From 0278b4a188c56b4ac74536d9d4a3094143bc16f7 Mon Sep 17 00:00:00 2001 From: "ci.datadog-api-spec" Date: Thu, 19 Feb 2026 08:36:45 +0000 Subject: [PATCH] Regenerate client from commit defc5f5 of spec repo --- .generator/schemas/v2/openapi.yaml | 95 +++++++++++++++++++ docs/datadog_api_client.v2.api.rst | 7 ++ docs/datadog_api_client.v2.model.rst | 28 ++++++ .../ListAWSCloudAuthPersonaMappings.py | 14 +++ src/datadog_api_client/configuration.py | 1 + .../v2/api/cloud_authentication_api.py | 49 ++++++++++ src/datadog_api_client/v2/apis/__init__.py | 2 + ...uth_persona_mapping_attributes_response.py | 45 +++++++++ ...loud_auth_persona_mapping_data_response.py | 64 +++++++++++++ .../aws_cloud_auth_persona_mapping_type.py | 35 +++++++ ...ws_cloud_auth_persona_mappings_response.py | 44 +++++++++ src/datadog_api_client/v2/models/__init__.py | 12 +++ .../v2/features/cloud_authentication.feature | 21 ++++ tests/v2/features/undo.json | 6 ++ 14 files changed, 423 insertions(+) create mode 100644 examples/v2/cloud-authentication/ListAWSCloudAuthPersonaMappings.py create mode 100644 src/datadog_api_client/v2/api/cloud_authentication_api.py create mode 100644 src/datadog_api_client/v2/model/aws_cloud_auth_persona_mapping_attributes_response.py create mode 100644 src/datadog_api_client/v2/model/aws_cloud_auth_persona_mapping_data_response.py create mode 100644 src/datadog_api_client/v2/model/aws_cloud_auth_persona_mapping_type.py create mode 100644 src/datadog_api_client/v2/model/aws_cloud_auth_persona_mappings_response.py create mode 100644 tests/v2/features/cloud_authentication.feature diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index 590c8e62b6..b9a63afce0 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -1834,6 +1834,65 @@ components: required: - role_name type: object + AWSCloudAuthPersonaMappingAttributesResponse: + description: Attributes for AWS cloud authentication persona mapping response + properties: + account_identifier: + description: Datadog account identifier (email or handle) mapped to the + AWS principal + example: test@test.com + type: string + account_uuid: + description: Datadog account UUID + example: 12bbdc5c-5966-47e0-8733-285f9e44bcf4 + type: string + arn_pattern: + description: AWS IAM ARN pattern to match for authentication + example: arn:aws:iam::123456789012:user/testuser + type: string + required: + - arn_pattern + - account_identifier + - account_uuid + type: object + AWSCloudAuthPersonaMappingDataResponse: + description: Data for AWS cloud authentication persona mapping response + properties: + attributes: + $ref: '#/components/schemas/AWSCloudAuthPersonaMappingAttributesResponse' + id: + description: Unique identifier for the persona mapping + example: c5c758c6-18c2-4484-ae3f-46b84128404a + type: string + type: + $ref: '#/components/schemas/AWSCloudAuthPersonaMappingType' + required: + - id + - type + - attributes + type: object + AWSCloudAuthPersonaMappingType: + description: Type identifier for AWS cloud authentication persona mapping + enum: + - aws_cloud_auth_config + example: aws_cloud_auth_config + type: string + x-enum-varnames: + - AWS_CLOUD_AUTH_CONFIG + AWSCloudAuthPersonaMappingsData: + description: List of AWS cloud authentication persona mappings + items: + $ref: '#/components/schemas/AWSCloudAuthPersonaMappingDataResponse' + type: array + AWSCloudAuthPersonaMappingsResponse: + description: Response containing a list of AWS cloud authentication persona + mappings + properties: + data: + $ref: '#/components/schemas/AWSCloudAuthPersonaMappingsData' + required: + - data + type: object AWSCredentials: description: The definition of `AWSCredentials` object. oneOf: @@ -74551,6 +74610,39 @@ paths: permissions: - ci_visibility_read - test_optimization_read + /api/v2/cloud_auth/aws/persona_mapping: + get: + description: List all AWS cloud authentication persona mappings. This endpoint + retrieves all configured persona mappings that associate AWS IAM principals + with Datadog users. + operationId: ListAWSCloudAuthPersonaMappings + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AWSCloudAuthPersonaMappingsResponse' + description: OK + '400': + content: + application/json: + schema: + $ref: '#/components/schemas/JSONAPIErrorResponse' + description: Bad Request + '403': + content: + application/json: + schema: + $ref: '#/components/schemas/JSONAPIErrorResponse' + description: Forbidden + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + summary: List AWS cloud authentication persona mappings + tags: + - Cloud Authentication + x-unstable: '**Note**: This endpoint is in public beta and is subject to change. + + If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).' /api/v2/cloud_security_management/custom_frameworks: post: description: Create a custom framework. @@ -104331,6 +104423,9 @@ tags: Management page](https://docs.datadoghq.com/service_management/case_management/) for more information. name: Case Management Type +- description: Configure AWS cloud authentication mappings for persona and intake + authentication through the Datadog API. + name: Cloud Authentication - description: The Cloud Cost Management API allows you to set up, edit, and delete Cloud Cost Management accounts for AWS, Azure, and Google Cloud. You can query your cost data by using the [Metrics endpoint](https://docs.datadoghq.com/api/latest/metrics/#query-timeseries-data-across-multiple-products) diff --git a/docs/datadog_api_client.v2.api.rst b/docs/datadog_api_client.v2.api.rst index 9381283cc6..09298657ad 100644 --- a/docs/datadog_api_client.v2.api.rst +++ b/docs/datadog_api_client.v2.api.rst @@ -123,6 +123,13 @@ datadog\_api\_client.v2.api.ci\_visibility\_tests\_api module :members: :show-inheritance: +datadog\_api\_client.v2.api.cloud\_authentication\_api module +------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.api.cloud_authentication_api + :members: + :show-inheritance: + datadog\_api\_client.v2.api.cloud\_cost\_management\_api module --------------------------------------------------------------- diff --git a/docs/datadog_api_client.v2.model.rst b/docs/datadog_api_client.v2.model.rst index 83de6067c9..06ddf5f818 100644 --- a/docs/datadog_api_client.v2.model.rst +++ b/docs/datadog_api_client.v2.model.rst @@ -1782,6 +1782,34 @@ datadog\_api\_client.v2.model.aws\_auth\_config\_role module :members: :show-inheritance: +datadog\_api\_client.v2.model.aws\_cloud\_auth\_persona\_mapping\_attributes\_response module +--------------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.aws_cloud_auth_persona_mapping_attributes_response + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.aws\_cloud\_auth\_persona\_mapping\_data\_response module +--------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.aws_cloud_auth_persona_mapping_data_response + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.aws\_cloud\_auth\_persona\_mapping\_type module +----------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.aws_cloud_auth_persona_mapping_type + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.aws\_cloud\_auth\_persona\_mappings\_response module +---------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.aws_cloud_auth_persona_mappings_response + :members: + :show-inheritance: + datadog\_api\_client.v2.model.aws\_credentials module ----------------------------------------------------- diff --git a/examples/v2/cloud-authentication/ListAWSCloudAuthPersonaMappings.py b/examples/v2/cloud-authentication/ListAWSCloudAuthPersonaMappings.py new file mode 100644 index 0000000000..cdf47e0ae2 --- /dev/null +++ b/examples/v2/cloud-authentication/ListAWSCloudAuthPersonaMappings.py @@ -0,0 +1,14 @@ +""" +List AWS cloud authentication persona mappings returns "OK" response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.cloud_authentication_api import CloudAuthenticationApi + +configuration = Configuration() +configuration.unstable_operations["list_aws_cloud_auth_persona_mappings"] = True +with ApiClient(configuration) as api_client: + api_instance = CloudAuthenticationApi(api_client) + response = api_instance.list_aws_cloud_auth_persona_mappings() + + print(response) diff --git a/src/datadog_api_client/configuration.py b/src/datadog_api_client/configuration.py index efa1d3f521..21a039a1d8 100644 --- a/src/datadog_api_client/configuration.py +++ b/src/datadog_api_client/configuration.py @@ -273,6 +273,7 @@ def __init__( "v2.link_jira_issue_to_case": False, "v2.move_case_to_project": False, "v2.unlink_jira_issue": False, + "v2.list_aws_cloud_auth_persona_mappings": False, "v2.activate_content_pack": False, "v2.cancel_threat_hunting_job": False, "v2.convert_job_result_to_signal": False, diff --git a/src/datadog_api_client/v2/api/cloud_authentication_api.py b/src/datadog_api_client/v2/api/cloud_authentication_api.py new file mode 100644 index 0000000000..00c130a6ea --- /dev/null +++ b/src/datadog_api_client/v2/api/cloud_authentication_api.py @@ -0,0 +1,49 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import Any, Dict + +from datadog_api_client.api_client import ApiClient, Endpoint as _Endpoint +from datadog_api_client.configuration import Configuration +from datadog_api_client.v2.model.aws_cloud_auth_persona_mappings_response import AWSCloudAuthPersonaMappingsResponse + + +class CloudAuthenticationApi: + """ + Configure AWS cloud authentication mappings for persona and intake authentication through the Datadog API. + """ + + def __init__(self, api_client=None): + if api_client is None: + api_client = ApiClient(Configuration()) + self.api_client = api_client + + self._list_aws_cloud_auth_persona_mappings_endpoint = _Endpoint( + settings={ + "response_type": (AWSCloudAuthPersonaMappingsResponse,), + "auth": ["apiKeyAuth", "appKeyAuth"], + "endpoint_path": "/api/v2/cloud_auth/aws/persona_mapping", + "operation_id": "list_aws_cloud_auth_persona_mappings", + "http_method": "GET", + "version": "v2", + }, + params_map={}, + headers_map={ + "accept": ["application/json"], + }, + api_client=api_client, + ) + + def list_aws_cloud_auth_persona_mappings( + self, + ) -> AWSCloudAuthPersonaMappingsResponse: + """List AWS cloud authentication persona mappings. + + List all AWS cloud authentication persona mappings. This endpoint retrieves all configured persona mappings that associate AWS IAM principals with Datadog users. + + :rtype: AWSCloudAuthPersonaMappingsResponse + """ + kwargs: Dict[str, Any] = {} + return self._list_aws_cloud_auth_persona_mappings_endpoint.call_with_http_info(**kwargs) diff --git a/src/datadog_api_client/v2/apis/__init__.py b/src/datadog_api_client/v2/apis/__init__.py index 7ed8848978..c8272e85ae 100644 --- a/src/datadog_api_client/v2/apis/__init__.py +++ b/src/datadog_api_client/v2/apis/__init__.py @@ -18,6 +18,7 @@ from datadog_api_client.v2.api.case_management_api import CaseManagementApi from datadog_api_client.v2.api.case_management_attribute_api import CaseManagementAttributeApi from datadog_api_client.v2.api.case_management_type_api import CaseManagementTypeApi +from datadog_api_client.v2.api.cloud_authentication_api import CloudAuthenticationApi from datadog_api_client.v2.api.cloud_cost_management_api import CloudCostManagementApi from datadog_api_client.v2.api.cloud_network_monitoring_api import CloudNetworkMonitoringApi from datadog_api_client.v2.api.cloudflare_integration_api import CloudflareIntegrationApi @@ -119,6 +120,7 @@ "CaseManagementApi", "CaseManagementAttributeApi", "CaseManagementTypeApi", + "CloudAuthenticationApi", "CloudCostManagementApi", "CloudNetworkMonitoringApi", "CloudflareIntegrationApi", diff --git a/src/datadog_api_client/v2/model/aws_cloud_auth_persona_mapping_attributes_response.py b/src/datadog_api_client/v2/model/aws_cloud_auth_persona_mapping_attributes_response.py new file mode 100644 index 0000000000..2e13f17552 --- /dev/null +++ b/src/datadog_api_client/v2/model/aws_cloud_auth_persona_mapping_attributes_response.py @@ -0,0 +1,45 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +class AWSCloudAuthPersonaMappingAttributesResponse(ModelNormal): + @cached_property + def openapi_types(_): + return { + "account_identifier": (str,), + "account_uuid": (str,), + "arn_pattern": (str,), + } + + attribute_map = { + "account_identifier": "account_identifier", + "account_uuid": "account_uuid", + "arn_pattern": "arn_pattern", + } + + def __init__(self_, account_identifier: str, account_uuid: str, arn_pattern: str, **kwargs): + """ + Attributes for AWS cloud authentication persona mapping response + + :param account_identifier: Datadog account identifier (email or handle) mapped to the AWS principal + :type account_identifier: str + + :param account_uuid: Datadog account UUID + :type account_uuid: str + + :param arn_pattern: AWS IAM ARN pattern to match for authentication + :type arn_pattern: str + """ + super().__init__(kwargs) + + self_.account_identifier = account_identifier + self_.account_uuid = account_uuid + self_.arn_pattern = arn_pattern diff --git a/src/datadog_api_client/v2/model/aws_cloud_auth_persona_mapping_data_response.py b/src/datadog_api_client/v2/model/aws_cloud_auth_persona_mapping_data_response.py new file mode 100644 index 0000000000..46b7ce04c4 --- /dev/null +++ b/src/datadog_api_client/v2/model/aws_cloud_auth_persona_mapping_data_response.py @@ -0,0 +1,64 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.aws_cloud_auth_persona_mapping_attributes_response import ( + AWSCloudAuthPersonaMappingAttributesResponse, + ) + from datadog_api_client.v2.model.aws_cloud_auth_persona_mapping_type import AWSCloudAuthPersonaMappingType + + +class AWSCloudAuthPersonaMappingDataResponse(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.aws_cloud_auth_persona_mapping_attributes_response import ( + AWSCloudAuthPersonaMappingAttributesResponse, + ) + from datadog_api_client.v2.model.aws_cloud_auth_persona_mapping_type import AWSCloudAuthPersonaMappingType + + return { + "attributes": (AWSCloudAuthPersonaMappingAttributesResponse,), + "id": (str,), + "type": (AWSCloudAuthPersonaMappingType,), + } + + attribute_map = { + "attributes": "attributes", + "id": "id", + "type": "type", + } + + def __init__( + self_, + attributes: AWSCloudAuthPersonaMappingAttributesResponse, + id: str, + type: AWSCloudAuthPersonaMappingType, + **kwargs, + ): + """ + Data for AWS cloud authentication persona mapping response + + :param attributes: Attributes for AWS cloud authentication persona mapping response + :type attributes: AWSCloudAuthPersonaMappingAttributesResponse + + :param id: Unique identifier for the persona mapping + :type id: str + + :param type: Type identifier for AWS cloud authentication persona mapping + :type type: AWSCloudAuthPersonaMappingType + """ + super().__init__(kwargs) + + self_.attributes = attributes + self_.id = id + self_.type = type diff --git a/src/datadog_api_client/v2/model/aws_cloud_auth_persona_mapping_type.py b/src/datadog_api_client/v2/model/aws_cloud_auth_persona_mapping_type.py new file mode 100644 index 0000000000..eb1c705404 --- /dev/null +++ b/src/datadog_api_client/v2/model/aws_cloud_auth_persona_mapping_type.py @@ -0,0 +1,35 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelSimple, + cached_property, +) + +from typing import ClassVar + + +class AWSCloudAuthPersonaMappingType(ModelSimple): + """ + Type identifier for AWS cloud authentication persona mapping + + :param value: If omitted defaults to "aws_cloud_auth_config". Must be one of ["aws_cloud_auth_config"]. + :type value: str + """ + + allowed_values = { + "aws_cloud_auth_config", + } + AWS_CLOUD_AUTH_CONFIG: ClassVar["AWSCloudAuthPersonaMappingType"] + + @cached_property + def openapi_types(_): + return { + "value": (str,), + } + + +AWSCloudAuthPersonaMappingType.AWS_CLOUD_AUTH_CONFIG = AWSCloudAuthPersonaMappingType("aws_cloud_auth_config") diff --git a/src/datadog_api_client/v2/model/aws_cloud_auth_persona_mappings_response.py b/src/datadog_api_client/v2/model/aws_cloud_auth_persona_mappings_response.py new file mode 100644 index 0000000000..7fa4a8382e --- /dev/null +++ b/src/datadog_api_client/v2/model/aws_cloud_auth_persona_mappings_response.py @@ -0,0 +1,44 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import List, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.aws_cloud_auth_persona_mapping_data_response import ( + AWSCloudAuthPersonaMappingDataResponse, + ) + + +class AWSCloudAuthPersonaMappingsResponse(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.aws_cloud_auth_persona_mapping_data_response import ( + AWSCloudAuthPersonaMappingDataResponse, + ) + + return { + "data": ([AWSCloudAuthPersonaMappingDataResponse],), + } + + attribute_map = { + "data": "data", + } + + def __init__(self_, data: List[AWSCloudAuthPersonaMappingDataResponse], **kwargs): + """ + Response containing a list of AWS cloud authentication persona mappings + + :param data: List of AWS cloud authentication persona mappings + :type data: [AWSCloudAuthPersonaMappingDataResponse] + """ + super().__init__(kwargs) + + self_.data = data diff --git a/src/datadog_api_client/v2/models/__init__.py b/src/datadog_api_client/v2/models/__init__.py index 2f5f812904..f1336c27f5 100644 --- a/src/datadog_api_client/v2/models/__init__.py +++ b/src/datadog_api_client/v2/models/__init__.py @@ -33,6 +33,14 @@ from datadog_api_client.v2.model.aws_auth_config import AWSAuthConfig from datadog_api_client.v2.model.aws_auth_config_keys import AWSAuthConfigKeys from datadog_api_client.v2.model.aws_auth_config_role import AWSAuthConfigRole +from datadog_api_client.v2.model.aws_cloud_auth_persona_mapping_attributes_response import ( + AWSCloudAuthPersonaMappingAttributesResponse, +) +from datadog_api_client.v2.model.aws_cloud_auth_persona_mapping_data_response import ( + AWSCloudAuthPersonaMappingDataResponse, +) +from datadog_api_client.v2.model.aws_cloud_auth_persona_mapping_type import AWSCloudAuthPersonaMappingType +from datadog_api_client.v2.model.aws_cloud_auth_persona_mappings_response import AWSCloudAuthPersonaMappingsResponse from datadog_api_client.v2.model.aws_credentials import AWSCredentials from datadog_api_client.v2.model.aws_credentials_update import AWSCredentialsUpdate from datadog_api_client.v2.model.aws_event_bridge_account_configuration import AWSEventBridgeAccountConfiguration @@ -6094,6 +6102,10 @@ "AWSAuthConfig", "AWSAuthConfigKeys", "AWSAuthConfigRole", + "AWSCloudAuthPersonaMappingAttributesResponse", + "AWSCloudAuthPersonaMappingDataResponse", + "AWSCloudAuthPersonaMappingType", + "AWSCloudAuthPersonaMappingsResponse", "AWSCredentials", "AWSCredentialsUpdate", "AWSEventBridgeAccountConfiguration", diff --git a/tests/v2/features/cloud_authentication.feature b/tests/v2/features/cloud_authentication.feature new file mode 100644 index 0000000000..fe9eb594a7 --- /dev/null +++ b/tests/v2/features/cloud_authentication.feature @@ -0,0 +1,21 @@ +@endpoint(cloud-authentication) @endpoint(cloud-authentication-v2) +Feature: Cloud Authentication + Configure AWS cloud authentication mappings for persona and intake + authentication through the Datadog API. + + Background: + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And an instance of "CloudAuthentication" API + And operation "ListAWSCloudAuthPersonaMappings" enabled + And new "ListAWSCloudAuthPersonaMappings" request + + @generated @skip @team:DataDog/team-aaaauthn + Scenario: List AWS cloud authentication persona mappings returns "Bad Request" response + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/team-aaaauthn + Scenario: List AWS cloud authentication persona mappings returns "OK" response + When the request is sent + Then the response status is 200 OK diff --git a/tests/v2/features/undo.json b/tests/v2/features/undo.json index b5703b05a0..2f0af9dca7 100644 --- a/tests/v2/features/undo.json +++ b/tests/v2/features/undo.json @@ -1014,6 +1014,12 @@ "type": "safe" } }, + "ListAWSCloudAuthPersonaMappings": { + "tag": "Cloud Authentication", + "undo": { + "type": "safe" + } + }, "CreateCustomFramework": { "tag": "Security Monitoring", "undo": {