Add OpenAPI documentation for cloud-auth-config service

.generator/schemas/v2/openapi.yaml

@@ -1761,6 +1761,65 @@ components:
       required:
       - role_name
       type: object
+    AWSCloudAuthPersonaMappingAttributesResponse:
+      description: Attributes for AWS cloud authentication persona mapping response
+      properties:
+        account_identifier:
+          description: Datadog account identifier (email or handle) mapped to the
+            AWS principal
+          example: test@test.com
+          type: string
+        account_uuid:
+          description: Datadog account UUID
+          example: 12bbdc5c-5966-47e0-8733-285f9e44bcf4
+          type: string
+        arn_pattern:
+          description: AWS IAM ARN pattern to match for authentication
+          example: arn:aws:iam::123456789012:user/testuser
+          type: string
+      required:
+      - arn_pattern
+      - account_identifier
+      - account_uuid
+      type: object
+    AWSCloudAuthPersonaMappingDataResponse:
+      description: Data for AWS cloud authentication persona mapping response
+      properties:
+        attributes:
+          $ref: '#/components/schemas/AWSCloudAuthPersonaMappingAttributesResponse'
+        id:
+          description: Unique identifier for the persona mapping
+          example: c5c758c6-18c2-4484-ae3f-46b84128404a
+          type: string
+        type:
+          $ref: '#/components/schemas/AWSCloudAuthPersonaMappingType'
+      required:
+      - id
+      - type
+      - attributes
+      type: object
+    AWSCloudAuthPersonaMappingType:
+      description: Type identifier for AWS cloud authentication persona mapping
+      enum:
+      - aws_cloud_auth_config
+      example: aws_cloud_auth_config
+      type: string
+      x-enum-varnames:
+      - AWS_CLOUD_AUTH_CONFIG
+    AWSCloudAuthPersonaMappingsData:
+      description: List of AWS cloud authentication persona mappings
+      items:
+        $ref: '#/components/schemas/AWSCloudAuthPersonaMappingDataResponse'
+      type: array
+    AWSCloudAuthPersonaMappingsResponse:
+      description: Response containing a list of AWS cloud authentication persona
+        mappings
+      properties:
+        data:
+          $ref: '#/components/schemas/AWSCloudAuthPersonaMappingsData'
+      required:
+      - data
+      type: object
     AWSCredentials:
       description: The definition of `AWSCredentials` object.
       oneOf:
@@ -49985,6 +50044,55 @@ components:
       - TWO_DAYS
       - ONE_WEEK
       - TWO_WEEKS
+    SecurityMonitoringRuleBulkExportAttributes:
+      description: Attributes for bulk exporting security monitoring rules.
+      properties:
+        ruleIds:
+          description: 'List of rule IDs to export. Each rule will be included in
+            the resulting ZIP file
+
+            as a separate JSON file.'
+          example:
+          - def-000-u7q
+          - def-000-7dd
+          items:
+            type: string
+          minItems: 1
+          type: array
+      required:
+      - ruleIds
+      type: object
+    SecurityMonitoringRuleBulkExportData:
+      description: Data for bulk exporting security monitoring rules.
+      properties:
+        attributes:
+          $ref: '#/components/schemas/SecurityMonitoringRuleBulkExportAttributes'
+        id:
+          description: Request ID.
+          example: bulk_export
+          type: string
+        type:
+          $ref: '#/components/schemas/SecurityMonitoringRuleBulkExportDataType'
+      required:
+      - attributes
+      - type
+      type: object
+    SecurityMonitoringRuleBulkExportDataType:
+      description: The type of the resource.
+      enum:
+      - security_monitoring_rules_bulk_export
+      example: security_monitoring_rules_bulk_export
+      type: string
+      x-enum-varnames:
+      - SECURITY_MONITORING_RULES_BULK_EXPORT
+    SecurityMonitoringRuleBulkExportPayload:
+      description: Payload for bulk exporting security monitoring rules.
+      properties:
+        data:
+          $ref: '#/components/schemas/SecurityMonitoringRuleBulkExportData'
+      required:
+      - data
+      type: object
     SecurityMonitoringRuleCase:
       description: Case when signal is generated.
       properties:
@@ -67512,6 +67620,39 @@ paths:
         permissions:
         - ci_visibility_read
         - test_optimization_read
+  /api/v2/cloud_auth/aws/persona_mapping:
+    get:
+      description: List all AWS cloud authentication persona mappings. This endpoint
+        retrieves all configured persona mappings that map AWS IAM principals to Datadog
+        users.
+      operationId: ListAWSCloudAuthPersonaMappings
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/AWSCloudAuthPersonaMappingsResponse'
+          description: OK
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/APIErrorResponse'
+          description: Bad Request
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/APIErrorResponse'
+          description: Forbidden
+        '429':
+          $ref: '#/components/responses/TooManyRequestsResponse'
+      summary: List AWS cloud authentication persona mappings
+      tags:
+      - Cloud Authentication
+      x-unstable: '**Note**: This endpoint is in public beta and is subject to change.
+
+        If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).'
   /api/v2/cloud_security_management/custom_frameworks:
     post:
       description: Create a custom framework.
@@ -87257,6 +87398,51 @@ paths:
         operator: OR
         permissions:
         - security_monitoring_rules_write
+  /api/v2/security_monitoring/rules/bulk_export:
+    post:
+      description: 'Export a list of security monitoring rules as a ZIP file containing
+        JSON rule definitions.
+
+        The endpoint accepts a list of rule IDs and returns a ZIP archive where each
+        rule is
+
+        saved as a separate JSON file named after the rule.'
+      operationId: BulkExportSecurityMonitoringRules
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/SecurityMonitoringRuleBulkExportPayload'
+        required: true
+      responses:
+        '200':
+          content:
+            application/zip:
+              schema:
+                format: binary
+                type: string
+          description: OK
+        '400':
+          $ref: '#/components/responses/BadRequestResponse'
+        '403':
+          $ref: '#/components/responses/NotAuthorizedResponse'
+        '404':
+          $ref: '#/components/responses/NotFoundResponse'
+        '429':
+          $ref: '#/components/responses/TooManyRequestsResponse'
+      security:
+      - apiKeyAuth: []
+        appKeyAuth: []
+      - AuthZ:
+        - security_monitoring_rules_read
+      summary: Bulk export security monitoring rules
+      tags:
+      - Security Monitoring
+      x-codegen-request-body-name: body
+      x-permission:
+        operator: OR
+        permissions:
+        - security_monitoring_rules_read
   /api/v2/security_monitoring/rules/convert:
     post:
       description: 'Convert a rule that doesn''t (yet) exist from JSON to Terraform
@@ -93897,6 +94083,9 @@ tags:
     Management page](https://docs.datadoghq.com/service_management/case_management/)
     for more information.
   name: Case Management Type
+- description: Configure AWS cloud authentication mappings for persona and intake
+    authentication through the Datadog API.
+  name: Cloud Authentication
 - description: The Cloud Cost Management API allows you to set up, edit, and delete
     Cloud Cost Management accounts for AWS, Azure, and Google Cloud. You can query
     your cost data by using the [Metrics endpoint](https://docs.datadoghq.com/api/latest/metrics/#query-timeseries-data-across-multiple-products)

examples/v2/cloud-authentication/ListAWSCloudAuthPersonaMappings.java

@@ -0,0 +1,26 @@
+// List AWS cloud authentication persona mappings returns "OK" response
+
+import com.datadog.api.client.ApiClient;
+import com.datadog.api.client.ApiException;
+import com.datadog.api.client.v2.api.CloudAuthenticationApi;
+import com.datadog.api.client.v2.model.AWSCloudAuthPersonaMappingsResponse;
+
+public class Example {
+  public static void main(String[] args) {
+    ApiClient defaultClient = ApiClient.getDefaultApiClient();
+    defaultClient.setUnstableOperationEnabled("v2.listAWSCloudAuthPersonaMappings", true);
+    CloudAuthenticationApi apiInstance = new CloudAuthenticationApi(defaultClient);
+
+    try {
+      AWSCloudAuthPersonaMappingsResponse result = apiInstance.listAWSCloudAuthPersonaMappings();
+      System.out.println(result);
+    } catch (ApiException e) {
+      System.err.println(
+          "Exception when calling CloudAuthenticationApi#listAWSCloudAuthPersonaMappings");
+      System.err.println("Status code: " + e.getCode());
+      System.err.println("Reason: " + e.getResponseBody());
+      System.err.println("Response headers: " + e.getResponseHeaders());
+      e.printStackTrace();
+    }
+  }
+}

examples/v2/security-monitoring/BulkExportSecurityMonitoringRules.java

@@ -0,0 +1,44 @@
+// Bulk export security monitoring rules returns "OK" response
+
+import com.datadog.api.client.ApiClient;
+import com.datadog.api.client.ApiException;
+import com.datadog.api.client.v2.api.SecurityMonitoringApi;
+import com.datadog.api.client.v2.model.SecurityMonitoringRuleBulkExportAttributes;
+import com.datadog.api.client.v2.model.SecurityMonitoringRuleBulkExportData;
+import com.datadog.api.client.v2.model.SecurityMonitoringRuleBulkExportDataType;
+import com.datadog.api.client.v2.model.SecurityMonitoringRuleBulkExportPayload;
+import java.io.File;
+import java.util.Collections;
+
+public class Example {
+  public static void main(String[] args) {
+    ApiClient defaultClient = ApiClient.getDefaultApiClient();
+    SecurityMonitoringApi apiInstance = new SecurityMonitoringApi(defaultClient);
+
+    // there is a valid "security_rule" in the system
+    String SECURITY_RULE_ID = System.getenv("SECURITY_RULE_ID");
+
+    SecurityMonitoringRuleBulkExportPayload body =
+        new SecurityMonitoringRuleBulkExportPayload()
+            .data(
+                new SecurityMonitoringRuleBulkExportData()
+                    .attributes(
+                        new SecurityMonitoringRuleBulkExportAttributes()
+                            .ruleIds(Collections.singletonList(SECURITY_RULE_ID)))
+                    .type(
+                        SecurityMonitoringRuleBulkExportDataType
+                            .SECURITY_MONITORING_RULES_BULK_EXPORT));
+
+    try {
+      File result = apiInstance.bulkExportSecurityMonitoringRules(body);
+      System.out.println(result);
+    } catch (ApiException e) {
+      System.err.println(
+          "Exception when calling SecurityMonitoringApi#bulkExportSecurityMonitoringRules");
+      System.err.println("Status code: " + e.getCode());
+      System.err.println("Reason: " + e.getResponseBody());
+      System.err.println("Response headers: " + e.getResponseHeaders());
+      e.printStackTrace();
+    }
+  }
+}

src/main/java/com/datadog/api/client/ApiClient.java

@@ -775,6 +775,7 @@ public class ApiClient {
           put("v2.getOpenAPI", false);
           put("v2.listAPIs", false);
           put("v2.updateOpenAPI", false);
+          put("v2.listAWSCloudAuthPersonaMappings", false);
           put("v2.attachJiraIssue", false);
           put("v2.cancelThreatHuntingJob", false);
           put("v2.convertJobResultToSignal", false);