diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index 9bceb71549..be2fed88a2 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -945,6 +945,27 @@ components: required: true schema: type: string + RestrictionQueryID: + description: The ID of the restriction query. + in: path + name: restriction_query_id + required: true + schema: + type: string + RestrictionQueryRoleID: + description: The ID of the role. + in: path + name: role_id + required: true + schema: + type: string + RestrictionQueryUserID: + description: The ID of the user. + in: path + name: user_id + required: true + schema: + type: string RetentionFilterIdParam: description: The ID of the retention filter. in: path @@ -30501,6 +30522,15 @@ components: example: eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ== type: string type: object + LogsRestrictionQueriesType: + default: logs_restriction_queries + description: Restriction query resource type. + enum: + - logs_restriction_queries + example: logs_restriction_queries + type: string + x-enum-varnames: + - LOGS_RESTRICTION_QUERIES LogsSort: description: Sort parameters when querying logs. enum: @@ -41838,6 +41868,191 @@ components: required: - data type: object + RestrictionQueryAttributes: + description: Attributes of the restriction query. + properties: + created_at: + description: Creation time of the restriction query. + example: '2020-03-17T21:06:44.000Z' + format: date-time + readOnly: true + type: string + last_modifier_email: + description: Email of the user who last modified this restriction query. + example: user@example.com + readOnly: true + type: string + last_modifier_name: + description: Name of the user who last modified this restriction query. + example: John Doe + readOnly: true + type: string + modified_at: + description: Time of last restriction query modification. + example: '2020-03-17T21:15:15.000Z' + format: date-time + readOnly: true + type: string + restriction_query: + description: The query that defines the restriction. Only the content matching + the query can be returned. + example: env:sandbox + type: string + role_count: + description: Number of roles associated with this restriction query. + example: 3 + format: int64 + readOnly: true + type: integer + user_count: + description: Number of users associated with this restriction query. + example: 5 + format: int64 + readOnly: true + type: integer + type: object + RestrictionQueryCreateAttributes: + description: Attributes of the created restriction query. + properties: + restriction_query: + description: The restriction query. + example: env:sandbox + type: string + required: + - restriction_query + type: object + RestrictionQueryCreateData: + description: Data related to the creation of a restriction query. + properties: + attributes: + $ref: '#/components/schemas/RestrictionQueryCreateAttributes' + type: + $ref: '#/components/schemas/LogsRestrictionQueriesType' + type: object + RestrictionQueryCreatePayload: + description: Create a restriction query. + properties: + data: + $ref: '#/components/schemas/RestrictionQueryCreateData' + type: object + RestrictionQueryListResponse: + description: Response containing information about multiple restriction queries. + properties: + data: + description: Array of returned restriction queries. + items: + $ref: '#/components/schemas/RestrictionQueryWithoutRelationships' + type: array + type: object + RestrictionQueryResponseIncludedItem: + description: An object related to a restriction query. + oneOf: + - $ref: '#/components/schemas/RestrictionQueryRole' + RestrictionQueryRole: + description: Partial role object. + properties: + attributes: + $ref: '#/components/schemas/RestrictionQueryRoleAttribute' + id: + description: ID of the role. + example: + type: string + type: + $ref: '#/components/schemas/RolesType' + required: + - type + - id + - attributes + type: object + RestrictionQueryRoleAttribute: + description: Attributes of the role for a restriction query. + properties: + name: + description: The role name. + example: Datadog Admin Role + type: string + type: object + RestrictionQueryRolesResponse: + description: Response containing information about roles attached to a restriction + query. + properties: + data: + description: Array of roles. + items: + $ref: '#/components/schemas/RestrictionQueryRole' + type: array + type: object + RestrictionQueryUpdateAttributes: + description: Attributes of the edited restriction query. + properties: + restriction_query: + description: The restriction query. + example: env:sandbox + type: string + required: + - restriction_query + type: object + RestrictionQueryUpdateData: + description: Data related to the update of a restriction query. + properties: + attributes: + $ref: '#/components/schemas/RestrictionQueryUpdateAttributes' + type: + $ref: '#/components/schemas/LogsRestrictionQueriesType' + type: object + RestrictionQueryUpdatePayload: + description: Update a restriction query. + properties: + data: + $ref: '#/components/schemas/RestrictionQueryUpdateData' + type: object + RestrictionQueryWithRelationships: + description: Restriction query object returned by the API. + properties: + attributes: + $ref: '#/components/schemas/RestrictionQueryAttributes' + id: + description: ID of the restriction query. + example: 79a0e60a-644a-11ea-ad29-43329f7f58b5 + type: string + relationships: + $ref: '#/components/schemas/UserRelationships' + type: + $ref: '#/components/schemas/LogsRestrictionQueriesType' + type: object + RestrictionQueryWithRelationshipsResponse: + description: Response containing information about a single restriction query. + properties: + data: + $ref: '#/components/schemas/RestrictionQueryWithRelationships' + included: + description: Array of objects related to the restriction query. + items: + $ref: '#/components/schemas/RestrictionQueryResponseIncludedItem' + type: array + type: object + RestrictionQueryWithoutRelationships: + description: Restriction query object returned by the API. + properties: + attributes: + $ref: '#/components/schemas/RestrictionQueryAttributes' + id: + description: ID of the restriction query. + example: 79a0e60a-644a-11ea-ad29-43329f7f58b5 + type: string + type: + default: logs_restriction_queries + description: Restriction queries type. + example: logs_restriction_queries + readOnly: true + type: string + type: object + RestrictionQueryWithoutRelationshipsResponse: + description: Response containing information about a single restriction query. + properties: + data: + $ref: '#/components/schemas/RestrictionQueryWithoutRelationships' + type: object RetentionFilter: description: The definition of the retention filter. properties: @@ -70264,6 +70479,487 @@ paths: operator: OR permissions: - logs_generate_metrics + /api/v2/logs/config/restriction_queries: + get: + description: Returns all restriction queries, including their names and IDs. + operationId: ListRestrictionQueries + parameters: + - $ref: '#/components/parameters/PageSize' + - $ref: '#/components/parameters/PageNumber' + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/RestrictionQueryListResponse' + description: OK + '403': + content: + application/json: + schema: + $ref: '#/components/schemas/APIErrorResponse' + description: Authentication error + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + summary: List restriction queries + tags: + - Logs Restriction Queries + x-permission: + operator: OR + permissions: + - logs_read_config + x-unstable: '**Note**: This endpoint is in public beta. + + If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).' + post: + description: Create a new restriction query for your organization. + operationId: CreateRestrictionQuery + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RestrictionQueryCreatePayload' + required: true + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/RestrictionQueryWithoutRelationshipsResponse' + description: OK + '400': + content: + application/json: + schema: + $ref: '#/components/schemas/APIErrorResponse' + description: Bad Request + '403': + content: + application/json: + schema: + $ref: '#/components/schemas/APIErrorResponse' + description: Authentication error + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + summary: Create a restriction query + tags: + - Logs Restriction Queries + x-codegen-request-body-name: body + x-permission: + operator: OR + permissions: + - user_access_manage + x-unstable: '**Note**: This endpoint is in public beta. + + If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).' + /api/v2/logs/config/restriction_queries/role/{role_id}: + get: + description: Get restriction query for a given role. + operationId: GetRoleRestrictionQuery + parameters: + - $ref: '#/components/parameters/RestrictionQueryRoleID' + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/RestrictionQueryListResponse' + description: OK + '400': + content: + application/json: + schema: + $ref: '#/components/schemas/APIErrorResponse' + description: Bad Request + '403': + content: + application/json: + schema: + $ref: '#/components/schemas/APIErrorResponse' + description: Authentication error + '404': + content: + application/json: + schema: + $ref: '#/components/schemas/APIErrorResponse' + description: Not found + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + summary: Get restriction query for a given role + tags: + - Logs Restriction Queries + x-permission: + operator: OR + permissions: + - logs_read_config + x-unstable: '**Note**: This endpoint is in public beta. + + If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).' + /api/v2/logs/config/restriction_queries/user/{user_id}: + get: + description: Get all restriction queries for a given user. + operationId: ListUserRestrictionQueries + parameters: + - $ref: '#/components/parameters/RestrictionQueryUserID' + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/RestrictionQueryListResponse' + description: OK + '400': + content: + application/json: + schema: + $ref: '#/components/schemas/APIErrorResponse' + description: Bad Request + '403': + content: + application/json: + schema: + $ref: '#/components/schemas/APIErrorResponse' + description: Authentication error + '404': + content: + application/json: + schema: + $ref: '#/components/schemas/APIErrorResponse' + description: Not found + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + summary: Get all restriction queries for a given user + tags: + - Logs Restriction Queries + x-permission: + operator: OR + permissions: + - logs_read_config + x-unstable: '**Note**: This endpoint is in public beta. + + If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).' + /api/v2/logs/config/restriction_queries/{restriction_query_id}: + delete: + description: Deletes a restriction query. + operationId: DeleteRestrictionQuery + parameters: + - $ref: '#/components/parameters/RestrictionQueryID' + responses: + '204': + description: OK + '400': + content: + application/json: + schema: + $ref: '#/components/schemas/APIErrorResponse' + description: Bad Request + '403': + content: + application/json: + schema: + $ref: '#/components/schemas/APIErrorResponse' + description: Authentication error + '404': + content: + application/json: + schema: + $ref: '#/components/schemas/APIErrorResponse' + description: Not found + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + summary: Delete a restriction query + tags: + - Logs Restriction Queries + x-codegen-request-body-name: body + x-permission: + operator: OR + permissions: + - user_access_manage + x-unstable: '**Note**: This endpoint is in public beta. + + If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).' + get: + description: Get a restriction query in the organization specified by the restriction + query's `restriction_query_id`. + operationId: GetRestrictionQuery + parameters: + - $ref: '#/components/parameters/RestrictionQueryID' + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/RestrictionQueryWithRelationshipsResponse' + description: OK + '400': + content: + application/json: + schema: + $ref: '#/components/schemas/APIErrorResponse' + description: Bad Request + '403': + content: + application/json: + schema: + $ref: '#/components/schemas/APIErrorResponse' + description: Authentication error + '404': + content: + application/json: + schema: + $ref: '#/components/schemas/APIErrorResponse' + description: Not found + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + summary: Get a restriction query + tags: + - Logs Restriction Queries + x-codegen-request-body-name: body + x-permission: + operator: OR + permissions: + - logs_read_config + x-unstable: '**Note**: This endpoint is in public beta. + + If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).' + patch: + description: Edit a restriction query. + operationId: UpdateRestrictionQuery + parameters: + - $ref: '#/components/parameters/RestrictionQueryID' + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RestrictionQueryUpdatePayload' + required: true + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/RestrictionQueryWithoutRelationshipsResponse' + description: OK + '400': + content: + application/json: + schema: + $ref: '#/components/schemas/APIErrorResponse' + description: Bad Request + '403': + content: + application/json: + schema: + $ref: '#/components/schemas/APIErrorResponse' + description: Authentication error + '404': + content: + application/json: + schema: + $ref: '#/components/schemas/APIErrorResponse' + description: Not found + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + summary: Update a restriction query + tags: + - Logs Restriction Queries + x-codegen-request-body-name: body + x-permission: + operator: OR + permissions: + - user_access_manage + x-unstable: '**Note**: This endpoint is in public beta. + + If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).' + put: + description: Replace a restriction query. + operationId: ReplaceRestrictionQuery + parameters: + - $ref: '#/components/parameters/RestrictionQueryID' + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RestrictionQueryUpdatePayload' + required: true + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/RestrictionQueryWithoutRelationshipsResponse' + description: OK + '400': + content: + application/json: + schema: + $ref: '#/components/schemas/APIErrorResponse' + description: Bad Request + '403': + content: + application/json: + schema: + $ref: '#/components/schemas/APIErrorResponse' + description: Authentication error + '404': + content: + application/json: + schema: + $ref: '#/components/schemas/APIErrorResponse' + description: Not found + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + summary: Replace a restriction query + tags: + - Logs Restriction Queries + x-codegen-request-body-name: body + x-permission: + operator: OR + permissions: + - user_access_manage + x-unstable: '**Note**: This endpoint is in public beta. + + If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).' + /api/v2/logs/config/restriction_queries/{restriction_query_id}/roles: + delete: + description: Removes a role from a restriction query. + operationId: RemoveRoleFromRestrictionQuery + parameters: + - $ref: '#/components/parameters/RestrictionQueryID' + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RelationshipToRole' + required: true + responses: + '204': + description: OK + '400': + content: + application/json: + schema: + $ref: '#/components/schemas/APIErrorResponse' + description: Bad Request + '403': + content: + application/json: + schema: + $ref: '#/components/schemas/APIErrorResponse' + description: Authentication error + '404': + content: + application/json: + schema: + $ref: '#/components/schemas/APIErrorResponse' + description: Not found + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + summary: Revoke role from a restriction query + tags: + - Logs Restriction Queries + x-codegen-request-body-name: body + x-permission: + operator: OR + permissions: + - user_access_manage + x-unstable: '**Note**: This endpoint is in public beta. + + If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).' + get: + description: Returns all roles that have a given restriction query. + operationId: ListRestrictionQueryRoles + parameters: + - $ref: '#/components/parameters/RestrictionQueryID' + - $ref: '#/components/parameters/PageSize' + - $ref: '#/components/parameters/PageNumber' + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/RestrictionQueryRolesResponse' + description: OK + '400': + content: + application/json: + schema: + $ref: '#/components/schemas/APIErrorResponse' + description: Bad Request + '403': + content: + application/json: + schema: + $ref: '#/components/schemas/APIErrorResponse' + description: Authentication error + '404': + content: + application/json: + schema: + $ref: '#/components/schemas/APIErrorResponse' + description: Not found + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + summary: List roles for a restriction query + tags: + - Logs Restriction Queries + x-codegen-request-body-name: body + x-permission: + operator: OR + permissions: + - logs_read_config + x-unstable: '**Note**: This endpoint is in public beta. + + If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).' + post: + description: 'Adds a role to a restriction query. + + + **Note**: This operation automatically grants the `logs_read_data` permission + to the role if it doesn''t already have it.' + operationId: AddRoleToRestrictionQuery + parameters: + - $ref: '#/components/parameters/RestrictionQueryID' + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/RelationshipToRole' + required: true + responses: + '204': + description: OK + '400': + content: + application/json: + schema: + $ref: '#/components/schemas/APIErrorResponse' + description: Bad Request + '403': + content: + application/json: + schema: + $ref: '#/components/schemas/APIErrorResponse' + description: Authentication error + '404': + content: + application/json: + schema: + $ref: '#/components/schemas/APIErrorResponse' + description: Not found + '429': + $ref: '#/components/responses/TooManyRequestsResponse' + summary: Grant role to a restriction query + tags: + - Logs Restriction Queries + x-codegen-request-body-name: body + x-permission: + operator: OR + permissions: + - user_access_manage + x-unstable: '**Note**: This endpoint is in public beta. + + If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).' /api/v2/logs/events: get: description: 'List endpoint returns logs that match a log search query. @@ -85210,6 +85906,44 @@ tags: description: Find out more at url: https://docs.datadoghq.com/logs/logs_to_metrics/ name: Logs Metrics +- description: '**Note: This endpoint is in public beta. If you have any feedback, + contact [Datadog support](https://docs.datadoghq.com/help/).** + + + A Restriction Query is a logs query that restricts which logs the `logs_read_data` + permission grants read access to. + + For users whose roles have Restriction Queries, any log query they make only returns + those log events that also match + + one of their Restriction Queries. This is true whether the user queries log events + from any log-related feature, including + + the log explorer, Live Tail, re-hydration, or a dashboard widget. + + + Restriction Queries currently only support use of the following components of + log events: + + + - Reserved attributes + + - The log message + + - Tags + + + To restrict read access on log data, add a team tag to log events to indicate + which teams own them, and then scope Restriction Queries to the relevant values + of the team tag. Tags can be applied to log events in many ways, and a log event + can have multiple tags with the same key (like team) and different values. This + means the same log event can be visible to roles whose restriction queries are + scoped to different team values. + + + See [How to Set Up RBAC for Logs](https://docs.datadoghq.com/logs/guide/logs-rbac/?tab=api#restrict-access-to-logs) + for details on how to add restriction queries.' + name: Logs Restriction Queries - description: "The metrics endpoint allows you to:\n\n- Post metrics data so it can be graphed on Datadog\u2019s dashboards\n- Query metrics from any time period (timeseries and scalar)\n- Modify tag configurations for metrics\n- View tags diff --git a/docs/datadog_api_client.v2.api.rst b/docs/datadog_api_client.v2.api.rst index 3768dae831..035b95ffa8 100644 --- a/docs/datadog_api_client.v2.api.rst +++ b/docs/datadog_api_client.v2.api.rst @@ -326,6 +326,13 @@ datadog\_api\_client.v2.api.logs\_metrics\_api module :members: :show-inheritance: +datadog\_api\_client.v2.api.logs\_restriction\_queries\_api module +------------------------------------------------------------------ + +.. automodule:: datadog_api_client.v2.api.logs_restriction_queries_api + :members: + :show-inheritance: + datadog\_api\_client.v2.api.metrics\_api module ----------------------------------------------- diff --git a/docs/datadog_api_client.v2.model.rst b/docs/datadog_api_client.v2.model.rst index 60fdfd49e2..2229744bbe 100644 --- a/docs/datadog_api_client.v2.model.rst +++ b/docs/datadog_api_client.v2.model.rst @@ -13171,6 +13171,13 @@ datadog\_api\_client.v2.model.logs\_response\_metadata\_page module :members: :show-inheritance: +datadog\_api\_client.v2.model.logs\_restriction\_queries\_type module +--------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.logs_restriction_queries_type + :members: + :show-inheritance: + datadog\_api\_client.v2.model.logs\_sort module ----------------------------------------------- @@ -18204,6 +18211,118 @@ datadog\_api\_client.v2.model.restriction\_policy\_update\_request module :members: :show-inheritance: +datadog\_api\_client.v2.model.restriction\_query\_attributes module +------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.restriction_query_attributes + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.restriction\_query\_create\_attributes module +--------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.restriction_query_create_attributes + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.restriction\_query\_create\_data module +--------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.restriction_query_create_data + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.restriction\_query\_create\_payload module +------------------------------------------------------------------------ + +.. automodule:: datadog_api_client.v2.model.restriction_query_create_payload + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.restriction\_query\_list\_response module +----------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.restriction_query_list_response + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.restriction\_query\_response\_included\_item module +--------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.restriction_query_response_included_item + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.restriction\_query\_role module +------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.restriction_query_role + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.restriction\_query\_role\_attribute module +------------------------------------------------------------------------ + +.. automodule:: datadog_api_client.v2.model.restriction_query_role_attribute + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.restriction\_query\_roles\_response module +------------------------------------------------------------------------ + +.. automodule:: datadog_api_client.v2.model.restriction_query_roles_response + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.restriction\_query\_update\_attributes module +--------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.restriction_query_update_attributes + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.restriction\_query\_update\_data module +--------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.restriction_query_update_data + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.restriction\_query\_update\_payload module +------------------------------------------------------------------------ + +.. automodule:: datadog_api_client.v2.model.restriction_query_update_payload + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.restriction\_query\_with\_relationships module +---------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.restriction_query_with_relationships + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.restriction\_query\_with\_relationships\_response module +-------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.restriction_query_with_relationships_response + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.restriction\_query\_without\_relationships module +------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.restriction_query_without_relationships + :members: + :show-inheritance: + +datadog\_api\_client.v2.model.restriction\_query\_without\_relationships\_response module +----------------------------------------------------------------------------------------- + +.. automodule:: datadog_api_client.v2.model.restriction_query_without_relationships_response + :members: + :show-inheritance: + datadog\_api\_client.v2.model.retention\_filter module ------------------------------------------------------ diff --git a/examples/v2/logs-restriction-queries/AddRoleToRestrictionQuery.py b/examples/v2/logs-restriction-queries/AddRoleToRestrictionQuery.py new file mode 100644 index 0000000000..79c4d5e50f --- /dev/null +++ b/examples/v2/logs-restriction-queries/AddRoleToRestrictionQuery.py @@ -0,0 +1,29 @@ +""" +Grant role to a restriction query returns "OK" response +""" + +from os import environ +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.logs_restriction_queries_api import LogsRestrictionQueriesApi +from datadog_api_client.v2.model.relationship_to_role import RelationshipToRole +from datadog_api_client.v2.model.relationship_to_role_data import RelationshipToRoleData +from datadog_api_client.v2.model.roles_type import RolesType + +# there is a valid "restriction_query" in the system +RESTRICTION_QUERY_DATA_ID = environ["RESTRICTION_QUERY_DATA_ID"] + +# there is a valid "role" in the system +ROLE_DATA_ID = environ["ROLE_DATA_ID"] + +body = RelationshipToRole( + data=RelationshipToRoleData( + id=ROLE_DATA_ID, + type=RolesType.ROLES, + ), +) + +configuration = Configuration() +configuration.unstable_operations["add_role_to_restriction_query"] = True +with ApiClient(configuration) as api_client: + api_instance = LogsRestrictionQueriesApi(api_client) + api_instance.add_role_to_restriction_query(restriction_query_id=RESTRICTION_QUERY_DATA_ID, body=body) diff --git a/examples/v2/logs-restriction-queries/CreateRestrictionQuery.py b/examples/v2/logs-restriction-queries/CreateRestrictionQuery.py new file mode 100644 index 0000000000..29ae888ea9 --- /dev/null +++ b/examples/v2/logs-restriction-queries/CreateRestrictionQuery.py @@ -0,0 +1,27 @@ +""" +Create a restriction query returns "OK" response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.logs_restriction_queries_api import LogsRestrictionQueriesApi +from datadog_api_client.v2.model.logs_restriction_queries_type import LogsRestrictionQueriesType +from datadog_api_client.v2.model.restriction_query_create_attributes import RestrictionQueryCreateAttributes +from datadog_api_client.v2.model.restriction_query_create_data import RestrictionQueryCreateData +from datadog_api_client.v2.model.restriction_query_create_payload import RestrictionQueryCreatePayload + +body = RestrictionQueryCreatePayload( + data=RestrictionQueryCreateData( + attributes=RestrictionQueryCreateAttributes( + restriction_query="env:sandbox", + ), + type=LogsRestrictionQueriesType.LOGS_RESTRICTION_QUERIES, + ), +) + +configuration = Configuration() +configuration.unstable_operations["create_restriction_query"] = True +with ApiClient(configuration) as api_client: + api_instance = LogsRestrictionQueriesApi(api_client) + response = api_instance.create_restriction_query(body=body) + + print(response) diff --git a/examples/v2/logs-restriction-queries/DeleteRestrictionQuery.py b/examples/v2/logs-restriction-queries/DeleteRestrictionQuery.py new file mode 100644 index 0000000000..6345a1dc35 --- /dev/null +++ b/examples/v2/logs-restriction-queries/DeleteRestrictionQuery.py @@ -0,0 +1,18 @@ +""" +Delete a restriction query returns "OK" response +""" + +from os import environ +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.logs_restriction_queries_api import LogsRestrictionQueriesApi + +# there is a valid "restriction_query" in the system +RESTRICTION_QUERY_DATA_ID = environ["RESTRICTION_QUERY_DATA_ID"] + +configuration = Configuration() +configuration.unstable_operations["delete_restriction_query"] = True +with ApiClient(configuration) as api_client: + api_instance = LogsRestrictionQueriesApi(api_client) + api_instance.delete_restriction_query( + restriction_query_id=RESTRICTION_QUERY_DATA_ID, + ) diff --git a/examples/v2/logs-restriction-queries/GetRestrictionQuery.py b/examples/v2/logs-restriction-queries/GetRestrictionQuery.py new file mode 100644 index 0000000000..0268655ad8 --- /dev/null +++ b/examples/v2/logs-restriction-queries/GetRestrictionQuery.py @@ -0,0 +1,20 @@ +""" +Get a restriction query returns "OK" response +""" + +from os import environ +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.logs_restriction_queries_api import LogsRestrictionQueriesApi + +# there is a valid "restriction_query" in the system +RESTRICTION_QUERY_DATA_ID = environ["RESTRICTION_QUERY_DATA_ID"] + +configuration = Configuration() +configuration.unstable_operations["get_restriction_query"] = True +with ApiClient(configuration) as api_client: + api_instance = LogsRestrictionQueriesApi(api_client) + response = api_instance.get_restriction_query( + restriction_query_id=RESTRICTION_QUERY_DATA_ID, + ) + + print(response) diff --git a/examples/v2/logs-restriction-queries/GetRoleRestrictionQuery.py b/examples/v2/logs-restriction-queries/GetRoleRestrictionQuery.py new file mode 100644 index 0000000000..6fb59a2f9a --- /dev/null +++ b/examples/v2/logs-restriction-queries/GetRoleRestrictionQuery.py @@ -0,0 +1,20 @@ +""" +Get restriction query for a given role returns "OK" response +""" + +from os import environ +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.logs_restriction_queries_api import LogsRestrictionQueriesApi + +# there is a valid "role" in the system +ROLE_DATA_ID = environ["ROLE_DATA_ID"] + +configuration = Configuration() +configuration.unstable_operations["get_role_restriction_query"] = True +with ApiClient(configuration) as api_client: + api_instance = LogsRestrictionQueriesApi(api_client) + response = api_instance.get_role_restriction_query( + role_id=ROLE_DATA_ID, + ) + + print(response) diff --git a/examples/v2/logs-restriction-queries/ListRestrictionQueries.py b/examples/v2/logs-restriction-queries/ListRestrictionQueries.py new file mode 100644 index 0000000000..ead1933153 --- /dev/null +++ b/examples/v2/logs-restriction-queries/ListRestrictionQueries.py @@ -0,0 +1,14 @@ +""" +List restriction queries returns "OK" response +""" + +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.logs_restriction_queries_api import LogsRestrictionQueriesApi + +configuration = Configuration() +configuration.unstable_operations["list_restriction_queries"] = True +with ApiClient(configuration) as api_client: + api_instance = LogsRestrictionQueriesApi(api_client) + response = api_instance.list_restriction_queries() + + print(response) diff --git a/examples/v2/logs-restriction-queries/ListRestrictionQueryRoles.py b/examples/v2/logs-restriction-queries/ListRestrictionQueryRoles.py new file mode 100644 index 0000000000..88bf84753a --- /dev/null +++ b/examples/v2/logs-restriction-queries/ListRestrictionQueryRoles.py @@ -0,0 +1,20 @@ +""" +List roles for a restriction query returns "OK" response +""" + +from os import environ +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.logs_restriction_queries_api import LogsRestrictionQueriesApi + +# there is a valid "restriction_query" in the system +RESTRICTION_QUERY_DATA_ID = environ["RESTRICTION_QUERY_DATA_ID"] + +configuration = Configuration() +configuration.unstable_operations["list_restriction_query_roles"] = True +with ApiClient(configuration) as api_client: + api_instance = LogsRestrictionQueriesApi(api_client) + response = api_instance.list_restriction_query_roles( + restriction_query_id=RESTRICTION_QUERY_DATA_ID, + ) + + print(response) diff --git a/examples/v2/logs-restriction-queries/ListUserRestrictionQueries.py b/examples/v2/logs-restriction-queries/ListUserRestrictionQueries.py new file mode 100644 index 0000000000..798287ba9c --- /dev/null +++ b/examples/v2/logs-restriction-queries/ListUserRestrictionQueries.py @@ -0,0 +1,20 @@ +""" +Get all restriction queries for a given user returns "OK" response +""" + +from os import environ +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.logs_restriction_queries_api import LogsRestrictionQueriesApi + +# there is a valid "user" in the system +USER_DATA_ID = environ["USER_DATA_ID"] + +configuration = Configuration() +configuration.unstable_operations["list_user_restriction_queries"] = True +with ApiClient(configuration) as api_client: + api_instance = LogsRestrictionQueriesApi(api_client) + response = api_instance.list_user_restriction_queries( + user_id=USER_DATA_ID, + ) + + print(response) diff --git a/examples/v2/logs-restriction-queries/RemoveRoleFromRestrictionQuery.py b/examples/v2/logs-restriction-queries/RemoveRoleFromRestrictionQuery.py new file mode 100644 index 0000000000..c41aba7ffa --- /dev/null +++ b/examples/v2/logs-restriction-queries/RemoveRoleFromRestrictionQuery.py @@ -0,0 +1,29 @@ +""" +Revoke role from a restriction query returns "OK" response +""" + +from os import environ +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.logs_restriction_queries_api import LogsRestrictionQueriesApi +from datadog_api_client.v2.model.relationship_to_role import RelationshipToRole +from datadog_api_client.v2.model.relationship_to_role_data import RelationshipToRoleData +from datadog_api_client.v2.model.roles_type import RolesType + +# there is a valid "restriction_query" in the system +RESTRICTION_QUERY_DATA_ID = environ["RESTRICTION_QUERY_DATA_ID"] + +# there is a valid "role" in the system +ROLE_DATA_ID = environ["ROLE_DATA_ID"] + +body = RelationshipToRole( + data=RelationshipToRoleData( + id=ROLE_DATA_ID, + type=RolesType.ROLES, + ), +) + +configuration = Configuration() +configuration.unstable_operations["remove_role_from_restriction_query"] = True +with ApiClient(configuration) as api_client: + api_instance = LogsRestrictionQueriesApi(api_client) + api_instance.remove_role_from_restriction_query(restriction_query_id=RESTRICTION_QUERY_DATA_ID, body=body) diff --git a/examples/v2/logs-restriction-queries/ReplaceRestrictionQuery.py b/examples/v2/logs-restriction-queries/ReplaceRestrictionQuery.py new file mode 100644 index 0000000000..993f953ae0 --- /dev/null +++ b/examples/v2/logs-restriction-queries/ReplaceRestrictionQuery.py @@ -0,0 +1,31 @@ +""" +Replace a restriction query returns "OK" response +""" + +from os import environ +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.logs_restriction_queries_api import LogsRestrictionQueriesApi +from datadog_api_client.v2.model.logs_restriction_queries_type import LogsRestrictionQueriesType +from datadog_api_client.v2.model.restriction_query_update_attributes import RestrictionQueryUpdateAttributes +from datadog_api_client.v2.model.restriction_query_update_data import RestrictionQueryUpdateData +from datadog_api_client.v2.model.restriction_query_update_payload import RestrictionQueryUpdatePayload + +# there is a valid "restriction_query" in the system +RESTRICTION_QUERY_DATA_ID = environ["RESTRICTION_QUERY_DATA_ID"] + +body = RestrictionQueryUpdatePayload( + data=RestrictionQueryUpdateData( + attributes=RestrictionQueryUpdateAttributes( + restriction_query="env:staging", + ), + type=LogsRestrictionQueriesType.LOGS_RESTRICTION_QUERIES, + ), +) + +configuration = Configuration() +configuration.unstable_operations["replace_restriction_query"] = True +with ApiClient(configuration) as api_client: + api_instance = LogsRestrictionQueriesApi(api_client) + response = api_instance.replace_restriction_query(restriction_query_id=RESTRICTION_QUERY_DATA_ID, body=body) + + print(response) diff --git a/examples/v2/logs-restriction-queries/UpdateRestrictionQuery.py b/examples/v2/logs-restriction-queries/UpdateRestrictionQuery.py new file mode 100644 index 0000000000..de5722249b --- /dev/null +++ b/examples/v2/logs-restriction-queries/UpdateRestrictionQuery.py @@ -0,0 +1,31 @@ +""" +Update a restriction query returns "OK" response +""" + +from os import environ +from datadog_api_client import ApiClient, Configuration +from datadog_api_client.v2.api.logs_restriction_queries_api import LogsRestrictionQueriesApi +from datadog_api_client.v2.model.logs_restriction_queries_type import LogsRestrictionQueriesType +from datadog_api_client.v2.model.restriction_query_update_attributes import RestrictionQueryUpdateAttributes +from datadog_api_client.v2.model.restriction_query_update_data import RestrictionQueryUpdateData +from datadog_api_client.v2.model.restriction_query_update_payload import RestrictionQueryUpdatePayload + +# there is a valid "restriction_query" in the system +RESTRICTION_QUERY_DATA_ID = environ["RESTRICTION_QUERY_DATA_ID"] + +body = RestrictionQueryUpdatePayload( + data=RestrictionQueryUpdateData( + attributes=RestrictionQueryUpdateAttributes( + restriction_query="env:production", + ), + type=LogsRestrictionQueriesType.LOGS_RESTRICTION_QUERIES, + ), +) + +configuration = Configuration() +configuration.unstable_operations["update_restriction_query"] = True +with ApiClient(configuration) as api_client: + api_instance = LogsRestrictionQueriesApi(api_client) + response = api_instance.update_restriction_query(restriction_query_id=RESTRICTION_QUERY_DATA_ID, body=body) + + print(response) diff --git a/src/datadog_api_client/configuration.py b/src/datadog_api_client/configuration.py index 665081694b..77d6091d8b 100644 --- a/src/datadog_api_client/configuration.py +++ b/src/datadog_api_client/configuration.py @@ -337,6 +337,17 @@ def __init__( "v2.update_incident_notification_template": False, "v2.update_incident_todo": False, "v2.update_incident_type": False, + "v2.add_role_to_restriction_query": False, + "v2.create_restriction_query": False, + "v2.delete_restriction_query": False, + "v2.get_restriction_query": False, + "v2.get_role_restriction_query": False, + "v2.list_restriction_queries": False, + "v2.list_restriction_query_roles": False, + "v2.list_user_restriction_queries": False, + "v2.remove_role_from_restriction_query": False, + "v2.replace_restriction_query": False, + "v2.update_restriction_query": False, "v2.create_monitor_user_template": False, "v2.delete_monitor_user_template": False, "v2.get_monitor_user_template": False, diff --git a/src/datadog_api_client/v2/api/logs_restriction_queries_api.py b/src/datadog_api_client/v2/api/logs_restriction_queries_api.py new file mode 100644 index 0000000000..3c084e57c8 --- /dev/null +++ b/src/datadog_api_client/v2/api/logs_restriction_queries_api.py @@ -0,0 +1,551 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import Any, Dict, Union + +from datadog_api_client.api_client import ApiClient, Endpoint as _Endpoint +from datadog_api_client.configuration import Configuration +from datadog_api_client.model_utils import ( + UnsetType, + unset, +) +from datadog_api_client.v2.model.restriction_query_list_response import RestrictionQueryListResponse +from datadog_api_client.v2.model.restriction_query_without_relationships_response import ( + RestrictionQueryWithoutRelationshipsResponse, +) +from datadog_api_client.v2.model.restriction_query_create_payload import RestrictionQueryCreatePayload +from datadog_api_client.v2.model.restriction_query_with_relationships_response import ( + RestrictionQueryWithRelationshipsResponse, +) +from datadog_api_client.v2.model.restriction_query_update_payload import RestrictionQueryUpdatePayload +from datadog_api_client.v2.model.relationship_to_role import RelationshipToRole +from datadog_api_client.v2.model.restriction_query_roles_response import RestrictionQueryRolesResponse + + +class LogsRestrictionQueriesApi: + """ + Note: This endpoint is in public beta. If you have any feedback, contact `Datadog support `_. + + A Restriction Query is a logs query that restricts which logs the ``logs_read_data`` permission grants read access to. + For users whose roles have Restriction Queries, any log query they make only returns those log events that also match + one of their Restriction Queries. This is true whether the user queries log events from any log-related feature, including + the log explorer, Live Tail, re-hydration, or a dashboard widget. + + Restriction Queries currently only support use of the following components of log events: + + * Reserved attributes + * The log message + * Tags + + To restrict read access on log data, add a team tag to log events to indicate which teams own them, and then scope Restriction Queries to the relevant values of the team tag. Tags can be applied to log events in many ways, and a log event can have multiple tags with the same key (like team) and different values. This means the same log event can be visible to roles whose restriction queries are scoped to different team values. + + See `How to Set Up RBAC for Logs `_ for details on how to add restriction queries. + """ + + def __init__(self, api_client=None): + if api_client is None: + api_client = ApiClient(Configuration()) + self.api_client = api_client + + self._add_role_to_restriction_query_endpoint = _Endpoint( + settings={ + "response_type": None, + "auth": ["apiKeyAuth", "appKeyAuth"], + "endpoint_path": "/api/v2/logs/config/restriction_queries/{restriction_query_id}/roles", + "operation_id": "add_role_to_restriction_query", + "http_method": "POST", + "version": "v2", + }, + params_map={ + "restriction_query_id": { + "required": True, + "openapi_types": (str,), + "attribute": "restriction_query_id", + "location": "path", + }, + "body": { + "required": True, + "openapi_types": (RelationshipToRole,), + "location": "body", + }, + }, + headers_map={"accept": ["*/*"], "content_type": ["application/json"]}, + api_client=api_client, + ) + + self._create_restriction_query_endpoint = _Endpoint( + settings={ + "response_type": (RestrictionQueryWithoutRelationshipsResponse,), + "auth": ["apiKeyAuth", "appKeyAuth"], + "endpoint_path": "/api/v2/logs/config/restriction_queries", + "operation_id": "create_restriction_query", + "http_method": "POST", + "version": "v2", + }, + params_map={ + "body": { + "required": True, + "openapi_types": (RestrictionQueryCreatePayload,), + "location": "body", + }, + }, + headers_map={"accept": ["application/json"], "content_type": ["application/json"]}, + api_client=api_client, + ) + + self._delete_restriction_query_endpoint = _Endpoint( + settings={ + "response_type": None, + "auth": ["apiKeyAuth", "appKeyAuth"], + "endpoint_path": "/api/v2/logs/config/restriction_queries/{restriction_query_id}", + "operation_id": "delete_restriction_query", + "http_method": "DELETE", + "version": "v2", + }, + params_map={ + "restriction_query_id": { + "required": True, + "openapi_types": (str,), + "attribute": "restriction_query_id", + "location": "path", + }, + }, + headers_map={ + "accept": ["*/*"], + }, + api_client=api_client, + ) + + self._get_restriction_query_endpoint = _Endpoint( + settings={ + "response_type": (RestrictionQueryWithRelationshipsResponse,), + "auth": ["apiKeyAuth", "appKeyAuth"], + "endpoint_path": "/api/v2/logs/config/restriction_queries/{restriction_query_id}", + "operation_id": "get_restriction_query", + "http_method": "GET", + "version": "v2", + }, + params_map={ + "restriction_query_id": { + "required": True, + "openapi_types": (str,), + "attribute": "restriction_query_id", + "location": "path", + }, + }, + headers_map={ + "accept": ["application/json"], + }, + api_client=api_client, + ) + + self._get_role_restriction_query_endpoint = _Endpoint( + settings={ + "response_type": (RestrictionQueryListResponse,), + "auth": ["apiKeyAuth", "appKeyAuth"], + "endpoint_path": "/api/v2/logs/config/restriction_queries/role/{role_id}", + "operation_id": "get_role_restriction_query", + "http_method": "GET", + "version": "v2", + }, + params_map={ + "role_id": { + "required": True, + "openapi_types": (str,), + "attribute": "role_id", + "location": "path", + }, + }, + headers_map={ + "accept": ["application/json"], + }, + api_client=api_client, + ) + + self._list_restriction_queries_endpoint = _Endpoint( + settings={ + "response_type": (RestrictionQueryListResponse,), + "auth": ["apiKeyAuth", "appKeyAuth"], + "endpoint_path": "/api/v2/logs/config/restriction_queries", + "operation_id": "list_restriction_queries", + "http_method": "GET", + "version": "v2", + }, + params_map={ + "page_size": { + "openapi_types": (int,), + "attribute": "page[size]", + "location": "query", + }, + "page_number": { + "openapi_types": (int,), + "attribute": "page[number]", + "location": "query", + }, + }, + headers_map={ + "accept": ["application/json"], + }, + api_client=api_client, + ) + + self._list_restriction_query_roles_endpoint = _Endpoint( + settings={ + "response_type": (RestrictionQueryRolesResponse,), + "auth": ["apiKeyAuth", "appKeyAuth"], + "endpoint_path": "/api/v2/logs/config/restriction_queries/{restriction_query_id}/roles", + "operation_id": "list_restriction_query_roles", + "http_method": "GET", + "version": "v2", + }, + params_map={ + "restriction_query_id": { + "required": True, + "openapi_types": (str,), + "attribute": "restriction_query_id", + "location": "path", + }, + "page_size": { + "openapi_types": (int,), + "attribute": "page[size]", + "location": "query", + }, + "page_number": { + "openapi_types": (int,), + "attribute": "page[number]", + "location": "query", + }, + }, + headers_map={ + "accept": ["application/json"], + }, + api_client=api_client, + ) + + self._list_user_restriction_queries_endpoint = _Endpoint( + settings={ + "response_type": (RestrictionQueryListResponse,), + "auth": ["apiKeyAuth", "appKeyAuth"], + "endpoint_path": "/api/v2/logs/config/restriction_queries/user/{user_id}", + "operation_id": "list_user_restriction_queries", + "http_method": "GET", + "version": "v2", + }, + params_map={ + "user_id": { + "required": True, + "openapi_types": (str,), + "attribute": "user_id", + "location": "path", + }, + }, + headers_map={ + "accept": ["application/json"], + }, + api_client=api_client, + ) + + self._remove_role_from_restriction_query_endpoint = _Endpoint( + settings={ + "response_type": None, + "auth": ["apiKeyAuth", "appKeyAuth"], + "endpoint_path": "/api/v2/logs/config/restriction_queries/{restriction_query_id}/roles", + "operation_id": "remove_role_from_restriction_query", + "http_method": "DELETE", + "version": "v2", + }, + params_map={ + "restriction_query_id": { + "required": True, + "openapi_types": (str,), + "attribute": "restriction_query_id", + "location": "path", + }, + "body": { + "required": True, + "openapi_types": (RelationshipToRole,), + "location": "body", + }, + }, + headers_map={"accept": ["*/*"], "content_type": ["application/json"]}, + api_client=api_client, + ) + + self._replace_restriction_query_endpoint = _Endpoint( + settings={ + "response_type": (RestrictionQueryWithoutRelationshipsResponse,), + "auth": ["apiKeyAuth", "appKeyAuth"], + "endpoint_path": "/api/v2/logs/config/restriction_queries/{restriction_query_id}", + "operation_id": "replace_restriction_query", + "http_method": "PUT", + "version": "v2", + }, + params_map={ + "restriction_query_id": { + "required": True, + "openapi_types": (str,), + "attribute": "restriction_query_id", + "location": "path", + }, + "body": { + "required": True, + "openapi_types": (RestrictionQueryUpdatePayload,), + "location": "body", + }, + }, + headers_map={"accept": ["application/json"], "content_type": ["application/json"]}, + api_client=api_client, + ) + + self._update_restriction_query_endpoint = _Endpoint( + settings={ + "response_type": (RestrictionQueryWithoutRelationshipsResponse,), + "auth": ["apiKeyAuth", "appKeyAuth"], + "endpoint_path": "/api/v2/logs/config/restriction_queries/{restriction_query_id}", + "operation_id": "update_restriction_query", + "http_method": "PATCH", + "version": "v2", + }, + params_map={ + "restriction_query_id": { + "required": True, + "openapi_types": (str,), + "attribute": "restriction_query_id", + "location": "path", + }, + "body": { + "required": True, + "openapi_types": (RestrictionQueryUpdatePayload,), + "location": "body", + }, + }, + headers_map={"accept": ["application/json"], "content_type": ["application/json"]}, + api_client=api_client, + ) + + def add_role_to_restriction_query( + self, + restriction_query_id: str, + body: RelationshipToRole, + ) -> None: + """Grant role to a restriction query. + + Adds a role to a restriction query. + + **Note** : This operation automatically grants the ``logs_read_data`` permission to the role if it doesn't already have it. + + :param restriction_query_id: The ID of the restriction query. + :type restriction_query_id: str + :type body: RelationshipToRole + :rtype: None + """ + kwargs: Dict[str, Any] = {} + kwargs["restriction_query_id"] = restriction_query_id + + kwargs["body"] = body + + return self._add_role_to_restriction_query_endpoint.call_with_http_info(**kwargs) + + def create_restriction_query( + self, + body: RestrictionQueryCreatePayload, + ) -> RestrictionQueryWithoutRelationshipsResponse: + """Create a restriction query. + + Create a new restriction query for your organization. + + :type body: RestrictionQueryCreatePayload + :rtype: RestrictionQueryWithoutRelationshipsResponse + """ + kwargs: Dict[str, Any] = {} + kwargs["body"] = body + + return self._create_restriction_query_endpoint.call_with_http_info(**kwargs) + + def delete_restriction_query( + self, + restriction_query_id: str, + ) -> None: + """Delete a restriction query. + + Deletes a restriction query. + + :param restriction_query_id: The ID of the restriction query. + :type restriction_query_id: str + :rtype: None + """ + kwargs: Dict[str, Any] = {} + kwargs["restriction_query_id"] = restriction_query_id + + return self._delete_restriction_query_endpoint.call_with_http_info(**kwargs) + + def get_restriction_query( + self, + restriction_query_id: str, + ) -> RestrictionQueryWithRelationshipsResponse: + """Get a restriction query. + + Get a restriction query in the organization specified by the restriction query's ``restriction_query_id``. + + :param restriction_query_id: The ID of the restriction query. + :type restriction_query_id: str + :rtype: RestrictionQueryWithRelationshipsResponse + """ + kwargs: Dict[str, Any] = {} + kwargs["restriction_query_id"] = restriction_query_id + + return self._get_restriction_query_endpoint.call_with_http_info(**kwargs) + + def get_role_restriction_query( + self, + role_id: str, + ) -> RestrictionQueryListResponse: + """Get restriction query for a given role. + + Get restriction query for a given role. + + :param role_id: The ID of the role. + :type role_id: str + :rtype: RestrictionQueryListResponse + """ + kwargs: Dict[str, Any] = {} + kwargs["role_id"] = role_id + + return self._get_role_restriction_query_endpoint.call_with_http_info(**kwargs) + + def list_restriction_queries( + self, + *, + page_size: Union[int, UnsetType] = unset, + page_number: Union[int, UnsetType] = unset, + ) -> RestrictionQueryListResponse: + """List restriction queries. + + Returns all restriction queries, including their names and IDs. + + :param page_size: Size for a given page. The maximum allowed value is 100. + :type page_size: int, optional + :param page_number: Specific page number to return. + :type page_number: int, optional + :rtype: RestrictionQueryListResponse + """ + kwargs: Dict[str, Any] = {} + if page_size is not unset: + kwargs["page_size"] = page_size + + if page_number is not unset: + kwargs["page_number"] = page_number + + return self._list_restriction_queries_endpoint.call_with_http_info(**kwargs) + + def list_restriction_query_roles( + self, + restriction_query_id: str, + *, + page_size: Union[int, UnsetType] = unset, + page_number: Union[int, UnsetType] = unset, + ) -> RestrictionQueryRolesResponse: + """List roles for a restriction query. + + Returns all roles that have a given restriction query. + + :param restriction_query_id: The ID of the restriction query. + :type restriction_query_id: str + :param page_size: Size for a given page. The maximum allowed value is 100. + :type page_size: int, optional + :param page_number: Specific page number to return. + :type page_number: int, optional + :rtype: RestrictionQueryRolesResponse + """ + kwargs: Dict[str, Any] = {} + kwargs["restriction_query_id"] = restriction_query_id + + if page_size is not unset: + kwargs["page_size"] = page_size + + if page_number is not unset: + kwargs["page_number"] = page_number + + return self._list_restriction_query_roles_endpoint.call_with_http_info(**kwargs) + + def list_user_restriction_queries( + self, + user_id: str, + ) -> RestrictionQueryListResponse: + """Get all restriction queries for a given user. + + Get all restriction queries for a given user. + + :param user_id: The ID of the user. + :type user_id: str + :rtype: RestrictionQueryListResponse + """ + kwargs: Dict[str, Any] = {} + kwargs["user_id"] = user_id + + return self._list_user_restriction_queries_endpoint.call_with_http_info(**kwargs) + + def remove_role_from_restriction_query( + self, + restriction_query_id: str, + body: RelationshipToRole, + ) -> None: + """Revoke role from a restriction query. + + Removes a role from a restriction query. + + :param restriction_query_id: The ID of the restriction query. + :type restriction_query_id: str + :type body: RelationshipToRole + :rtype: None + """ + kwargs: Dict[str, Any] = {} + kwargs["restriction_query_id"] = restriction_query_id + + kwargs["body"] = body + + return self._remove_role_from_restriction_query_endpoint.call_with_http_info(**kwargs) + + def replace_restriction_query( + self, + restriction_query_id: str, + body: RestrictionQueryUpdatePayload, + ) -> RestrictionQueryWithoutRelationshipsResponse: + """Replace a restriction query. + + Replace a restriction query. + + :param restriction_query_id: The ID of the restriction query. + :type restriction_query_id: str + :type body: RestrictionQueryUpdatePayload + :rtype: RestrictionQueryWithoutRelationshipsResponse + """ + kwargs: Dict[str, Any] = {} + kwargs["restriction_query_id"] = restriction_query_id + + kwargs["body"] = body + + return self._replace_restriction_query_endpoint.call_with_http_info(**kwargs) + + def update_restriction_query( + self, + restriction_query_id: str, + body: RestrictionQueryUpdatePayload, + ) -> RestrictionQueryWithoutRelationshipsResponse: + """Update a restriction query. + + Edit a restriction query. + + :param restriction_query_id: The ID of the restriction query. + :type restriction_query_id: str + :type body: RestrictionQueryUpdatePayload + :rtype: RestrictionQueryWithoutRelationshipsResponse + """ + kwargs: Dict[str, Any] = {} + kwargs["restriction_query_id"] = restriction_query_id + + kwargs["body"] = body + + return self._update_restriction_query_endpoint.call_with_http_info(**kwargs) diff --git a/src/datadog_api_client/v2/apis/__init__.py b/src/datadog_api_client/v2/apis/__init__.py index 924b45b146..c6e85950dc 100644 --- a/src/datadog_api_client/v2/apis/__init__.py +++ b/src/datadog_api_client/v2/apis/__init__.py @@ -44,6 +44,7 @@ from datadog_api_client.v2.api.logs_archives_api import LogsArchivesApi from datadog_api_client.v2.api.logs_custom_destinations_api import LogsCustomDestinationsApi from datadog_api_client.v2.api.logs_metrics_api import LogsMetricsApi +from datadog_api_client.v2.api.logs_restriction_queries_api import LogsRestrictionQueriesApi from datadog_api_client.v2.api.metrics_api import MetricsApi from datadog_api_client.v2.api.microsoft_teams_integration_api import MicrosoftTeamsIntegrationApi from datadog_api_client.v2.api.monitors_api import MonitorsApi @@ -131,6 +132,7 @@ "LogsArchivesApi", "LogsCustomDestinationsApi", "LogsMetricsApi", + "LogsRestrictionQueriesApi", "MetricsApi", "MicrosoftTeamsIntegrationApi", "MonitorsApi", diff --git a/src/datadog_api_client/v2/model/logs_restriction_queries_type.py b/src/datadog_api_client/v2/model/logs_restriction_queries_type.py new file mode 100644 index 0000000000..e5c09b37d4 --- /dev/null +++ b/src/datadog_api_client/v2/model/logs_restriction_queries_type.py @@ -0,0 +1,35 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelSimple, + cached_property, +) + +from typing import ClassVar + + +class LogsRestrictionQueriesType(ModelSimple): + """ + Restriction query resource type. + + :param value: If omitted defaults to "logs_restriction_queries". Must be one of ["logs_restriction_queries"]. + :type value: str + """ + + allowed_values = { + "logs_restriction_queries", + } + LOGS_RESTRICTION_QUERIES: ClassVar["LogsRestrictionQueriesType"] + + @cached_property + def openapi_types(_): + return { + "value": (str,), + } + + +LogsRestrictionQueriesType.LOGS_RESTRICTION_QUERIES = LogsRestrictionQueriesType("logs_restriction_queries") diff --git a/src/datadog_api_client/v2/model/restriction_query_attributes.py b/src/datadog_api_client/v2/model/restriction_query_attributes.py new file mode 100644 index 0000000000..b0ceac97dd --- /dev/null +++ b/src/datadog_api_client/v2/model/restriction_query_attributes.py @@ -0,0 +1,97 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import Union + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + datetime, + unset, + UnsetType, +) + + +class RestrictionQueryAttributes(ModelNormal): + @cached_property + def openapi_types(_): + return { + "created_at": (datetime,), + "last_modifier_email": (str,), + "last_modifier_name": (str,), + "modified_at": (datetime,), + "restriction_query": (str,), + "role_count": (int,), + "user_count": (int,), + } + + attribute_map = { + "created_at": "created_at", + "last_modifier_email": "last_modifier_email", + "last_modifier_name": "last_modifier_name", + "modified_at": "modified_at", + "restriction_query": "restriction_query", + "role_count": "role_count", + "user_count": "user_count", + } + read_only_vars = { + "created_at", + "last_modifier_email", + "last_modifier_name", + "modified_at", + "role_count", + "user_count", + } + + def __init__( + self_, + created_at: Union[datetime, UnsetType] = unset, + last_modifier_email: Union[str, UnsetType] = unset, + last_modifier_name: Union[str, UnsetType] = unset, + modified_at: Union[datetime, UnsetType] = unset, + restriction_query: Union[str, UnsetType] = unset, + role_count: Union[int, UnsetType] = unset, + user_count: Union[int, UnsetType] = unset, + **kwargs, + ): + """ + Attributes of the restriction query. + + :param created_at: Creation time of the restriction query. + :type created_at: datetime, optional + + :param last_modifier_email: Email of the user who last modified this restriction query. + :type last_modifier_email: str, optional + + :param last_modifier_name: Name of the user who last modified this restriction query. + :type last_modifier_name: str, optional + + :param modified_at: Time of last restriction query modification. + :type modified_at: datetime, optional + + :param restriction_query: The query that defines the restriction. Only the content matching the query can be returned. + :type restriction_query: str, optional + + :param role_count: Number of roles associated with this restriction query. + :type role_count: int, optional + + :param user_count: Number of users associated with this restriction query. + :type user_count: int, optional + """ + if created_at is not unset: + kwargs["created_at"] = created_at + if last_modifier_email is not unset: + kwargs["last_modifier_email"] = last_modifier_email + if last_modifier_name is not unset: + kwargs["last_modifier_name"] = last_modifier_name + if modified_at is not unset: + kwargs["modified_at"] = modified_at + if restriction_query is not unset: + kwargs["restriction_query"] = restriction_query + if role_count is not unset: + kwargs["role_count"] = role_count + if user_count is not unset: + kwargs["user_count"] = user_count + super().__init__(kwargs) diff --git a/src/datadog_api_client/v2/model/restriction_query_create_attributes.py b/src/datadog_api_client/v2/model/restriction_query_create_attributes.py new file mode 100644 index 0000000000..e2f4d8b2e7 --- /dev/null +++ b/src/datadog_api_client/v2/model/restriction_query_create_attributes.py @@ -0,0 +1,33 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +class RestrictionQueryCreateAttributes(ModelNormal): + @cached_property + def openapi_types(_): + return { + "restriction_query": (str,), + } + + attribute_map = { + "restriction_query": "restriction_query", + } + + def __init__(self_, restriction_query: str, **kwargs): + """ + Attributes of the created restriction query. + + :param restriction_query: The restriction query. + :type restriction_query: str + """ + super().__init__(kwargs) + + self_.restriction_query = restriction_query diff --git a/src/datadog_api_client/v2/model/restriction_query_create_data.py b/src/datadog_api_client/v2/model/restriction_query_create_data.py new file mode 100644 index 0000000000..d532d0b0b6 --- /dev/null +++ b/src/datadog_api_client/v2/model/restriction_query_create_data.py @@ -0,0 +1,56 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import Union, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.restriction_query_create_attributes import RestrictionQueryCreateAttributes + from datadog_api_client.v2.model.logs_restriction_queries_type import LogsRestrictionQueriesType + + +class RestrictionQueryCreateData(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.restriction_query_create_attributes import RestrictionQueryCreateAttributes + from datadog_api_client.v2.model.logs_restriction_queries_type import LogsRestrictionQueriesType + + return { + "attributes": (RestrictionQueryCreateAttributes,), + "type": (LogsRestrictionQueriesType,), + } + + attribute_map = { + "attributes": "attributes", + "type": "type", + } + + def __init__( + self_, + attributes: Union[RestrictionQueryCreateAttributes, UnsetType] = unset, + type: Union[LogsRestrictionQueriesType, UnsetType] = unset, + **kwargs, + ): + """ + Data related to the creation of a restriction query. + + :param attributes: Attributes of the created restriction query. + :type attributes: RestrictionQueryCreateAttributes, optional + + :param type: Restriction query resource type. + :type type: LogsRestrictionQueriesType, optional + """ + if attributes is not unset: + kwargs["attributes"] = attributes + if type is not unset: + kwargs["type"] = type + super().__init__(kwargs) diff --git a/src/datadog_api_client/v2/model/restriction_query_create_payload.py b/src/datadog_api_client/v2/model/restriction_query_create_payload.py new file mode 100644 index 0000000000..9eb6c44b5a --- /dev/null +++ b/src/datadog_api_client/v2/model/restriction_query_create_payload.py @@ -0,0 +1,42 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import Union, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.restriction_query_create_data import RestrictionQueryCreateData + + +class RestrictionQueryCreatePayload(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.restriction_query_create_data import RestrictionQueryCreateData + + return { + "data": (RestrictionQueryCreateData,), + } + + attribute_map = { + "data": "data", + } + + def __init__(self_, data: Union[RestrictionQueryCreateData, UnsetType] = unset, **kwargs): + """ + Create a restriction query. + + :param data: Data related to the creation of a restriction query. + :type data: RestrictionQueryCreateData, optional + """ + if data is not unset: + kwargs["data"] = data + super().__init__(kwargs) diff --git a/src/datadog_api_client/v2/model/restriction_query_list_response.py b/src/datadog_api_client/v2/model/restriction_query_list_response.py new file mode 100644 index 0000000000..9318bce64e --- /dev/null +++ b/src/datadog_api_client/v2/model/restriction_query_list_response.py @@ -0,0 +1,44 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import List, Union, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.restriction_query_without_relationships import RestrictionQueryWithoutRelationships + + +class RestrictionQueryListResponse(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.restriction_query_without_relationships import ( + RestrictionQueryWithoutRelationships, + ) + + return { + "data": ([RestrictionQueryWithoutRelationships],), + } + + attribute_map = { + "data": "data", + } + + def __init__(self_, data: Union[List[RestrictionQueryWithoutRelationships], UnsetType] = unset, **kwargs): + """ + Response containing information about multiple restriction queries. + + :param data: Array of returned restriction queries. + :type data: [RestrictionQueryWithoutRelationships], optional + """ + if data is not unset: + kwargs["data"] = data + super().__init__(kwargs) diff --git a/src/datadog_api_client/v2/model/restriction_query_response_included_item.py b/src/datadog_api_client/v2/model/restriction_query_response_included_item.py new file mode 100644 index 0000000000..14d50cc2c0 --- /dev/null +++ b/src/datadog_api_client/v2/model/restriction_query_response_included_item.py @@ -0,0 +1,44 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelComposed, + cached_property, +) + + +class RestrictionQueryResponseIncludedItem(ModelComposed): + def __init__(self, **kwargs): + """ + An object related to a restriction query. + + :param attributes: Attributes of the role for a restriction query. + :type attributes: RestrictionQueryRoleAttribute + + :param id: ID of the role. + :type id: str + + :param type: Roles type. + :type type: RolesType + """ + super().__init__(kwargs) + + @cached_property + def _composed_schemas(_): + # we need this here to make our import statements work + # we must store _composed_schemas in here so the code is only run + # when we invoke this method. If we kept this at the class + # level we would get an error because the class level + # code would be run when this module is imported, and these composed + # classes don't exist yet because their module has not finished + # loading + from datadog_api_client.v2.model.restriction_query_role import RestrictionQueryRole + + return { + "oneOf": [ + RestrictionQueryRole, + ], + } diff --git a/src/datadog_api_client/v2/model/restriction_query_role.py b/src/datadog_api_client/v2/model/restriction_query_role.py new file mode 100644 index 0000000000..811d0242ab --- /dev/null +++ b/src/datadog_api_client/v2/model/restriction_query_role.py @@ -0,0 +1,54 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.restriction_query_role_attribute import RestrictionQueryRoleAttribute + from datadog_api_client.v2.model.roles_type import RolesType + + +class RestrictionQueryRole(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.restriction_query_role_attribute import RestrictionQueryRoleAttribute + from datadog_api_client.v2.model.roles_type import RolesType + + return { + "attributes": (RestrictionQueryRoleAttribute,), + "id": (str,), + "type": (RolesType,), + } + + attribute_map = { + "attributes": "attributes", + "id": "id", + "type": "type", + } + + def __init__(self_, attributes: RestrictionQueryRoleAttribute, id: str, type: RolesType, **kwargs): + """ + Partial role object. + + :param attributes: Attributes of the role for a restriction query. + :type attributes: RestrictionQueryRoleAttribute + + :param id: ID of the role. + :type id: str + + :param type: Roles type. + :type type: RolesType + """ + super().__init__(kwargs) + + self_.attributes = attributes + self_.id = id + self_.type = type diff --git a/src/datadog_api_client/v2/model/restriction_query_role_attribute.py b/src/datadog_api_client/v2/model/restriction_query_role_attribute.py new file mode 100644 index 0000000000..76b5bb24f2 --- /dev/null +++ b/src/datadog_api_client/v2/model/restriction_query_role_attribute.py @@ -0,0 +1,36 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import Union + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +class RestrictionQueryRoleAttribute(ModelNormal): + @cached_property + def openapi_types(_): + return { + "name": (str,), + } + + attribute_map = { + "name": "name", + } + + def __init__(self_, name: Union[str, UnsetType] = unset, **kwargs): + """ + Attributes of the role for a restriction query. + + :param name: The role name. + :type name: str, optional + """ + if name is not unset: + kwargs["name"] = name + super().__init__(kwargs) diff --git a/src/datadog_api_client/v2/model/restriction_query_roles_response.py b/src/datadog_api_client/v2/model/restriction_query_roles_response.py new file mode 100644 index 0000000000..cffd5c9f77 --- /dev/null +++ b/src/datadog_api_client/v2/model/restriction_query_roles_response.py @@ -0,0 +1,42 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import List, Union, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.restriction_query_role import RestrictionQueryRole + + +class RestrictionQueryRolesResponse(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.restriction_query_role import RestrictionQueryRole + + return { + "data": ([RestrictionQueryRole],), + } + + attribute_map = { + "data": "data", + } + + def __init__(self_, data: Union[List[RestrictionQueryRole], UnsetType] = unset, **kwargs): + """ + Response containing information about roles attached to a restriction query. + + :param data: Array of roles. + :type data: [RestrictionQueryRole], optional + """ + if data is not unset: + kwargs["data"] = data + super().__init__(kwargs) diff --git a/src/datadog_api_client/v2/model/restriction_query_update_attributes.py b/src/datadog_api_client/v2/model/restriction_query_update_attributes.py new file mode 100644 index 0000000000..ae7b783115 --- /dev/null +++ b/src/datadog_api_client/v2/model/restriction_query_update_attributes.py @@ -0,0 +1,33 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, +) + + +class RestrictionQueryUpdateAttributes(ModelNormal): + @cached_property + def openapi_types(_): + return { + "restriction_query": (str,), + } + + attribute_map = { + "restriction_query": "restriction_query", + } + + def __init__(self_, restriction_query: str, **kwargs): + """ + Attributes of the edited restriction query. + + :param restriction_query: The restriction query. + :type restriction_query: str + """ + super().__init__(kwargs) + + self_.restriction_query = restriction_query diff --git a/src/datadog_api_client/v2/model/restriction_query_update_data.py b/src/datadog_api_client/v2/model/restriction_query_update_data.py new file mode 100644 index 0000000000..4fb14adf32 --- /dev/null +++ b/src/datadog_api_client/v2/model/restriction_query_update_data.py @@ -0,0 +1,56 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import Union, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.restriction_query_update_attributes import RestrictionQueryUpdateAttributes + from datadog_api_client.v2.model.logs_restriction_queries_type import LogsRestrictionQueriesType + + +class RestrictionQueryUpdateData(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.restriction_query_update_attributes import RestrictionQueryUpdateAttributes + from datadog_api_client.v2.model.logs_restriction_queries_type import LogsRestrictionQueriesType + + return { + "attributes": (RestrictionQueryUpdateAttributes,), + "type": (LogsRestrictionQueriesType,), + } + + attribute_map = { + "attributes": "attributes", + "type": "type", + } + + def __init__( + self_, + attributes: Union[RestrictionQueryUpdateAttributes, UnsetType] = unset, + type: Union[LogsRestrictionQueriesType, UnsetType] = unset, + **kwargs, + ): + """ + Data related to the update of a restriction query. + + :param attributes: Attributes of the edited restriction query. + :type attributes: RestrictionQueryUpdateAttributes, optional + + :param type: Restriction query resource type. + :type type: LogsRestrictionQueriesType, optional + """ + if attributes is not unset: + kwargs["attributes"] = attributes + if type is not unset: + kwargs["type"] = type + super().__init__(kwargs) diff --git a/src/datadog_api_client/v2/model/restriction_query_update_payload.py b/src/datadog_api_client/v2/model/restriction_query_update_payload.py new file mode 100644 index 0000000000..6f028ae11c --- /dev/null +++ b/src/datadog_api_client/v2/model/restriction_query_update_payload.py @@ -0,0 +1,42 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import Union, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.restriction_query_update_data import RestrictionQueryUpdateData + + +class RestrictionQueryUpdatePayload(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.restriction_query_update_data import RestrictionQueryUpdateData + + return { + "data": (RestrictionQueryUpdateData,), + } + + attribute_map = { + "data": "data", + } + + def __init__(self_, data: Union[RestrictionQueryUpdateData, UnsetType] = unset, **kwargs): + """ + Update a restriction query. + + :param data: Data related to the update of a restriction query. + :type data: RestrictionQueryUpdateData, optional + """ + if data is not unset: + kwargs["data"] = data + super().__init__(kwargs) diff --git a/src/datadog_api_client/v2/model/restriction_query_with_relationships.py b/src/datadog_api_client/v2/model/restriction_query_with_relationships.py new file mode 100644 index 0000000000..a56ec8f20e --- /dev/null +++ b/src/datadog_api_client/v2/model/restriction_query_with_relationships.py @@ -0,0 +1,74 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import Union, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.restriction_query_attributes import RestrictionQueryAttributes + from datadog_api_client.v2.model.user_relationships import UserRelationships + from datadog_api_client.v2.model.logs_restriction_queries_type import LogsRestrictionQueriesType + + +class RestrictionQueryWithRelationships(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.restriction_query_attributes import RestrictionQueryAttributes + from datadog_api_client.v2.model.user_relationships import UserRelationships + from datadog_api_client.v2.model.logs_restriction_queries_type import LogsRestrictionQueriesType + + return { + "attributes": (RestrictionQueryAttributes,), + "id": (str,), + "relationships": (UserRelationships,), + "type": (LogsRestrictionQueriesType,), + } + + attribute_map = { + "attributes": "attributes", + "id": "id", + "relationships": "relationships", + "type": "type", + } + + def __init__( + self_, + attributes: Union[RestrictionQueryAttributes, UnsetType] = unset, + id: Union[str, UnsetType] = unset, + relationships: Union[UserRelationships, UnsetType] = unset, + type: Union[LogsRestrictionQueriesType, UnsetType] = unset, + **kwargs, + ): + """ + Restriction query object returned by the API. + + :param attributes: Attributes of the restriction query. + :type attributes: RestrictionQueryAttributes, optional + + :param id: ID of the restriction query. + :type id: str, optional + + :param relationships: Relationships of the user object. + :type relationships: UserRelationships, optional + + :param type: Restriction query resource type. + :type type: LogsRestrictionQueriesType, optional + """ + if attributes is not unset: + kwargs["attributes"] = attributes + if id is not unset: + kwargs["id"] = id + if relationships is not unset: + kwargs["relationships"] = relationships + if type is not unset: + kwargs["type"] = type + super().__init__(kwargs) diff --git a/src/datadog_api_client/v2/model/restriction_query_with_relationships_response.py b/src/datadog_api_client/v2/model/restriction_query_with_relationships_response.py new file mode 100644 index 0000000000..b77017573a --- /dev/null +++ b/src/datadog_api_client/v2/model/restriction_query_with_relationships_response.py @@ -0,0 +1,61 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import List, Union, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.restriction_query_with_relationships import RestrictionQueryWithRelationships + from datadog_api_client.v2.model.restriction_query_response_included_item import ( + RestrictionQueryResponseIncludedItem, + ) + from datadog_api_client.v2.model.restriction_query_role import RestrictionQueryRole + + +class RestrictionQueryWithRelationshipsResponse(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.restriction_query_with_relationships import RestrictionQueryWithRelationships + from datadog_api_client.v2.model.restriction_query_response_included_item import ( + RestrictionQueryResponseIncludedItem, + ) + + return { + "data": (RestrictionQueryWithRelationships,), + "included": ([RestrictionQueryResponseIncludedItem],), + } + + attribute_map = { + "data": "data", + "included": "included", + } + + def __init__( + self_, + data: Union[RestrictionQueryWithRelationships, UnsetType] = unset, + included: Union[List[Union[RestrictionQueryResponseIncludedItem, RestrictionQueryRole]], UnsetType] = unset, + **kwargs, + ): + """ + Response containing information about a single restriction query. + + :param data: Restriction query object returned by the API. + :type data: RestrictionQueryWithRelationships, optional + + :param included: Array of objects related to the restriction query. + :type included: [RestrictionQueryResponseIncludedItem], optional + """ + if data is not unset: + kwargs["data"] = data + if included is not unset: + kwargs["included"] = included + super().__init__(kwargs) diff --git a/src/datadog_api_client/v2/model/restriction_query_without_relationships.py b/src/datadog_api_client/v2/model/restriction_query_without_relationships.py new file mode 100644 index 0000000000..9d361b4ad5 --- /dev/null +++ b/src/datadog_api_client/v2/model/restriction_query_without_relationships.py @@ -0,0 +1,65 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import Union, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.restriction_query_attributes import RestrictionQueryAttributes + + +class RestrictionQueryWithoutRelationships(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.restriction_query_attributes import RestrictionQueryAttributes + + return { + "attributes": (RestrictionQueryAttributes,), + "id": (str,), + "type": (str,), + } + + attribute_map = { + "attributes": "attributes", + "id": "id", + "type": "type", + } + read_only_vars = { + "type", + } + + def __init__( + self_, + attributes: Union[RestrictionQueryAttributes, UnsetType] = unset, + id: Union[str, UnsetType] = unset, + type: Union[str, UnsetType] = unset, + **kwargs, + ): + """ + Restriction query object returned by the API. + + :param attributes: Attributes of the restriction query. + :type attributes: RestrictionQueryAttributes, optional + + :param id: ID of the restriction query. + :type id: str, optional + + :param type: Restriction queries type. + :type type: str, optional + """ + if attributes is not unset: + kwargs["attributes"] = attributes + if id is not unset: + kwargs["id"] = id + if type is not unset: + kwargs["type"] = type + super().__init__(kwargs) diff --git a/src/datadog_api_client/v2/model/restriction_query_without_relationships_response.py b/src/datadog_api_client/v2/model/restriction_query_without_relationships_response.py new file mode 100644 index 0000000000..da5fdd0382 --- /dev/null +++ b/src/datadog_api_client/v2/model/restriction_query_without_relationships_response.py @@ -0,0 +1,44 @@ +# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License. +# This product includes software developed at Datadog (https://www.datadoghq.com/). +# Copyright 2019-Present Datadog, Inc. +from __future__ import annotations + +from typing import Union, TYPE_CHECKING + +from datadog_api_client.model_utils import ( + ModelNormal, + cached_property, + unset, + UnsetType, +) + + +if TYPE_CHECKING: + from datadog_api_client.v2.model.restriction_query_without_relationships import RestrictionQueryWithoutRelationships + + +class RestrictionQueryWithoutRelationshipsResponse(ModelNormal): + @cached_property + def openapi_types(_): + from datadog_api_client.v2.model.restriction_query_without_relationships import ( + RestrictionQueryWithoutRelationships, + ) + + return { + "data": (RestrictionQueryWithoutRelationships,), + } + + attribute_map = { + "data": "data", + } + + def __init__(self_, data: Union[RestrictionQueryWithoutRelationships, UnsetType] = unset, **kwargs): + """ + Response containing information about a single restriction query. + + :param data: Restriction query object returned by the API. + :type data: RestrictionQueryWithoutRelationships, optional + """ + if data is not unset: + kwargs["data"] = data + super().__init__(kwargs) diff --git a/src/datadog_api_client/v2/models/__init__.py b/src/datadog_api_client/v2/models/__init__.py index 9cece11cff..66061bd8f0 100644 --- a/src/datadog_api_client/v2/models/__init__.py +++ b/src/datadog_api_client/v2/models/__init__.py @@ -2458,6 +2458,7 @@ from datadog_api_client.v2.model.logs_query_options import LogsQueryOptions from datadog_api_client.v2.model.logs_response_metadata import LogsResponseMetadata from datadog_api_client.v2.model.logs_response_metadata_page import LogsResponseMetadataPage +from datadog_api_client.v2.model.logs_restriction_queries_type import LogsRestrictionQueriesType from datadog_api_client.v2.model.logs_sort import LogsSort from datadog_api_client.v2.model.logs_sort_order import LogsSortOrder from datadog_api_client.v2.model.logs_storage_tier import LogsStorageTier @@ -3738,6 +3739,26 @@ from datadog_api_client.v2.model.restriction_policy_response import RestrictionPolicyResponse from datadog_api_client.v2.model.restriction_policy_type import RestrictionPolicyType from datadog_api_client.v2.model.restriction_policy_update_request import RestrictionPolicyUpdateRequest +from datadog_api_client.v2.model.restriction_query_attributes import RestrictionQueryAttributes +from datadog_api_client.v2.model.restriction_query_create_attributes import RestrictionQueryCreateAttributes +from datadog_api_client.v2.model.restriction_query_create_data import RestrictionQueryCreateData +from datadog_api_client.v2.model.restriction_query_create_payload import RestrictionQueryCreatePayload +from datadog_api_client.v2.model.restriction_query_list_response import RestrictionQueryListResponse +from datadog_api_client.v2.model.restriction_query_response_included_item import RestrictionQueryResponseIncludedItem +from datadog_api_client.v2.model.restriction_query_role import RestrictionQueryRole +from datadog_api_client.v2.model.restriction_query_role_attribute import RestrictionQueryRoleAttribute +from datadog_api_client.v2.model.restriction_query_roles_response import RestrictionQueryRolesResponse +from datadog_api_client.v2.model.restriction_query_update_attributes import RestrictionQueryUpdateAttributes +from datadog_api_client.v2.model.restriction_query_update_data import RestrictionQueryUpdateData +from datadog_api_client.v2.model.restriction_query_update_payload import RestrictionQueryUpdatePayload +from datadog_api_client.v2.model.restriction_query_with_relationships import RestrictionQueryWithRelationships +from datadog_api_client.v2.model.restriction_query_with_relationships_response import ( + RestrictionQueryWithRelationshipsResponse, +) +from datadog_api_client.v2.model.restriction_query_without_relationships import RestrictionQueryWithoutRelationships +from datadog_api_client.v2.model.restriction_query_without_relationships_response import ( + RestrictionQueryWithoutRelationshipsResponse, +) from datadog_api_client.v2.model.retention_filter import RetentionFilter from datadog_api_client.v2.model.retention_filter_all import RetentionFilterAll from datadog_api_client.v2.model.retention_filter_all_attributes import RetentionFilterAllAttributes @@ -6832,6 +6853,7 @@ "LogsQueryOptions", "LogsResponseMetadata", "LogsResponseMetadataPage", + "LogsRestrictionQueriesType", "LogsSort", "LogsSortOrder", "LogsStorageTier", @@ -7604,6 +7626,22 @@ "RestrictionPolicyResponse", "RestrictionPolicyType", "RestrictionPolicyUpdateRequest", + "RestrictionQueryAttributes", + "RestrictionQueryCreateAttributes", + "RestrictionQueryCreateData", + "RestrictionQueryCreatePayload", + "RestrictionQueryListResponse", + "RestrictionQueryResponseIncludedItem", + "RestrictionQueryRole", + "RestrictionQueryRoleAttribute", + "RestrictionQueryRolesResponse", + "RestrictionQueryUpdateAttributes", + "RestrictionQueryUpdateData", + "RestrictionQueryUpdatePayload", + "RestrictionQueryWithRelationships", + "RestrictionQueryWithRelationshipsResponse", + "RestrictionQueryWithoutRelationships", + "RestrictionQueryWithoutRelationshipsResponse", "RetentionFilter", "RetentionFilterAll", "RetentionFilterAllAttributes", diff --git a/tests/v2/cassettes/test_scenarios/test_create_a_restriction_query_returns_bad_request_response.frozen b/tests/v2/cassettes/test_scenarios/test_create_a_restriction_query_returns_bad_request_response.frozen new file mode 100644 index 0000000000..0f606a88e2 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_create_a_restriction_query_returns_bad_request_response.frozen @@ -0,0 +1 @@ +2025-11-17T21:36:33.023Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_create_a_restriction_query_returns_bad_request_response.yaml b/tests/v2/cassettes/test_scenarios/test_create_a_restriction_query_returns_bad_request_response.yaml new file mode 100644 index 0000000000..74dd28df93 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_create_a_restriction_query_returns_bad_request_response.yaml @@ -0,0 +1,21 @@ +interactions: +- request: + body: '{"test":"bad_request"}' + headers: + accept: + - application/json + content-type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/logs/config/restriction_queries + response: + body: + string: '{"errors":["API input validation failed: {''_schema'': [{''detail'': + ''Object must include `data` key.'', ''source'': {''pointer'': ''/''}}]}"]}' + headers: + content-type: + - application/json + status: + code: 400 + message: Bad Request +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_create_a_restriction_query_returns_ok_response.frozen b/tests/v2/cassettes/test_scenarios/test_create_a_restriction_query_returns_ok_response.frozen new file mode 100644 index 0000000000..7c666081cd --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_create_a_restriction_query_returns_ok_response.frozen @@ -0,0 +1 @@ +2025-11-17T21:36:33.792Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_create_a_restriction_query_returns_ok_response.yaml b/tests/v2/cassettes/test_scenarios/test_create_a_restriction_query_returns_ok_response.yaml new file mode 100644 index 0000000000..4470d9eb73 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_create_a_restriction_query_returns_ok_response.yaml @@ -0,0 +1,38 @@ +interactions: +- request: + body: '{"data":{"attributes":{"restriction_query":"env:sandbox"},"type":"logs_restriction_queries"}}' + headers: + accept: + - application/json + content-type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/logs/config/restriction_queries + response: + body: + string: '{"data":{"type":"logs_restriction_queries","id":"7d16b5bc-c3fd-11f0-a3af-da7ad0900002","attributes":{"restriction_query":"env:sandbox","created_at":"2025-11-17T21:36:34.125787+00:00","modified_at":"2025-11-17T21:36:34.125787+00:00"}}} + + ' + headers: + content-type: + - application/json + status: + code: 200 + message: OK +- request: + body: null + headers: + accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/logs/config/restriction_queries/7d16b5bc-c3fd-11f0-a3af-da7ad0900002 + response: + body: + string: '' + headers: + content-type: + - text/html; charset=utf-8 + status: + code: 204 + message: No Content +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_delete_a_restriction_query_returns_bad_request_response.frozen b/tests/v2/cassettes/test_scenarios/test_delete_a_restriction_query_returns_bad_request_response.frozen new file mode 100644 index 0000000000..27f3b15bf5 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_delete_a_restriction_query_returns_bad_request_response.frozen @@ -0,0 +1 @@ +2025-11-17T21:36:34.603Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_delete_a_restriction_query_returns_bad_request_response.yaml b/tests/v2/cassettes/test_scenarios/test_delete_a_restriction_query_returns_bad_request_response.yaml new file mode 100644 index 0000000000..73173abf96 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_delete_a_restriction_query_returns_bad_request_response.yaml @@ -0,0 +1,18 @@ +interactions: +- request: + body: null + headers: + accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/logs/config/restriction_queries/malformed_id + response: + body: + string: '{"errors":["uuid is not proper type"]}' + headers: + content-type: + - application/json + status: + code: 400 + message: Bad Request +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_delete_a_restriction_query_returns_not_found_response.frozen b/tests/v2/cassettes/test_scenarios/test_delete_a_restriction_query_returns_not_found_response.frozen new file mode 100644 index 0000000000..000352ea2a --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_delete_a_restriction_query_returns_not_found_response.frozen @@ -0,0 +1 @@ +2025-11-17T21:36:34.974Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_delete_a_restriction_query_returns_not_found_response.yaml b/tests/v2/cassettes/test_scenarios/test_delete_a_restriction_query_returns_not_found_response.yaml new file mode 100644 index 0000000000..8aa84c25de --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_delete_a_restriction_query_returns_not_found_response.yaml @@ -0,0 +1,18 @@ +interactions: +- request: + body: null + headers: + accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/logs/config/restriction_queries/00000000-0000-0000-0000-000000000000 + response: + body: + string: '{"errors":["Restriction query not found"]}' + headers: + content-type: + - application/json + status: + code: 404 + message: Not Found +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_delete_a_restriction_query_returns_ok_response.frozen b/tests/v2/cassettes/test_scenarios/test_delete_a_restriction_query_returns_ok_response.frozen new file mode 100644 index 0000000000..90bbc26281 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_delete_a_restriction_query_returns_ok_response.frozen @@ -0,0 +1 @@ +2025-11-17T21:36:35.338Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_delete_a_restriction_query_returns_ok_response.yaml b/tests/v2/cassettes/test_scenarios/test_delete_a_restriction_query_returns_ok_response.yaml new file mode 100644 index 0000000000..c039798aae --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_delete_a_restriction_query_returns_ok_response.yaml @@ -0,0 +1,54 @@ +interactions: +- request: + body: '{"data":{"attributes":{"restriction_query":"env:sandbox"},"type":"logs_restriction_queries"}}' + headers: + accept: + - application/json + content-type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/logs/config/restriction_queries + response: + body: + string: '{"data":{"type":"logs_restriction_queries","id":"7dfcd704-c3fd-11f0-a70b-da7ad0900002","attributes":{"restriction_query":"env:sandbox","created_at":"2025-11-17T21:36:35.634185+00:00","modified_at":"2025-11-17T21:36:35.634185+00:00"}}} + + ' + headers: + content-type: + - application/json + status: + code: 200 + message: OK +- request: + body: null + headers: + accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/logs/config/restriction_queries/7dfcd704-c3fd-11f0-a70b-da7ad0900002 + response: + body: + string: '' + headers: + content-type: + - text/html; charset=utf-8 + status: + code: 204 + message: No Content +- request: + body: null + headers: + accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/logs/config/restriction_queries/7dfcd704-c3fd-11f0-a70b-da7ad0900002 + response: + body: + string: '{"errors":["Restriction query not found"]}' + headers: + content-type: + - application/json + status: + code: 404 + message: Not Found +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_get_a_restriction_query_returns_bad_request_response.frozen b/tests/v2/cassettes/test_scenarios/test_get_a_restriction_query_returns_bad_request_response.frozen new file mode 100644 index 0000000000..715d1386d2 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_get_a_restriction_query_returns_bad_request_response.frozen @@ -0,0 +1 @@ +2025-11-17T21:36:36.502Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_get_a_restriction_query_returns_bad_request_response.yaml b/tests/v2/cassettes/test_scenarios/test_get_a_restriction_query_returns_bad_request_response.yaml new file mode 100644 index 0000000000..4c61300e73 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_get_a_restriction_query_returns_bad_request_response.yaml @@ -0,0 +1,18 @@ +interactions: +- request: + body: null + headers: + accept: + - application/json + method: GET + uri: https://api.datadoghq.com/api/v2/logs/config/restriction_queries/malformed_id + response: + body: + string: '{"errors":["uuid is not proper type"]}' + headers: + content-type: + - application/json + status: + code: 400 + message: Bad Request +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_get_a_restriction_query_returns_not_found_response.frozen b/tests/v2/cassettes/test_scenarios/test_get_a_restriction_query_returns_not_found_response.frozen new file mode 100644 index 0000000000..c334b82cee --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_get_a_restriction_query_returns_not_found_response.frozen @@ -0,0 +1 @@ +2025-11-17T21:36:36.858Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_get_a_restriction_query_returns_not_found_response.yaml b/tests/v2/cassettes/test_scenarios/test_get_a_restriction_query_returns_not_found_response.yaml new file mode 100644 index 0000000000..bc260ac7c9 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_get_a_restriction_query_returns_not_found_response.yaml @@ -0,0 +1,18 @@ +interactions: +- request: + body: null + headers: + accept: + - application/json + method: GET + uri: https://api.datadoghq.com/api/v2/logs/config/restriction_queries/00000000-0000-0000-0000-000000000000 + response: + body: + string: '{"errors":["Restriction query not found"]}' + headers: + content-type: + - application/json + status: + code: 404 + message: Not Found +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_get_a_restriction_query_returns_ok_response.frozen b/tests/v2/cassettes/test_scenarios/test_get_a_restriction_query_returns_ok_response.frozen new file mode 100644 index 0000000000..746afe3f00 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_get_a_restriction_query_returns_ok_response.frozen @@ -0,0 +1 @@ +2025-11-17T21:36:37.364Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_get_a_restriction_query_returns_ok_response.yaml b/tests/v2/cassettes/test_scenarios/test_get_a_restriction_query_returns_ok_response.yaml new file mode 100644 index 0000000000..094c28fb1c --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_get_a_restriction_query_returns_ok_response.yaml @@ -0,0 +1,56 @@ +interactions: +- request: + body: '{"data":{"attributes":{"restriction_query":"env:sandbox"},"type":"logs_restriction_queries"}}' + headers: + accept: + - application/json + content-type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/logs/config/restriction_queries + response: + body: + string: '{"data":{"type":"logs_restriction_queries","id":"7f34e18e-c3fd-11f0-8c23-da7ad0900002","attributes":{"restriction_query":"env:sandbox","created_at":"2025-11-17T21:36:37.678850+00:00","modified_at":"2025-11-17T21:36:37.678850+00:00"}}} + + ' + headers: + content-type: + - application/json + status: + code: 200 + message: OK +- request: + body: null + headers: + accept: + - application/json + method: GET + uri: https://api.datadoghq.com/api/v2/logs/config/restriction_queries/7f34e18e-c3fd-11f0-8c23-da7ad0900002 + response: + body: + string: '{"data":{"type":"logs_restriction_queries","id":"7f34e18e-c3fd-11f0-8c23-da7ad0900002","attributes":{"restriction_query":"env:sandbox","created_at":"2025-11-17T21:36:37.678850+00:00","modified_at":"2025-11-17T21:36:37.678850+00:00"},"relationships":{"roles":{"data":[]}}}} + + ' + headers: + content-type: + - application/json + status: + code: 200 + message: OK +- request: + body: null + headers: + accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/logs/config/restriction_queries/7f34e18e-c3fd-11f0-8c23-da7ad0900002 + response: + body: + string: '' + headers: + content-type: + - text/html; charset=utf-8 + status: + code: 204 + message: No Content +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_get_all_restriction_queries_for_a_given_user_returns_bad_request_response.frozen b/tests/v2/cassettes/test_scenarios/test_get_all_restriction_queries_for_a_given_user_returns_bad_request_response.frozen new file mode 100644 index 0000000000..5a6a09eb2e --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_get_all_restriction_queries_for_a_given_user_returns_bad_request_response.frozen @@ -0,0 +1 @@ +2025-11-17T21:36:38.488Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_get_all_restriction_queries_for_a_given_user_returns_bad_request_response.yaml b/tests/v2/cassettes/test_scenarios/test_get_all_restriction_queries_for_a_given_user_returns_bad_request_response.yaml new file mode 100644 index 0000000000..47d9a18751 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_get_all_restriction_queries_for_a_given_user_returns_bad_request_response.yaml @@ -0,0 +1,18 @@ +interactions: +- request: + body: null + headers: + accept: + - application/json + method: GET + uri: https://api.datadoghq.com/api/v2/logs/config/restriction_queries/user/malformed_id + response: + body: + string: '{"errors":["uuid is not proper type"]}' + headers: + content-type: + - application/json + status: + code: 400 + message: Bad Request +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_get_all_restriction_queries_for_a_given_user_returns_not_found_response.frozen b/tests/v2/cassettes/test_scenarios/test_get_all_restriction_queries_for_a_given_user_returns_not_found_response.frozen new file mode 100644 index 0000000000..d4fbbc6031 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_get_all_restriction_queries_for_a_given_user_returns_not_found_response.frozen @@ -0,0 +1 @@ +2025-11-17T21:36:38.856Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_get_all_restriction_queries_for_a_given_user_returns_not_found_response.yaml b/tests/v2/cassettes/test_scenarios/test_get_all_restriction_queries_for_a_given_user_returns_not_found_response.yaml new file mode 100644 index 0000000000..2f498fd192 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_get_all_restriction_queries_for_a_given_user_returns_not_found_response.yaml @@ -0,0 +1,19 @@ +interactions: +- request: + body: null + headers: + accept: + - application/json + method: GET + uri: https://api.datadoghq.com/api/v2/logs/config/restriction_queries/user/00000000-0000-0000-0000-000000000000 + response: + body: + string: '{"errors":["user with uuid 00000000-0000-0000-0000-000000000000 doesn''t + exist"]}' + headers: + content-type: + - application/json + status: + code: 400 + message: Bad Request +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_get_restriction_query_for_a_given_role_returns_bad_request_response.frozen b/tests/v2/cassettes/test_scenarios/test_get_restriction_query_for_a_given_role_returns_bad_request_response.frozen new file mode 100644 index 0000000000..9cfa72116a --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_get_restriction_query_for_a_given_role_returns_bad_request_response.frozen @@ -0,0 +1 @@ +2025-11-17T21:36:39.195Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_get_restriction_query_for_a_given_role_returns_bad_request_response.yaml b/tests/v2/cassettes/test_scenarios/test_get_restriction_query_for_a_given_role_returns_bad_request_response.yaml new file mode 100644 index 0000000000..742b271161 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_get_restriction_query_for_a_given_role_returns_bad_request_response.yaml @@ -0,0 +1,18 @@ +interactions: +- request: + body: null + headers: + accept: + - application/json + method: GET + uri: https://api.datadoghq.com/api/v2/logs/config/restriction_queries/role/malformed_id + response: + body: + string: '{"errors":["Missing Role malformed_id"]}' + headers: + content-type: + - application/json + status: + code: 400 + message: Bad Request +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_get_restriction_query_for_a_given_role_returns_not_found_response.frozen b/tests/v2/cassettes/test_scenarios/test_get_restriction_query_for_a_given_role_returns_not_found_response.frozen new file mode 100644 index 0000000000..38c656a048 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_get_restriction_query_for_a_given_role_returns_not_found_response.frozen @@ -0,0 +1 @@ +2025-11-17T21:36:39.565Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_get_restriction_query_for_a_given_role_returns_not_found_response.yaml b/tests/v2/cassettes/test_scenarios/test_get_restriction_query_for_a_given_role_returns_not_found_response.yaml new file mode 100644 index 0000000000..d7e675f21b --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_get_restriction_query_for_a_given_role_returns_not_found_response.yaml @@ -0,0 +1,18 @@ +interactions: +- request: + body: null + headers: + accept: + - application/json + method: GET + uri: https://api.datadoghq.com/api/v2/logs/config/restriction_queries/role/00000000-0000-0000-0000-000000000000 + response: + body: + string: '{"errors":["Missing Role 00000000-0000-0000-0000-000000000000"]}' + headers: + content-type: + - application/json + status: + code: 400 + message: Bad Request +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_get_restriction_query_for_a_given_role_returns_ok_response.frozen b/tests/v2/cassettes/test_scenarios/test_get_restriction_query_for_a_given_role_returns_ok_response.frozen new file mode 100644 index 0000000000..09d56f7a1b --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_get_restriction_query_for_a_given_role_returns_ok_response.frozen @@ -0,0 +1 @@ +2025-11-17T21:36:39.917Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_get_restriction_query_for_a_given_role_returns_ok_response.yaml b/tests/v2/cassettes/test_scenarios/test_get_restriction_query_for_a_given_role_returns_ok_response.yaml new file mode 100644 index 0000000000..80c43b44e2 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_get_restriction_query_for_a_given_role_returns_ok_response.yaml @@ -0,0 +1,52 @@ +interactions: +- request: + body: '{"data":{"attributes":{"name":"Test-Get_restriction_query_for_a_given_role_returns_OK_response-1763415399"},"type":"roles"}}' + headers: + accept: + - application/json + content-type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/roles + response: + body: + string: '{"data":{"id":"80b7ecc2-c3fd-11f0-8d5a-da7ad0900002","type":"roles","attributes":{"created_at":"2025-11-17T21:36:40.216326Z","modified_at":"2025-11-17T21:36:40.216269Z","name":"Test-Get_restriction_query_for_a_given_role_returns_OK_response-1763415399","team_count":0,"user_count":0},"relationships":{"permissions":{"data":[{"id":"d90f6830-d3d8-11e9-a77a-b3404e5e9ee2","type":"permissions"},{"id":"4441648c-d8b1-11e9-a77a-1b899a04b304","type":"permissions"},{"id":"417ba636-2dce-11eb-84c0-6bce5b0d9de0","type":"permissions"},{"id":"12efc20e-d36c-11eb-a9b8-da7ad0900002","type":"permissions"},{"id":"7605ef24-f376-11eb-b90b-da7ad0900002","type":"permissions"},{"id":"b6bf9ac6-9a59-11ec-8480-da7ad0900002","type":"permissions"},{"id":"f8e941cf-e746-11ec-b22d-da7ad0900002","type":"permissions"},{"id":"6c5ad874-7aff-11ed-a5cd-da7ad0900002","type":"permissions"},{"id":"a8b4d6e8-4ea4-11ee-b482-da7ad0900002","type":"permissions"},{"id":"50c270de-69ee-11ee-9151-da7ad0900002","type":"permissions"}]}}}}' + headers: + content-type: + - application/vnd.api+json + status: + code: 200 + message: OK +- request: + body: null + headers: + accept: + - application/json + method: GET + uri: https://api.datadoghq.com/api/v2/logs/config/restriction_queries/role/80b7ecc2-c3fd-11f0-8d5a-da7ad0900002 + response: + body: + string: '{"data":[]} + + ' + headers: + content-type: + - application/json + status: + code: 200 + message: OK +- request: + body: null + headers: + accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/roles/80b7ecc2-c3fd-11f0-8d5a-da7ad0900002 + response: + body: + string: '' + headers: {} + status: + code: 204 + message: No Content +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_grant_role_to_a_restriction_query_returns_bad_request_response.frozen b/tests/v2/cassettes/test_scenarios/test_grant_role_to_a_restriction_query_returns_bad_request_response.frozen new file mode 100644 index 0000000000..f911f1546f --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_grant_role_to_a_restriction_query_returns_bad_request_response.frozen @@ -0,0 +1 @@ +2025-11-17T21:36:40.959Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_grant_role_to_a_restriction_query_returns_bad_request_response.yaml b/tests/v2/cassettes/test_scenarios/test_grant_role_to_a_restriction_query_returns_bad_request_response.yaml new file mode 100644 index 0000000000..7bbda31cb1 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_grant_role_to_a_restriction_query_returns_bad_request_response.yaml @@ -0,0 +1,21 @@ +interactions: +- request: + body: '{"data":{"id":"3653d3c6-0c75-11ea-ad28-fb5701eabc7d","type":"roles"}}' + headers: + accept: + - '*/*' + content-type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/logs/config/restriction_queries/malformed_id/roles + response: + body: + string: '{"errors":["Role with id: 3653d3c6-0c75-11ea-ad28-fb5701eabc7d not + found"]}' + headers: + content-type: + - application/json + status: + code: 404 + message: Not Found +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_grant_role_to_a_restriction_query_returns_not_found_response.frozen b/tests/v2/cassettes/test_scenarios/test_grant_role_to_a_restriction_query_returns_not_found_response.frozen new file mode 100644 index 0000000000..ad3ca1112c --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_grant_role_to_a_restriction_query_returns_not_found_response.frozen @@ -0,0 +1 @@ +2025-11-17T21:36:41.677Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_grant_role_to_a_restriction_query_returns_not_found_response.yaml b/tests/v2/cassettes/test_scenarios/test_grant_role_to_a_restriction_query_returns_not_found_response.yaml new file mode 100644 index 0000000000..2101bbb1f0 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_grant_role_to_a_restriction_query_returns_not_found_response.yaml @@ -0,0 +1,21 @@ +interactions: +- request: + body: '{"data":{"id":"3653d3c6-0c75-11ea-ad28-fb5701eabc7d","type":"roles"}}' + headers: + accept: + - '*/*' + content-type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/logs/config/restriction_queries/00000000-0000-0000-0000-000000000000/roles + response: + body: + string: '{"errors":["Role with id: 3653d3c6-0c75-11ea-ad28-fb5701eabc7d not + found"]}' + headers: + content-type: + - application/json + status: + code: 404 + message: Not Found +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_grant_role_to_a_restriction_query_returns_ok_response.frozen b/tests/v2/cassettes/test_scenarios/test_grant_role_to_a_restriction_query_returns_ok_response.frozen new file mode 100644 index 0000000000..675f75350d --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_grant_role_to_a_restriction_query_returns_ok_response.frozen @@ -0,0 +1 @@ +2025-11-17T21:36:42.024Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_grant_role_to_a_restriction_query_returns_ok_response.yaml b/tests/v2/cassettes/test_scenarios/test_grant_role_to_a_restriction_query_returns_ok_response.yaml new file mode 100644 index 0000000000..eb5cc85427 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_grant_role_to_a_restriction_query_returns_ok_response.yaml @@ -0,0 +1,88 @@ +interactions: +- request: + body: '{"data":{"attributes":{"restriction_query":"env:sandbox"},"type":"logs_restriction_queries"}}' + headers: + accept: + - application/json + content-type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/logs/config/restriction_queries + response: + body: + string: '{"data":{"type":"logs_restriction_queries","id":"81f63382-c3fd-11f0-be7b-da7ad0900002","attributes":{"restriction_query":"env:sandbox","created_at":"2025-11-17T21:36:42.301659+00:00","modified_at":"2025-11-17T21:36:42.301659+00:00"}}} + + ' + headers: + content-type: + - application/json + status: + code: 200 + message: OK +- request: + body: '{"data":{"attributes":{"name":"Test-Grant_role_to_a_restriction_query_returns_OK_response-1763415402"},"type":"roles"}}' + headers: + accept: + - application/json + content-type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/roles + response: + body: + string: '{"data":{"id":"822b736c-c3fd-11f0-8df1-da7ad0900002","type":"roles","attributes":{"created_at":"2025-11-17T21:36:42.650961Z","modified_at":"2025-11-17T21:36:42.650523Z","name":"Test-Grant_role_to_a_restriction_query_returns_OK_response-1763415402","team_count":0,"user_count":0},"relationships":{"permissions":{"data":[{"id":"d90f6830-d3d8-11e9-a77a-b3404e5e9ee2","type":"permissions"},{"id":"4441648c-d8b1-11e9-a77a-1b899a04b304","type":"permissions"},{"id":"417ba636-2dce-11eb-84c0-6bce5b0d9de0","type":"permissions"},{"id":"12efc20e-d36c-11eb-a9b8-da7ad0900002","type":"permissions"},{"id":"7605ef24-f376-11eb-b90b-da7ad0900002","type":"permissions"},{"id":"b6bf9ac6-9a59-11ec-8480-da7ad0900002","type":"permissions"},{"id":"f8e941cf-e746-11ec-b22d-da7ad0900002","type":"permissions"},{"id":"6c5ad874-7aff-11ed-a5cd-da7ad0900002","type":"permissions"},{"id":"a8b4d6e8-4ea4-11ee-b482-da7ad0900002","type":"permissions"},{"id":"50c270de-69ee-11ee-9151-da7ad0900002","type":"permissions"}]}}}}' + headers: + content-type: + - application/vnd.api+json + status: + code: 200 + message: OK +- request: + body: '{"data":{"id":"822b736c-c3fd-11f0-8df1-da7ad0900002","type":"roles"}}' + headers: + accept: + - '*/*' + content-type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/logs/config/restriction_queries/81f63382-c3fd-11f0-be7b-da7ad0900002/roles + response: + body: + string: '' + headers: + content-type: + - text/html; charset=utf-8 + status: + code: 204 + message: No Content +- request: + body: null + headers: + accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/roles/822b736c-c3fd-11f0-8df1-da7ad0900002 + response: + body: + string: '' + headers: {} + status: + code: 204 + message: No Content +- request: + body: null + headers: + accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/logs/config/restriction_queries/81f63382-c3fd-11f0-be7b-da7ad0900002 + response: + body: + string: '' + headers: + content-type: + - text/html; charset=utf-8 + status: + code: 204 + message: No Content +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_list_restriction_queries_returns_ok_response.frozen b/tests/v2/cassettes/test_scenarios/test_list_restriction_queries_returns_ok_response.frozen new file mode 100644 index 0000000000..a989e4c6dc --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_list_restriction_queries_returns_ok_response.frozen @@ -0,0 +1 @@ +2025-11-17T21:36:43.867Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_list_restriction_queries_returns_ok_response.yaml b/tests/v2/cassettes/test_scenarios/test_list_restriction_queries_returns_ok_response.yaml new file mode 100644 index 0000000000..8f54d0d4d4 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_list_restriction_queries_returns_ok_response.yaml @@ -0,0 +1,20 @@ +interactions: +- request: + body: null + headers: + accept: + - application/json + method: GET + uri: https://api.datadoghq.com/api/v2/logs/config/restriction_queries + response: + body: + string: '{"data":[{"type":"logs_restriction_queries","id":"6358d012-be7e-11f0-8999-da7ad0900002","attributes":{"restriction_query":"env:production","created_at":"2025-11-10T21:44:09.039708+00:00","modified_at":"2025-11-10T21:44:09.164487+00:00"}}]} + + ' + headers: + content-type: + - application/json + status: + code: 200 + message: OK +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_list_roles_for_a_restriction_query_returns_bad_request_response.frozen b/tests/v2/cassettes/test_scenarios/test_list_roles_for_a_restriction_query_returns_bad_request_response.frozen new file mode 100644 index 0000000000..bd62a84d0b --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_list_roles_for_a_restriction_query_returns_bad_request_response.frozen @@ -0,0 +1 @@ +2025-11-17T21:36:44.211Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_list_roles_for_a_restriction_query_returns_bad_request_response.yaml b/tests/v2/cassettes/test_scenarios/test_list_roles_for_a_restriction_query_returns_bad_request_response.yaml new file mode 100644 index 0000000000..6f4e62e815 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_list_roles_for_a_restriction_query_returns_bad_request_response.yaml @@ -0,0 +1,18 @@ +interactions: +- request: + body: null + headers: + accept: + - application/json + method: GET + uri: https://api.datadoghq.com/api/v2/logs/config/restriction_queries/malformed_id/roles + response: + body: + string: '{"errors":["uuid is not proper type"]}' + headers: + content-type: + - application/json + status: + code: 400 + message: Bad Request +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_list_roles_for_a_restriction_query_returns_not_found_response.frozen b/tests/v2/cassettes/test_scenarios/test_list_roles_for_a_restriction_query_returns_not_found_response.frozen new file mode 100644 index 0000000000..4fc3d50c18 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_list_roles_for_a_restriction_query_returns_not_found_response.frozen @@ -0,0 +1 @@ +2025-11-17T21:36:44.606Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_list_roles_for_a_restriction_query_returns_not_found_response.yaml b/tests/v2/cassettes/test_scenarios/test_list_roles_for_a_restriction_query_returns_not_found_response.yaml new file mode 100644 index 0000000000..4d59e8e1a8 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_list_roles_for_a_restriction_query_returns_not_found_response.yaml @@ -0,0 +1,18 @@ +interactions: +- request: + body: null + headers: + accept: + - application/json + method: GET + uri: https://api.datadoghq.com/api/v2/logs/config/restriction_queries/00000000-0000-0000-0000-000000000000/roles + response: + body: + string: '{"errors":["Restriction query not found"]}' + headers: + content-type: + - application/json + status: + code: 404 + message: Not Found +version: 1 diff --git a/tests/v2/cassettes/test_scenarios/test_list_roles_for_a_restriction_query_returns_ok_response.frozen b/tests/v2/cassettes/test_scenarios/test_list_roles_for_a_restriction_query_returns_ok_response.frozen new file mode 100644 index 0000000000..b9da306e38 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_list_roles_for_a_restriction_query_returns_ok_response.frozen @@ -0,0 +1 @@ +2025-11-17T21:36:44.965Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_list_roles_for_a_restriction_query_returns_ok_response.yaml b/tests/v2/cassettes/test_scenarios/test_list_roles_for_a_restriction_query_returns_ok_response.yaml new file mode 100644 index 0000000000..281f50c818 --- /dev/null +++ b/tests/v2/cassettes/test_scenarios/test_list_roles_for_a_restriction_query_returns_ok_response.yaml @@ -0,0 +1,56 @@ +interactions: +- request: + body: '{"data":{"attributes":{"restriction_query":"env:sandbox"},"type":"logs_restriction_queries"}}' + headers: + accept: + - application/json + content-type: + - application/json + method: POST + uri: https://api.datadoghq.com/api/v2/logs/config/restriction_queries + response: + body: + string: '{"data":{"type":"logs_restriction_queries","id":"83bb0986-c3fd-11f0-8604-da7ad0900002","attributes":{"restriction_query":"env:sandbox","created_at":"2025-11-17T21:36:45.269298+00:00","modified_at":"2025-11-17T21:36:45.269298+00:00"}}} + + ' + headers: + content-type: + - application/json + status: + code: 200 + message: OK +- request: + body: null + headers: + accept: + - application/json + method: GET + uri: https://api.datadoghq.com/api/v2/logs/config/restriction_queries/83bb0986-c3fd-11f0-8604-da7ad0900002/roles + response: + body: + string: '{"data":[]} + + ' + headers: + content-type: + - application/json + status: + code: 200 + message: OK +- request: + body: null + headers: + accept: + - '*/*' + method: DELETE + uri: https://api.datadoghq.com/api/v2/logs/config/restriction_queries/83bb0986-c3fd-11f0-8604-da7ad0900002 + response: + body: + string: '' + headers: + content-type: + - text/html; charset=utf-8 + status: + code: 204 + message: No Content +version: 1 diff --git a/tests/v2/features/given.json b/tests/v2/features/given.json index 198c7af1b5..ac2e142e01 100644 --- a/tests/v2/features/given.json +++ b/tests/v2/features/given.json @@ -679,6 +679,18 @@ "tag": "Logs Metrics", "operationId": "CreateLogsMetric" }, + { + "parameters": [ + { + "name": "body", + "value": "{\"data\": {\"attributes\": {\"restriction_query\": \"env:sandbox\"}, \"type\": \"logs_restriction_queries\"}}" + } + ], + "step": "there is a valid \"restriction_query\" in the system", + "key": "restriction_query", + "tag": "Logs Restriction Queries", + "operationId": "CreateRestrictionQuery" + }, { "parameters": [ { diff --git a/tests/v2/features/logs_restriction_queries.feature b/tests/v2/features/logs_restriction_queries.feature new file mode 100644 index 0000000000..44d65b92fd --- /dev/null +++ b/tests/v2/features/logs_restriction_queries.feature @@ -0,0 +1,287 @@ +@endpoint(logs-restriction-queries) @endpoint(logs-restriction-queries-v2) +Feature: Logs Restriction Queries + **Note: This endpoint is in public beta. If you have any feedback, contact + [Datadog support](https://docs.datadoghq.com/help/).** A Restriction + Query is a logs query that restricts which logs the `logs_read_data` + permission grants read access to. For users whose roles have Restriction + Queries, any log query they make only returns those log events that also + match one of their Restriction Queries. This is true whether the user + queries log events from any log-related feature, including the log + explorer, Live Tail, re-hydration, or a dashboard widget. Restriction + Queries currently only support use of the following components of log + events: - Reserved attributes - The log message - Tags To restrict read + access on log data, add a team tag to log events to indicate which teams + own them, and then scope Restriction Queries to the relevant values of the + team tag. Tags can be applied to log events in many ways, and a log event + can have multiple tags with the same key (like team) and different values. + This means the same log event can be visible to roles whose restriction + queries are scoped to different team values. See [How to Set Up RBAC for + Logs](https://docs.datadoghq.com/logs/guide/logs-rbac/?tab=api#restrict- + access-to-logs) for details on how to add restriction queries. + + Background: + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And an instance of "LogsRestrictionQueries" API + + @skip-go @skip-java @skip-python @skip-ruby @skip-rust @skip-terraform-config @skip-typescript @skip-validation @team:DataDog/logs-app + Scenario: Create a restriction query returns "Bad Request" response + Given operation "CreateRestrictionQuery" enabled + And new "CreateRestrictionQuery" request + And body with value {"test": "bad_request"} + When the request is sent + Then the response status is 400 Bad Request + + @team:DataDog/logs-app + Scenario: Create a restriction query returns "OK" response + Given operation "CreateRestrictionQuery" enabled + And new "CreateRestrictionQuery" request + And body with value {"data": {"attributes": {"restriction_query": "env:sandbox"}, "type": "logs_restriction_queries"}} + When the request is sent + Then the response status is 200 OK + + @skip-terraform-config @team:DataDog/logs-app + Scenario: Delete a restriction query returns "Bad Request" response + Given operation "DeleteRestrictionQuery" enabled + And new "DeleteRestrictionQuery" request + And request contains "restriction_query_id" parameter with value "malformed_id" + When the request is sent + Then the response status is 400 Bad Request + + @skip-terraform-config @team:DataDog/logs-app + Scenario: Delete a restriction query returns "Not found" response + Given operation "DeleteRestrictionQuery" enabled + And new "DeleteRestrictionQuery" request + And request contains "restriction_query_id" parameter with value "00000000-0000-0000-0000-000000000000" + When the request is sent + Then the response status is 404 Not found + + @team:DataDog/logs-app + Scenario: Delete a restriction query returns "OK" response + Given operation "DeleteRestrictionQuery" enabled + And there is a valid "restriction_query" in the system + And new "DeleteRestrictionQuery" request + And request contains "restriction_query_id" parameter from "restriction_query.data.id" + When the request is sent + Then the response status is 204 OK + + @skip-terraform-config @team:DataDog/logs-app + Scenario: Get a restriction query returns "Bad Request" response + Given operation "GetRestrictionQuery" enabled + And new "GetRestrictionQuery" request + And request contains "restriction_query_id" parameter with value "malformed_id" + When the request is sent + Then the response status is 400 Bad Request + + @skip-terraform-config @team:DataDog/logs-app + Scenario: Get a restriction query returns "Not found" response + Given operation "GetRestrictionQuery" enabled + And new "GetRestrictionQuery" request + And request contains "restriction_query_id" parameter with value "00000000-0000-0000-0000-000000000000" + When the request is sent + Then the response status is 404 Not found + + @team:DataDog/logs-app + Scenario: Get a restriction query returns "OK" response + Given operation "GetRestrictionQuery" enabled + And there is a valid "restriction_query" in the system + And new "GetRestrictionQuery" request + And request contains "restriction_query_id" parameter from "restriction_query.data.id" + When the request is sent + Then the response status is 200 OK + + @skip-terraform-config @team:DataDog/logs-app + Scenario: Get all restriction queries for a given user returns "Bad Request" response + Given operation "ListUserRestrictionQueries" enabled + And new "ListUserRestrictionQueries" request + And request contains "user_id" parameter with value "malformed_id" + When the request is sent + Then the response status is 400 Bad Request + + @team:DataDog/logs-app + Scenario: Get all restriction queries for a given user returns "Not found" response + Given operation "ListUserRestrictionQueries" enabled + And new "ListUserRestrictionQueries" request + And request contains "user_id" parameter with value "00000000-0000-0000-0000-000000000000" + When the request is sent + Then the response status is 400 Bad Request + + @skip @team:DataDog/logs-app + Scenario: Get all restriction queries for a given user returns "OK" response + Given operation "ListUserRestrictionQueries" enabled + And there is a valid "user" in the system + And new "ListUserRestrictionQueries" request + And request contains "user_id" parameter from "user.data.id" + When the request is sent + Then the response status is 200 OK + + @skip-terraform-config @team:DataDog/logs-app + Scenario: Get restriction query for a given role returns "Bad Request" response + Given operation "GetRoleRestrictionQuery" enabled + And new "GetRoleRestrictionQuery" request + And request contains "role_id" parameter with value "malformed_id" + When the request is sent + Then the response status is 400 Bad Request + + @team:DataDog/logs-app + Scenario: Get restriction query for a given role returns "Not found" response + Given operation "GetRoleRestrictionQuery" enabled + And new "GetRoleRestrictionQuery" request + And request contains "role_id" parameter with value "00000000-0000-0000-0000-000000000000" + When the request is sent + Then the response status is 400 Bad Request + + @team:DataDog/logs-app + Scenario: Get restriction query for a given role returns "OK" response + Given operation "GetRoleRestrictionQuery" enabled + And there is a valid "role" in the system + And new "GetRoleRestrictionQuery" request + And request contains "role_id" parameter from "role.data.id" + When the request is sent + Then the response status is 200 OK + + @skip-terraform-config @team:DataDog/logs-app + Scenario: Grant role to a restriction query returns "Bad Request" response + Given operation "AddRoleToRestrictionQuery" enabled + And new "AddRoleToRestrictionQuery" request + And request contains "restriction_query_id" parameter with value "malformed_id" + And body with value {"data": {"id": "3653d3c6-0c75-11ea-ad28-fb5701eabc7d", "type": "roles"}} + When the request is sent + Then the response status is 404 Not found + + @skip-terraform-config @team:DataDog/logs-app + Scenario: Grant role to a restriction query returns "Not found" response + Given operation "AddRoleToRestrictionQuery" enabled + And new "AddRoleToRestrictionQuery" request + And request contains "restriction_query_id" parameter with value "00000000-0000-0000-0000-000000000000" + And body with value {"data": {"id": "3653d3c6-0c75-11ea-ad28-fb5701eabc7d", "type": "roles"}} + When the request is sent + Then the response status is 404 Not found + + @team:DataDog/logs-app + Scenario: Grant role to a restriction query returns "OK" response + Given operation "AddRoleToRestrictionQuery" enabled + And there is a valid "restriction_query" in the system + And there is a valid "role" in the system + And new "AddRoleToRestrictionQuery" request + And request contains "restriction_query_id" parameter from "restriction_query.data.id" + And body with value {"data": {"id": "{{ role.data.id }}", "type": "roles"}} + When the request is sent + Then the response status is 204 OK + + @skip-terraform-config @team:DataDog/logs-app + Scenario: List restriction queries returns "OK" response + Given operation "ListRestrictionQueries" enabled + And new "ListRestrictionQueries" request + When the request is sent + Then the response status is 200 OK + + @skip-terraform-config @team:DataDog/logs-app + Scenario: List roles for a restriction query returns "Bad Request" response + Given operation "ListRestrictionQueryRoles" enabled + And new "ListRestrictionQueryRoles" request + And request contains "restriction_query_id" parameter with value "malformed_id" + When the request is sent + Then the response status is 400 Bad Request + + @skip-terraform-config @team:DataDog/logs-app + Scenario: List roles for a restriction query returns "Not found" response + Given operation "ListRestrictionQueryRoles" enabled + And new "ListRestrictionQueryRoles" request + And request contains "restriction_query_id" parameter with value "00000000-0000-0000-0000-000000000000" + When the request is sent + Then the response status is 404 Not found + + @team:DataDog/logs-app + Scenario: List roles for a restriction query returns "OK" response + Given operation "ListRestrictionQueryRoles" enabled + And there is a valid "restriction_query" in the system + And new "ListRestrictionQueryRoles" request + And request contains "restriction_query_id" parameter from "restriction_query.data.id" + When the request is sent + Then the response status is 200 OK + + @skip @team:DataDog/logs-app + Scenario: Replace a restriction query returns "Bad Request" response + Given operation "ReplaceRestrictionQuery" enabled + And new "ReplaceRestrictionQuery" request + And request contains "restriction_query_id" parameter with value "malformed_id" + And body with value {"data": {"attributes": {"restriction_query": "env:sandbox"}, "type": "logs_restriction_queries"}} + When the request is sent + Then the response status is 400 Bad Request + + @skip @team:DataDog/logs-app + Scenario: Replace a restriction query returns "Not found" response + Given operation "ReplaceRestrictionQuery" enabled + And new "ReplaceRestrictionQuery" request + And request contains "restriction_query_id" parameter with value "00000000-0000-0000-0000-000000000000" + And body with value {"data": {"attributes": {"restriction_query": "env:sandbox"}, "type": "logs_restriction_queries"}} + When the request is sent + Then the response status is 404 Not found + + @skip @team:DataDog/logs-app + Scenario: Replace a restriction query returns "OK" response + Given operation "ReplaceRestrictionQuery" enabled + And there is a valid "restriction_query" in the system + And new "ReplaceRestrictionQuery" request + And request contains "restriction_query_id" parameter from "restriction_query.data.id" + And body with value {"data": {"attributes": {"restriction_query": "env:staging"}, "type": "logs_restriction_queries"}} + When the request is sent + Then the response status is 200 OK + + @skip @skip-terraform-config @team:DataDog/logs-app + Scenario: Revoke role from a restriction query returns "Bad Request" response + Given operation "RemoveRoleFromRestrictionQuery" enabled + And new "RemoveRoleFromRestrictionQuery" request + And request contains "restriction_query_id" parameter with value "malformed_id" + And body with value {"data": {"id": "3653d3c6-0c75-11ea-ad28-fb5701eabc7d", "type": "roles"}} + When the request is sent + Then the response status is 400 Bad Request + + @skip @skip-terraform-config @team:DataDog/logs-app + Scenario: Revoke role from a restriction query returns "Not found" response + Given operation "RemoveRoleFromRestrictionQuery" enabled + And new "RemoveRoleFromRestrictionQuery" request + And request contains "restriction_query_id" parameter with value "00000000-0000-0000-0000-000000000000" + And body with value {"data": {"id": "3653d3c6-0c75-11ea-ad28-fb5701eabc7d", "type": "roles"}} + When the request is sent + Then the response status is 404 Not found + + @skip @team:DataDog/logs-app + Scenario: Revoke role from a restriction query returns "OK" response + Given operation "RemoveRoleFromRestrictionQuery" enabled + And there is a valid "restriction_query" in the system + And there is a valid "role" in the system + And new "RemoveRoleFromRestrictionQuery" request + And request contains "restriction_query_id" parameter from "restriction_query.data.id" + And body with value {"data": {"id": "{{ role.data.id }}", "type": "roles"}} + When the request is sent + Then the response status is 204 OK + + @skip @skip-terraform-config @team:DataDog/logs-app + Scenario: Update a restriction query returns "Bad Request" response + Given operation "UpdateRestrictionQuery" enabled + And new "UpdateRestrictionQuery" request + And request contains "restriction_query_id" parameter with value "malformed_id" + And body with value {"data": {"attributes": {"restriction_query": "env:sandbox"}, "type": "logs_restriction_queries"}} + When the request is sent + Then the response status is 400 Bad Request + + @skip @skip-terraform-config @team:DataDog/logs-app + Scenario: Update a restriction query returns "Not found" response + Given operation "UpdateRestrictionQuery" enabled + And new "UpdateRestrictionQuery" request + And request contains "restriction_query_id" parameter with value "00000000-0000-0000-0000-000000000000" + And body with value {"data": {"attributes": {"restriction_query": "env:sandbox"}, "type": "logs_restriction_queries"}} + When the request is sent + Then the response status is 404 Not found + + @skip @team:DataDog/logs-app + Scenario: Update a restriction query returns "OK" response + Given operation "UpdateRestrictionQuery" enabled + And there is a valid "restriction_query" in the system + And new "UpdateRestrictionQuery" request + And request contains "restriction_query_id" parameter from "restriction_query.data.id" + And body with value {"data": {"attributes": {"restriction_query": "env:production"}, "type": "logs_restriction_queries"}} + When the request is sent + Then the response status is 200 OK diff --git a/tests/v2/features/undo.json b/tests/v2/features/undo.json index 3799e64e63..fefb1b32bb 100644 --- a/tests/v2/features/undo.json +++ b/tests/v2/features/undo.json @@ -2443,6 +2443,79 @@ "type": "idempotent" } }, + "ListRestrictionQueries": { + "tag": "Logs Restriction Queries", + "undo": { + "type": "safe" + } + }, + "CreateRestrictionQuery": { + "tag": "Logs Restriction Queries", + "undo": { + "operationId": "DeleteRestrictionQuery", + "parameters": [ + { + "name": "restriction_query_id", + "source": "data.id" + } + ], + "type": "unsafe" + } + }, + "GetRoleRestrictionQuery": { + "tag": "Logs Restriction Queries", + "undo": { + "type": "safe" + } + }, + "ListUserRestrictionQueries": { + "tag": "Logs Restriction Queries", + "undo": { + "type": "safe" + } + }, + "DeleteRestrictionQuery": { + "tag": "Logs Restriction Queries", + "undo": { + "type": "idempotent" + } + }, + "GetRestrictionQuery": { + "tag": "Logs Restriction Queries", + "undo": { + "type": "safe" + } + }, + "UpdateRestrictionQuery": { + "tag": "Logs Restriction Queries", + "undo": { + "type": "idempotent" + } + }, + "ReplaceRestrictionQuery": { + "tag": "Logs Restriction Queries", + "undo": { + "type": "idempotent" + } + }, + "RemoveRoleFromRestrictionQuery": { + "tag": "Logs Restriction Queries", + "undo": { + "type": "idempotent" + } + }, + "ListRestrictionQueryRoles": { + "tag": "Logs Restriction Queries", + "undo": { + "type": "safe" + } + }, + "AddRoleToRestrictionQuery": { + "tag": "Logs Restriction Queries", + "undo": { + "type": "safe" + } + }, "ListLogsGet": { "tag": "Logs", "undo": {