diff --git a/.apigentools-info b/.apigentools-info index 8d144d1de9c..dd07c6f896a 100644 --- a/.apigentools-info +++ b/.apigentools-info @@ -4,13 +4,13 @@ "spec_versions": { "v1": { "apigentools_version": "1.6.6", - "regenerated": "2023-12-14 10:49:24.189468", - "spec_repo_commit": "43a99a56" + "regenerated": "2023-12-14 17:12:57.887984", + "spec_repo_commit": "fd0b0fcb" }, "v2": { "apigentools_version": "1.6.6", - "regenerated": "2023-12-14 10:49:24.208935", - "spec_repo_commit": "43a99a56" + "regenerated": "2023-12-14 17:12:57.902868", + "spec_repo_commit": "fd0b0fcb" } } } \ No newline at end of file diff --git a/.generator/schemas/v1/openapi.yaml b/.generator/schemas/v1/openapi.yaml index 6bea54e183a..1a4826c477d 100644 --- a/.generator/schemas/v1/openapi.yaml +++ b/.generator/schemas/v1/openapi.yaml @@ -3212,8 +3212,16 @@ components: type: string is_cspm_enabled: default: false - description: When enabled, Datadog performs configuration checks across - your Google Cloud environment by continuously scanning every resource. + description: 'When enabled, Datadog will activate the Cloud Security Monitoring + product for this service account. Note: This requires resource_collection_enabled + to be set to true.' + example: true + type: boolean + is_security_command_center_enabled: + default: false + description: 'When enabled, Datadog will attempt to collect Security Command + Center Findings. Note: This requires additional permissions on the service + account.' example: true type: boolean private_key: @@ -3229,6 +3237,11 @@ components: key. example: datadog-apitest type: string + resource_collection_enabled: + default: false + description: When enabled, Datadog scans for all resources in your GCP environment. + example: true + type: boolean token_uri: description: Should be `https://accounts.google.com/o/oauth2/token`. example: https://accounts.google.com/o/oauth2/token diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index db6ac7f96c7..cc1d67ddf3d 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -6393,8 +6393,20 @@ components: type: string type: array is_cspm_enabled: - description: When enabled, Datadog performs configuration checks across - your Google Cloud environment by continuously scanning every resource. + description: 'When enabled, Datadog will activate the Cloud Security Monitoring + product for this service account. Note: This requires resource_collection_enabled + to be set to true.' + type: boolean + is_security_command_center_enabled: + default: false + description: 'When enabled, Datadog will attempt to collect Security Command + Center Findings. Note: This requires additional permissions on the service + account.' + example: true + type: boolean + resource_collection_enabled: + default: false + description: When enabled, Datadog scans for all resources in your GCP environment. type: boolean type: object GCPSTSServiceAccountCreateRequest: diff --git a/api/datadogV1/model_gcp_account.go b/api/datadogV1/model_gcp_account.go index c71ea2dab05..3356bc9f3dd 100644 --- a/api/datadogV1/model_gcp_account.go +++ b/api/datadogV1/model_gcp_account.go @@ -28,14 +28,18 @@ type GCPAccount struct { // Limit the GCE instances that are pulled into Datadog by using tags. // Only hosts that match one of the defined tags are imported into Datadog. HostFilters *string `json:"host_filters,omitempty"` - // When enabled, Datadog performs configuration checks across your Google Cloud environment by continuously scanning every resource. + // When enabled, Datadog will activate the Cloud Security Monitoring product for this service account. Note: This requires resource_collection_enabled to be set to true. IsCspmEnabled *bool `json:"is_cspm_enabled,omitempty"` + // When enabled, Datadog will attempt to collect Security Command Center Findings. Note: This requires additional permissions on the service account. + IsSecurityCommandCenterEnabled *bool `json:"is_security_command_center_enabled,omitempty"` // Your private key name found in your JSON service account key. PrivateKey *string `json:"private_key,omitempty"` // Your private key ID found in your JSON service account key. PrivateKeyId *string `json:"private_key_id,omitempty"` // Your Google Cloud project ID found in your JSON service account key. ProjectId *string `json:"project_id,omitempty"` + // When enabled, Datadog scans for all resources in your GCP environment. + ResourceCollectionEnabled *bool `json:"resource_collection_enabled,omitempty"` // Should be `https://accounts.google.com/o/oauth2/token`. TokenUri *string `json:"token_uri,omitempty"` // The value for service_account found in your JSON service account key. @@ -53,6 +57,10 @@ func NewGCPAccount() *GCPAccount { this := GCPAccount{} var isCspmEnabled bool = false this.IsCspmEnabled = &isCspmEnabled + var isSecurityCommandCenterEnabled bool = false + this.IsSecurityCommandCenterEnabled = &isSecurityCommandCenterEnabled + var resourceCollectionEnabled bool = false + this.ResourceCollectionEnabled = &resourceCollectionEnabled return &this } @@ -63,6 +71,10 @@ func NewGCPAccountWithDefaults() *GCPAccount { this := GCPAccount{} var isCspmEnabled bool = false this.IsCspmEnabled = &isCspmEnabled + var isSecurityCommandCenterEnabled bool = false + this.IsSecurityCommandCenterEnabled = &isSecurityCommandCenterEnabled + var resourceCollectionEnabled bool = false + this.ResourceCollectionEnabled = &resourceCollectionEnabled return &this } @@ -318,6 +330,34 @@ func (o *GCPAccount) SetIsCspmEnabled(v bool) { o.IsCspmEnabled = &v } +// GetIsSecurityCommandCenterEnabled returns the IsSecurityCommandCenterEnabled field value if set, zero value otherwise. +func (o *GCPAccount) GetIsSecurityCommandCenterEnabled() bool { + if o == nil || o.IsSecurityCommandCenterEnabled == nil { + var ret bool + return ret + } + return *o.IsSecurityCommandCenterEnabled +} + +// GetIsSecurityCommandCenterEnabledOk returns a tuple with the IsSecurityCommandCenterEnabled field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *GCPAccount) GetIsSecurityCommandCenterEnabledOk() (*bool, bool) { + if o == nil || o.IsSecurityCommandCenterEnabled == nil { + return nil, false + } + return o.IsSecurityCommandCenterEnabled, true +} + +// HasIsSecurityCommandCenterEnabled returns a boolean if a field has been set. +func (o *GCPAccount) HasIsSecurityCommandCenterEnabled() bool { + return o != nil && o.IsSecurityCommandCenterEnabled != nil +} + +// SetIsSecurityCommandCenterEnabled gets a reference to the given bool and assigns it to the IsSecurityCommandCenterEnabled field. +func (o *GCPAccount) SetIsSecurityCommandCenterEnabled(v bool) { + o.IsSecurityCommandCenterEnabled = &v +} + // GetPrivateKey returns the PrivateKey field value if set, zero value otherwise. func (o *GCPAccount) GetPrivateKey() string { if o == nil || o.PrivateKey == nil { @@ -402,6 +442,34 @@ func (o *GCPAccount) SetProjectId(v string) { o.ProjectId = &v } +// GetResourceCollectionEnabled returns the ResourceCollectionEnabled field value if set, zero value otherwise. +func (o *GCPAccount) GetResourceCollectionEnabled() bool { + if o == nil || o.ResourceCollectionEnabled == nil { + var ret bool + return ret + } + return *o.ResourceCollectionEnabled +} + +// GetResourceCollectionEnabledOk returns a tuple with the ResourceCollectionEnabled field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *GCPAccount) GetResourceCollectionEnabledOk() (*bool, bool) { + if o == nil || o.ResourceCollectionEnabled == nil { + return nil, false + } + return o.ResourceCollectionEnabled, true +} + +// HasResourceCollectionEnabled returns a boolean if a field has been set. +func (o *GCPAccount) HasResourceCollectionEnabled() bool { + return o != nil && o.ResourceCollectionEnabled != nil +} + +// SetResourceCollectionEnabled gets a reference to the given bool and assigns it to the ResourceCollectionEnabled field. +func (o *GCPAccount) SetResourceCollectionEnabled(v bool) { + o.ResourceCollectionEnabled = &v +} + // GetTokenUri returns the TokenUri field value if set, zero value otherwise. func (o *GCPAccount) GetTokenUri() string { if o == nil || o.TokenUri == nil { @@ -491,6 +559,9 @@ func (o GCPAccount) MarshalJSON() ([]byte, error) { if o.IsCspmEnabled != nil { toSerialize["is_cspm_enabled"] = o.IsCspmEnabled } + if o.IsSecurityCommandCenterEnabled != nil { + toSerialize["is_security_command_center_enabled"] = o.IsSecurityCommandCenterEnabled + } if o.PrivateKey != nil { toSerialize["private_key"] = o.PrivateKey } @@ -500,6 +571,9 @@ func (o GCPAccount) MarshalJSON() ([]byte, error) { if o.ProjectId != nil { toSerialize["project_id"] = o.ProjectId } + if o.ResourceCollectionEnabled != nil { + toSerialize["resource_collection_enabled"] = o.ResourceCollectionEnabled + } if o.TokenUri != nil { toSerialize["token_uri"] = o.TokenUri } @@ -516,27 +590,29 @@ func (o GCPAccount) MarshalJSON() ([]byte, error) { // UnmarshalJSON deserializes the given payload. func (o *GCPAccount) UnmarshalJSON(bytes []byte) (err error) { all := struct { - AuthProviderX509CertUrl *string `json:"auth_provider_x509_cert_url,omitempty"` - AuthUri *string `json:"auth_uri,omitempty"` - Automute *bool `json:"automute,omitempty"` - ClientEmail *string `json:"client_email,omitempty"` - ClientId *string `json:"client_id,omitempty"` - ClientX509CertUrl *string `json:"client_x509_cert_url,omitempty"` - Errors []string `json:"errors,omitempty"` - HostFilters *string `json:"host_filters,omitempty"` - IsCspmEnabled *bool `json:"is_cspm_enabled,omitempty"` - PrivateKey *string `json:"private_key,omitempty"` - PrivateKeyId *string `json:"private_key_id,omitempty"` - ProjectId *string `json:"project_id,omitempty"` - TokenUri *string `json:"token_uri,omitempty"` - Type *string `json:"type,omitempty"` + AuthProviderX509CertUrl *string `json:"auth_provider_x509_cert_url,omitempty"` + AuthUri *string `json:"auth_uri,omitempty"` + Automute *bool `json:"automute,omitempty"` + ClientEmail *string `json:"client_email,omitempty"` + ClientId *string `json:"client_id,omitempty"` + ClientX509CertUrl *string `json:"client_x509_cert_url,omitempty"` + Errors []string `json:"errors,omitempty"` + HostFilters *string `json:"host_filters,omitempty"` + IsCspmEnabled *bool `json:"is_cspm_enabled,omitempty"` + IsSecurityCommandCenterEnabled *bool `json:"is_security_command_center_enabled,omitempty"` + PrivateKey *string `json:"private_key,omitempty"` + PrivateKeyId *string `json:"private_key_id,omitempty"` + ProjectId *string `json:"project_id,omitempty"` + ResourceCollectionEnabled *bool `json:"resource_collection_enabled,omitempty"` + TokenUri *string `json:"token_uri,omitempty"` + Type *string `json:"type,omitempty"` }{} if err = datadog.Unmarshal(bytes, &all); err != nil { return datadog.Unmarshal(bytes, &o.UnparsedObject) } additionalProperties := make(map[string]interface{}) if err = datadog.Unmarshal(bytes, &additionalProperties); err == nil { - datadog.DeleteKeys(additionalProperties, &[]string{"auth_provider_x509_cert_url", "auth_uri", "automute", "client_email", "client_id", "client_x509_cert_url", "errors", "host_filters", "is_cspm_enabled", "private_key", "private_key_id", "project_id", "token_uri", "type"}) + datadog.DeleteKeys(additionalProperties, &[]string{"auth_provider_x509_cert_url", "auth_uri", "automute", "client_email", "client_id", "client_x509_cert_url", "errors", "host_filters", "is_cspm_enabled", "is_security_command_center_enabled", "private_key", "private_key_id", "project_id", "resource_collection_enabled", "token_uri", "type"}) } else { return err } @@ -549,9 +625,11 @@ func (o *GCPAccount) UnmarshalJSON(bytes []byte) (err error) { o.Errors = all.Errors o.HostFilters = all.HostFilters o.IsCspmEnabled = all.IsCspmEnabled + o.IsSecurityCommandCenterEnabled = all.IsSecurityCommandCenterEnabled o.PrivateKey = all.PrivateKey o.PrivateKeyId = all.PrivateKeyId o.ProjectId = all.ProjectId + o.ResourceCollectionEnabled = all.ResourceCollectionEnabled o.TokenUri = all.TokenUri o.Type = all.Type diff --git a/api/datadogV2/model_gcpsts_service_account_attributes.go b/api/datadogV2/model_gcpsts_service_account_attributes.go index dea1191a146..c94a64e2d6d 100644 --- a/api/datadogV2/model_gcpsts_service_account_attributes.go +++ b/api/datadogV2/model_gcpsts_service_account_attributes.go @@ -18,8 +18,12 @@ type GCPSTSServiceAccountAttributes struct { ClientEmail *string `json:"client_email,omitempty"` // Your Host Filters. HostFilters []string `json:"host_filters,omitempty"` - // When enabled, Datadog performs configuration checks across your Google Cloud environment by continuously scanning every resource. + // When enabled, Datadog will activate the Cloud Security Monitoring product for this service account. Note: This requires resource_collection_enabled to be set to true. IsCspmEnabled *bool `json:"is_cspm_enabled,omitempty"` + // When enabled, Datadog will attempt to collect Security Command Center Findings. Note: This requires additional permissions on the service account. + IsSecurityCommandCenterEnabled *bool `json:"is_security_command_center_enabled,omitempty"` + // When enabled, Datadog scans for all resources in your GCP environment. + ResourceCollectionEnabled *bool `json:"resource_collection_enabled,omitempty"` // UnparsedObject contains the raw value of the object if there was an error when deserializing into the struct UnparsedObject map[string]interface{} `json:"-"` AdditionalProperties map[string]interface{} @@ -31,6 +35,10 @@ type GCPSTSServiceAccountAttributes struct { // will change when the set of required properties is changed. func NewGCPSTSServiceAccountAttributes() *GCPSTSServiceAccountAttributes { this := GCPSTSServiceAccountAttributes{} + var isSecurityCommandCenterEnabled bool = false + this.IsSecurityCommandCenterEnabled = &isSecurityCommandCenterEnabled + var resourceCollectionEnabled bool = false + this.ResourceCollectionEnabled = &resourceCollectionEnabled return &this } @@ -39,6 +47,10 @@ func NewGCPSTSServiceAccountAttributes() *GCPSTSServiceAccountAttributes { // but it doesn't guarantee that properties required by API are set. func NewGCPSTSServiceAccountAttributesWithDefaults() *GCPSTSServiceAccountAttributes { this := GCPSTSServiceAccountAttributes{} + var isSecurityCommandCenterEnabled bool = false + this.IsSecurityCommandCenterEnabled = &isSecurityCommandCenterEnabled + var resourceCollectionEnabled bool = false + this.ResourceCollectionEnabled = &resourceCollectionEnabled return &this } @@ -182,6 +194,62 @@ func (o *GCPSTSServiceAccountAttributes) SetIsCspmEnabled(v bool) { o.IsCspmEnabled = &v } +// GetIsSecurityCommandCenterEnabled returns the IsSecurityCommandCenterEnabled field value if set, zero value otherwise. +func (o *GCPSTSServiceAccountAttributes) GetIsSecurityCommandCenterEnabled() bool { + if o == nil || o.IsSecurityCommandCenterEnabled == nil { + var ret bool + return ret + } + return *o.IsSecurityCommandCenterEnabled +} + +// GetIsSecurityCommandCenterEnabledOk returns a tuple with the IsSecurityCommandCenterEnabled field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *GCPSTSServiceAccountAttributes) GetIsSecurityCommandCenterEnabledOk() (*bool, bool) { + if o == nil || o.IsSecurityCommandCenterEnabled == nil { + return nil, false + } + return o.IsSecurityCommandCenterEnabled, true +} + +// HasIsSecurityCommandCenterEnabled returns a boolean if a field has been set. +func (o *GCPSTSServiceAccountAttributes) HasIsSecurityCommandCenterEnabled() bool { + return o != nil && o.IsSecurityCommandCenterEnabled != nil +} + +// SetIsSecurityCommandCenterEnabled gets a reference to the given bool and assigns it to the IsSecurityCommandCenterEnabled field. +func (o *GCPSTSServiceAccountAttributes) SetIsSecurityCommandCenterEnabled(v bool) { + o.IsSecurityCommandCenterEnabled = &v +} + +// GetResourceCollectionEnabled returns the ResourceCollectionEnabled field value if set, zero value otherwise. +func (o *GCPSTSServiceAccountAttributes) GetResourceCollectionEnabled() bool { + if o == nil || o.ResourceCollectionEnabled == nil { + var ret bool + return ret + } + return *o.ResourceCollectionEnabled +} + +// GetResourceCollectionEnabledOk returns a tuple with the ResourceCollectionEnabled field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *GCPSTSServiceAccountAttributes) GetResourceCollectionEnabledOk() (*bool, bool) { + if o == nil || o.ResourceCollectionEnabled == nil { + return nil, false + } + return o.ResourceCollectionEnabled, true +} + +// HasResourceCollectionEnabled returns a boolean if a field has been set. +func (o *GCPSTSServiceAccountAttributes) HasResourceCollectionEnabled() bool { + return o != nil && o.ResourceCollectionEnabled != nil +} + +// SetResourceCollectionEnabled gets a reference to the given bool and assigns it to the ResourceCollectionEnabled field. +func (o *GCPSTSServiceAccountAttributes) SetResourceCollectionEnabled(v bool) { + o.ResourceCollectionEnabled = &v +} + // MarshalJSON serializes the struct using spec logic. func (o GCPSTSServiceAccountAttributes) MarshalJSON() ([]byte, error) { toSerialize := map[string]interface{}{} @@ -203,6 +271,12 @@ func (o GCPSTSServiceAccountAttributes) MarshalJSON() ([]byte, error) { if o.IsCspmEnabled != nil { toSerialize["is_cspm_enabled"] = o.IsCspmEnabled } + if o.IsSecurityCommandCenterEnabled != nil { + toSerialize["is_security_command_center_enabled"] = o.IsSecurityCommandCenterEnabled + } + if o.ResourceCollectionEnabled != nil { + toSerialize["resource_collection_enabled"] = o.ResourceCollectionEnabled + } for key, value := range o.AdditionalProperties { toSerialize[key] = value @@ -213,18 +287,20 @@ func (o GCPSTSServiceAccountAttributes) MarshalJSON() ([]byte, error) { // UnmarshalJSON deserializes the given payload. func (o *GCPSTSServiceAccountAttributes) UnmarshalJSON(bytes []byte) (err error) { all := struct { - AccountTags []string `json:"account_tags,omitempty"` - Automute *bool `json:"automute,omitempty"` - ClientEmail *string `json:"client_email,omitempty"` - HostFilters []string `json:"host_filters,omitempty"` - IsCspmEnabled *bool `json:"is_cspm_enabled,omitempty"` + AccountTags []string `json:"account_tags,omitempty"` + Automute *bool `json:"automute,omitempty"` + ClientEmail *string `json:"client_email,omitempty"` + HostFilters []string `json:"host_filters,omitempty"` + IsCspmEnabled *bool `json:"is_cspm_enabled,omitempty"` + IsSecurityCommandCenterEnabled *bool `json:"is_security_command_center_enabled,omitempty"` + ResourceCollectionEnabled *bool `json:"resource_collection_enabled,omitempty"` }{} if err = datadog.Unmarshal(bytes, &all); err != nil { return datadog.Unmarshal(bytes, &o.UnparsedObject) } additionalProperties := make(map[string]interface{}) if err = datadog.Unmarshal(bytes, &additionalProperties); err == nil { - datadog.DeleteKeys(additionalProperties, &[]string{"account_tags", "automute", "client_email", "host_filters", "is_cspm_enabled"}) + datadog.DeleteKeys(additionalProperties, &[]string{"account_tags", "automute", "client_email", "host_filters", "is_cspm_enabled", "is_security_command_center_enabled", "resource_collection_enabled"}) } else { return err } @@ -233,6 +309,8 @@ func (o *GCPSTSServiceAccountAttributes) UnmarshalJSON(bytes []byte) (err error) o.ClientEmail = all.ClientEmail o.HostFilters = all.HostFilters o.IsCspmEnabled = all.IsCspmEnabled + o.IsSecurityCommandCenterEnabled = all.IsSecurityCommandCenterEnabled + o.ResourceCollectionEnabled = all.ResourceCollectionEnabled if len(additionalProperties) > 0 { o.AdditionalProperties = additionalProperties diff --git a/examples/v1/gcp-integration/CreateGCPIntegration.go b/examples/v1/gcp-integration/CreateGCPIntegration.go index 111a33099ca..87ccf6e49eb 100644 --- a/examples/v1/gcp-integration/CreateGCPIntegration.go +++ b/examples/v1/gcp-integration/CreateGCPIntegration.go @@ -22,13 +22,15 @@ func main() { Errors: []string{ "*", }, - HostFilters: datadog.PtrString("key:value,filter:example"), - IsCspmEnabled: datadog.PtrBool(true), - PrivateKey: datadog.PtrString("private_key"), - PrivateKeyId: datadog.PtrString("123456789abcdefghi123456789abcdefghijklm"), - ProjectId: datadog.PtrString("datadog-apitest"), - TokenUri: datadog.PtrString("https://accounts.google.com/o/oauth2/token"), - Type: datadog.PtrString("service_account"), + HostFilters: datadog.PtrString("key:value,filter:example"), + IsCspmEnabled: datadog.PtrBool(true), + IsSecurityCommandCenterEnabled: datadog.PtrBool(true), + PrivateKey: datadog.PtrString("private_key"), + PrivateKeyId: datadog.PtrString("123456789abcdefghi123456789abcdefghijklm"), + ProjectId: datadog.PtrString("datadog-apitest"), + ResourceCollectionEnabled: datadog.PtrBool(true), + TokenUri: datadog.PtrString("https://accounts.google.com/o/oauth2/token"), + Type: datadog.PtrString("service_account"), } ctx := datadog.NewDefaultContext(context.Background()) configuration := datadog.NewConfiguration() diff --git a/examples/v1/gcp-integration/DeleteGCPIntegration.go b/examples/v1/gcp-integration/DeleteGCPIntegration.go index 597d047e6a4..bb90151ed98 100644 --- a/examples/v1/gcp-integration/DeleteGCPIntegration.go +++ b/examples/v1/gcp-integration/DeleteGCPIntegration.go @@ -22,13 +22,15 @@ func main() { Errors: []string{ "*", }, - HostFilters: datadog.PtrString("key:value,filter:example"), - IsCspmEnabled: datadog.PtrBool(true), - PrivateKey: datadog.PtrString("private_key"), - PrivateKeyId: datadog.PtrString("123456789abcdefghi123456789abcdefghijklm"), - ProjectId: datadog.PtrString("datadog-apitest"), - TokenUri: datadog.PtrString("https://accounts.google.com/o/oauth2/token"), - Type: datadog.PtrString("service_account"), + HostFilters: datadog.PtrString("key:value,filter:example"), + IsCspmEnabled: datadog.PtrBool(true), + IsSecurityCommandCenterEnabled: datadog.PtrBool(true), + PrivateKey: datadog.PtrString("private_key"), + PrivateKeyId: datadog.PtrString("123456789abcdefghi123456789abcdefghijklm"), + ProjectId: datadog.PtrString("datadog-apitest"), + ResourceCollectionEnabled: datadog.PtrBool(true), + TokenUri: datadog.PtrString("https://accounts.google.com/o/oauth2/token"), + Type: datadog.PtrString("service_account"), } ctx := datadog.NewDefaultContext(context.Background()) configuration := datadog.NewConfiguration() diff --git a/examples/v1/gcp-integration/UpdateGCPIntegration.go b/examples/v1/gcp-integration/UpdateGCPIntegration.go index b95dbd22858..f5a1d823fb7 100644 --- a/examples/v1/gcp-integration/UpdateGCPIntegration.go +++ b/examples/v1/gcp-integration/UpdateGCPIntegration.go @@ -22,13 +22,15 @@ func main() { Errors: []string{ "*", }, - HostFilters: datadog.PtrString("key:value,filter:example"), - IsCspmEnabled: datadog.PtrBool(true), - PrivateKey: datadog.PtrString("private_key"), - PrivateKeyId: datadog.PtrString("123456789abcdefghi123456789abcdefghijklm"), - ProjectId: datadog.PtrString("datadog-apitest"), - TokenUri: datadog.PtrString("https://accounts.google.com/o/oauth2/token"), - Type: datadog.PtrString("service_account"), + HostFilters: datadog.PtrString("key:value,filter:example"), + IsCspmEnabled: datadog.PtrBool(true), + IsSecurityCommandCenterEnabled: datadog.PtrBool(true), + PrivateKey: datadog.PtrString("private_key"), + PrivateKeyId: datadog.PtrString("123456789abcdefghi123456789abcdefghijklm"), + ProjectId: datadog.PtrString("datadog-apitest"), + ResourceCollectionEnabled: datadog.PtrBool(true), + TokenUri: datadog.PtrString("https://accounts.google.com/o/oauth2/token"), + Type: datadog.PtrString("service_account"), } ctx := datadog.NewDefaultContext(context.Background()) configuration := datadog.NewConfiguration() diff --git a/examples/v2/gcp-integration/CreateGCPSTSAccount_130557025.go b/examples/v2/gcp-integration/CreateGCPSTSAccount_130557025.go new file mode 100644 index 00000000000..9593cf901cc --- /dev/null +++ b/examples/v2/gcp-integration/CreateGCPSTSAccount_130557025.go @@ -0,0 +1,39 @@ +// Create a new entry for your service account with resource collection enabled returns "OK" response + +package main + +import ( + "context" + "encoding/json" + "fmt" + "os" + + "github.com/DataDog/datadog-api-client-go/v2/api/datadog" + "github.com/DataDog/datadog-api-client-go/v2/api/datadogV2" +) + +func main() { + body := datadogV2.GCPSTSServiceAccountCreateRequest{ + Data: &datadogV2.GCPSTSServiceAccountData{ + Attributes: &datadogV2.GCPSTSServiceAccountAttributes{ + ResourceCollectionEnabled: datadog.PtrBool(true), + ClientEmail: datadog.PtrString("252bf553ef04b351@test-project.iam.gserviceaccount.com"), + HostFilters: []string{}, + }, + Type: datadogV2.GCPSERVICEACCOUNTTYPE_GCP_SERVICE_ACCOUNT.Ptr(), + }, + } + ctx := datadog.NewDefaultContext(context.Background()) + configuration := datadog.NewConfiguration() + apiClient := datadog.NewAPIClient(configuration) + api := datadogV2.NewGCPIntegrationApi(apiClient) + resp, r, err := api.CreateGCPSTSAccount(ctx, body) + + if err != nil { + fmt.Fprintf(os.Stderr, "Error when calling `GCPIntegrationApi.CreateGCPSTSAccount`: %v\n", err) + fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) + } + + responseContent, _ := json.MarshalIndent(resp, "", " ") + fmt.Fprintf(os.Stdout, "Response from `GCPIntegrationApi.CreateGCPSTSAccount`:\n%s\n", responseContent) +} diff --git a/examples/v2/gcp-integration/CreateGCPSTSAccount_2597004741.go b/examples/v2/gcp-integration/CreateGCPSTSAccount_2597004741.go new file mode 100644 index 00000000000..32c8c4a310b --- /dev/null +++ b/examples/v2/gcp-integration/CreateGCPSTSAccount_2597004741.go @@ -0,0 +1,39 @@ +// Create a new entry for your service account with security command center enabled returns "OK" response + +package main + +import ( + "context" + "encoding/json" + "fmt" + "os" + + "github.com/DataDog/datadog-api-client-go/v2/api/datadog" + "github.com/DataDog/datadog-api-client-go/v2/api/datadogV2" +) + +func main() { + body := datadogV2.GCPSTSServiceAccountCreateRequest{ + Data: &datadogV2.GCPSTSServiceAccountData{ + Attributes: &datadogV2.GCPSTSServiceAccountAttributes{ + IsSecurityCommandCenterEnabled: datadog.PtrBool(true), + ClientEmail: datadog.PtrString("252bf553ef04b351@test-project.iam.gserviceaccount.com"), + HostFilters: []string{}, + }, + Type: datadogV2.GCPSERVICEACCOUNTTYPE_GCP_SERVICE_ACCOUNT.Ptr(), + }, + } + ctx := datadog.NewDefaultContext(context.Background()) + configuration := datadog.NewConfiguration() + apiClient := datadog.NewAPIClient(configuration) + api := datadogV2.NewGCPIntegrationApi(apiClient) + resp, r, err := api.CreateGCPSTSAccount(ctx, body) + + if err != nil { + fmt.Fprintf(os.Stderr, "Error when calling `GCPIntegrationApi.CreateGCPSTSAccount`: %v\n", err) + fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) + } + + responseContent, _ := json.MarshalIndent(resp, "", " ") + fmt.Fprintf(os.Stdout, "Response from `GCPIntegrationApi.CreateGCPSTSAccount`:\n%s\n", responseContent) +} diff --git a/examples/v2/gcp-integration/CreateGCPSTSAccount_4235664992.go b/examples/v2/gcp-integration/CreateGCPSTSAccount_4235664992.go new file mode 100644 index 00000000000..f6e078548bf --- /dev/null +++ b/examples/v2/gcp-integration/CreateGCPSTSAccount_4235664992.go @@ -0,0 +1,39 @@ +// Create a new entry for your service account with cspm enabled returns "OK" response + +package main + +import ( + "context" + "encoding/json" + "fmt" + "os" + + "github.com/DataDog/datadog-api-client-go/v2/api/datadog" + "github.com/DataDog/datadog-api-client-go/v2/api/datadogV2" +) + +func main() { + body := datadogV2.GCPSTSServiceAccountCreateRequest{ + Data: &datadogV2.GCPSTSServiceAccountData{ + Attributes: &datadogV2.GCPSTSServiceAccountAttributes{ + IsCspmEnabled: datadog.PtrBool(true), + ClientEmail: datadog.PtrString("252bf553ef04b351@test-project.iam.gserviceaccount.com"), + HostFilters: []string{}, + }, + Type: datadogV2.GCPSERVICEACCOUNTTYPE_GCP_SERVICE_ACCOUNT.Ptr(), + }, + } + ctx := datadog.NewDefaultContext(context.Background()) + configuration := datadog.NewConfiguration() + apiClient := datadog.NewAPIClient(configuration) + api := datadogV2.NewGCPIntegrationApi(apiClient) + resp, r, err := api.CreateGCPSTSAccount(ctx, body) + + if err != nil { + fmt.Fprintf(os.Stderr, "Error when calling `GCPIntegrationApi.CreateGCPSTSAccount`: %v\n", err) + fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) + } + + responseContent, _ := json.MarshalIndent(resp, "", " ") + fmt.Fprintf(os.Stdout, "Response from `GCPIntegrationApi.CreateGCPSTSAccount`:\n%s\n", responseContent) +} diff --git a/examples/v2/gcp-integration/UpdateGCPSTSAccount_3205636354.go b/examples/v2/gcp-integration/UpdateGCPSTSAccount_3205636354.go new file mode 100644 index 00000000000..e965997eeab --- /dev/null +++ b/examples/v2/gcp-integration/UpdateGCPSTSAccount_3205636354.go @@ -0,0 +1,42 @@ +// Update STS Service Account returns "OK" response with enable resource collection turned on + +package main + +import ( + "context" + "encoding/json" + "fmt" + "os" + + "github.com/DataDog/datadog-api-client-go/v2/api/datadog" + "github.com/DataDog/datadog-api-client-go/v2/api/datadogV2" +) + +func main() { + // there is a valid "gcp_sts_account" in the system + GcpStsAccountDataID := os.Getenv("GCP_STS_ACCOUNT_DATA_ID") + + body := datadogV2.GCPSTSServiceAccountUpdateRequest{ + Data: &datadogV2.GCPSTSServiceAccountUpdateRequestData{ + Attributes: &datadogV2.GCPSTSServiceAccountAttributes{ + ClientEmail: datadog.PtrString("252bf553ef04b351@example.com"), + ResourceCollectionEnabled: datadog.PtrBool(true), + }, + Id: datadog.PtrString(GcpStsAccountDataID), + Type: datadogV2.GCPSERVICEACCOUNTTYPE_GCP_SERVICE_ACCOUNT.Ptr(), + }, + } + ctx := datadog.NewDefaultContext(context.Background()) + configuration := datadog.NewConfiguration() + apiClient := datadog.NewAPIClient(configuration) + api := datadogV2.NewGCPIntegrationApi(apiClient) + resp, r, err := api.UpdateGCPSTSAccount(ctx, GcpStsAccountDataID, body) + + if err != nil { + fmt.Fprintf(os.Stderr, "Error when calling `GCPIntegrationApi.UpdateGCPSTSAccount`: %v\n", err) + fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) + } + + responseContent, _ := json.MarshalIndent(resp, "", " ") + fmt.Fprintf(os.Stdout, "Response from `GCPIntegrationApi.UpdateGCPSTSAccount`:\n%s\n", responseContent) +} diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_GCP_Integration/Scenario_Create_a_new_entry_for_your_service_account_with_cspm_enabled_returns_OK_response.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_GCP_Integration/Scenario_Create_a_new_entry_for_your_service_account_with_cspm_enabled_returns_OK_response.freeze new file mode 100644 index 00000000000..4c8e03a1d9e --- /dev/null +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_GCP_Integration/Scenario_Create_a_new_entry_for_your_service_account_with_cspm_enabled_returns_OK_response.freeze @@ -0,0 +1 @@ +2023-12-13T21:29:09.202Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_GCP_Integration/Scenario_Create_a_new_entry_for_your_service_account_with_cspm_enabled_returns_OK_response.yaml b/tests/scenarios/cassettes/TestScenarios/v2/Feature_GCP_Integration/Scenario_Create_a_new_entry_for_your_service_account_with_cspm_enabled_returns_OK_response.yaml new file mode 100644 index 00000000000..850f81987d8 --- /dev/null +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_GCP_Integration/Scenario_Create_a_new_entry_for_your_service_account_with_cspm_enabled_returns_OK_response.yaml @@ -0,0 +1,39 @@ +interactions: +- request: + body: | + {"data":{"attributes":{"client_email":"dfb9f119aee90526@test-project.iam.gserviceaccount.com","host_filters":[],"is_cspm_enabled":true},"type":"gcp_service_account"}} + form: {} + headers: + Accept: + - application/json + Content-Type: + - application/json + method: POST + url: https://api.datadoghq.com/api/v2/integration/gcp/accounts + response: + body: '{"data":{"type":"gcp_service_account","attributes":{"is_security_command_center_enabled":false,"resource_collection_enabled":true,"is_cspm_enabled":true,"client_email":"dfb9f119aee90526@test-project.iam.gserviceaccount.com","account_tags":[],"automute":false,"host_filters":[]},"id":"d2ef6458-62a4-4fbe-ad48-9429baa01867"}} + + ' + code: 201 + duration: '' + headers: + Content-Type: + - application/json + status: 201 Created +- request: + body: '' + form: {} + headers: + Accept: + - '*/*' + method: DELETE + url: https://api.datadoghq.com/api/v2/integration/gcp/accounts/d2ef6458-62a4-4fbe-ad48-9429baa01867 + response: + body: '' + code: 204 + duration: '' + headers: + Content-Type: + - text/html; charset=utf-8 + status: 204 No Content +version: 1 diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_GCP_Integration/Scenario_Create_a_new_entry_for_your_service_account_with_resource_collection_enabled_disabled_and_cspm_enabled_returns_Bad_Request_response.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_GCP_Integration/Scenario_Create_a_new_entry_for_your_service_account_with_resource_collection_enabled_disabled_and_cspm_enabled_returns_Bad_Request_response.freeze new file mode 100644 index 00000000000..aad0057ee57 --- /dev/null +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_GCP_Integration/Scenario_Create_a_new_entry_for_your_service_account_with_resource_collection_enabled_disabled_and_cspm_enabled_returns_Bad_Request_response.freeze @@ -0,0 +1 @@ +2023-12-13T21:29:09.936Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_GCP_Integration/Scenario_Create_a_new_entry_for_your_service_account_with_resource_collection_enabled_disabled_and_cspm_enabled_returns_Bad_Request_response.yaml b/tests/scenarios/cassettes/TestScenarios/v2/Feature_GCP_Integration/Scenario_Create_a_new_entry_for_your_service_account_with_resource_collection_enabled_disabled_and_cspm_enabled_returns_Bad_Request_response.yaml new file mode 100644 index 00000000000..3bf6bdc2062 --- /dev/null +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_GCP_Integration/Scenario_Create_a_new_entry_for_your_service_account_with_resource_collection_enabled_disabled_and_cspm_enabled_returns_Bad_Request_response.yaml @@ -0,0 +1,21 @@ +interactions: +- request: + body: | + {"data":{"attributes":{"client_email":"328d5a676e7e2219@test-project.iam.gserviceaccount.com","host_filters":[],"is_cspm_enabled":true,"resource_collection_enabled":false},"type":"gcp_service_account"}} + form: {} + headers: + Accept: + - application/json + Content-Type: + - application/json + method: POST + url: https://api.datadoghq.com/api/v2/integration/gcp/accounts + response: + body: '{"errors":["Resource Collection must be enabled for CSM to be enabled"]}' + code: 400 + duration: '' + headers: + Content-Type: + - application/json + status: 400 Bad Request +version: 1 diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_GCP_Integration/Scenario_Create_a_new_entry_for_your_service_account_with_resource_collection_enabled_returns_OK_response.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_GCP_Integration/Scenario_Create_a_new_entry_for_your_service_account_with_resource_collection_enabled_returns_OK_response.freeze new file mode 100644 index 00000000000..b48e4fe1813 --- /dev/null +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_GCP_Integration/Scenario_Create_a_new_entry_for_your_service_account_with_resource_collection_enabled_returns_OK_response.freeze @@ -0,0 +1 @@ +2023-12-13T21:29:10.005Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_GCP_Integration/Scenario_Create_a_new_entry_for_your_service_account_with_resource_collection_enabled_returns_OK_response.yaml b/tests/scenarios/cassettes/TestScenarios/v2/Feature_GCP_Integration/Scenario_Create_a_new_entry_for_your_service_account_with_resource_collection_enabled_returns_OK_response.yaml new file mode 100644 index 00000000000..7e61beffb34 --- /dev/null +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_GCP_Integration/Scenario_Create_a_new_entry_for_your_service_account_with_resource_collection_enabled_returns_OK_response.yaml @@ -0,0 +1,39 @@ +interactions: +- request: + body: | + {"data":{"attributes":{"client_email":"c200eb5fe37e7d26@test-project.iam.gserviceaccount.com","host_filters":[],"resource_collection_enabled":true},"type":"gcp_service_account"}} + form: {} + headers: + Accept: + - application/json + Content-Type: + - application/json + method: POST + url: https://api.datadoghq.com/api/v2/integration/gcp/accounts + response: + body: '{"data":{"type":"gcp_service_account","attributes":{"automute":false,"is_security_command_center_enabled":false,"host_filters":[],"client_email":"c200eb5fe37e7d26@test-project.iam.gserviceaccount.com","resource_collection_enabled":true,"account_tags":[],"is_cspm_enabled":false},"id":"e0e0b030-aba8-4eff-bcf2-7d4266d0d7fd"}} + + ' + code: 201 + duration: '' + headers: + Content-Type: + - application/json + status: 201 Created +- request: + body: '' + form: {} + headers: + Accept: + - '*/*' + method: DELETE + url: https://api.datadoghq.com/api/v2/integration/gcp/accounts/e0e0b030-aba8-4eff-bcf2-7d4266d0d7fd + response: + body: '' + code: 204 + duration: '' + headers: + Content-Type: + - text/html; charset=utf-8 + status: 204 No Content +version: 1 diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_GCP_Integration/Scenario_Create_a_new_entry_for_your_service_account_with_security_command_center_enabled_returns_OK_response.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_GCP_Integration/Scenario_Create_a_new_entry_for_your_service_account_with_security_command_center_enabled_returns_OK_response.freeze new file mode 100644 index 00000000000..a70b525b6e9 --- /dev/null +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_GCP_Integration/Scenario_Create_a_new_entry_for_your_service_account_with_security_command_center_enabled_returns_OK_response.freeze @@ -0,0 +1 @@ +2023-12-13T21:29:10.722Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_GCP_Integration/Scenario_Create_a_new_entry_for_your_service_account_with_security_command_center_enabled_returns_OK_response.yaml b/tests/scenarios/cassettes/TestScenarios/v2/Feature_GCP_Integration/Scenario_Create_a_new_entry_for_your_service_account_with_security_command_center_enabled_returns_OK_response.yaml new file mode 100644 index 00000000000..25d46a2556b --- /dev/null +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_GCP_Integration/Scenario_Create_a_new_entry_for_your_service_account_with_security_command_center_enabled_returns_OK_response.yaml @@ -0,0 +1,39 @@ +interactions: +- request: + body: | + {"data":{"attributes":{"client_email":"bce3b7c65fce9a71@test-project.iam.gserviceaccount.com","host_filters":[],"is_security_command_center_enabled":true},"type":"gcp_service_account"}} + form: {} + headers: + Accept: + - application/json + Content-Type: + - application/json + method: POST + url: https://api.datadoghq.com/api/v2/integration/gcp/accounts + response: + body: '{"data":{"type":"gcp_service_account","attributes":{"automute":false,"account_tags":[],"host_filters":[],"client_email":"bce3b7c65fce9a71@test-project.iam.gserviceaccount.com","is_security_command_center_enabled":true,"resource_collection_enabled":false,"is_cspm_enabled":false},"id":"e72611ce-c7eb-4411-bc0e-04fa12a8cb6c"}} + + ' + code: 201 + duration: '' + headers: + Content-Type: + - application/json + status: 201 Created +- request: + body: '' + form: {} + headers: + Accept: + - '*/*' + method: DELETE + url: https://api.datadoghq.com/api/v2/integration/gcp/accounts/e72611ce-c7eb-4411-bc0e-04fa12a8cb6c + response: + body: '' + code: 204 + duration: '' + headers: + Content-Type: + - text/html; charset=utf-8 + status: 204 No Content +version: 1 diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_GCP_Integration/Scenario_Update_STS_Service_Account_returns_OK_response_with_enable_resource_collection_turned_on.freeze b/tests/scenarios/cassettes/TestScenarios/v2/Feature_GCP_Integration/Scenario_Update_STS_Service_Account_returns_OK_response_with_enable_resource_collection_turned_on.freeze new file mode 100644 index 00000000000..bb19b144460 --- /dev/null +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_GCP_Integration/Scenario_Update_STS_Service_Account_returns_OK_response_with_enable_resource_collection_turned_on.freeze @@ -0,0 +1 @@ +2023-12-13T21:29:11.135Z \ No newline at end of file diff --git a/tests/scenarios/cassettes/TestScenarios/v2/Feature_GCP_Integration/Scenario_Update_STS_Service_Account_returns_OK_response_with_enable_resource_collection_turned_on.yaml b/tests/scenarios/cassettes/TestScenarios/v2/Feature_GCP_Integration/Scenario_Update_STS_Service_Account_returns_OK_response_with_enable_resource_collection_turned_on.yaml new file mode 100644 index 00000000000..0c7eebc28f6 --- /dev/null +++ b/tests/scenarios/cassettes/TestScenarios/v2/Feature_GCP_Integration/Scenario_Update_STS_Service_Account_returns_OK_response_with_enable_resource_collection_turned_on.yaml @@ -0,0 +1,60 @@ +interactions: +- request: + body: | + {"data":{"attributes":{"client_email":"78489d28e3cca21b@example.com","host_filters":[]},"type":"gcp_service_account"}} + form: {} + headers: + Accept: + - application/json + Content-Type: + - application/json + method: POST + url: https://api.datadoghq.com/api/v2/integration/gcp/accounts + response: + body: '{"data":{"type":"gcp_service_account","attributes":{"client_email":"78489d28e3cca21b@example.com","host_filters":[],"account_tags":[],"is_cspm_enabled":false,"automute":false,"is_security_command_center_enabled":false,"resource_collection_enabled":false},"id":"1ce480d7-4006-418e-b627-167af0586d7e"}} + + ' + code: 201 + duration: '' + headers: + Content-Type: + - application/json + status: 201 Created +- request: + body: | + {"data":{"attributes":{"client_email":"78489d28e3cca21b@example.com","resource_collection_enabled":true},"id":"1ce480d7-4006-418e-b627-167af0586d7e","type":"gcp_service_account"}} + form: {} + headers: + Accept: + - application/json + Content-Type: + - application/json + method: PATCH + url: https://api.datadoghq.com/api/v2/integration/gcp/accounts/1ce480d7-4006-418e-b627-167af0586d7e + response: + body: '{"data":{"type":"gcp_service_account","attributes":{"resource_collection_enabled":true,"is_security_command_center_enabled":false,"automute":false,"account_tags":[],"host_filters":[],"client_email":"78489d28e3cca21b@example.com","is_cspm_enabled":false},"id":"1ce480d7-4006-418e-b627-167af0586d7e"}} + + ' + code: 201 + duration: '' + headers: + Content-Type: + - application/json + status: 201 Created +- request: + body: '' + form: {} + headers: + Accept: + - '*/*' + method: DELETE + url: https://api.datadoghq.com/api/v2/integration/gcp/accounts/1ce480d7-4006-418e-b627-167af0586d7e + response: + body: '' + code: 204 + duration: '' + headers: + Content-Type: + - text/html; charset=utf-8 + status: 204 No Content +version: 1 diff --git a/tests/scenarios/features/v1/gcp_integration.feature b/tests/scenarios/features/v1/gcp_integration.feature index ae1f2eb902c..72a1bd7dbc1 100644 --- a/tests/scenarios/features/v1/gcp_integration.feature +++ b/tests/scenarios/features/v1/gcp_integration.feature @@ -10,56 +10,56 @@ Feature: GCP Integration And a valid "appKeyAuth" key in the system And an instance of "GCPIntegration" API - @generated @skip @team:DataDog/cloud-integrations + @generated @skip @team:DataDog/gcp-integrations Scenario: Create a GCP integration returns "Bad Request" response Given new "CreateGCPIntegration" request - And body with value {"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "client_email": "api-dev@datadog-sandbox.iam.gserviceaccount.com", "client_id": "123456712345671234567", "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/$CLIENT_EMAIL", "errors": ["*"], "host_filters": "key:value,filter:example", "is_cspm_enabled": true, "private_key": "private_key", "private_key_id": "123456789abcdefghi123456789abcdefghijklm", "project_id": "datadog-apitest", "token_uri": "https://accounts.google.com/o/oauth2/token", "type": "service_account"} + And body with value {"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "client_email": "api-dev@datadog-sandbox.iam.gserviceaccount.com", "client_id": "123456712345671234567", "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/$CLIENT_EMAIL", "errors": ["*"], "host_filters": "key:value,filter:example", "is_cspm_enabled": true, "is_security_command_center_enabled": true, "private_key": "private_key", "private_key_id": "123456789abcdefghi123456789abcdefghijklm", "project_id": "datadog-apitest", "resource_collection_enabled": true, "token_uri": "https://accounts.google.com/o/oauth2/token", "type": "service_account"} When the request is sent Then the response status is 400 Bad Request - @generated @skip @team:DataDog/cloud-integrations + @generated @skip @team:DataDog/gcp-integrations Scenario: Create a GCP integration returns "OK" response Given new "CreateGCPIntegration" request - And body with value {"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "client_email": "api-dev@datadog-sandbox.iam.gserviceaccount.com", "client_id": "123456712345671234567", "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/$CLIENT_EMAIL", "errors": ["*"], "host_filters": "key:value,filter:example", "is_cspm_enabled": true, "private_key": "private_key", "private_key_id": "123456789abcdefghi123456789abcdefghijklm", "project_id": "datadog-apitest", "token_uri": "https://accounts.google.com/o/oauth2/token", "type": "service_account"} + And body with value {"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "client_email": "api-dev@datadog-sandbox.iam.gserviceaccount.com", "client_id": "123456712345671234567", "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/$CLIENT_EMAIL", "errors": ["*"], "host_filters": "key:value,filter:example", "is_cspm_enabled": true, "is_security_command_center_enabled": true, "private_key": "private_key", "private_key_id": "123456789abcdefghi123456789abcdefghijklm", "project_id": "datadog-apitest", "resource_collection_enabled": true, "token_uri": "https://accounts.google.com/o/oauth2/token", "type": "service_account"} When the request is sent Then the response status is 200 OK - @generated @skip @team:DataDog/cloud-integrations + @generated @skip @team:DataDog/gcp-integrations Scenario: Delete a GCP integration returns "Bad Request" response Given new "DeleteGCPIntegration" request - And body with value {"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "client_email": "api-dev@datadog-sandbox.iam.gserviceaccount.com", "client_id": "123456712345671234567", "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/$CLIENT_EMAIL", "errors": ["*"], "host_filters": "key:value,filter:example", "is_cspm_enabled": true, "private_key": "private_key", "private_key_id": "123456789abcdefghi123456789abcdefghijklm", "project_id": "datadog-apitest", "token_uri": "https://accounts.google.com/o/oauth2/token", "type": "service_account"} + And body with value {"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "client_email": "api-dev@datadog-sandbox.iam.gserviceaccount.com", "client_id": "123456712345671234567", "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/$CLIENT_EMAIL", "errors": ["*"], "host_filters": "key:value,filter:example", "is_cspm_enabled": true, "is_security_command_center_enabled": true, "private_key": "private_key", "private_key_id": "123456789abcdefghi123456789abcdefghijklm", "project_id": "datadog-apitest", "resource_collection_enabled": true, "token_uri": "https://accounts.google.com/o/oauth2/token", "type": "service_account"} When the request is sent Then the response status is 400 Bad Request - @generated @skip @team:DataDog/cloud-integrations + @generated @skip @team:DataDog/gcp-integrations Scenario: Delete a GCP integration returns "OK" response Given new "DeleteGCPIntegration" request - And body with value {"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "client_email": "api-dev@datadog-sandbox.iam.gserviceaccount.com", "client_id": "123456712345671234567", "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/$CLIENT_EMAIL", "errors": ["*"], "host_filters": "key:value,filter:example", "is_cspm_enabled": true, "private_key": "private_key", "private_key_id": "123456789abcdefghi123456789abcdefghijklm", "project_id": "datadog-apitest", "token_uri": "https://accounts.google.com/o/oauth2/token", "type": "service_account"} + And body with value {"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "client_email": "api-dev@datadog-sandbox.iam.gserviceaccount.com", "client_id": "123456712345671234567", "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/$CLIENT_EMAIL", "errors": ["*"], "host_filters": "key:value,filter:example", "is_cspm_enabled": true, "is_security_command_center_enabled": true, "private_key": "private_key", "private_key_id": "123456789abcdefghi123456789abcdefghijklm", "project_id": "datadog-apitest", "resource_collection_enabled": true, "token_uri": "https://accounts.google.com/o/oauth2/token", "type": "service_account"} When the request is sent Then the response status is 200 OK - @generated @skip @team:DataDog/cloud-integrations + @generated @skip @team:DataDog/gcp-integrations Scenario: List all GCP integrations returns "Bad Request" response Given new "ListGCPIntegration" request When the request is sent Then the response status is 400 Bad Request - @generated @skip @team:DataDog/cloud-integrations + @generated @skip @team:DataDog/gcp-integrations Scenario: List all GCP integrations returns "OK" response Given new "ListGCPIntegration" request When the request is sent Then the response status is 200 OK - @generated @skip @team:DataDog/cloud-integrations + @generated @skip @team:DataDog/gcp-integrations Scenario: Update a GCP integration returns "Bad Request" response Given new "UpdateGCPIntegration" request - And body with value {"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "client_email": "api-dev@datadog-sandbox.iam.gserviceaccount.com", "client_id": "123456712345671234567", "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/$CLIENT_EMAIL", "errors": ["*"], "host_filters": "key:value,filter:example", "is_cspm_enabled": true, "private_key": "private_key", "private_key_id": "123456789abcdefghi123456789abcdefghijklm", "project_id": "datadog-apitest", "token_uri": "https://accounts.google.com/o/oauth2/token", "type": "service_account"} + And body with value {"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "client_email": "api-dev@datadog-sandbox.iam.gserviceaccount.com", "client_id": "123456712345671234567", "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/$CLIENT_EMAIL", "errors": ["*"], "host_filters": "key:value,filter:example", "is_cspm_enabled": true, "is_security_command_center_enabled": true, "private_key": "private_key", "private_key_id": "123456789abcdefghi123456789abcdefghijklm", "project_id": "datadog-apitest", "resource_collection_enabled": true, "token_uri": "https://accounts.google.com/o/oauth2/token", "type": "service_account"} When the request is sent Then the response status is 400 Bad Request - @generated @skip @team:DataDog/cloud-integrations + @generated @skip @team:DataDog/gcp-integrations Scenario: Update a GCP integration returns "OK" response Given new "UpdateGCPIntegration" request - And body with value {"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "client_email": "api-dev@datadog-sandbox.iam.gserviceaccount.com", "client_id": "123456712345671234567", "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/$CLIENT_EMAIL", "errors": ["*"], "host_filters": "key:value,filter:example", "is_cspm_enabled": true, "private_key": "private_key", "private_key_id": "123456789abcdefghi123456789abcdefghijklm", "project_id": "datadog-apitest", "token_uri": "https://accounts.google.com/o/oauth2/token", "type": "service_account"} + And body with value {"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "client_email": "api-dev@datadog-sandbox.iam.gserviceaccount.com", "client_id": "123456712345671234567", "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/$CLIENT_EMAIL", "errors": ["*"], "host_filters": "key:value,filter:example", "is_cspm_enabled": true, "is_security_command_center_enabled": true, "private_key": "private_key", "private_key_id": "123456789abcdefghi123456789abcdefghijklm", "project_id": "datadog-apitest", "resource_collection_enabled": true, "token_uri": "https://accounts.google.com/o/oauth2/token", "type": "service_account"} When the request is sent Then the response status is 200 OK diff --git a/tests/scenarios/features/v2/gcp_integration.feature b/tests/scenarios/features/v2/gcp_integration.feature index 994a17e727a..5414ae350bd 100644 --- a/tests/scenarios/features/v2/gcp_integration.feature +++ b/tests/scenarios/features/v2/gcp_integration.feature @@ -34,14 +34,14 @@ Feature: GCP Integration @generated @skip @team:DataDog/gcp-integrations Scenario: Create a new entry for your service account returns "Bad Request" response Given new "CreateGCPSTSAccount" request - And body with value {"data": {"attributes": {"account_tags": [], "client_email": "datadog-service-account@test-project.iam.gserviceaccount.com", "host_filters": []}, "type": "gcp_service_account"}} + And body with value {"data": {"attributes": {"account_tags": [], "client_email": "datadog-service-account@test-project.iam.gserviceaccount.com", "host_filters": [], "is_security_command_center_enabled": true, "resource_collection_enabled": false}, "type": "gcp_service_account"}} When the request is sent Then the response status is 400 Bad Request @generated @skip @team:DataDog/gcp-integrations Scenario: Create a new entry for your service account returns "Conflict" response Given new "CreateGCPSTSAccount" request - And body with value {"data": {"attributes": {"account_tags": [], "client_email": "datadog-service-account@test-project.iam.gserviceaccount.com", "host_filters": []}, "type": "gcp_service_account"}} + And body with value {"data": {"attributes": {"account_tags": [], "client_email": "datadog-service-account@test-project.iam.gserviceaccount.com", "host_filters": [], "is_security_command_center_enabled": true, "resource_collection_enabled": false}, "type": "gcp_service_account"}} When the request is sent Then the response status is 409 Conflict @@ -64,6 +64,43 @@ Feature: GCP Integration And the response "data.attributes.client_email" is equal to "{{ unique_hash }}@test-project.iam.gserviceaccount.com" And the response "data.attributes.account_tags" is equal to ["lorem", "ipsum"] + @team:DataDog/gcp-integrations + Scenario: Create a new entry for your service account with cspm enabled returns "OK" response + Given new "CreateGCPSTSAccount" request + And body with value {"data": {"attributes": {"is_cspm_enabled": true, "client_email": "{{ unique_hash }}@test-project.iam.gserviceaccount.com", "host_filters": []}, "type": "gcp_service_account"}} + When the request is sent + Then the response status is 201 OK + And the response "data.type" is equal to "gcp_service_account" + And the response "data.attributes.client_email" is equal to "{{ unique_hash }}@test-project.iam.gserviceaccount.com" + And the response "data.attributes.is_cspm_enabled" is equal to true + + @team:DataDog/gcp-integrations + Scenario: Create a new entry for your service account with resource collection enabled disabled and cspm enabled returns "Bad Request" response + Given new "CreateGCPSTSAccount" request + And body with value {"data": {"attributes": {"resource_collection_enabled": false, "is_cspm_enabled": true, "client_email": "{{ unique_hash }}@test-project.iam.gserviceaccount.com", "host_filters": []}, "type": "gcp_service_account"}} + When the request is sent + Then the response status is 400 Bad Request + + @team:DataDog/gcp-integrations + Scenario: Create a new entry for your service account with resource collection enabled returns "OK" response + Given new "CreateGCPSTSAccount" request + And body with value {"data": {"attributes": {"resource_collection_enabled": true, "client_email": "{{ unique_hash }}@test-project.iam.gserviceaccount.com", "host_filters": []}, "type": "gcp_service_account"}} + When the request is sent + Then the response status is 201 OK + And the response "data.type" is equal to "gcp_service_account" + And the response "data.attributes.client_email" is equal to "{{ unique_hash }}@test-project.iam.gserviceaccount.com" + And the response "data.attributes.resource_collection_enabled" is equal to true + + @team:DataDog/gcp-integrations + Scenario: Create a new entry for your service account with security command center enabled returns "OK" response + Given new "CreateGCPSTSAccount" request + And body with value {"data": {"attributes": {"is_security_command_center_enabled": true, "client_email": "{{ unique_hash }}@test-project.iam.gserviceaccount.com", "host_filters": []}, "type": "gcp_service_account"}} + When the request is sent + Then the response status is 201 OK + And the response "data.type" is equal to "gcp_service_account" + And the response "data.attributes.client_email" is equal to "{{ unique_hash }}@test-project.iam.gserviceaccount.com" + And the response "data.attributes.is_security_command_center_enabled" is equal to true + @generated @skip @team:DataDog/gcp-integrations Scenario: Delete an STS enabled GCP Account returns "Bad Request" response Given new "DeleteGCPSTSAccount" request @@ -103,7 +140,7 @@ Feature: GCP Integration Scenario: Update STS Service Account returns "Bad Request" response Given new "UpdateGCPSTSAccount" request And request contains "account_id" parameter from "REPLACE.ME" - And body with value {"data": {"attributes": {"account_tags": [], "client_email": "datadog-service-account@test-project.iam.gserviceaccount.com", "host_filters": []}, "id": "d291291f-12c2-22g4-j290-123456678897", "type": "gcp_service_account"}} + And body with value {"data": {"attributes": {"account_tags": [], "client_email": "datadog-service-account@test-project.iam.gserviceaccount.com", "host_filters": [], "is_security_command_center_enabled": true, "resource_collection_enabled": false}, "id": "d291291f-12c2-22g4-j290-123456678897", "type": "gcp_service_account"}} When the request is sent Then the response status is 400 Bad Request @@ -111,7 +148,7 @@ Feature: GCP Integration Scenario: Update STS Service Account returns "Not Found" response Given new "UpdateGCPSTSAccount" request And request contains "account_id" parameter from "REPLACE.ME" - And body with value {"data": {"attributes": {"account_tags": [], "client_email": "datadog-service-account@test-project.iam.gserviceaccount.com", "host_filters": []}, "id": "d291291f-12c2-22g4-j290-123456678897", "type": "gcp_service_account"}} + And body with value {"data": {"attributes": {"account_tags": [], "client_email": "datadog-service-account@test-project.iam.gserviceaccount.com", "host_filters": [], "is_security_command_center_enabled": true, "resource_collection_enabled": false}, "id": "d291291f-12c2-22g4-j290-123456678897", "type": "gcp_service_account"}} When the request is sent Then the response status is 404 Not Found @@ -123,3 +160,12 @@ Feature: GCP Integration And body with value {"data": {"attributes": {"client_email": "{{ unique_hash }}@example.com", "host_filters": ["foo:bar"]}, "id": "{{ gcp_sts_account.data.id }}", "type": "gcp_service_account"}} When the request is sent Then the response status is 201 OK + + @team:DataDog/gcp-integrations + Scenario: Update STS Service Account returns "OK" response with enable resource collection turned on + Given there is a valid "gcp_sts_account" in the system + And new "UpdateGCPSTSAccount" request + And request contains "account_id" parameter from "gcp_sts_account.data.id" + And body with value {"data": {"attributes": {"client_email": "{{ unique_hash }}@example.com", "resource_collection_enabled": true}, "id": "{{ gcp_sts_account.data.id }}", "type": "gcp_service_account"}} + When the request is sent + Then the response status is 201 OK