} When the request is sent Then the response status is 400 Bad Request @@ -773,7 +773,7 @@ Feature: Security Monitoring @generated @skip @team:DataDog/cloud-security-posture-management Scenario: Create a new vulnerability-based notification rule returns "Bad Request" response Given new "CreateVulnerabilityNotificationRule" request - And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400}, "type": "notification_rules"}} + And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "routing": {"mode": "manual"}, "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400}, "type": "notification_rules"}} When the request is sent Then the response status is 400 Bad Request @@ -2470,7 +2470,7 @@ Feature: Security Monitoring Scenario: Patch a signal-based notification rule returns "The server cannot process the request because it contains invalid data." response Given new "PatchSignalNotificationRule" request And request contains "id" parameter from "REPLACE.ME" - And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400, "version": 1}, "id": "aaa-bbb-ccc", "type": "notification_rules"}} + And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "routing": {"mode": "manual"}, "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400, "version": 1}, "id": "aaa-bbb-ccc", "type": "notification_rules"}} When the request is sent Then the response status is 422 The server cannot process the request because it contains invalid data. @@ -2504,7 +2504,7 @@ Feature: Security Monitoring Scenario: Patch a vulnerability-based notification rule returns "The server cannot process the request because it contains invalid data." response Given new "PatchVulnerabilityNotificationRule" request And request contains "id" parameter from "REPLACE.ME" - And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400, "version": 1}, "id": "aaa-bbb-ccc", "type": "notification_rules"}} + And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "routing": {"mode": "manual"}, "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400, "version": 1}, "id": "aaa-bbb-ccc", "type": "notification_rules"}} When the request is sent Then the response status is 422 The server cannot process the request because it contains invalid data. @@ -2611,6 +2611,20 @@ Feature: Security Monitoring When the request is sent Then the response status is 200 OK + @generated @skip @team:DataDog/k9-cloud-siem + Scenario: Test a notification rule returns "Bad Request" response + Given new "SendSecurityMonitoringNotificationPreview" request + And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "routing": {"mode": "manual"}, "selectors": {"query": "(source:production_service OR env:prod)", "rule_types": ["misconfiguration", "attack_path"], "severities": ["critical"], "trigger_source": "security_findings"}, "targets": ["@john.doe@email.com"], "time_aggregation": 86400}, "type": "notification_rules"}} + When the request is sent + Then the response status is 400 Bad Request + + @team:DataDog/k9-cloud-siem + Scenario: Test a notification rule returns "OK" response + Given new "SendSecurityMonitoringNotificationPreview" request + And body with value {"data": {"attributes": {"enabled": true, "name": "Rule 1", "selectors": {"query": "env:prod", "rule_types": ["log_detection"], "severities": ["critical"], "trigger_source": "security_signals"}, "targets": ["@john.doe@email.com"]}, "type": "notification_rules"}} + When the request is sent + Then the response status is 200 OK + @skip @team:DataDog/k9-cloud-siem Scenario: Test a rule returns "Bad Request" response Given new "TestSecurityMonitoringRule" request diff --git a/tests/v2/features/undo.json b/tests/v2/features/undo.json index 811e650c25..72c8a80e0e 100644 --- a/tests/v2/features/undo.json +++ b/tests/v2/features/undo.json @@ -7025,6 +7025,12 @@ "type": "safe" } }, + "SendSecurityMonitoringNotificationPreview": { + "tag": "Security Monitoring", + "undo": { + "type": "safe" + } + }, "ListSecurityFilters": { "tag": "Security Monitoring", "undo": {