diff --git a/.apigentools-info b/.apigentools-info index 23ba14a73e..4b8563ed66 100644 --- a/.apigentools-info +++ b/.apigentools-info @@ -4,13 +4,13 @@ "spec_versions": { "v1": { "apigentools_version": "1.6.6", - "regenerated": "2024-02-29 14:49:25.092326", - "spec_repo_commit": "bb5305bc" + "regenerated": "2024-03-01 10:51:12.170900", + "spec_repo_commit": "5efabbe7" }, "v2": { "apigentools_version": "1.6.6", - "regenerated": "2024-02-29 14:49:25.138459", - "spec_repo_commit": "bb5305bc" + "regenerated": "2024-03-01 10:51:12.184733", + "spec_repo_commit": "5efabbe7" } } } \ No newline at end of file diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index 9a70faf6ba..52f49c8dd1 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -29578,6 +29578,129 @@ paths: We are gradually onboarding support for more sources. If you have any feedback, contact [Datadog Support](https://docs.datadoghq.com/help/).' + /api/v2/remote_config/products/cws/agent_rules: + get: + description: Get the list of Cloud Security Management Threats Agent rules. + operationId: ListCSMThreatsAgentRules + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/CloudWorkloadSecurityAgentRulesListResponse' + description: OK + '403': + $ref: '#/components/responses/NotAuthorizedResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + summary: Get all CSM Threats Agent rules + tags: + - Cloud Workload Security + post: + description: Create a new Cloud Security Management Threats Agent rule with + the given parameters. + operationId: CreateCSMThreatsAgentRule + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleCreateRequest' + description: The definition of the new Agent rule. + required: true + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleResponse' + description: OK + '400': + $ref: '#/components/responses/BadRequestResponse' + '403': + $ref: '#/components/responses/NotAuthorizedResponse' + '409': + $ref: '#/components/responses/ConflictResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + summary: Create a CSM Threats Agent rule + tags: + - Cloud Workload Security + x-codegen-request-body-name: body + /api/v2/remote_config/products/cws/agent_rules/{agent_rule_id}: + delete: + description: Delete a specific Cloud Security Management Threats Agent rule. + operationId: DeleteCSMThreatsAgentRule + parameters: + - $ref: '#/components/parameters/CloudWorkloadSecurityAgentRuleID' + responses: + '204': + description: OK + '403': + $ref: '#/components/responses/NotAuthorizedResponse' + '404': + $ref: '#/components/responses/NotFoundResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + summary: Delete a CSM Threats Agent rule + tags: + - Cloud Workload Security + get: + description: Get the details of a specific Cloud Security Management Threats + Agent rule. + operationId: GetCSMThreatsAgentRule + parameters: + - $ref: '#/components/parameters/CloudWorkloadSecurityAgentRuleID' + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleResponse' + description: OK + '403': + $ref: '#/components/responses/NotAuthorizedResponse' + '404': + $ref: '#/components/responses/NotFoundResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + summary: Get a CSM Threats Agent rule + tags: + - Cloud Workload Security + patch: + description: 'Update a specific Cloud Security Management Threats Agent rule. + + Returns the Agent rule object when the request is successful.' + operationId: UpdateCSMThreatsAgentRule + parameters: + - $ref: '#/components/parameters/CloudWorkloadSecurityAgentRuleID' + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleUpdateRequest' + description: New definition of the Agent rule. + required: true + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleResponse' + description: OK + '400': + $ref: '#/components/responses/BadRequestResponse' + '403': + $ref: '#/components/responses/NotAuthorizedResponse' + '404': + $ref: '#/components/responses/NotFoundResponse' + '409': + $ref: '#/components/responses/ConcurrentModificationResponse' + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + summary: Update a CSM Threats Agent rule + tags: + - Cloud Workload Security + x-codegen-request-body-name: body /api/v2/restriction_policy/{resource_id}: delete: description: Deletes the restriction policy associated with a specified resource. @@ -34817,6 +34940,11 @@ tags: [Test Visibility in Datadog page](https://docs.datadoghq.com/tests/) for more information. name: CI Visibility Tests +- description: Cloud Security Management Threats (CSM Threats) monitors file, network, + and process activity across your environment to detect real-time threats to your + infrastructure. See the [Setting up CSM Threats page](https://docs.datadoghq.com/security/threats/) + for more information. + name: CSM Threats - description: View and manage cases and projects within Case Management. See the [Case Management page](https://docs.datadoghq.com/service_management/case_management/) for more information. diff --git a/examples/v2/cloud-workload-security/CreateCSMThreatsAgentRule.py b/examples/v2/cloud-workload-security/CreateCSMThreatsAgentRule.py new file mode 100644 index 0000000000..e170a2a7ee --- /dev/null +++ b/examples/v2/cloud-workload-security/CreateCSMThreatsAgentRule.py @@ -0,0 +1,35 @@ +""" +Create a CSM Threats Agent rule returns "OK" response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.cloud_workload_security_api import CloudWorkloadSecurityApi +from datadog_api_client.v2.model.cloud_workload_security_agent_rule_create_attributes import ( + CloudWorkloadSecurityAgentRuleCreateAttributes, +) +from datadog_api_client.v2.model.cloud_workload_security_agent_rule_create_data import ( + CloudWorkloadSecurityAgentRuleCreateData, +) +from datadog_api_client.v2.model.cloud_workload_security_agent_rule_create_request import ( + CloudWorkloadSecurityAgentRuleCreateRequest, +) +from datadog_api_client.v2.model.cloud_workload_security_agent_rule_type import CloudWorkloadSecurityAgentRuleType + +body = CloudWorkloadSecurityAgentRuleCreateRequest( + data=CloudWorkloadSecurityAgentRuleCreateData( + attributes=CloudWorkloadSecurityAgentRuleCreateAttributes( + description="My Agent rule", + enabled=True, + expression='exec.file.name == \\"sh\\"', + name="my_agent_rule", + ), + type=CloudWorkloadSecurityAgentRuleType.AGENT_RULE, + ), +) + +configuration = Configuration() +with ApiClient(configuration) as api_client: + api_instance = CloudWorkloadSecurityApi(api_client) + response = api_instance.create_csm_threats_agent_rule(body=body) + + print(response) diff --git a/examples/v2/cloud-workload-security/DeleteCSMThreatsAgentRule.py b/examples/v2/cloud-workload-security/DeleteCSMThreatsAgentRule.py new file mode 100644 index 0000000000..4b657e1095 --- /dev/null +++ b/examples/v2/cloud-workload-security/DeleteCSMThreatsAgentRule.py @@ -0,0 +1,13 @@ +""" +Delete a CSM Threats Agent rule returns "OK" response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.cloud_workload_security_api import CloudWorkloadSecurityApi + +configuration = Configuration() +with ApiClient(configuration) as api_client: + api_instance = CloudWorkloadSecurityApi(api_client) + api_instance.delete_csm_threats_agent_rule( + agent_rule_id="agent_rule_id", + ) diff --git a/examples/v2/cloud-workload-security/GetCSMThreatsAgentRule.py b/examples/v2/cloud-workload-security/GetCSMThreatsAgentRule.py new file mode 100644 index 0000000000..0cb1359d78 --- /dev/null +++ b/examples/v2/cloud-workload-security/GetCSMThreatsAgentRule.py @@ -0,0 +1,15 @@ +""" +Get a CSM Threats Agent rule returns "OK" response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.cloud_workload_security_api import CloudWorkloadSecurityApi + +configuration = Configuration() +with ApiClient(configuration) as api_client: + api_instance = CloudWorkloadSecurityApi(api_client) + response = api_instance.get_csm_threats_agent_rule( + agent_rule_id="agent_rule_id", + ) + + print(response) diff --git a/examples/v2/cloud-workload-security/ListCSMThreatsAgentRules.py b/examples/v2/cloud-workload-security/ListCSMThreatsAgentRules.py new file mode 100644 index 0000000000..17cf023af3 --- /dev/null +++ b/examples/v2/cloud-workload-security/ListCSMThreatsAgentRules.py @@ -0,0 +1,13 @@ +""" +Get all CSM Threats Agent rules returns "OK" response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.cloud_workload_security_api import CloudWorkloadSecurityApi + +configuration = Configuration() +with ApiClient(configuration) as api_client: + api_instance = CloudWorkloadSecurityApi(api_client) + response = api_instance.list_csm_threats_agent_rules() + + print(response) diff --git a/examples/v2/cloud-workload-security/UpdateCSMThreatsAgentRule.py b/examples/v2/cloud-workload-security/UpdateCSMThreatsAgentRule.py new file mode 100644 index 0000000000..2457270391 --- /dev/null +++ b/examples/v2/cloud-workload-security/UpdateCSMThreatsAgentRule.py @@ -0,0 +1,34 @@ +""" +Update a CSM Threats Agent rule returns "OK" response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.cloud_workload_security_api import CloudWorkloadSecurityApi +from datadog_api_client.v2.model.cloud_workload_security_agent_rule_type import CloudWorkloadSecurityAgentRuleType +from datadog_api_client.v2.model.cloud_workload_security_agent_rule_update_attributes import ( + CloudWorkloadSecurityAgentRuleUpdateAttributes, +) +from datadog_api_client.v2.model.cloud_workload_security_agent_rule_update_data import ( + CloudWorkloadSecurityAgentRuleUpdateData, +) +from datadog_api_client.v2.model.cloud_workload_security_agent_rule_update_request import ( + CloudWorkloadSecurityAgentRuleUpdateRequest, +) + +body = CloudWorkloadSecurityAgentRuleUpdateRequest( + data=CloudWorkloadSecurityAgentRuleUpdateData( + attributes=CloudWorkloadSecurityAgentRuleUpdateAttributes( + description="My Agent rule", + enabled=True, + expression='exec.file.name == \\"sh\\"', + ), + type=CloudWorkloadSecurityAgentRuleType.AGENT_RULE, + ), +) + +configuration = Configuration() +with ApiClient(configuration) as api_client: + api_instance = CloudWorkloadSecurityApi(api_client) + response = api_instance.update_csm_threats_agent_rule(agent_rule_id="agent_rule_id", body=body) + + print(response) diff --git a/src/datadog_api_client/v2/api/cloud_workload_security_api.py b/src/datadog_api_client/v2/api/cloud_workload_security_api.py index 28ec794c50..1c27b9b6e4 100644 --- a/src/datadog_api_client/v2/api/cloud_workload_security_api.py +++ b/src/datadog_api_client/v2/api/cloud_workload_security_api.py @@ -54,6 +54,26 @@ def __init__(self, api_client=None): api_client=api_client, ) + self._create_csm_threats_agent_rule_endpoint = _Endpoint( + settings={ + "response_type": (CloudWorkloadSecurityAgentRuleResponse,), + "auth": ["apiKeyAuth", "appKeyAuth"], + "endpoint_path": "/api/v2/remote_config/products/cws/agent_rules", + "operation_id": "create_csm_threats_agent_rule", + "http_method": "POST", + "version": "v2", + }, + params_map={ + "body": { + "required": True, + "openapi_types": (CloudWorkloadSecurityAgentRuleCreateRequest,), + "location": "body", + }, + }, + headers_map={"accept": ["application/json"], "content_type": ["application/json"]}, + api_client=api_client, + ) + self._delete_cloud_workload_security_agent_rule_endpoint = _Endpoint( settings={ "response_type": None, @@ -77,6 +97,29 @@ def __init__(self, api_client=None): api_client=api_client, ) + self._delete_csm_threats_agent_rule_endpoint = _Endpoint( + settings={ + "response_type": None, + "auth": ["apiKeyAuth", "appKeyAuth"], + "endpoint_path": "/api/v2/remote_config/products/cws/agent_rules/{agent_rule_id}", + "operation_id": "delete_csm_threats_agent_rule", + "http_method": "DELETE", + "version": "v2", + }, + params_map={ + "agent_rule_id": { + "required": True, + "openapi_types": (str,), + "attribute": "agent_rule_id", + "location": "path", + }, + }, + headers_map={ + "accept": ["*/*"], + }, + api_client=api_client, + ) + self._download_cloud_workload_policy_file_endpoint = _Endpoint( settings={ "response_type": (file_type,), @@ -116,6 +159,29 @@ def __init__(self, api_client=None): api_client=api_client, ) + self._get_csm_threats_agent_rule_endpoint = _Endpoint( + settings={ + "response_type": (CloudWorkloadSecurityAgentRuleResponse,), + "auth": ["apiKeyAuth", "appKeyAuth"], + "endpoint_path": "/api/v2/remote_config/products/cws/agent_rules/{agent_rule_id}", + "operation_id": "get_csm_threats_agent_rule", + "http_method": "GET", + "version": "v2", + }, + params_map={ + "agent_rule_id": { + "required": True, + "openapi_types": (str,), + "attribute": "agent_rule_id", + "location": "path", + }, + }, + headers_map={ + "accept": ["application/json"], + }, + api_client=api_client, + ) + self._list_cloud_workload_security_agent_rules_endpoint = _Endpoint( settings={ "response_type": (CloudWorkloadSecurityAgentRulesListResponse,), @@ -132,6 +198,22 @@ def __init__(self, api_client=None): api_client=api_client, ) + self._list_csm_threats_agent_rules_endpoint = _Endpoint( + settings={ + "response_type": (CloudWorkloadSecurityAgentRulesListResponse,), + "auth": ["apiKeyAuth", "appKeyAuth"], + "endpoint_path": "/api/v2/remote_config/products/cws/agent_rules", + "operation_id": "list_csm_threats_agent_rules", + "http_method": "GET", + "version": "v2", + }, + params_map={}, + headers_map={ + "accept": ["application/json"], + }, + api_client=api_client, + ) + self._update_cloud_workload_security_agent_rule_endpoint = _Endpoint( settings={ "response_type": (CloudWorkloadSecurityAgentRuleResponse,), @@ -158,6 +240,32 @@ def __init__(self, api_client=None): api_client=api_client, ) + self._update_csm_threats_agent_rule_endpoint = _Endpoint( + settings={ + "response_type": (CloudWorkloadSecurityAgentRuleResponse,), + "auth": ["apiKeyAuth", "appKeyAuth"], + "endpoint_path": "/api/v2/remote_config/products/cws/agent_rules/{agent_rule_id}", + "operation_id": "update_csm_threats_agent_rule", + "http_method": "PATCH", + "version": "v2", + }, + params_map={ + "agent_rule_id": { + "required": True, + "openapi_types": (str,), + "attribute": "agent_rule_id", + "location": "path", + }, + "body": { + "required": True, + "openapi_types": (CloudWorkloadSecurityAgentRuleUpdateRequest,), + "location": "body", + }, + }, + headers_map={"accept": ["application/json"], "content_type": ["application/json"]}, + api_client=api_client, + ) + def create_cloud_workload_security_agent_rule( self, body: CloudWorkloadSecurityAgentRuleCreateRequest, @@ -175,6 +283,23 @@ def create_cloud_workload_security_agent_rule( return self._create_cloud_workload_security_agent_rule_endpoint.call_with_http_info(**kwargs) + def create_csm_threats_agent_rule( + self, + body: CloudWorkloadSecurityAgentRuleCreateRequest, + ) -> CloudWorkloadSecurityAgentRuleResponse: + """Create a CSM Threats Agent rule. + + Create a new Cloud Security Management Threats Agent rule with the given parameters. + + :param body: The definition of the new Agent rule. + :type body: CloudWorkloadSecurityAgentRuleCreateRequest + :rtype: CloudWorkloadSecurityAgentRuleResponse + """ + kwargs: Dict[str, Any] = {} + kwargs["body"] = body + + return self._create_csm_threats_agent_rule_endpoint.call_with_http_info(**kwargs) + def delete_cloud_workload_security_agent_rule( self, agent_rule_id: str, @@ -192,6 +317,23 @@ def delete_cloud_workload_security_agent_rule( return self._delete_cloud_workload_security_agent_rule_endpoint.call_with_http_info(**kwargs) + def delete_csm_threats_agent_rule( + self, + agent_rule_id: str, + ) -> None: + """Delete a CSM Threats Agent rule. + + Delete a specific Cloud Security Management Threats Agent rule. + + :param agent_rule_id: The ID of the Agent rule. + :type agent_rule_id: str + :rtype: None + """ + kwargs: Dict[str, Any] = {} + kwargs["agent_rule_id"] = agent_rule_id + + return self._delete_csm_threats_agent_rule_endpoint.call_with_http_info(**kwargs) + def download_cloud_workload_policy_file( self, ) -> file_type: @@ -223,6 +365,23 @@ def get_cloud_workload_security_agent_rule( return self._get_cloud_workload_security_agent_rule_endpoint.call_with_http_info(**kwargs) + def get_csm_threats_agent_rule( + self, + agent_rule_id: str, + ) -> CloudWorkloadSecurityAgentRuleResponse: + """Get a CSM Threats Agent rule. + + Get the details of a specific Cloud Security Management Threats Agent rule. + + :param agent_rule_id: The ID of the Agent rule. + :type agent_rule_id: str + :rtype: CloudWorkloadSecurityAgentRuleResponse + """ + kwargs: Dict[str, Any] = {} + kwargs["agent_rule_id"] = agent_rule_id + + return self._get_csm_threats_agent_rule_endpoint.call_with_http_info(**kwargs) + def list_cloud_workload_security_agent_rules( self, ) -> CloudWorkloadSecurityAgentRulesListResponse: @@ -235,6 +394,18 @@ def list_cloud_workload_security_agent_rules( kwargs: Dict[str, Any] = {} return self._list_cloud_workload_security_agent_rules_endpoint.call_with_http_info(**kwargs) + def list_csm_threats_agent_rules( + self, + ) -> CloudWorkloadSecurityAgentRulesListResponse: + """Get all CSM Threats Agent rules. + + Get the list of Cloud Security Management Threats Agent rules. + + :rtype: CloudWorkloadSecurityAgentRulesListResponse + """ + kwargs: Dict[str, Any] = {} + return self._list_csm_threats_agent_rules_endpoint.call_with_http_info(**kwargs) + def update_cloud_workload_security_agent_rule( self, agent_rule_id: str, @@ -257,3 +428,26 @@ def update_cloud_workload_security_agent_rule( kwargs["body"] = body return self._update_cloud_workload_security_agent_rule_endpoint.call_with_http_info(**kwargs) + + def update_csm_threats_agent_rule( + self, + agent_rule_id: str, + body: CloudWorkloadSecurityAgentRuleUpdateRequest, + ) -> CloudWorkloadSecurityAgentRuleResponse: + """Update a CSM Threats Agent rule. + + Update a specific Cloud Security Management Threats Agent rule. + Returns the Agent rule object when the request is successful. + + :param agent_rule_id: The ID of the Agent rule. + :type agent_rule_id: str + :param body: New definition of the Agent rule. + :type body: CloudWorkloadSecurityAgentRuleUpdateRequest + :rtype: CloudWorkloadSecurityAgentRuleResponse + """ + kwargs: Dict[str, Any] = {} + kwargs["agent_rule_id"] = agent_rule_id + + kwargs["body"] = body + + return self._update_csm_threats_agent_rule_endpoint.call_with_http_info(**kwargs) diff --git a/tests/v2/features/cloud_workload_security.feature b/tests/v2/features/cloud_workload_security.feature index ae068c81dc..0154864406 100644 --- a/tests/v2/features/cloud_workload_security.feature +++ b/tests/v2/features/cloud_workload_security.feature @@ -10,6 +10,27 @@ Feature: Cloud Workload Security And a valid "appKeyAuth" key in the system And an instance of "CloudWorkloadSecurity" API + @generated @skip @team:DataDog/k9-cloud-security-platform @team:DataDog/k9-cws-backend + Scenario: Create a CSM Threats Agent rule returns "Bad Request" response + Given new "CreateCSMThreatsAgentRule" request + And body with value {"data": {"attributes": {"description": "My Agent rule", "enabled": true, "expression": "exec.file.name == \\\"sh\\\"", "name": "my_agent_rule"}, "type": "agent_rule"}} + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/k9-cloud-security-platform @team:DataDog/k9-cws-backend + Scenario: Create a CSM Threats Agent rule returns "Conflict" response + Given new "CreateCSMThreatsAgentRule" request + And body with value {"data": {"attributes": {"description": "My Agent rule", "enabled": true, "expression": "exec.file.name == \\\"sh\\\"", "name": "my_agent_rule"}, "type": "agent_rule"}} + When the request is sent + Then the response status is 409 Conflict + + @generated @skip @team:DataDog/k9-cloud-security-platform @team:DataDog/k9-cws-backend + Scenario: Create a CSM Threats Agent rule returns "OK" response + Given new "CreateCSMThreatsAgentRule" request + And body with value {"data": {"attributes": {"description": "My Agent rule", "enabled": true, "expression": "exec.file.name == \\\"sh\\\"", "name": "my_agent_rule"}, "type": "agent_rule"}} + When the request is sent + Then the response status is 200 OK + @team:DataDog/k9-cloud-security-platform @team:DataDog/k9-cws-backend Scenario: Create a Cloud Workload Security Agent rule returns "Bad Request" response Given new "CreateCloudWorkloadSecurityAgentRule" request @@ -33,6 +54,20 @@ Feature: Cloud Workload Security And the response "data.type" is equal to "agent_rule" And the response "data.attributes.description" is equal to "Test Agent rule" + @generated @skip @team:DataDog/k9-cloud-security-platform @team:DataDog/k9-cws-backend + Scenario: Delete a CSM Threats Agent rule returns "Not Found" response + Given new "DeleteCSMThreatsAgentRule" request + And request contains "agent_rule_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 404 Not Found + + @generated @skip @team:DataDog/k9-cloud-security-platform @team:DataDog/k9-cws-backend + Scenario: Delete a CSM Threats Agent rule returns "OK" response + Given new "DeleteCSMThreatsAgentRule" request + And request contains "agent_rule_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 204 OK + @team:DataDog/k9-cloud-security-platform @team:DataDog/k9-cws-backend Scenario: Delete a Cloud Workload Security Agent rule returns "Not Found" response Given new "DeleteCloudWorkloadSecurityAgentRule" request @@ -48,6 +83,20 @@ Feature: Cloud Workload Security When the request is sent Then the response status is 204 OK + @generated @skip @team:DataDog/k9-cloud-security-platform @team:DataDog/k9-cws-backend + Scenario: Get a CSM Threats Agent rule returns "Not Found" response + Given new "GetCSMThreatsAgentRule" request + And request contains "agent_rule_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 404 Not Found + + @generated @skip @team:DataDog/k9-cloud-security-platform @team:DataDog/k9-cws-backend + Scenario: Get a CSM Threats Agent rule returns "OK" response + Given new "GetCSMThreatsAgentRule" request + And request contains "agent_rule_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 200 OK + @team:DataDog/k9-cloud-security-platform @team:DataDog/k9-cws-backend Scenario: Get a Cloud Workload Security Agent rule returns "Not Found" response Given new "GetCloudWorkloadSecurityAgentRule" request @@ -65,6 +114,12 @@ Feature: Cloud Workload Security And the response "data.type" is equal to "agent_rule" And the response "data.attributes.description" is equal to "My Agent rule" + @generated @skip @team:DataDog/k9-cloud-security-platform @team:DataDog/k9-cws-backend + Scenario: Get all CSM Threats Agent rules returns "OK" response + Given new "ListCSMThreatsAgentRules" request + When the request is sent + Then the response status is 200 OK + @team:DataDog/k9-cloud-security-platform @team:DataDog/k9-cws-backend Scenario: Get all Cloud Workload Security Agent rules returns "OK" response Given there is a valid "agent_rule" in the system @@ -79,6 +134,38 @@ Feature: Cloud Workload Security When the request is sent Then the response status is 200 OK + @generated @skip @team:DataDog/k9-cloud-security-platform @team:DataDog/k9-cws-backend + Scenario: Update a CSM Threats Agent rule returns "Bad Request" response + Given new "UpdateCSMThreatsAgentRule" request + And request contains "agent_rule_id" parameter from "REPLACE.ME" + And body with value {"data": {"attributes": {"description": "My Agent rule", "enabled": true, "expression": "exec.file.name == \\\"sh\\\""}, "type": "agent_rule"}} + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/k9-cloud-security-platform @team:DataDog/k9-cws-backend + Scenario: Update a CSM Threats Agent rule returns "Concurrent Modification" response + Given new "UpdateCSMThreatsAgentRule" request + And request contains "agent_rule_id" parameter from "REPLACE.ME" + And body with value {"data": {"attributes": {"description": "My Agent rule", "enabled": true, "expression": "exec.file.name == \\\"sh\\\""}, "type": "agent_rule"}} + When the request is sent + Then the response status is 409 Concurrent Modification + + @generated @skip @team:DataDog/k9-cloud-security-platform @team:DataDog/k9-cws-backend + Scenario: Update a CSM Threats Agent rule returns "Not Found" response + Given new "UpdateCSMThreatsAgentRule" request + And request contains "agent_rule_id" parameter from "REPLACE.ME" + And body with value {"data": {"attributes": {"description": "My Agent rule", "enabled": true, "expression": "exec.file.name == \\\"sh\\\""}, "type": "agent_rule"}} + When the request is sent + Then the response status is 404 Not Found + + @generated @skip @team:DataDog/k9-cloud-security-platform @team:DataDog/k9-cws-backend + Scenario: Update a CSM Threats Agent rule returns "OK" response + Given new "UpdateCSMThreatsAgentRule" request + And request contains "agent_rule_id" parameter from "REPLACE.ME" + And body with value {"data": {"attributes": {"description": "My Agent rule", "enabled": true, "expression": "exec.file.name == \\\"sh\\\""}, "type": "agent_rule"}} + When the request is sent + Then the response status is 200 OK + @team:DataDog/k9-cloud-security-platform @team:DataDog/k9-cws-backend Scenario: Update a Cloud Workload Security Agent rule returns "Bad Request" response Given there is a valid "agent_rule" in the system diff --git a/tests/v2/features/given.json b/tests/v2/features/given.json index 8c2a75b9b1..a8b7a075c4 100644 --- a/tests/v2/features/given.json +++ b/tests/v2/features/given.json @@ -355,6 +355,18 @@ "tag": "Powerpack", "operationId": "CreatePowerpack" }, + { + "parameters": [ + { + "name": "body", + "value": "{\n \"data\": {\n \"type\": \"agent_rule\",\n \"attributes\": {\n \"name\": \"{{ unique_lower_alnum }}\",\n \"description\": \"My Agent rule\",\n \"expression\": \"exec.file.name == \\\"sh\\\"\",\n \"enabled\": true\n }\n }\n}" + } + ], + "step": "there is a valid \"agent_rule\" in the system", + "key": "agent_rule", + "tag": "Cloud Workload Security", + "operationId": "CreateCSMThreatsAgentRule" + }, { "parameters": [ { diff --git a/tests/v2/features/undo.json b/tests/v2/features/undo.json index 387676557a..1b4b5d685f 100644 --- a/tests/v2/features/undo.json +++ b/tests/v2/features/undo.json @@ -1333,6 +1333,43 @@ "type": "idempotent" } }, + "ListCSMThreatsAgentRules": { + "tag": "Cloud Workload Security", + "undo": { + "type": "safe" + } + }, + "CreateCSMThreatsAgentRule": { + "tag": "Cloud Workload Security", + "undo": { + "operationId": "DeleteCSMThreatsAgentRule", + "parameters": [ + { + "name": "agent_rule_id", + "source": "data.id" + } + ], + "type": "unsafe" + } + }, + "DeleteCSMThreatsAgentRule": { + "tag": "Cloud Workload Security", + "undo": { + "type": "idempotent" + } + }, + "GetCSMThreatsAgentRule": { + "tag": "Cloud Workload Security", + "undo": { + "type": "safe" + } + }, + "UpdateCSMThreatsAgentRule": { + "tag": "Cloud Workload Security", + "undo": { + "type": "idempotent" + } + }, "DeleteRestrictionPolicy": { "tag": "Restriction Policies", "undo": {