Document new resource_collection and `is_security_command_center_en…

…abled` fields in GCP APIs (#1804) Co-authored-by: ci.datadog-api-spec <[email protected]> Co-authored-by: api-clients-generation-pipeline[bot] <54105614+api-clients-generation-pipeline[bot]@users.noreply.github.com>
DataDog · Dec 14, 2023 · e63972a · e63972a
1 parent 12e5833
commit e63972a
Show file tree

Hide file tree

Showing 24 changed files with 450 additions and 28 deletions.
diff --git a/.apigentools-info b/.apigentools-info
@@ -4,13 +4,13 @@
     "spec_versions": {
         "v1": {
             "apigentools_version": "1.6.6",
-            "regenerated": "2023-12-14 10:49:25.707098",
-            "spec_repo_commit": "43a99a56"
+            "regenerated": "2023-12-14 17:13:00.567226",
+            "spec_repo_commit": "fd0b0fcb"
         },
         "v2": {
             "apigentools_version": "1.6.6",
-            "regenerated": "2023-12-14 10:49:25.793558",
-            "spec_repo_commit": "43a99a56"
+            "regenerated": "2023-12-14 17:13:00.585680",
+            "spec_repo_commit": "fd0b0fcb"
         }
     }
 }
diff --git a/.generator/schemas/v1/openapi.yaml b/.generator/schemas/v1/openapi.yaml
@@ -3212,8 +3212,16 @@ components:
           type: string
         is_cspm_enabled:
           default: false
-          description: When enabled, Datadog performs configuration checks across
-            your Google Cloud environment by continuously scanning every resource.
+          description: 'When enabled, Datadog will activate the Cloud Security Monitoring
+            product for this service account. Note: This requires resource_collection_enabled
+            to be set to true.'
+          example: true
+          type: boolean
+        is_security_command_center_enabled:
+          default: false
+          description: 'When enabled, Datadog will attempt to collect Security Command
+            Center Findings. Note: This requires additional permissions on the service
+            account.'
           example: true
           type: boolean
         private_key:
@@ -3229,6 +3237,11 @@ components:
             key.
           example: datadog-apitest
           type: string
+        resource_collection_enabled:
+          default: false
+          description: When enabled, Datadog scans for all resources in your GCP environment.
+          example: true
+          type: boolean
         token_uri:
           description: Should be `https://accounts.google.com/o/oauth2/token`.
           example: https://accounts.google.com/o/oauth2/token

diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml
@@ -6393,8 +6393,20 @@ components:
             type: string
           type: array
         is_cspm_enabled:
-          description: When enabled, Datadog performs configuration checks across
-            your Google Cloud environment by continuously scanning every resource.
+          description: 'When enabled, Datadog will activate the Cloud Security Monitoring
+            product for this service account. Note: This requires resource_collection_enabled
+            to be set to true.'
+          type: boolean
+        is_security_command_center_enabled:
+          default: false
+          description: 'When enabled, Datadog will attempt to collect Security Command
+            Center Findings. Note: This requires additional permissions on the service
+            account.'
+          example: true
+          type: boolean
+        resource_collection_enabled:
+          default: false
+          description: When enabled, Datadog scans for all resources in your GCP environment.
           type: boolean
       type: object
     GCPSTSServiceAccountCreateRequest:

diff --git a/examples/v1/gcp-integration/CreateGCPIntegration.py b/examples/v1/gcp-integration/CreateGCPIntegration.py
@@ -17,9 +17,11 @@
     ],
     host_filters="key:value,filter:example",
     is_cspm_enabled=True,
+    is_security_command_center_enabled=True,
     private_key="private_key",
     private_key_id="123456789abcdefghi123456789abcdefghijklm",
     project_id="datadog-apitest",
+    resource_collection_enabled=True,
     token_uri="https://accounts.google.com/o/oauth2/token",
     type="service_account",
 )

diff --git a/examples/v1/gcp-integration/DeleteGCPIntegration.py b/examples/v1/gcp-integration/DeleteGCPIntegration.py
@@ -17,9 +17,11 @@
     ],
     host_filters="key:value,filter:example",
     is_cspm_enabled=True,
+    is_security_command_center_enabled=True,
     private_key="private_key",
     private_key_id="123456789abcdefghi123456789abcdefghijklm",
     project_id="datadog-apitest",
+    resource_collection_enabled=True,
     token_uri="https://accounts.google.com/o/oauth2/token",
     type="service_account",
 )

diff --git a/examples/v1/gcp-integration/UpdateGCPIntegration.py b/examples/v1/gcp-integration/UpdateGCPIntegration.py
@@ -17,9 +17,11 @@
     ],
     host_filters="key:value,filter:example",
     is_cspm_enabled=True,
+    is_security_command_center_enabled=True,
     private_key="private_key",
     private_key_id="123456789abcdefghi123456789abcdefghijklm",
     project_id="datadog-apitest",
+    resource_collection_enabled=True,
     token_uri="https://accounts.google.com/o/oauth2/token",
     type="service_account",
 )

diff --git a/examples/v2/gcp-integration/CreateGCPSTSAccount_130557025.py b/examples/v2/gcp-integration/CreateGCPSTSAccount_130557025.py
@@ -0,0 +1,28 @@
+"""
+Create a new entry for your service account with resource collection enabled returns "OK" response
+"""
+
+from datadog_api_client import ApiClient, Configuration
+from datadog_api_client.v2.api.gcp_integration_api import GCPIntegrationApi
+from datadog_api_client.v2.model.gcp_service_account_type import GCPServiceAccountType
+from datadog_api_client.v2.model.gcpsts_service_account_attributes import GCPSTSServiceAccountAttributes
+from datadog_api_client.v2.model.gcpsts_service_account_create_request import GCPSTSServiceAccountCreateRequest
+from datadog_api_client.v2.model.gcpsts_service_account_data import GCPSTSServiceAccountData
+
+body = GCPSTSServiceAccountCreateRequest(
+    data=GCPSTSServiceAccountData(
+        attributes=GCPSTSServiceAccountAttributes(
+            resource_collection_enabled=True,
+            client_email="[email protected]",
+            host_filters=[],
+        ),
+        type=GCPServiceAccountType.GCP_SERVICE_ACCOUNT,
+    ),
+)
+
+configuration = Configuration()
+with ApiClient(configuration) as api_client:
+    api_instance = GCPIntegrationApi(api_client)
+    response = api_instance.create_gcpsts_account(body=body)
+
+    print(response)
diff --git a/examples/v2/gcp-integration/CreateGCPSTSAccount_2597004741.py b/examples/v2/gcp-integration/CreateGCPSTSAccount_2597004741.py
@@ -0,0 +1,28 @@
+"""
+Create a new entry for your service account with security command center enabled returns "OK" response
+"""
+
+from datadog_api_client import ApiClient, Configuration
+from datadog_api_client.v2.api.gcp_integration_api import GCPIntegrationApi
+from datadog_api_client.v2.model.gcp_service_account_type import GCPServiceAccountType
+from datadog_api_client.v2.model.gcpsts_service_account_attributes import GCPSTSServiceAccountAttributes
+from datadog_api_client.v2.model.gcpsts_service_account_create_request import GCPSTSServiceAccountCreateRequest
+from datadog_api_client.v2.model.gcpsts_service_account_data import GCPSTSServiceAccountData
+
+body = GCPSTSServiceAccountCreateRequest(
+    data=GCPSTSServiceAccountData(
+        attributes=GCPSTSServiceAccountAttributes(
+            is_security_command_center_enabled=True,
+            client_email="[email protected]",
+            host_filters=[],
+        ),
+        type=GCPServiceAccountType.GCP_SERVICE_ACCOUNT,
+    ),
+)
+
+configuration = Configuration()
+with ApiClient(configuration) as api_client:
+    api_instance = GCPIntegrationApi(api_client)
+    response = api_instance.create_gcpsts_account(body=body)
+
+    print(response)
diff --git a/examples/v2/gcp-integration/CreateGCPSTSAccount_4235664992.py b/examples/v2/gcp-integration/CreateGCPSTSAccount_4235664992.py
@@ -0,0 +1,28 @@
+"""
+Create a new entry for your service account with cspm enabled returns "OK" response
+"""
+
+from datadog_api_client import ApiClient, Configuration
+from datadog_api_client.v2.api.gcp_integration_api import GCPIntegrationApi
+from datadog_api_client.v2.model.gcp_service_account_type import GCPServiceAccountType
+from datadog_api_client.v2.model.gcpsts_service_account_attributes import GCPSTSServiceAccountAttributes
+from datadog_api_client.v2.model.gcpsts_service_account_create_request import GCPSTSServiceAccountCreateRequest
+from datadog_api_client.v2.model.gcpsts_service_account_data import GCPSTSServiceAccountData
+
+body = GCPSTSServiceAccountCreateRequest(
+    data=GCPSTSServiceAccountData(
+        attributes=GCPSTSServiceAccountAttributes(
+            is_cspm_enabled=True,
+            client_email="[email protected]",
+            host_filters=[],
+        ),
+        type=GCPServiceAccountType.GCP_SERVICE_ACCOUNT,
+    ),
+)
+
+configuration = Configuration()
+with ApiClient(configuration) as api_client:
+    api_instance = GCPIntegrationApi(api_client)
+    response = api_instance.create_gcpsts_account(body=body)
+
+    print(response)
diff --git a/examples/v2/gcp-integration/UpdateGCPSTSAccount_3205636354.py b/examples/v2/gcp-integration/UpdateGCPSTSAccount_3205636354.py
@@ -0,0 +1,32 @@
+"""
+Update STS Service Account returns "OK" response with enable resource collection turned on
+"""
+
+from os import environ
+from datadog_api_client import ApiClient, Configuration
+from datadog_api_client.v2.api.gcp_integration_api import GCPIntegrationApi
+from datadog_api_client.v2.model.gcp_service_account_type import GCPServiceAccountType
+from datadog_api_client.v2.model.gcpsts_service_account_attributes import GCPSTSServiceAccountAttributes
+from datadog_api_client.v2.model.gcpsts_service_account_update_request import GCPSTSServiceAccountUpdateRequest
+from datadog_api_client.v2.model.gcpsts_service_account_update_request_data import GCPSTSServiceAccountUpdateRequestData
+
+# there is a valid "gcp_sts_account" in the system
+GCP_STS_ACCOUNT_DATA_ID = environ["GCP_STS_ACCOUNT_DATA_ID"]
+
+body = GCPSTSServiceAccountUpdateRequest(
+    data=GCPSTSServiceAccountUpdateRequestData(
+        attributes=GCPSTSServiceAccountAttributes(
+            client_email="[email protected]",
+            resource_collection_enabled=True,
+        ),
+        id=GCP_STS_ACCOUNT_DATA_ID,
+        type=GCPServiceAccountType.GCP_SERVICE_ACCOUNT,
+    ),
+)
+
+configuration = Configuration()
+with ApiClient(configuration) as api_client:
+    api_instance = GCPIntegrationApi(api_client)
+    response = api_instance.update_gcpsts_account(account_id=GCP_STS_ACCOUNT_DATA_ID, body=body)
+
+    print(response)
diff --git a/src/datadog_api_client/v1/model/gcp_account.py b/src/datadog_api_client/v1/model/gcp_account.py
@@ -26,9 +26,11 @@ def openapi_types(_):
             "errors": ([str],),
             "host_filters": (str,),
             "is_cspm_enabled": (bool,),
+            "is_security_command_center_enabled": (bool,),
             "private_key": (str,),
             "private_key_id": (str,),
             "project_id": (str,),
+            "resource_collection_enabled": (bool,),
             "token_uri": (str,),
             "type": (str,),
         }
@@ -43,9 +45,11 @@ def openapi_types(_):
         "errors": "errors",
         "host_filters": "host_filters",
         "is_cspm_enabled": "is_cspm_enabled",
+        "is_security_command_center_enabled": "is_security_command_center_enabled",
         "private_key": "private_key",
         "private_key_id": "private_key_id",
         "project_id": "project_id",
+        "resource_collection_enabled": "resource_collection_enabled",
         "token_uri": "token_uri",
         "type": "type",
     }
@@ -61,9 +65,11 @@ def __init__(
         errors: Union[List[str], UnsetType] = unset,
         host_filters: Union[str, UnsetType] = unset,
         is_cspm_enabled: Union[bool, UnsetType] = unset,
+        is_security_command_center_enabled: Union[bool, UnsetType] = unset,
         private_key: Union[str, UnsetType] = unset,
         private_key_id: Union[str, UnsetType] = unset,
         project_id: Union[str, UnsetType] = unset,
+        resource_collection_enabled: Union[bool, UnsetType] = unset,
         token_uri: Union[str, UnsetType] = unset,
         type: Union[str, UnsetType] = unset,
         **kwargs,
@@ -97,9 +103,12 @@ def __init__(
             Only hosts that match one of the defined tags are imported into Datadog.
         :type host_filters: str, optional
 
-        :param is_cspm_enabled: When enabled, Datadog performs configuration checks across your Google Cloud environment by continuously scanning every resource.
+        :param is_cspm_enabled: When enabled, Datadog will activate the Cloud Security Monitoring product for this service account. Note: This requires resource_collection_enabled to be set to true.
         :type is_cspm_enabled: bool, optional
 
+        :param is_security_command_center_enabled: When enabled, Datadog will attempt to collect Security Command Center Findings. Note: This requires additional permissions on the service account.
+        :type is_security_command_center_enabled: bool, optional
+
         :param private_key: Your private key name found in your JSON service account key.
         :type private_key: str, optional
 
@@ -109,6 +118,9 @@ def __init__(
         :param project_id: Your Google Cloud project ID found in your JSON service account key.
         :type project_id: str, optional
 
+        :param resource_collection_enabled: When enabled, Datadog scans for all resources in your GCP environment.
+        :type resource_collection_enabled: bool, optional
+
         :param token_uri: Should be ``https://accounts.google.com/o/oauth2/token``.
         :type token_uri: str, optional
 
@@ -133,12 +145,16 @@ def __init__(
             kwargs["host_filters"] = host_filters
         if is_cspm_enabled is not unset:
             kwargs["is_cspm_enabled"] = is_cspm_enabled
+        if is_security_command_center_enabled is not unset:
+            kwargs["is_security_command_center_enabled"] = is_security_command_center_enabled
         if private_key is not unset:
             kwargs["private_key"] = private_key
         if private_key_id is not unset:
             kwargs["private_key_id"] = private_key_id
         if project_id is not unset:
             kwargs["project_id"] = project_id
+        if resource_collection_enabled is not unset:
+            kwargs["resource_collection_enabled"] = resource_collection_enabled
         if token_uri is not unset:
             kwargs["token_uri"] = token_uri
         if type is not unset:

diff --git a/src/datadog_api_client/v2/model/gcpsts_service_account_attributes.py b/src/datadog_api_client/v2/model/gcpsts_service_account_attributes.py
@@ -22,6 +22,8 @@ def openapi_types(_):
             "client_email": (str,),
             "host_filters": ([str],),
             "is_cspm_enabled": (bool,),
+            "is_security_command_center_enabled": (bool,),
+            "resource_collection_enabled": (bool,),
         }
 
     attribute_map = {
@@ -30,6 +32,8 @@ def openapi_types(_):
         "client_email": "client_email",
         "host_filters": "host_filters",
         "is_cspm_enabled": "is_cspm_enabled",
+        "is_security_command_center_enabled": "is_security_command_center_enabled",
+        "resource_collection_enabled": "resource_collection_enabled",
     }
 
     def __init__(
@@ -39,6 +43,8 @@ def __init__(
         client_email: Union[str, UnsetType] = unset,
         host_filters: Union[List[str], UnsetType] = unset,
         is_cspm_enabled: Union[bool, UnsetType] = unset,
+        is_security_command_center_enabled: Union[bool, UnsetType] = unset,
+        resource_collection_enabled: Union[bool, UnsetType] = unset,
         **kwargs,
     ):
         """
@@ -56,8 +62,14 @@ def __init__(
         :param host_filters: Your Host Filters.
         :type host_filters: [str], optional
 
-        :param is_cspm_enabled: When enabled, Datadog performs configuration checks across your Google Cloud environment by continuously scanning every resource.
+        :param is_cspm_enabled: When enabled, Datadog will activate the Cloud Security Monitoring product for this service account. Note: This requires resource_collection_enabled to be set to true.
         :type is_cspm_enabled: bool, optional
+
+        :param is_security_command_center_enabled: When enabled, Datadog will attempt to collect Security Command Center Findings. Note: This requires additional permissions on the service account.
+        :type is_security_command_center_enabled: bool, optional
+
+        :param resource_collection_enabled: When enabled, Datadog scans for all resources in your GCP environment.
+        :type resource_collection_enabled: bool, optional
         """
         if account_tags is not unset:
             kwargs["account_tags"] = account_tags
@@ -69,4 +81,8 @@ def __init__(
             kwargs["host_filters"] = host_filters
         if is_cspm_enabled is not unset:
             kwargs["is_cspm_enabled"] = is_cspm_enabled
+        if is_security_command_center_enabled is not unset:
+            kwargs["is_security_command_center_enabled"] = is_security_command_center_enabled
+        if resource_collection_enabled is not unset:
+            kwargs["resource_collection_enabled"] = resource_collection_enabled
         super().__init__(kwargs)