From aad3962811900f7d0bd5982e75ee200495bb49d7 Mon Sep 17 00:00:00 2001 From: "ci.datadog-api-spec" Date: Fri, 22 May 2026 14:34:03 +0000 Subject: [PATCH] Regenerate client from commit 0ee9838 of spec repo --- .generator/schemas/v2/openapi.yaml | 600 +++++++++++++++++- docs/datadog_api_client.v2.model.rst | 105 +++ .../CreateApplicationSecurityWafPolicy.py | 52 ++ .../DeleteApplicationSecurityWafPolicy.py | 13 + .../GetApplicationSecurityWafPolicy.py | 19 + .../ListApplicationSecurityWAFPolicies.py | 13 + .../UpdateApplicationSecurityWafPolicy.py | 62 ++ .../v2/api/application_security_api.py | 202 ++++++ .../application_security_policy_attributes.py | 114 ++++ ...ation_security_policy_create_attributes.py | 121 ++++ ...application_security_policy_create_data.py | 54 ++ ...lication_security_policy_create_request.py | 42 ++ .../model/application_security_policy_data.py | 80 +++ ...plication_security_policy_list_response.py | 42 ++ .../application_security_policy_metadata.py | 81 +++ .../application_security_policy_response.py | 42 ++ ...plication_security_policy_rule_override.py | 62 ++ ...cation_security_policy_ruleset_override.py | 45 ++ .../application_security_policy_scope.py | 39 ++ .../model/application_security_policy_type.py | 35 + ...ation_security_policy_update_attributes.py | 109 ++++ ...application_security_policy_update_data.py | 54 ++ ...lication_security_policy_update_request.py | 42 ++ ...ion_security_waf_custom_rule_attributes.py | 2 +- ...urity_waf_custom_rule_create_attributes.py | 2 +- ...urity_waf_custom_rule_update_attributes.py | 2 +- src/datadog_api_client/v2/models/__init__.py | 40 ++ ...waf_policy_returns_created_response.frozen | 1 + ...a_waf_policy_returns_created_response.yaml | 40 ++ ...et_a_waf_policy_returns_ok_response.frozen | 1 + ..._get_a_waf_policy_returns_ok_response.yaml | 57 ++ ...ll_waf_policies_returns_ok_response.frozen | 1 + ..._all_waf_policies_returns_ok_response.yaml | 30 + .../v2/features/application_security.feature | 88 +++ tests/v2/features/given.json | 12 + tests/v2/features/undo.json | 37 ++ 36 files changed, 2335 insertions(+), 6 deletions(-) create mode 100644 examples/v2/application-security/CreateApplicationSecurityWafPolicy.py create mode 100644 examples/v2/application-security/DeleteApplicationSecurityWafPolicy.py create mode 100644 examples/v2/application-security/GetApplicationSecurityWafPolicy.py create mode 100644 examples/v2/application-security/ListApplicationSecurityWAFPolicies.py create mode 100644 examples/v2/application-security/UpdateApplicationSecurityWafPolicy.py create mode 100644 src/datadog_api_client/v2/model/application_security_policy_attributes.py create mode 100644 src/datadog_api_client/v2/model/application_security_policy_create_attributes.py create mode 100644 src/datadog_api_client/v2/model/application_security_policy_create_data.py create mode 100644 src/datadog_api_client/v2/model/application_security_policy_create_request.py create mode 100644 src/datadog_api_client/v2/model/application_security_policy_data.py create mode 100644 src/datadog_api_client/v2/model/application_security_policy_list_response.py create mode 100644 src/datadog_api_client/v2/model/application_security_policy_metadata.py create mode 100644 src/datadog_api_client/v2/model/application_security_policy_response.py create mode 100644 src/datadog_api_client/v2/model/application_security_policy_rule_override.py create mode 100644 src/datadog_api_client/v2/model/application_security_policy_ruleset_override.py create mode 100644 src/datadog_api_client/v2/model/application_security_policy_scope.py create mode 100644 src/datadog_api_client/v2/model/application_security_policy_type.py create mode 100644 src/datadog_api_client/v2/model/application_security_policy_update_attributes.py create mode 100644 src/datadog_api_client/v2/model/application_security_policy_update_data.py create mode 100644 src/datadog_api_client/v2/model/application_security_policy_update_request.py create mode 100644 tests/v2/cassettes/test_scenarios/test_create_a_waf_policy_returns_created_response.frozen create mode 100644 tests/v2/cassettes/test_scenarios/test_create_a_waf_policy_returns_created_response.yaml create mode 100644 tests/v2/cassettes/test_scenarios/test_get_a_waf_policy_returns_ok_response.frozen create mode 100644 tests/v2/cassettes/test_scenarios/test_get_a_waf_policy_returns_ok_response.yaml create mode 100644 tests/v2/cassettes/test_scenarios/test_list_all_waf_policies_returns_ok_response.frozen create mode 100644 tests/v2/cassettes/test_scenarios/test_list_all_waf_policies_returns_ok_response.yaml diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index 97213ec2fe..fb4e1f36c6 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -155,6 +155,14 @@ components: required: false schema: $ref: "#/components/schemas/ApplicationKeysSort" + ApplicationSecurityPolicyIDParam: + description: The ID of the policy. + example: recommended + in: path + name: policy_id + required: true + schema: + type: string ApplicationSecurityWafCustomRuleIDParam: description: The ID of the custom rule. example: 3b5-v82-ns6 @@ -5119,6 +5127,333 @@ components: type: string x-enum-varnames: - APPLICATION_KEYS + ApplicationSecurityPolicyAttributes: + description: "A WAF policy." + properties: + description: + description: Description of the WAF policy. + example: "Policy applied to internal web applications." + type: string + isDefault: + description: |- + Make this policy the default policy. The default policy is applied to + every service not specifically assigned to another policy. + example: false + type: boolean + name: + description: The name of the WAF policy. + example: "Internal Network Policy" + type: string + protectionPresets: + description: Presets enabled on this policy. + items: + example: attack-tools + type: string + type: array + rules: + description: Rule overrides applied by the policy. + items: + $ref: "#/components/schemas/ApplicationSecurityPolicyRuleOverride" + type: array + rulesets: + deprecated: true + description: "Deprecated: Ruleset overrides. Use `protectionPresets` instead." + items: + $ref: "#/components/schemas/ApplicationSecurityPolicyRulesetOverride" + type: array + scope: + description: The scope of the WAF policy. + items: + $ref: "#/components/schemas/ApplicationSecurityPolicyScope" + type: array + version: + default: 0 + description: Version of the WAF ruleset maintained by Datadog used by this policy. 0 is the default value. + example: 0 + format: int64 + type: integer + required: + - name + - description + type: object + ApplicationSecurityPolicyCreateAttributes: + description: "Create a new WAF policy." + properties: + basedOn: + description: When creating a new policy, clone the policy indicated by this identifier. + example: recommended + type: string + description: + description: Description of the WAF policy. + example: "Policy applied to internal web applications." + type: string + isDefault: + description: |- + Make this policy the default policy. The default policy is applied to + every service not specifically assigned to another policy. + example: false + type: boolean + name: + description: The name of the WAF policy. + example: "Internal Network Policy" + type: string + protectionPresets: + description: Presets enabled on this policy. + items: + example: attack-tools + type: string + type: array + rules: + description: Rule overrides applied by the policy. + items: + $ref: "#/components/schemas/ApplicationSecurityPolicyRuleOverride" + type: array + rulesets: + deprecated: true + description: "Deprecated: Ruleset overrides. Use `protectionPresets` instead." + items: + $ref: "#/components/schemas/ApplicationSecurityPolicyRulesetOverride" + type: array + scope: + description: The scope of the WAF policy. + items: + $ref: "#/components/schemas/ApplicationSecurityPolicyScope" + type: array + version: + default: 0 + description: Version of the WAF ruleset maintained by Datadog used by this policy. 0 is the default value. + example: 0 + format: int64 + type: integer + required: + - name + - description + - basedOn + type: object + ApplicationSecurityPolicyCreateData: + description: Object for a single WAF policy. + properties: + attributes: + $ref: "#/components/schemas/ApplicationSecurityPolicyCreateAttributes" + type: + $ref: "#/components/schemas/ApplicationSecurityPolicyType" + required: + - attributes + - type + type: object + ApplicationSecurityPolicyCreateRequest: + description: Request object that includes the policy to create. + properties: + data: + $ref: "#/components/schemas/ApplicationSecurityPolicyCreateData" + required: + - data + type: object + ApplicationSecurityPolicyData: + description: Object for a single WAF policy. + properties: + attributes: + $ref: "#/components/schemas/ApplicationSecurityPolicyAttributes" + id: + description: "The ID of the policy." + example: "2857c47d-1e3a-4300-8b2f-dc24089c084b" + readOnly: true + type: string + meta: + $ref: "#/components/schemas/ApplicationSecurityPolicyMetadata" + type: + $ref: "#/components/schemas/ApplicationSecurityPolicyType" + type: object + ApplicationSecurityPolicyListResponse: + description: Response object that includes a list of WAF policies. + properties: + data: + description: The WAF policy data. + items: + $ref: "#/components/schemas/ApplicationSecurityPolicyData" + type: array + type: object + ApplicationSecurityPolicyMetadata: + description: Metadata associated with the WAF policy. + properties: + added_at: + description: The date and time the WAF policy was created. + example: "2021-01-01T00:00:00Z" + format: date-time + type: string + added_by: + description: The handle of the user who created the WAF policy. + example: "john.doe@datadoghq.com" + type: string + added_by_name: + description: The name of the user who created the WAF policy. + example: "John Doe" + type: string + modified_at: + description: The date and time the WAF policy was last updated. + example: "2021-01-01T00:00:00Z" + format: date-time + type: string + modified_by: + description: The handle of the user who last updated the WAF policy. + example: "john.doe@datadoghq.com" + type: string + modified_by_name: + description: The name of the user who last updated the WAF policy. + example: "John Doe" + type: string + readOnly: true + type: object + ApplicationSecurityPolicyResponse: + description: Response object that includes a single WAF policy. + properties: + data: + $ref: "#/components/schemas/ApplicationSecurityPolicyData" + type: object + ApplicationSecurityPolicyRuleOverride: + description: Override WAF rule parameters for services in a policy. + properties: + blocking: + description: When blocking is enabled, the rule will block the traffic matched by this rule. + example: false + type: boolean + enabled: + description: When false, this rule will not match any traffic. + example: true + type: boolean + extended_data_collection: + description: When true, collects additional data from the WAF for this rule. + example: false + type: boolean + id: + description: Override the parameters for this WAF rule identifier. + example: rasp-001-002 + type: string + required: + - id + - enabled + - blocking + type: object + ApplicationSecurityPolicyRulesetOverride: + deprecated: true + description: "Deprecated: Override WAF ruleset parameters. Use `protectionPresets` instead." + properties: + blocking: + description: When blocking is enabled, the ruleset will block the traffic it matches. + example: false + type: boolean + enabled: + description: When false, this ruleset will not match any traffic. + example: true + type: boolean + id: + description: The identifier of the ruleset to override. + example: attack_tool + type: string + required: + - id + - enabled + - blocking + type: object + ApplicationSecurityPolicyScope: + description: The scope of the WAF policy. + properties: + env: + description: The environment scope for the WAF policy. + example: "prod" + type: string + service: + description: The service scope for the WAF policy. + example: "billing-service" + type: string + required: + - service + - env + type: object + ApplicationSecurityPolicyType: + default: policy + description: The type of the resource. The value should always be `policy`. + enum: + - policy + example: policy + type: string + x-enum-varnames: + - POLICY + ApplicationSecurityPolicyUpdateAttributes: + description: "Update a WAF policy." + properties: + description: + description: Description of the WAF policy. + example: "Policy applied to internal web applications." + type: string + isDefault: + description: |- + Make this policy the default policy. The default policy is applied to + every service not specifically assigned to another policy. + example: false + type: boolean + name: + description: The name of the WAF policy. + example: "Internal Network Policy" + type: string + protectionPresets: + description: Presets enabled on this policy. + example: + - attack-tools + items: + example: attack-tools + type: string + type: array + rules: + description: Rule overrides applied by the policy. + items: + $ref: "#/components/schemas/ApplicationSecurityPolicyRuleOverride" + type: array + rulesets: + deprecated: true + description: "Deprecated: Ruleset overrides. Use `protectionPresets` instead." + items: + $ref: "#/components/schemas/ApplicationSecurityPolicyRulesetOverride" + type: array + scope: + description: The scope of the WAF policy. + items: + $ref: "#/components/schemas/ApplicationSecurityPolicyScope" + type: array + version: + default: 0 + description: Version of the WAF ruleset maintained by Datadog used by this policy. 0 is the default value. + example: 0 + format: int64 + type: integer + required: + - name + - description + - version + - isDefault + - rules + - protectionPresets + - scope + type: object + ApplicationSecurityPolicyUpdateData: + description: Object for a single WAF policy. + properties: + attributes: + $ref: "#/components/schemas/ApplicationSecurityPolicyUpdateAttributes" + type: + $ref: "#/components/schemas/ApplicationSecurityPolicyType" + required: + - attributes + - type + type: object + ApplicationSecurityPolicyUpdateRequest: + description: Request object that includes the policy to update. + properties: + data: + $ref: "#/components/schemas/ApplicationSecurityPolicyUpdateData" + required: + - data + type: object ApplicationSecurityWafCustomRuleAction: description: The definition of `ApplicationSecurityWafCustomRuleAction` object. properties: @@ -5175,7 +5510,7 @@ components: metadata: $ref: "#/components/schemas/ApplicationSecurityWafCustomRuleMetadata" name: - description: The Name of the WAF custom rule. + description: The name of the WAF custom rule. example: "Block request from bad useragent" type: string path_glob: @@ -5412,7 +5747,7 @@ components: example: false type: boolean name: - description: The Name of the WAF custom rule. + description: The name of the WAF custom rule. example: "Block request from a bad useragent" type: string path_glob: @@ -5586,7 +5921,7 @@ components: example: false type: boolean name: - description: The Name of the WAF custom rule. + description: The name of the WAF custom rule. example: "Block request from bad useragent" type: string path_glob: @@ -137948,6 +138283,265 @@ paths: permissions: - appsec_protect_write x-terraform-resource: appsec_waf_exclusion_filter + /api/v2/remote_config/products/asm/waf/policies: + get: + description: Retrieve a list of WAF policies. + operationId: ListApplicationSecurityWAFPolicies + responses: + "200": + content: + application/json: + examples: + default: + value: + data: + - attributes: + description: Monitor security scanners and application attacks such as Server-Side-Request-Forgery (SSRF), SQL Injection, Log4Shell, and Cross-Site-Scripting (XSS). + isDefault: true + name: Managed - Monitoring-only + rules: [] + rulesets: [] + scope: [] + version: 0 + id: recommended + meta: {} + type: policy + - attributes: + description: Block known attack tools without impacting legitimate security scans. + isDefault: false + name: Managed - Block attack tools + protectionPresets: + - attack-tools + rules: [] + rulesets: [] + scope: [] + version: 0 + id: recommended-attack-tools + meta: {} + type: policy + schema: + $ref: "#/components/schemas/ApplicationSecurityPolicyListResponse" + description: OK + "403": + $ref: "#/components/responses/NotAuthorizedResponse" + "429": + $ref: "#/components/responses/TooManyRequestsResponse" + summary: List all WAF policies + tags: + - "Application Security" + post: + description: Create a new WAF policy. + operationId: CreateApplicationSecurityWafPolicy + requestBody: + content: + application/json: + examples: + default: + value: + data: + attributes: + basedOn: recommended + description: Policy applied to internal web applications. + isDefault: false + name: Internal Network Policy + protectionPresets: + - attack-tools + rules: + - blocking: false + enabled: true + id: rasp-001-002 + scope: + - env: prod + service: billing-service + version: 0 + type: policy + schema: + $ref: "#/components/schemas/ApplicationSecurityPolicyCreateRequest" + description: The new WAF policy. + required: true + responses: + "201": + content: + "application/json": + examples: + default: + value: + data: + attributes: + description: Policy applied to internal web applications. + isDefault: false + name: Internal Network Policy + protectionPresets: + - attack-tools + rules: + - blocking: false + enabled: true + id: rasp-001-002 + rulesets: [] + scope: + - env: prod + service: billing-service + version: 0 + id: 841d53b4-4d73-4585-99cc-39dd10883f7c + meta: + added_at: "2026-04-16T10:25:18Z" + added_by: 9919ec9b-ebc7-49ee-8dc8-03626e717cca + added_by_name: CI Account + type: policy + schema: + $ref: "#/components/schemas/ApplicationSecurityPolicyResponse" + description: Created + "400": + $ref: "#/components/responses/BadRequestResponse" + "403": + $ref: "#/components/responses/NotAuthorizedResponse" + "409": + $ref: "#/components/responses/ConcurrentModificationResponse" + "429": + $ref: "#/components/responses/TooManyRequestsResponse" + summary: Create a WAF Policy + tags: + - "Application Security" + x-codegen-request-body-name: body + /api/v2/remote_config/products/asm/waf/policies/{policy_id}: + delete: + description: Delete a specific WAF policy. + operationId: DeleteApplicationSecurityWafPolicy + parameters: + - $ref: "#/components/parameters/ApplicationSecurityPolicyIDParam" + responses: + "204": + description: No Content + "403": + $ref: "#/components/responses/NotAuthorizedResponse" + "404": + $ref: "#/components/responses/NotFoundResponse" + "409": + $ref: "#/components/responses/ConcurrentModificationResponse" + "429": + $ref: "#/components/responses/TooManyRequestsResponse" + summary: Delete a WAF Policy + tags: + - "Application Security" + x-terraform-resource: appsec_waf_policy + get: + description: Retrieve a WAF policy by ID. + operationId: GetApplicationSecurityWafPolicy + parameters: + - $ref: "#/components/parameters/ApplicationSecurityPolicyIDParam" + responses: + "200": + content: + application/json: + examples: + default: + value: + data: + attributes: + description: This is a test policy. + isDefault: false + name: Test policy + rules: [] + rulesets: [] + scope: [] + version: -1 + id: cc3e574d-9b5a-4310-b7f4-5560483f84b1 + meta: + added_at: "2026-04-16T10:25:20Z" + added_by: 9919ec9b-ebc7-49ee-8dc8-03626e717cca + added_by_name: CI Account + type: policy + schema: + $ref: "#/components/schemas/ApplicationSecurityPolicyResponse" + description: OK + "403": + $ref: "#/components/responses/NotAuthorizedResponse" + "429": + $ref: "#/components/responses/TooManyRequestsResponse" + summary: Get a WAF Policy + tags: + - "Application Security" + x-terraform-resource: appsec_waf_policy + put: + description: |- + Update a specific WAF policy. + Returns the policy object when the request is successful. + operationId: UpdateApplicationSecurityWafPolicy + parameters: + - $ref: "#/components/parameters/ApplicationSecurityPolicyIDParam" + requestBody: + content: + application/json: + examples: + default: + value: + data: + attributes: + description: Policy applied to internal web applications. + isDefault: false + name: Internal Network Policy + protectionPresets: + - attack-tools + rules: + - blocking: false + enabled: true + id: rasp-001-002 + scope: + - env: prod + service: billing-service + version: 0 + type: policy + schema: + $ref: "#/components/schemas/ApplicationSecurityPolicyUpdateRequest" + description: New WAF policy. + required: true + responses: + "200": + content: + application/json: + examples: + default: + value: + data: + attributes: + description: Policy applied to internal web applications. + isDefault: false + name: Internal Network Policy + protectionPresets: + - attack-tools + rules: + - blocking: false + enabled: true + id: rasp-001-002 + rulesets: [] + scope: + - env: prod + service: billing-service + version: 0 + id: 841d53b4-4d73-4585-99cc-39dd10883f7c + meta: + added_at: "2026-04-16T10:25:18Z" + added_by: 9919ec9b-ebc7-49ee-8dc8-03626e717cca + added_by_name: CI Account + type: policy + schema: + $ref: "#/components/schemas/ApplicationSecurityPolicyResponse" + description: OK + "400": + $ref: "#/components/responses/BadRequestResponse" + "403": + $ref: "#/components/responses/NotAuthorizedResponse" + "404": + $ref: "#/components/responses/NotFoundResponse" + "409": + $ref: "#/components/responses/ConcurrentModificationResponse" + "429": + $ref: "#/components/responses/TooManyRequestsResponse" + summary: Update a WAF Policy + tags: + - "Application Security" + x-codegen-request-body-name: body + x-terraform-resource: appsec_waf_policy /api/v2/remote_config/products/cws/agent_rules: get: description: |- diff --git a/docs/datadog_api_client.v2.model.rst b/docs/datadog_api_client.v2.model.rst index 7343fa1af3..605bcd1555 100644 --- a/docs/datadog_api_client.v2.model.rst +++ b/docs/datadog_api_client.v2.model.rst @@ -970,6 +970,111 @@ datadog\_api\_client.v2.model.application\_keys\_type module :members: :show-inheritance: +datadog\_api\_client.v2.model.application\_security\_policy\_attributes module +------------------------------------------------------------------------------ + +.. automodule:: datadog_api_client.v2.model.application_security_policy_attributes + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.application\_security\_policy\_create\_attributes module +-------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.application_security_policy_create_attributes + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.application\_security\_policy\_create\_data module +-------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.application_security_policy_create_data + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.application\_security\_policy\_create\_request module +----------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.application_security_policy_create_request + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.application\_security\_policy\_data module +------------------------------------------------------------------------ + +.. automodule:: datadog_api_client.v2.model.application_security_policy_data + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.application\_security\_policy\_list\_response module +---------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.application_security_policy_list_response + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.application\_security\_policy\_metadata module +---------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.application_security_policy_metadata + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.application\_security\_policy\_response module +---------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.application_security_policy_response + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.application\_security\_policy\_rule\_override module +---------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.application_security_policy_rule_override + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.application\_security\_policy\_ruleset\_override module +------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.application_security_policy_ruleset_override + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.application\_security\_policy\_scope module +------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.application_security_policy_scope + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.application\_security\_policy\_type module +------------------------------------------------------------------------ + +.. automodule:: datadog_api_client.v2.model.application_security_policy_type + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.application\_security\_policy\_update\_attributes module +-------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.application_security_policy_update_attributes + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.application\_security\_policy\_update\_data module +-------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.application_security_policy_update_data + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.application\_security\_policy\_update\_request module +----------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.application_security_policy_update_request + :members: + :show-inheritance: + datadog\_api\_client.v2.model.application\_security\_waf\_custom\_rule\_action module ------------------------------------------------------------------------------------- diff --git a/examples/v2/application-security/CreateApplicationSecurityWafPolicy.py b/examples/v2/application-security/CreateApplicationSecurityWafPolicy.py new file mode 100644 index 0000000000..783fc84672 --- /dev/null +++ b/examples/v2/application-security/CreateApplicationSecurityWafPolicy.py @@ -0,0 +1,52 @@ +""" +Create a WAF Policy returns "Created" response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.application_security_api import ApplicationSecurityApi +from datadog_api_client.v2.model.application_security_policy_create_attributes import ( + ApplicationSecurityPolicyCreateAttributes, +) +from datadog_api_client.v2.model.application_security_policy_create_data import ApplicationSecurityPolicyCreateData +from datadog_api_client.v2.model.application_security_policy_create_request import ( + ApplicationSecurityPolicyCreateRequest, +) +from datadog_api_client.v2.model.application_security_policy_rule_override import ApplicationSecurityPolicyRuleOverride +from datadog_api_client.v2.model.application_security_policy_scope import ApplicationSecurityPolicyScope +from datadog_api_client.v2.model.application_security_policy_type import ApplicationSecurityPolicyType + +body = ApplicationSecurityPolicyCreateRequest( + data=ApplicationSecurityPolicyCreateData( + attributes=ApplicationSecurityPolicyCreateAttributes( + based_on="recommended", + description="Policy applied to internal web applications.", + is_default=False, + name="Internal Network Policy", + protection_presets=[ + "attack-tools", + ], + rules=[ + ApplicationSecurityPolicyRuleOverride( + blocking=False, + enabled=True, + id="rasp-001-002", + ), + ], + scope=[ + ApplicationSecurityPolicyScope( + env="prod", + service="billing-service", + ), + ], + version=0, + ), + type=ApplicationSecurityPolicyType.POLICY, + ), +) + +configuration = Configuration() +with ApiClient(configuration) as api_client: + api_instance = ApplicationSecurityApi(api_client) + response = api_instance.create_application_security_waf_policy(body=body) + + print(response) diff --git a/examples/v2/application-security/DeleteApplicationSecurityWafPolicy.py b/examples/v2/application-security/DeleteApplicationSecurityWafPolicy.py new file mode 100644 index 0000000000..5736f107ed --- /dev/null +++ b/examples/v2/application-security/DeleteApplicationSecurityWafPolicy.py @@ -0,0 +1,13 @@ +""" +Delete a WAF Policy returns "No Content" response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.application_security_api import ApplicationSecurityApi + +configuration = Configuration() +with ApiClient(configuration) as api_client: + api_instance = ApplicationSecurityApi(api_client) + api_instance.delete_application_security_waf_policy( + policy_id="policy_id", + ) diff --git a/examples/v2/application-security/GetApplicationSecurityWafPolicy.py b/examples/v2/application-security/GetApplicationSecurityWafPolicy.py new file mode 100644 index 0000000000..2a547cac2e --- /dev/null +++ b/examples/v2/application-security/GetApplicationSecurityWafPolicy.py @@ -0,0 +1,19 @@ +""" +Get a WAF Policy returns "OK" response +""" + +from os import environ +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.application_security_api import ApplicationSecurityApi + +# there is a valid "policy" in the system +POLICY_DATA_ID = environ["POLICY_DATA_ID"] + +configuration = Configuration() +with ApiClient(configuration) as api_client: + api_instance = ApplicationSecurityApi(api_client) + response = api_instance.get_application_security_waf_policy( + policy_id=POLICY_DATA_ID, + ) + + print(response) diff --git a/examples/v2/application-security/ListApplicationSecurityWAFPolicies.py b/examples/v2/application-security/ListApplicationSecurityWAFPolicies.py new file mode 100644 index 0000000000..1e0896369a --- /dev/null +++ b/examples/v2/application-security/ListApplicationSecurityWAFPolicies.py @@ -0,0 +1,13 @@ +""" +List all WAF policies returns "OK" response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.application_security_api import ApplicationSecurityApi + +configuration = Configuration() +with ApiClient(configuration) as api_client: + api_instance = ApplicationSecurityApi(api_client) + response = api_instance.list_application_security_waf_policies() + + print(response) diff --git a/examples/v2/application-security/UpdateApplicationSecurityWafPolicy.py b/examples/v2/application-security/UpdateApplicationSecurityWafPolicy.py new file mode 100644 index 0000000000..ca635dd516 --- /dev/null +++ b/examples/v2/application-security/UpdateApplicationSecurityWafPolicy.py @@ -0,0 +1,62 @@ +""" +Update a WAF Policy returns "OK" response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.application_security_api import ApplicationSecurityApi +from datadog_api_client.v2.model.application_security_policy_rule_override import ApplicationSecurityPolicyRuleOverride +from datadog_api_client.v2.model.application_security_policy_ruleset_override import ( + ApplicationSecurityPolicyRulesetOverride, +) +from datadog_api_client.v2.model.application_security_policy_scope import ApplicationSecurityPolicyScope +from datadog_api_client.v2.model.application_security_policy_type import ApplicationSecurityPolicyType +from datadog_api_client.v2.model.application_security_policy_update_attributes import ( + ApplicationSecurityPolicyUpdateAttributes, +) +from datadog_api_client.v2.model.application_security_policy_update_data import ApplicationSecurityPolicyUpdateData +from datadog_api_client.v2.model.application_security_policy_update_request import ( + ApplicationSecurityPolicyUpdateRequest, +) + +body = ApplicationSecurityPolicyUpdateRequest( + data=ApplicationSecurityPolicyUpdateData( + attributes=ApplicationSecurityPolicyUpdateAttributes( + description="Policy applied to internal web applications.", + is_default=False, + name="Internal Network Policy", + protection_presets=[ + "attack-tools", + ], + rules=[ + ApplicationSecurityPolicyRuleOverride( + blocking=False, + enabled=True, + extended_data_collection=False, + id="rasp-001-002", + ), + ], + rulesets=[ + ApplicationSecurityPolicyRulesetOverride( + blocking=False, + enabled=True, + id="attack_tool", + ), + ], + scope=[ + ApplicationSecurityPolicyScope( + env="prod", + service="billing-service", + ), + ], + version=0, + ), + type=ApplicationSecurityPolicyType.POLICY, + ), +) + +configuration = Configuration() +with ApiClient(configuration) as api_client: + api_instance = ApplicationSecurityApi(api_client) + response = api_instance.update_application_security_waf_policy(policy_id="policy_id", body=body) + + print(response) diff --git a/src/datadog_api_client/v2/api/application_security_api.py b/src/datadog_api_client/v2/api/application_security_api.py index 5b2608c90e..3160905aba 100644 --- a/src/datadog_api_client/v2/api/application_security_api.py +++ b/src/datadog_api_client/v2/api/application_security_api.py @@ -31,6 +31,14 @@ from datadog_api_client.v2.model.application_security_waf_exclusion_filter_update_request import ( ApplicationSecurityWafExclusionFilterUpdateRequest, ) +from datadog_api_client.v2.model.application_security_policy_list_response import ApplicationSecurityPolicyListResponse +from datadog_api_client.v2.model.application_security_policy_response import ApplicationSecurityPolicyResponse +from datadog_api_client.v2.model.application_security_policy_create_request import ( + ApplicationSecurityPolicyCreateRequest, +) +from datadog_api_client.v2.model.application_security_policy_update_request import ( + ApplicationSecurityPolicyUpdateRequest, +) class ApplicationSecurityApi: @@ -88,6 +96,26 @@ def __init__(self, api_client=None): api_client=api_client, ) + self._create_application_security_waf_policy_endpoint = _Endpoint( + settings={ + "response_type": (ApplicationSecurityPolicyResponse,), + "auth": ["apiKeyAuth", "appKeyAuth"], + "endpoint_path": "/api/v2/remote_config/products/asm/waf/policies", + "operation_id": "create_application_security_waf_policy", + "http_method": "POST", + "version": "v2", + }, + params_map={ + "body": { + "required": True, + "openapi_types": (ApplicationSecurityPolicyCreateRequest,), + "location": "body", + }, + }, + headers_map={"accept": ["application/json"], "content_type": ["application/json"]}, + api_client=api_client, + ) + self._delete_application_security_waf_custom_rule_endpoint = _Endpoint( settings={ "response_type": None, @@ -134,6 +162,29 @@ def __init__(self, api_client=None): api_client=api_client, ) + self._delete_application_security_waf_policy_endpoint = _Endpoint( + settings={ + "response_type": None, + "auth": ["apiKeyAuth", "appKeyAuth"], + "endpoint_path": "/api/v2/remote_config/products/asm/waf/policies/{policy_id}", + "operation_id": "delete_application_security_waf_policy", + "http_method": "DELETE", + "version": "v2", + }, + params_map={ + "policy_id": { + "required": True, + "openapi_types": (str,), + "attribute": "policy_id", + "location": "path", + }, + }, + headers_map={ + "accept": ["*/*"], + }, + api_client=api_client, + ) + self._get_application_security_waf_custom_rule_endpoint = _Endpoint( settings={ "response_type": (ApplicationSecurityWafCustomRuleResponse,), @@ -180,6 +231,29 @@ def __init__(self, api_client=None): api_client=api_client, ) + self._get_application_security_waf_policy_endpoint = _Endpoint( + settings={ + "response_type": (ApplicationSecurityPolicyResponse,), + "auth": ["apiKeyAuth", "appKeyAuth"], + "endpoint_path": "/api/v2/remote_config/products/asm/waf/policies/{policy_id}", + "operation_id": "get_application_security_waf_policy", + "http_method": "GET", + "version": "v2", + }, + params_map={ + "policy_id": { + "required": True, + "openapi_types": (str,), + "attribute": "policy_id", + "location": "path", + }, + }, + headers_map={ + "accept": ["application/json"], + }, + api_client=api_client, + ) + self._list_application_security_waf_custom_rules_endpoint = _Endpoint( settings={ "response_type": (ApplicationSecurityWafCustomRuleListResponse,), @@ -212,6 +286,22 @@ def __init__(self, api_client=None): api_client=api_client, ) + self._list_application_security_waf_policies_endpoint = _Endpoint( + settings={ + "response_type": (ApplicationSecurityPolicyListResponse,), + "auth": ["apiKeyAuth", "appKeyAuth"], + "endpoint_path": "/api/v2/remote_config/products/asm/waf/policies", + "operation_id": "list_application_security_waf_policies", + "http_method": "GET", + "version": "v2", + }, + params_map={}, + headers_map={ + "accept": ["application/json"], + }, + api_client=api_client, + ) + self._update_application_security_waf_custom_rule_endpoint = _Endpoint( settings={ "response_type": (ApplicationSecurityWafCustomRuleResponse,), @@ -264,6 +354,32 @@ def __init__(self, api_client=None): api_client=api_client, ) + self._update_application_security_waf_policy_endpoint = _Endpoint( + settings={ + "response_type": (ApplicationSecurityPolicyResponse,), + "auth": ["apiKeyAuth", "appKeyAuth"], + "endpoint_path": "/api/v2/remote_config/products/asm/waf/policies/{policy_id}", + "operation_id": "update_application_security_waf_policy", + "http_method": "PUT", + "version": "v2", + }, + params_map={ + "policy_id": { + "required": True, + "openapi_types": (str,), + "attribute": "policy_id", + "location": "path", + }, + "body": { + "required": True, + "openapi_types": (ApplicationSecurityPolicyUpdateRequest,), + "location": "body", + }, + }, + headers_map={"accept": ["application/json"], "content_type": ["application/json"]}, + api_client=api_client, + ) + def create_application_security_waf_custom_rule( self, body: ApplicationSecurityWafCustomRuleCreateRequest, @@ -301,6 +417,23 @@ def create_application_security_waf_exclusion_filter( return self._create_application_security_waf_exclusion_filter_endpoint.call_with_http_info(**kwargs) + def create_application_security_waf_policy( + self, + body: ApplicationSecurityPolicyCreateRequest, + ) -> ApplicationSecurityPolicyResponse: + """Create a WAF Policy. + + Create a new WAF policy. + + :param body: The new WAF policy. + :type body: ApplicationSecurityPolicyCreateRequest + :rtype: ApplicationSecurityPolicyResponse + """ + kwargs: Dict[str, Any] = {} + kwargs["body"] = body + + return self._create_application_security_waf_policy_endpoint.call_with_http_info(**kwargs) + def delete_application_security_waf_custom_rule( self, custom_rule_id: str, @@ -335,6 +468,23 @@ def delete_application_security_waf_exclusion_filter( return self._delete_application_security_waf_exclusion_filter_endpoint.call_with_http_info(**kwargs) + def delete_application_security_waf_policy( + self, + policy_id: str, + ) -> None: + """Delete a WAF Policy. + + Delete a specific WAF policy. + + :param policy_id: The ID of the policy. + :type policy_id: str + :rtype: None + """ + kwargs: Dict[str, Any] = {} + kwargs["policy_id"] = policy_id + + return self._delete_application_security_waf_policy_endpoint.call_with_http_info(**kwargs) + def get_application_security_waf_custom_rule( self, custom_rule_id: str, @@ -369,6 +519,23 @@ def get_application_security_waf_exclusion_filter( return self._get_application_security_waf_exclusion_filter_endpoint.call_with_http_info(**kwargs) + def get_application_security_waf_policy( + self, + policy_id: str, + ) -> ApplicationSecurityPolicyResponse: + """Get a WAF Policy. + + Retrieve a WAF policy by ID. + + :param policy_id: The ID of the policy. + :type policy_id: str + :rtype: ApplicationSecurityPolicyResponse + """ + kwargs: Dict[str, Any] = {} + kwargs["policy_id"] = policy_id + + return self._get_application_security_waf_policy_endpoint.call_with_http_info(**kwargs) + def list_application_security_waf_custom_rules( self, ) -> ApplicationSecurityWafCustomRuleListResponse: @@ -393,6 +560,18 @@ def list_application_security_waf_exclusion_filters( kwargs: Dict[str, Any] = {} return self._list_application_security_waf_exclusion_filters_endpoint.call_with_http_info(**kwargs) + def list_application_security_waf_policies( + self, + ) -> ApplicationSecurityPolicyListResponse: + """List all WAF policies. + + Retrieve a list of WAF policies. + + :rtype: ApplicationSecurityPolicyListResponse + """ + kwargs: Dict[str, Any] = {} + return self._list_application_security_waf_policies_endpoint.call_with_http_info(**kwargs) + def update_application_security_waf_custom_rule( self, custom_rule_id: str, @@ -438,3 +617,26 @@ def update_application_security_waf_exclusion_filter( kwargs["body"] = body return self._update_application_security_waf_exclusion_filter_endpoint.call_with_http_info(**kwargs) + + def update_application_security_waf_policy( + self, + policy_id: str, + body: ApplicationSecurityPolicyUpdateRequest, + ) -> ApplicationSecurityPolicyResponse: + """Update a WAF Policy. + + Update a specific WAF policy. + Returns the policy object when the request is successful. + + :param policy_id: The ID of the policy. + :type policy_id: str + :param body: New WAF policy. + :type body: ApplicationSecurityPolicyUpdateRequest + :rtype: ApplicationSecurityPolicyResponse + """ + kwargs: Dict[str, Any] = {} + kwargs["policy_id"] = policy_id + + kwargs["body"] = body + + return self._update_application_security_waf_policy_endpoint.call_with_http_info(**kwargs) diff --git a/src/datadog_api_client/v2/model/application_security_policy_attributes.py b/src/datadog_api_client/v2/model/application_security_policy_attributes.py new file mode 100644 index 0000000000..97a679ae49 --- /dev/null +++ b/src/datadog_api_client/v2/model/application_security_policy_attributes.py @@ -0,0 +1,114 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import List, Union, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.application_security_policy_rule_override import ( + ApplicationSecurityPolicyRuleOverride, + ) + from datadog_api_client.v2.model.application_security_policy_ruleset_override import ( + ApplicationSecurityPolicyRulesetOverride, + ) + from datadog_api_client.v2.model.application_security_policy_scope import ApplicationSecurityPolicyScope + + +class ApplicationSecurityPolicyAttributes(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.application_security_policy_rule_override import ( + ApplicationSecurityPolicyRuleOverride, + ) + from datadog_api_client.v2.model.application_security_policy_ruleset_override import ( + ApplicationSecurityPolicyRulesetOverride, + ) + from datadog_api_client.v2.model.application_security_policy_scope import ApplicationSecurityPolicyScope + + return { + "description": (str,), + "is_default": (bool,), + "name": (str,), + "protection_presets": ([str],), + "rules": ([ApplicationSecurityPolicyRuleOverride],), + "rulesets": ([ApplicationSecurityPolicyRulesetOverride],), + "scope": ([ApplicationSecurityPolicyScope],), + "version": (int,), + } + + attribute_map = { + "description": "description", + "is_default": "isDefault", + "name": "name", + "protection_presets": "protectionPresets", + "rules": "rules", + "rulesets": "rulesets", + "scope": "scope", + "version": "version", + } + + def __init__( + self_, + description: str, + name: str, + is_default: Union[bool, UnsetType] = unset, + protection_presets: Union[List[str], UnsetType] = unset, + rules: Union[List[ApplicationSecurityPolicyRuleOverride], UnsetType] = unset, + rulesets: Union[List[ApplicationSecurityPolicyRulesetOverride], UnsetType] = unset, + scope: Union[List[ApplicationSecurityPolicyScope], UnsetType] = unset, + version: Union[int, UnsetType] = unset, + **kwargs, + ): + """ + A WAF policy. + + :param description: Description of the WAF policy. + :type description: str + + :param is_default: Make this policy the default policy. The default policy is applied to + every service not specifically assigned to another policy. + :type is_default: bool, optional + + :param name: The name of the WAF policy. + :type name: str + + :param protection_presets: Presets enabled on this policy. + :type protection_presets: [str], optional + + :param rules: Rule overrides applied by the policy. + :type rules: [ApplicationSecurityPolicyRuleOverride], optional + + :param rulesets: Deprecated: Ruleset overrides. Use ``protectionPresets`` instead. **Deprecated**. + :type rulesets: [ApplicationSecurityPolicyRulesetOverride], optional + + :param scope: The scope of the WAF policy. + :type scope: [ApplicationSecurityPolicyScope], optional + + :param version: Version of the WAF ruleset maintained by Datadog used by this policy. 0 is the default value. + :type version: int, optional + """ + if is_default is not unset: + kwargs["is_default"] = is_default + if protection_presets is not unset: + kwargs["protection_presets"] = protection_presets + if rules is not unset: + kwargs["rules"] = rules + if rulesets is not unset: + kwargs["rulesets"] = rulesets + if scope is not unset: + kwargs["scope"] = scope + if version is not unset: + kwargs["version"] = version + super().__init__(kwargs) + + self_.description = description + self_.name = name diff --git a/src/datadog_api_client/v2/model/application_security_policy_create_attributes.py b/src/datadog_api_client/v2/model/application_security_policy_create_attributes.py new file mode 100644 index 0000000000..dfb91d0ff2 --- /dev/null +++ b/src/datadog_api_client/v2/model/application_security_policy_create_attributes.py @@ -0,0 +1,121 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import List, Union, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.application_security_policy_rule_override import ( + ApplicationSecurityPolicyRuleOverride, + ) + from datadog_api_client.v2.model.application_security_policy_ruleset_override import ( + ApplicationSecurityPolicyRulesetOverride, + ) + from datadog_api_client.v2.model.application_security_policy_scope import ApplicationSecurityPolicyScope + + +class ApplicationSecurityPolicyCreateAttributes(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.application_security_policy_rule_override import ( + ApplicationSecurityPolicyRuleOverride, + ) + from datadog_api_client.v2.model.application_security_policy_ruleset_override import ( + ApplicationSecurityPolicyRulesetOverride, + ) + from datadog_api_client.v2.model.application_security_policy_scope import ApplicationSecurityPolicyScope + + return { + "based_on": (str,), + "description": (str,), + "is_default": (bool,), + "name": (str,), + "protection_presets": ([str],), + "rules": ([ApplicationSecurityPolicyRuleOverride],), + "rulesets": ([ApplicationSecurityPolicyRulesetOverride],), + "scope": ([ApplicationSecurityPolicyScope],), + "version": (int,), + } + + attribute_map = { + "based_on": "basedOn", + "description": "description", + "is_default": "isDefault", + "name": "name", + "protection_presets": "protectionPresets", + "rules": "rules", + "rulesets": "rulesets", + "scope": "scope", + "version": "version", + } + + def __init__( + self_, + based_on: str, + description: str, + name: str, + is_default: Union[bool, UnsetType] = unset, + protection_presets: Union[List[str], UnsetType] = unset, + rules: Union[List[ApplicationSecurityPolicyRuleOverride], UnsetType] = unset, + rulesets: Union[List[ApplicationSecurityPolicyRulesetOverride], UnsetType] = unset, + scope: Union[List[ApplicationSecurityPolicyScope], UnsetType] = unset, + version: Union[int, UnsetType] = unset, + **kwargs, + ): + """ + Create a new WAF policy. + + :param based_on: When creating a new policy, clone the policy indicated by this identifier. + :type based_on: str + + :param description: Description of the WAF policy. + :type description: str + + :param is_default: Make this policy the default policy. The default policy is applied to + every service not specifically assigned to another policy. + :type is_default: bool, optional + + :param name: The name of the WAF policy. + :type name: str + + :param protection_presets: Presets enabled on this policy. + :type protection_presets: [str], optional + + :param rules: Rule overrides applied by the policy. + :type rules: [ApplicationSecurityPolicyRuleOverride], optional + + :param rulesets: Deprecated: Ruleset overrides. Use ``protectionPresets`` instead. **Deprecated**. + :type rulesets: [ApplicationSecurityPolicyRulesetOverride], optional + + :param scope: The scope of the WAF policy. + :type scope: [ApplicationSecurityPolicyScope], optional + + :param version: Version of the WAF ruleset maintained by Datadog used by this policy. 0 is the default value. + :type version: int, optional + """ + if is_default is not unset: + kwargs["is_default"] = is_default + if protection_presets is not unset: + kwargs["protection_presets"] = protection_presets + if rules is not unset: + kwargs["rules"] = rules + if rulesets is not unset: + kwargs["rulesets"] = rulesets + if scope is not unset: + kwargs["scope"] = scope + if version is not unset: + kwargs["version"] = version + super().__init__(kwargs) + + self_.based_on = based_on + self_.description = description + self_.name = name diff --git a/src/datadog_api_client/v2/model/application_security_policy_create_data.py b/src/datadog_api_client/v2/model/application_security_policy_create_data.py new file mode 100644 index 0000000000..2f174dd369 --- /dev/null +++ b/src/datadog_api_client/v2/model/application_security_policy_create_data.py @@ -0,0 +1,54 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.application_security_policy_create_attributes import ( + ApplicationSecurityPolicyCreateAttributes, + ) + from datadog_api_client.v2.model.application_security_policy_type import ApplicationSecurityPolicyType + + +class ApplicationSecurityPolicyCreateData(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.application_security_policy_create_attributes import ( + ApplicationSecurityPolicyCreateAttributes, + ) + from datadog_api_client.v2.model.application_security_policy_type import ApplicationSecurityPolicyType + + return { + "attributes": (ApplicationSecurityPolicyCreateAttributes,), + "type": (ApplicationSecurityPolicyType,), + } + + attribute_map = { + "attributes": "attributes", + "type": "type", + } + + def __init__( + self_, attributes: ApplicationSecurityPolicyCreateAttributes, type: ApplicationSecurityPolicyType, **kwargs + ): + """ + Object for a single WAF policy. + + :param attributes: Create a new WAF policy. + :type attributes: ApplicationSecurityPolicyCreateAttributes + + :param type: The type of the resource. The value should always be ``policy``. + :type type: ApplicationSecurityPolicyType + """ + super().__init__(kwargs) + + self_.attributes = attributes + self_.type = type diff --git a/src/datadog_api_client/v2/model/application_security_policy_create_request.py b/src/datadog_api_client/v2/model/application_security_policy_create_request.py new file mode 100644 index 0000000000..24dc944344 --- /dev/null +++ b/src/datadog_api_client/v2/model/application_security_policy_create_request.py @@ -0,0 +1,42 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.application_security_policy_create_data import ApplicationSecurityPolicyCreateData + + +class ApplicationSecurityPolicyCreateRequest(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.application_security_policy_create_data import ( + ApplicationSecurityPolicyCreateData, + ) + + return { + "data": (ApplicationSecurityPolicyCreateData,), + } + + attribute_map = { + "data": "data", + } + + def __init__(self_, data: ApplicationSecurityPolicyCreateData, **kwargs): + """ + Request object that includes the policy to create. + + :param data: Object for a single WAF policy. + :type data: ApplicationSecurityPolicyCreateData + """ + super().__init__(kwargs) + + self_.data = data diff --git a/src/datadog_api_client/v2/model/application_security_policy_data.py b/src/datadog_api_client/v2/model/application_security_policy_data.py new file mode 100644 index 0000000000..0c28ec0762 --- /dev/null +++ b/src/datadog_api_client/v2/model/application_security_policy_data.py @@ -0,0 +1,80 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import Union, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.application_security_policy_attributes import ApplicationSecurityPolicyAttributes + from datadog_api_client.v2.model.application_security_policy_metadata import ApplicationSecurityPolicyMetadata + from datadog_api_client.v2.model.application_security_policy_type import ApplicationSecurityPolicyType + + +class ApplicationSecurityPolicyData(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.application_security_policy_attributes import ( + ApplicationSecurityPolicyAttributes, + ) + from datadog_api_client.v2.model.application_security_policy_metadata import ApplicationSecurityPolicyMetadata + from datadog_api_client.v2.model.application_security_policy_type import ApplicationSecurityPolicyType + + return { + "attributes": (ApplicationSecurityPolicyAttributes,), + "id": (str,), + "meta": (ApplicationSecurityPolicyMetadata,), + "type": (ApplicationSecurityPolicyType,), + } + + attribute_map = { + "attributes": "attributes", + "id": "id", + "meta": "meta", + "type": "type", + } + read_only_vars = { + "id", + "meta", + } + + def __init__( + self_, + attributes: Union[ApplicationSecurityPolicyAttributes, UnsetType] = unset, + id: Union[str, UnsetType] = unset, + meta: Union[ApplicationSecurityPolicyMetadata, UnsetType] = unset, + type: Union[ApplicationSecurityPolicyType, UnsetType] = unset, + **kwargs, + ): + """ + Object for a single WAF policy. + + :param attributes: A WAF policy. + :type attributes: ApplicationSecurityPolicyAttributes, optional + + :param id: The ID of the policy. + :type id: str, optional + + :param meta: Metadata associated with the WAF policy. + :type meta: ApplicationSecurityPolicyMetadata, optional + + :param type: The type of the resource. The value should always be ``policy``. + :type type: ApplicationSecurityPolicyType, optional + """ + if attributes is not unset: + kwargs["attributes"] = attributes + if id is not unset: + kwargs["id"] = id + if meta is not unset: + kwargs["meta"] = meta + if type is not unset: + kwargs["type"] = type + super().__init__(kwargs) diff --git a/src/datadog_api_client/v2/model/application_security_policy_list_response.py b/src/datadog_api_client/v2/model/application_security_policy_list_response.py new file mode 100644 index 0000000000..bd0aec2215 --- /dev/null +++ b/src/datadog_api_client/v2/model/application_security_policy_list_response.py @@ -0,0 +1,42 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import List, Union, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.application_security_policy_data import ApplicationSecurityPolicyData + + +class ApplicationSecurityPolicyListResponse(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.application_security_policy_data import ApplicationSecurityPolicyData + + return { + "data": ([ApplicationSecurityPolicyData],), + } + + attribute_map = { + "data": "data", + } + + def __init__(self_, data: Union[List[ApplicationSecurityPolicyData], UnsetType] = unset, **kwargs): + """ + Response object that includes a list of WAF policies. + + :param data: The WAF policy data. + :type data: [ApplicationSecurityPolicyData], optional + """ + if data is not unset: + kwargs["data"] = data + super().__init__(kwargs) diff --git a/src/datadog_api_client/v2/model/application_security_policy_metadata.py b/src/datadog_api_client/v2/model/application_security_policy_metadata.py new file mode 100644 index 0000000000..6a1a504bca --- /dev/null +++ b/src/datadog_api_client/v2/model/application_security_policy_metadata.py @@ -0,0 +1,81 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import Union + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + datetime, + unset, + UnsetType, +) + + +class ApplicationSecurityPolicyMetadata(ModelNormal): + @cached_property + def openapi_types(_): + return { + "added_at": (datetime,), + "added_by": (str,), + "added_by_name": (str,), + "modified_at": (datetime,), + "modified_by": (str,), + "modified_by_name": (str,), + } + + attribute_map = { + "added_at": "added_at", + "added_by": "added_by", + "added_by_name": "added_by_name", + "modified_at": "modified_at", + "modified_by": "modified_by", + "modified_by_name": "modified_by_name", + } + + def __init__( + self_, + added_at: Union[datetime, UnsetType] = unset, + added_by: Union[str, UnsetType] = unset, + added_by_name: Union[str, UnsetType] = unset, + modified_at: Union[datetime, UnsetType] = unset, + modified_by: Union[str, UnsetType] = unset, + modified_by_name: Union[str, UnsetType] = unset, + **kwargs, + ): + """ + Metadata associated with the WAF policy. + + :param added_at: The date and time the WAF policy was created. + :type added_at: datetime, optional + + :param added_by: The handle of the user who created the WAF policy. + :type added_by: str, optional + + :param added_by_name: The name of the user who created the WAF policy. + :type added_by_name: str, optional + + :param modified_at: The date and time the WAF policy was last updated. + :type modified_at: datetime, optional + + :param modified_by: The handle of the user who last updated the WAF policy. + :type modified_by: str, optional + + :param modified_by_name: The name of the user who last updated the WAF policy. + :type modified_by_name: str, optional + """ + if added_at is not unset: + kwargs["added_at"] = added_at + if added_by is not unset: + kwargs["added_by"] = added_by + if added_by_name is not unset: + kwargs["added_by_name"] = added_by_name + if modified_at is not unset: + kwargs["modified_at"] = modified_at + if modified_by is not unset: + kwargs["modified_by"] = modified_by + if modified_by_name is not unset: + kwargs["modified_by_name"] = modified_by_name + super().__init__(kwargs) diff --git a/src/datadog_api_client/v2/model/application_security_policy_response.py b/src/datadog_api_client/v2/model/application_security_policy_response.py new file mode 100644 index 0000000000..98d5dc8b1b --- /dev/null +++ b/src/datadog_api_client/v2/model/application_security_policy_response.py @@ -0,0 +1,42 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import Union, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.application_security_policy_data import ApplicationSecurityPolicyData + + +class ApplicationSecurityPolicyResponse(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.application_security_policy_data import ApplicationSecurityPolicyData + + return { + "data": (ApplicationSecurityPolicyData,), + } + + attribute_map = { + "data": "data", + } + + def __init__(self_, data: Union[ApplicationSecurityPolicyData, UnsetType] = unset, **kwargs): + """ + Response object that includes a single WAF policy. + + :param data: Object for a single WAF policy. + :type data: ApplicationSecurityPolicyData, optional + """ + if data is not unset: + kwargs["data"] = data + super().__init__(kwargs) diff --git a/src/datadog_api_client/v2/model/application_security_policy_rule_override.py b/src/datadog_api_client/v2/model/application_security_policy_rule_override.py new file mode 100644 index 0000000000..bb2e992505 --- /dev/null +++ b/src/datadog_api_client/v2/model/application_security_policy_rule_override.py @@ -0,0 +1,62 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import Union + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +class ApplicationSecurityPolicyRuleOverride(ModelNormal): + @cached_property + def openapi_types(_): + return { + "blocking": (bool,), + "enabled": (bool,), + "extended_data_collection": (bool,), + "id": (str,), + } + + attribute_map = { + "blocking": "blocking", + "enabled": "enabled", + "extended_data_collection": "extended_data_collection", + "id": "id", + } + + def __init__( + self_, + blocking: bool, + enabled: bool, + id: str, + extended_data_collection: Union[bool, UnsetType] = unset, + **kwargs, + ): + """ + Override WAF rule parameters for services in a policy. + + :param blocking: When blocking is enabled, the rule will block the traffic matched by this rule. + :type blocking: bool + + :param enabled: When false, this rule will not match any traffic. + :type enabled: bool + + :param extended_data_collection: When true, collects additional data from the WAF for this rule. + :type extended_data_collection: bool, optional + + :param id: Override the parameters for this WAF rule identifier. + :type id: str + """ + if extended_data_collection is not unset: + kwargs["extended_data_collection"] = extended_data_collection + super().__init__(kwargs) + + self_.blocking = blocking + self_.enabled = enabled + self_.id = id diff --git a/src/datadog_api_client/v2/model/application_security_policy_ruleset_override.py b/src/datadog_api_client/v2/model/application_security_policy_ruleset_override.py new file mode 100644 index 0000000000..14f90005a2 --- /dev/null +++ b/src/datadog_api_client/v2/model/application_security_policy_ruleset_override.py @@ -0,0 +1,45 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +class ApplicationSecurityPolicyRulesetOverride(ModelNormal): + @cached_property + def openapi_types(_): + return { + "blocking": (bool,), + "enabled": (bool,), + "id": (str,), + } + + attribute_map = { + "blocking": "blocking", + "enabled": "enabled", + "id": "id", + } + + def __init__(self_, blocking: bool, enabled: bool, id: str, **kwargs): + """ + Deprecated: Override WAF ruleset parameters. Use ``protectionPresets`` instead. + + :param blocking: When blocking is enabled, the ruleset will block the traffic it matches. + :type blocking: bool + + :param enabled: When false, this ruleset will not match any traffic. + :type enabled: bool + + :param id: The identifier of the ruleset to override. + :type id: str + """ + super().__init__(kwargs) + + self_.blocking = blocking + self_.enabled = enabled + self_.id = id diff --git a/src/datadog_api_client/v2/model/application_security_policy_scope.py b/src/datadog_api_client/v2/model/application_security_policy_scope.py new file mode 100644 index 0000000000..a8cfc31245 --- /dev/null +++ b/src/datadog_api_client/v2/model/application_security_policy_scope.py @@ -0,0 +1,39 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +class ApplicationSecurityPolicyScope(ModelNormal): + @cached_property + def openapi_types(_): + return { + "env": (str,), + "service": (str,), + } + + attribute_map = { + "env": "env", + "service": "service", + } + + def __init__(self_, env: str, service: str, **kwargs): + """ + The scope of the WAF policy. + + :param env: The environment scope for the WAF policy. + :type env: str + + :param service: The service scope for the WAF policy. + :type service: str + """ + super().__init__(kwargs) + + self_.env = env + self_.service = service diff --git a/src/datadog_api_client/v2/model/application_security_policy_type.py b/src/datadog_api_client/v2/model/application_security_policy_type.py new file mode 100644 index 0000000000..0d21e5358d --- /dev/null +++ b/src/datadog_api_client/v2/model/application_security_policy_type.py @@ -0,0 +1,35 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelSimple, + cached_property, +) + +from typing import ClassVar + + +class ApplicationSecurityPolicyType(ModelSimple): + """ + The type of the resource. The value should always be `policy`. + + :param value: If omitted defaults to "policy". Must be one of ["policy"]. + :type value: str + """ + + allowed_values = { + "policy", + } + POLICY: ClassVar["ApplicationSecurityPolicyType"] + + @cached_property + def openapi_types(_): + return { + "value": (str,), + } + + +ApplicationSecurityPolicyType.POLICY = ApplicationSecurityPolicyType("policy") diff --git a/src/datadog_api_client/v2/model/application_security_policy_update_attributes.py b/src/datadog_api_client/v2/model/application_security_policy_update_attributes.py new file mode 100644 index 0000000000..1ab5e73cc0 --- /dev/null +++ b/src/datadog_api_client/v2/model/application_security_policy_update_attributes.py @@ -0,0 +1,109 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import List, Union, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.application_security_policy_rule_override import ( + ApplicationSecurityPolicyRuleOverride, + ) + from datadog_api_client.v2.model.application_security_policy_ruleset_override import ( + ApplicationSecurityPolicyRulesetOverride, + ) + from datadog_api_client.v2.model.application_security_policy_scope import ApplicationSecurityPolicyScope + + +class ApplicationSecurityPolicyUpdateAttributes(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.application_security_policy_rule_override import ( + ApplicationSecurityPolicyRuleOverride, + ) + from datadog_api_client.v2.model.application_security_policy_ruleset_override import ( + ApplicationSecurityPolicyRulesetOverride, + ) + from datadog_api_client.v2.model.application_security_policy_scope import ApplicationSecurityPolicyScope + + return { + "description": (str,), + "is_default": (bool,), + "name": (str,), + "protection_presets": ([str],), + "rules": ([ApplicationSecurityPolicyRuleOverride],), + "rulesets": ([ApplicationSecurityPolicyRulesetOverride],), + "scope": ([ApplicationSecurityPolicyScope],), + "version": (int,), + } + + attribute_map = { + "description": "description", + "is_default": "isDefault", + "name": "name", + "protection_presets": "protectionPresets", + "rules": "rules", + "rulesets": "rulesets", + "scope": "scope", + "version": "version", + } + + def __init__( + self_, + description: str, + is_default: bool, + name: str, + protection_presets: List[str], + rules: List[ApplicationSecurityPolicyRuleOverride], + scope: List[ApplicationSecurityPolicyScope], + rulesets: Union[List[ApplicationSecurityPolicyRulesetOverride], UnsetType] = unset, + **kwargs, + ): + """ + Update a WAF policy. + + :param description: Description of the WAF policy. + :type description: str + + :param is_default: Make this policy the default policy. The default policy is applied to + every service not specifically assigned to another policy. + :type is_default: bool + + :param name: The name of the WAF policy. + :type name: str + + :param protection_presets: Presets enabled on this policy. + :type protection_presets: [str] + + :param rules: Rule overrides applied by the policy. + :type rules: [ApplicationSecurityPolicyRuleOverride] + + :param rulesets: Deprecated: Ruleset overrides. Use ``protectionPresets`` instead. **Deprecated**. + :type rulesets: [ApplicationSecurityPolicyRulesetOverride], optional + + :param scope: The scope of the WAF policy. + :type scope: [ApplicationSecurityPolicyScope] + + :param version: Version of the WAF ruleset maintained by Datadog used by this policy. 0 is the default value. + :type version: int + """ + if rulesets is not unset: + kwargs["rulesets"] = rulesets + super().__init__(kwargs) + version = kwargs.get("version", 0) + + self_.description = description + self_.is_default = is_default + self_.name = name + self_.protection_presets = protection_presets + self_.rules = rules + self_.scope = scope + self_.version = version diff --git a/src/datadog_api_client/v2/model/application_security_policy_update_data.py b/src/datadog_api_client/v2/model/application_security_policy_update_data.py new file mode 100644 index 0000000000..dd6c2775a6 --- /dev/null +++ b/src/datadog_api_client/v2/model/application_security_policy_update_data.py @@ -0,0 +1,54 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.application_security_policy_update_attributes import ( + ApplicationSecurityPolicyUpdateAttributes, + ) + from datadog_api_client.v2.model.application_security_policy_type import ApplicationSecurityPolicyType + + +class ApplicationSecurityPolicyUpdateData(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.application_security_policy_update_attributes import ( + ApplicationSecurityPolicyUpdateAttributes, + ) + from datadog_api_client.v2.model.application_security_policy_type import ApplicationSecurityPolicyType + + return { + "attributes": (ApplicationSecurityPolicyUpdateAttributes,), + "type": (ApplicationSecurityPolicyType,), + } + + attribute_map = { + "attributes": "attributes", + "type": "type", + } + + def __init__( + self_, attributes: ApplicationSecurityPolicyUpdateAttributes, type: ApplicationSecurityPolicyType, **kwargs + ): + """ + Object for a single WAF policy. + + :param attributes: Update a WAF policy. + :type attributes: ApplicationSecurityPolicyUpdateAttributes + + :param type: The type of the resource. The value should always be ``policy``. + :type type: ApplicationSecurityPolicyType + """ + super().__init__(kwargs) + + self_.attributes = attributes + self_.type = type diff --git a/src/datadog_api_client/v2/model/application_security_policy_update_request.py b/src/datadog_api_client/v2/model/application_security_policy_update_request.py new file mode 100644 index 0000000000..2548862d8b --- /dev/null +++ b/src/datadog_api_client/v2/model/application_security_policy_update_request.py @@ -0,0 +1,42 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.application_security_policy_update_data import ApplicationSecurityPolicyUpdateData + + +class ApplicationSecurityPolicyUpdateRequest(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.application_security_policy_update_data import ( + ApplicationSecurityPolicyUpdateData, + ) + + return { + "data": (ApplicationSecurityPolicyUpdateData,), + } + + attribute_map = { + "data": "data", + } + + def __init__(self_, data: ApplicationSecurityPolicyUpdateData, **kwargs): + """ + Request object that includes the policy to update. + + :param data: Object for a single WAF policy. + :type data: ApplicationSecurityPolicyUpdateData + """ + super().__init__(kwargs) + + self_.data = data diff --git a/src/datadog_api_client/v2/model/application_security_waf_custom_rule_attributes.py b/src/datadog_api_client/v2/model/application_security_waf_custom_rule_attributes.py index 02b48f5b4b..725c210992 100644 --- a/src/datadog_api_client/v2/model/application_security_waf_custom_rule_attributes.py +++ b/src/datadog_api_client/v2/model/application_security_waf_custom_rule_attributes.py @@ -109,7 +109,7 @@ def __init__( :param metadata: Metadata associated with the WAF Custom Rule. :type metadata: ApplicationSecurityWafCustomRuleMetadata, optional - :param name: The Name of the WAF custom rule. + :param name: The name of the WAF custom rule. :type name: str :param path_glob: The path glob for the WAF custom rule. diff --git a/src/datadog_api_client/v2/model/application_security_waf_custom_rule_create_attributes.py b/src/datadog_api_client/v2/model/application_security_waf_custom_rule_create_attributes.py index c3ef5ce1de..c166eb157c 100644 --- a/src/datadog_api_client/v2/model/application_security_waf_custom_rule_create_attributes.py +++ b/src/datadog_api_client/v2/model/application_security_waf_custom_rule_create_attributes.py @@ -94,7 +94,7 @@ def __init__( :param enabled: Indicates whether the WAF custom rule is enabled. :type enabled: bool - :param name: The Name of the WAF custom rule. + :param name: The name of the WAF custom rule. :type name: str :param path_glob: The path glob for the WAF custom rule. diff --git a/src/datadog_api_client/v2/model/application_security_waf_custom_rule_update_attributes.py b/src/datadog_api_client/v2/model/application_security_waf_custom_rule_update_attributes.py index 4fd9c85194..6d4bfb231d 100644 --- a/src/datadog_api_client/v2/model/application_security_waf_custom_rule_update_attributes.py +++ b/src/datadog_api_client/v2/model/application_security_waf_custom_rule_update_attributes.py @@ -94,7 +94,7 @@ def __init__( :param enabled: Indicates whether the WAF custom rule is enabled. :type enabled: bool - :param name: The Name of the WAF custom rule. + :param name: The name of the WAF custom rule. :type name: str :param path_glob: The path glob for the WAF custom rule. diff --git a/src/datadog_api_client/v2/models/__init__.py b/src/datadog_api_client/v2/models/__init__.py index 02ac2fb4e8..93cdfdb131 100644 --- a/src/datadog_api_client/v2/models/__init__.py +++ b/src/datadog_api_client/v2/models/__init__.py @@ -248,6 +248,31 @@ from datadog_api_client.v2.model.application_key_update_request import ApplicationKeyUpdateRequest from datadog_api_client.v2.model.application_keys_sort import ApplicationKeysSort from datadog_api_client.v2.model.application_keys_type import ApplicationKeysType +from datadog_api_client.v2.model.application_security_policy_attributes import ApplicationSecurityPolicyAttributes +from datadog_api_client.v2.model.application_security_policy_create_attributes import ( + ApplicationSecurityPolicyCreateAttributes, +) +from datadog_api_client.v2.model.application_security_policy_create_data import ApplicationSecurityPolicyCreateData +from datadog_api_client.v2.model.application_security_policy_create_request import ( + ApplicationSecurityPolicyCreateRequest, +) +from datadog_api_client.v2.model.application_security_policy_data import ApplicationSecurityPolicyData +from datadog_api_client.v2.model.application_security_policy_list_response import ApplicationSecurityPolicyListResponse +from datadog_api_client.v2.model.application_security_policy_metadata import ApplicationSecurityPolicyMetadata +from datadog_api_client.v2.model.application_security_policy_response import ApplicationSecurityPolicyResponse +from datadog_api_client.v2.model.application_security_policy_rule_override import ApplicationSecurityPolicyRuleOverride +from datadog_api_client.v2.model.application_security_policy_ruleset_override import ( + ApplicationSecurityPolicyRulesetOverride, +) +from datadog_api_client.v2.model.application_security_policy_scope import ApplicationSecurityPolicyScope +from datadog_api_client.v2.model.application_security_policy_type import ApplicationSecurityPolicyType +from datadog_api_client.v2.model.application_security_policy_update_attributes import ( + ApplicationSecurityPolicyUpdateAttributes, +) +from datadog_api_client.v2.model.application_security_policy_update_data import ApplicationSecurityPolicyUpdateData +from datadog_api_client.v2.model.application_security_policy_update_request import ( + ApplicationSecurityPolicyUpdateRequest, +) from datadog_api_client.v2.model.application_security_waf_custom_rule_action import ( ApplicationSecurityWafCustomRuleAction, ) @@ -8376,6 +8401,21 @@ "ApplicationKeyUpdateRequest", "ApplicationKeysSort", "ApplicationKeysType", + "ApplicationSecurityPolicyAttributes", + "ApplicationSecurityPolicyCreateAttributes", + "ApplicationSecurityPolicyCreateData", + "ApplicationSecurityPolicyCreateRequest", + "ApplicationSecurityPolicyData", + "ApplicationSecurityPolicyListResponse", + "ApplicationSecurityPolicyMetadata", + "ApplicationSecurityPolicyResponse", + "ApplicationSecurityPolicyRuleOverride", + "ApplicationSecurityPolicyRulesetOverride", + "ApplicationSecurityPolicyScope", + "ApplicationSecurityPolicyType", + "ApplicationSecurityPolicyUpdateAttributes", + "ApplicationSecurityPolicyUpdateData", + "ApplicationSecurityPolicyUpdateRequest", "ApplicationSecurityWafCustomRuleAction", "ApplicationSecurityWafCustomRuleActionAction", "ApplicationSecurityWafCustomRuleActionParameters", diff --git a/tests/v2/cassettes/test_scenarios/test_create_a_waf_policy_returns_created_response.frozen b/tests/v2/cassettes/test_scenarios/test_create_a_waf_policy_returns_created_response.frozen new file mode 100644 index 0000000000..2a1cf7a5c1 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_create_a_waf_policy_returns_created_response.frozen @@ -0,0 +1 @@ +2026-04-16T10:25:18.392Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_create_a_waf_policy_returns_created_response.yaml b/tests/v2/cassettes/test_scenarios/test_create_a_waf_policy_returns_created_response.yaml new file mode 100644 index 0000000000..ce0e8180df --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_create_a_waf_policy_returns_created_response.yaml @@ -0,0 +1,40 @@ +interactions: +- request: + body: '{"data":{"attributes":{"basedOn":"recommended","description":"Policy applied + to internal web applications.","isDefault":false,"name":"Internal Network Policy","protectionPresets":["attack-tools"],"rules":[{"blocking":false,"enabled":true,"id":"rasp-001-002"}],"scope":[{"env":"prod","service":"billing-service"}],"version":0},"type":"policy"}}' + headers: + accept: + - application/json + content-type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/remote_config/products/asm/waf/policies + response: + body: + string: '{"data":{"id":"841d53b4-4d73-4585-99cc-39dd10883f7c","type":"policy","attributes":{"description":"Policy + applied to internal web applications.","isDefault":false,"name":"Internal + Network Policy","protectionPresets":["attack-tools"],"rules":[{"id":"rasp-001-002","blocking":false,"enabled":true}],"rulesets":[],"scope":[{"env":"prod","service":"billing-service"}],"version":0},"meta":{"added_at":"2026-04-16T10:25:18Z","added_by":"9919ec9b-ebc7-49ee-8dc8-03626e717cca","added_by_name":"CI + Account"}}}' + headers: + content-type: + - application/json + status: + code: 201 + message: Created +- request: + body: null + headers: + accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/remote_config/products/asm/waf/policies/841d53b4-4d73-4585-99cc-39dd10883f7c + response: + body: + string: '' + headers: + content-type: + - application/json + status: + code: 204 + message: No Content +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_get_a_waf_policy_returns_ok_response.frozen b/tests/v2/cassettes/test_scenarios/test_get_a_waf_policy_returns_ok_response.frozen new file mode 100644 index 0000000000..7f284d10f9 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_get_a_waf_policy_returns_ok_response.frozen @@ -0,0 +1 @@ +2026-04-16T10:25:20.216Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_get_a_waf_policy_returns_ok_response.yaml b/tests/v2/cassettes/test_scenarios/test_get_a_waf_policy_returns_ok_response.yaml new file mode 100644 index 0000000000..6e02fea0a4 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_get_a_waf_policy_returns_ok_response.yaml @@ -0,0 +1,57 @@ +interactions: +- request: + body: '{"data":{"attributes":{"basedOn":"recommended","description":"This is a + test policy.","name":"Test policy"},"type":"policy"}}' + headers: + accept: + - application/json + content-type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/remote_config/products/asm/waf/policies + response: + body: + string: '{"data":{"id":"cc3e574d-9b5a-4310-b7f4-5560483f84b1","type":"policy","attributes":{"description":"This + is a test policy.","isDefault":false,"name":"Test policy","rules":[],"rulesets":[],"scope":[],"version":-1},"meta":{"added_at":"2026-04-16T10:25:20Z","added_by":"9919ec9b-ebc7-49ee-8dc8-03626e717cca","added_by_name":"CI + Account"}}}' + headers: + content-type: + - application/json + status: + code: 201 + message: Created +- request: + body: null + headers: + accept: + - application/json + method: GET + uri: https://api.datadoghq.com/api/v2/remote_config/products/asm/waf/policies/cc3e574d-9b5a-4310-b7f4-5560483f84b1 + response: + body: + string: '{"data":{"id":"cc3e574d-9b5a-4310-b7f4-5560483f84b1","type":"policy","attributes":{"description":"This + is a test policy.","isDefault":false,"name":"Test policy","rules":[],"rulesets":[],"scope":[],"version":-1},"meta":{"added_at":"2026-04-16T10:25:20Z","added_by":"9919ec9b-ebc7-49ee-8dc8-03626e717cca","added_by_name":"CI + Account"}}}' + headers: + content-type: + - application/json + status: + code: 200 + message: OK +- request: + body: null + headers: + accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/remote_config/products/asm/waf/policies/cc3e574d-9b5a-4310-b7f4-5560483f84b1 + response: + body: + string: '' + headers: + content-type: + - application/json + status: + code: 204 + message: No Content +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_list_all_waf_policies_returns_ok_response.frozen b/tests/v2/cassettes/test_scenarios/test_list_all_waf_policies_returns_ok_response.frozen new file mode 100644 index 0000000000..fa15b0e7e3 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_list_all_waf_policies_returns_ok_response.frozen @@ -0,0 +1 @@ +2026-04-16T12:51:11.613Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_list_all_waf_policies_returns_ok_response.yaml b/tests/v2/cassettes/test_scenarios/test_list_all_waf_policies_returns_ok_response.yaml new file mode 100644 index 0000000000..0da6c0f616 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_list_all_waf_policies_returns_ok_response.yaml @@ -0,0 +1,30 @@ +interactions: +- request: + body: null + headers: + accept: + - application/json + method: GET + uri: https://api.datadoghq.com/api/v2/remote_config/products/asm/waf/policies + response: + body: + string: '{"data":[{"id":"recommended","type":"policy","attributes":{"description":"Monitor + security scanners and application attacks such as Server-Side-Request-Forgery + (SSRF), SQL Injection, Log4Shell, and Cross-Site-Scripting (XSS).","isDefault":true,"name":"Managed + - Monitoring-only","rules":[],"rulesets":[],"scope":[],"version":0},"meta":{}},{"id":"recommended-blocking","type":"policy","attributes":{"description":"Block + known attack tools without impacting legitimate security scans.\nBlock application + attacks such as Server-Side-Request-Forgery (SSRF), SQL Injection, Log4Shell, + and Cross-Site-Scripting (XSS). Rules are curated to reduce the risk of blocking + legitimate traffic. Previously known as \"Datadog Recommended\".","isDefault":false,"name":"Managed + - Block attack tools \u0026 application attacks","protectionPresets":["all-confidence-one"],"rules":[],"rulesets":[],"scope":[],"version":0},"meta":{}},{"id":"recommended-attack-tools","type":"policy","attributes":{"description":"Block + known attack tools without impacting legitimate security scans.\nMonitor application + attacks such as Server-Side-Request-Forgery (SSRF), SQL Injection, Log4Shell, + and Cross-Site-Scripting (XSS).","isDefault":false,"name":"Managed - Block + attack tools","protectionPresets":["attack-tools"],"rules":[],"rulesets":[],"scope":[],"version":0},"meta":{}}]}' + headers: + content-type: + - application/json + status: + code: 200 + message: OK +version: 1 diff --git a/tests/v2/features/application_security.feature b/tests/v2/features/application_security.feature index aad0642b71..4dbda1c469 100644 --- a/tests/v2/features/application_security.feature +++ b/tests/v2/features/application_security.feature @@ -13,6 +13,27 @@ Feature: Application Security And a valid "appKeyAuth" key in the system And an instance of "ApplicationSecurity" API + @generated @skip @team:DataDog/asm-backend + Scenario: Create a WAF Policy returns "Bad Request" response + Given new "CreateApplicationSecurityWafPolicy" request + And body with value {"data": {"attributes": {"basedOn": "recommended", "description": "Policy applied to internal web applications.", "isDefault": false, "name": "Internal Network Policy", "protectionPresets": ["attack-tools"], "rules": [{"blocking": false, "enabled": true, "extended_data_collection": false, "id": "rasp-001-002"}], "rulesets": [{"blocking": false, "enabled": true, "id": "attack_tool"}], "scope": [{"env": "prod", "service": "billing-service"}], "version": 0}, "type": "policy"}} + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/asm-backend + Scenario: Create a WAF Policy returns "Concurrent Modification" response + Given new "CreateApplicationSecurityWafPolicy" request + And body with value {"data": {"attributes": {"basedOn": "recommended", "description": "Policy applied to internal web applications.", "isDefault": false, "name": "Internal Network Policy", "protectionPresets": ["attack-tools"], "rules": [{"blocking": false, "enabled": true, "extended_data_collection": false, "id": "rasp-001-002"}], "rulesets": [{"blocking": false, "enabled": true, "id": "attack_tool"}], "scope": [{"env": "prod", "service": "billing-service"}], "version": 0}, "type": "policy"}} + When the request is sent + Then the response status is 409 Concurrent Modification + + @team:DataDog/asm-backend + Scenario: Create a WAF Policy returns "Created" response + Given new "CreateApplicationSecurityWafPolicy" request + And body with value {"data": {"attributes": {"basedOn": "recommended", "description": "Policy applied to internal web applications.", "isDefault": false, "name": "Internal Network Policy", "protectionPresets": ["attack-tools"], "rules": [{"blocking": false, "enabled": true, "id": "rasp-001-002"}], "scope": [{"env": "prod", "service": "billing-service"}], "version": 0}, "type": "policy"}} + When the request is sent + Then the response status is 201 Created + @generated @skip @team:DataDog/asm-backend Scenario: Create a WAF custom rule returns "Bad Request" response Given new "CreateApplicationSecurityWafCustomRule" request @@ -84,6 +105,27 @@ Feature: Application Security When the request is sent Then the response status is 404 Not Found + @generated @skip @team:DataDog/asm-backend + Scenario: Delete a WAF Policy returns "Concurrent Modification" response + Given new "DeleteApplicationSecurityWafPolicy" request + And request contains "policy_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 409 Concurrent Modification + + @generated @skip @team:DataDog/asm-backend + Scenario: Delete a WAF Policy returns "No Content" response + Given new "DeleteApplicationSecurityWafPolicy" request + And request contains "policy_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 204 No Content + + @generated @skip @team:DataDog/asm-backend + Scenario: Delete a WAF Policy returns "Not Found" response + Given new "DeleteApplicationSecurityWafPolicy" request + And request contains "policy_id" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 404 Not Found + @generated @skip @team:DataDog/asm-backend Scenario: Delete a WAF exclusion filter returns "Concurrent Modification" response Given new "DeleteApplicationSecurityWafExclusionFilter" request @@ -106,6 +148,14 @@ Feature: Application Security When the request is sent Then the response status is 204 OK + @team:DataDog/asm-backend + Scenario: Get a WAF Policy returns "OK" response + Given there is a valid "policy" in the system + And new "GetApplicationSecurityWafPolicy" request + And request contains "policy_id" parameter from "policy.data.id" + When the request is sent + Then the response status is 200 OK + @generated @skip @team:DataDog/asm-backend Scenario: Get a WAF custom rule returns "OK" response Given new "GetApplicationSecurityWafCustomRule" request @@ -140,6 +190,12 @@ Feature: Application Security When the request is sent Then the response status is 200 OK + @team:DataDog/asm-backend + Scenario: List all WAF policies returns "OK" response + Given new "ListApplicationSecurityWAFPolicies" request + When the request is sent + Then the response status is 200 OK + @team:DataDog/asm-backend Scenario: Update a WAF Custom Rule returns "Bad Request" response Given there is a valid "custom_rule" in the system @@ -174,6 +230,38 @@ Feature: Application Security When the request is sent Then the response status is 200 OK + @generated @skip @team:DataDog/asm-backend + Scenario: Update a WAF Policy returns "Bad Request" response + Given new "UpdateApplicationSecurityWafPolicy" request + And request contains "policy_id" parameter from "REPLACE.ME" + And body with value {"data": {"attributes": {"description": "Policy applied to internal web applications.", "isDefault": false, "name": "Internal Network Policy", "protectionPresets": ["attack-tools"], "rules": [{"blocking": false, "enabled": true, "extended_data_collection": false, "id": "rasp-001-002"}], "rulesets": [{"blocking": false, "enabled": true, "id": "attack_tool"}], "scope": [{"env": "prod", "service": "billing-service"}], "version": 0}, "type": "policy"}} + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/asm-backend + Scenario: Update a WAF Policy returns "Concurrent Modification" response + Given new "UpdateApplicationSecurityWafPolicy" request + And request contains "policy_id" parameter from "REPLACE.ME" + And body with value {"data": {"attributes": {"description": "Policy applied to internal web applications.", "isDefault": false, "name": "Internal Network Policy", "protectionPresets": ["attack-tools"], "rules": [{"blocking": false, "enabled": true, "extended_data_collection": false, "id": "rasp-001-002"}], "rulesets": [{"blocking": false, "enabled": true, "id": "attack_tool"}], "scope": [{"env": "prod", "service": "billing-service"}], "version": 0}, "type": "policy"}} + When the request is sent + Then the response status is 409 Concurrent Modification + + @generated @skip @team:DataDog/asm-backend + Scenario: Update a WAF Policy returns "Not Found" response + Given new "UpdateApplicationSecurityWafPolicy" request + And request contains "policy_id" parameter from "REPLACE.ME" + And body with value {"data": {"attributes": {"description": "Policy applied to internal web applications.", "isDefault": false, "name": "Internal Network Policy", "protectionPresets": ["attack-tools"], "rules": [{"blocking": false, "enabled": true, "extended_data_collection": false, "id": "rasp-001-002"}], "rulesets": [{"blocking": false, "enabled": true, "id": "attack_tool"}], "scope": [{"env": "prod", "service": "billing-service"}], "version": 0}, "type": "policy"}} + When the request is sent + Then the response status is 404 Not Found + + @generated @skip @team:DataDog/asm-backend + Scenario: Update a WAF Policy returns "OK" response + Given new "UpdateApplicationSecurityWafPolicy" request + And request contains "policy_id" parameter from "REPLACE.ME" + And body with value {"data": {"attributes": {"description": "Policy applied to internal web applications.", "isDefault": false, "name": "Internal Network Policy", "protectionPresets": ["attack-tools"], "rules": [{"blocking": false, "enabled": true, "extended_data_collection": false, "id": "rasp-001-002"}], "rulesets": [{"blocking": false, "enabled": true, "id": "attack_tool"}], "scope": [{"env": "prod", "service": "billing-service"}], "version": 0}, "type": "policy"}} + When the request is sent + Then the response status is 200 OK + @team:DataDog/asm-backend Scenario: Update a WAF exclusion filter returns "Bad Request" response Given there is a valid "custom_rule" in the system diff --git a/tests/v2/features/given.json b/tests/v2/features/given.json index 377255ff82..c3388d681e 100644 --- a/tests/v2/features/given.json +++ b/tests/v2/features/given.json @@ -1034,6 +1034,18 @@ "tag": "Application Security", "operationId": "CreateApplicationSecurityWafExclusionFilter" }, + { + "parameters": [ + { + "name": "body", + "value": "{\n \"data\": {\n \"type\": \"policy\",\n \"attributes\": {\n \"name\": \"Test policy\",\n \"description\": \"This is a test policy.\",\n \"basedOn\": \"recommended\"\n }\n }\n}" + } + ], + "step": "there is a valid \"policy\" in the system", + "key": "policy", + "tag": "Application Security", + "operationId": "CreateApplicationSecurityWafPolicy" + }, { "parameters": [ { diff --git a/tests/v2/features/undo.json b/tests/v2/features/undo.json index 7a8309d2ce..6d134eb479 100644 --- a/tests/v2/features/undo.json +++ b/tests/v2/features/undo.json @@ -5391,6 +5391,43 @@ "type": "idempotent" } }, + "ListApplicationSecurityWAFPolicies": { + "tag": "Application Security", + "undo": { + "type": "safe" + } + }, + "CreateApplicationSecurityWafPolicy": { + "tag": "Application Security", + "undo": { + "operationId": "DeleteApplicationSecurityWafPolicy", + "parameters": [ + { + "name": "policy_id", + "source": "data.id" + } + ], + "type": "unsafe" + } + }, + "DeleteApplicationSecurityWafPolicy": { + "tag": "Application Security", + "undo": { + "type": "idempotent" + } + }, + "GetApplicationSecurityWafPolicy": { + "tag": "Application Security", + "undo": { + "type": "safe" + } + }, + "UpdateApplicationSecurityWafPolicy": { + "tag": "Application Security", + "undo": { + "type": "idempotent" + } + }, "ListCSMThreatsAgentRules": { "tag": "CSM Threats", "undo": {