diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml
index 9713873b658..a02697caa79 100644
--- a/.generator/schemas/v2/openapi.yaml
+++ b/.generator/schemas/v2/openapi.yaml
@@ -76116,73 +76116,90 @@ components:
- attributes
type: object
SecurityEntityRiskScoreAttributes:
- description: Attributes of an entity risk score
+ description: Attributes of an entity risk score.
properties:
+ accountIds:
+ description: Cloud account IDs associated with the entity.
+ example: ["222233334444", "3333333555555"]
+ items:
+ description: A cloud account ID.
+ type: string
+ type: array
configRisks:
$ref: "#/components/schemas/SecurityEntityConfigRisks"
- entityID:
- description: Unique identifier for the entity
- example: "arn:aws:iam::123456789012:user/john.doe"
- type: string
entityMetadata:
$ref: "#/components/schemas/SecurityEntityMetadata"
entityName:
- description: Human-readable name of the entity
+ description: Human-readable name of the entity.
example: "john.doe"
type: string
entityProviders:
- description: Cloud providers associated with the entity
- example: ["aws"]
+ description: Cloud providers associated with the entity.
+ example: ["AWS"]
items:
description: A cloud provider name.
type: string
type: array
entityRoles:
- description: Roles associated with the entity
- example: ["Admin", "Developer"]
+ description: Roles associated with the entity.
+ example: []
items:
description: A role assigned to the entity.
type: string
type: array
+ entitySubTypes:
+ description: Sub-types associated with the entity.
+ example: ["Root"]
+ items:
+ description: An entity sub-type label.
+ type: string
+ type: array
entityType:
- description: Type of the entity (e.g., aws_iam_user, aws_ec2_instance)
+ description: Type of the entity (for example, aws_iam_user, aws_ec2_instance).
example: "aws_iam_user"
type: string
+ entityTypes:
+ description: All types associated with the entity.
+ example: ["Root", "User Name"]
+ items:
+ description: An entity type label.
+ type: string
+ type: array
firstDetected:
- description: Timestamp when the entity was first detected (Unix milliseconds)
- example: 1704067200000
+ description: Timestamp when the entity was first detected (Unix milliseconds).
+ example: 1778876604661
format: int64
type: integer
lastActivityTitle:
- description: Title of the most recent signal detected for this entity
+ description: Title of the most recent signal detected for this entity.
example: "Suspicious API call detected"
type: string
lastDetected:
- description: Timestamp when the entity was last detected (Unix milliseconds)
- example: 1705276800000
+ description: Timestamp when the entity was last detected (Unix milliseconds).
+ example: 1780064607093
format: int64
type: integer
riskScore:
- description: Current risk score for the entity
+ description: Current risk score for the entity.
example: 85
format: int64
type: integer
riskScoreEvolution:
- description: Change in risk score compared to previous period
+ description: Change in risk score compared to previous period.
example: 12
format: int64
type: integer
severity:
$ref: "#/components/schemas/SecurityEntityRiskScoreAttributesSeverity"
signalsDetected:
- description: Number of security signals detected for this entity
+ description: Number of security signals detected for this entity.
example: 15
format: int64
type: integer
required:
- - entityID
- - entityType
- entityProviders
+ - entitySubTypes
+ - accountIds
- riskScore
- riskScoreEvolution
- severity
@@ -76209,11 +76226,19 @@ components:
- MEDIUM
- LOW
- INFO
+ SecurityEntityRiskScoreResponse:
+ description: Response containing a single entity risk score
+ properties:
+ data:
+ $ref: "#/components/schemas/SecurityEntityRiskScore"
+ required:
+ - data
+ type: object
SecurityEntityRiskScoreType:
- description: Resource type
+ description: Resource type.
enum:
- - security_entity_risk_score
- example: security_entity_risk_score
+ - SecurityEntityRiskScore
+ example: SecurityEntityRiskScore
type: string
x-enum-varnames:
- SECURITY_ENTITY_RISK_SCORE
@@ -153097,6 +153122,8 @@ paths:
value:
data:
- attributes:
+ accountIds:
+ - "123456789012"
configRisks:
hasIdentityRisk: false
hasMisconfiguration: true
@@ -153104,21 +153131,25 @@ paths:
isPrivileged: false
isProduction: true
isPubliclyAccessible: true
- entityID: "arn:aws:iam::123456789012:user/test-user"
entityMetadata:
environments:
- production
- mitreTactics: []
- mitreTechniques: []
+ mitreTactics:
+ - ta0006-credential-access
+ mitreTechniques:
+ - t1078-valid-accounts
services:
- api-gateway
sources:
- cloudtrail
entityName: test-user
entityProviders:
- - aws
+ - AWS
entityRoles: []
- entityType: aws_iam_user
+ entitySubTypes:
+ - "IAM User"
+ entityTypes:
+ - "IAMUser"
firstDetected: 1704067200000
lastActivityTitle: "Suspicious API call detected"
lastDetected: 1705276800000
@@ -153127,10 +153158,12 @@ paths:
severity: critical
signalsDetected: 15
id: "arn:aws:iam::123456789012:user/test-user"
- type: security_entity_risk_score
+ type: SecurityEntityRiskScore
meta:
- page:
- total: 1
+ pageNumber: 1
+ pageSize: 10
+ queryId: "abc123def456"
+ totalRowCount: 1
schema:
$ref: "#/components/schemas/SecurityEntityRiskScoresResponse"
description: OK
@@ -153160,6 +153193,100 @@ paths:
x-unstable: |-
**Note**: This endpoint is in public beta and it's subject to change.
If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).
+ /api/v2/security-entities/risk-scores/{entity_id}:
+ get:
+ description: |-
+ Get the risk score for a specific entity by its ID. Returns security risk assessment including risk score, severity, detected signals, misconfigurations, and identity risks.
+ operationId: GetEntityRiskScore
+ parameters:
+ - description: The URL-encoded unique identifier for the entity.
+ in: path
+ name: entity_id
+ required: true
+ schema:
+ example: "arn:aws:iam::123456789012:user/john.doe"
+ type: string
+ responses:
+ "200":
+ content:
+ application/json:
+ examples:
+ default:
+ value:
+ data:
+ attributes:
+ accountIds:
+ - "123456789012"
+ configRisks:
+ hasIdentityRisk: false
+ hasMisconfiguration: true
+ hasPrivilegedRole: false
+ isPrivileged: false
+ isProduction: true
+ isPubliclyAccessible: true
+ entityMetadata:
+ environments:
+ - production
+ mitreTactics:
+ - ta0006-credential-access
+ mitreTechniques:
+ - t1078-valid-accounts
+ services:
+ - api-gateway
+ sources:
+ - cloudtrail
+ entityName: "test-user"
+ entityProviders:
+ - AWS
+ entityRoles: []
+ entitySubTypes:
+ - "IAM User"
+ entityTypes:
+ - "IAMUser"
+ firstDetected: 1704067200000
+ lastActivityTitle: "Suspicious API call detected"
+ lastDetected: 1705276800000
+ riskScore: 85
+ riskScoreEvolution: 12
+ severity: critical
+ signalsDetected: 15
+ id: "arn:aws:iam::123456789012:user/test-user"
+ type: SecurityEntityRiskScore
+ schema:
+ $ref: "#/components/schemas/SecurityEntityRiskScoreResponse"
+ description: OK
+ "400":
+ content:
+ application/json:
+ schema:
+ $ref: "#/components/schemas/JSONAPIErrorResponse"
+ description: Bad Request
+ "401":
+ content:
+ application/json:
+ schema:
+ $ref: "#/components/schemas/JSONAPIErrorResponse"
+ description: Unauthorized
+ "403":
+ content:
+ application/json:
+ schema:
+ $ref: "#/components/schemas/JSONAPIErrorResponse"
+ description: Forbidden
+ "404":
+ content:
+ application/json:
+ schema:
+ $ref: "#/components/schemas/JSONAPIErrorResponse"
+ description: Not Found
+ "429":
+ $ref: "#/components/responses/TooManyRequestsResponse"
+ summary: Get Entity Risk Score
+ tags:
+ - Entity Risk Scores
+ x-unstable: |-
+ **Note**: This endpoint is in public beta and it's subject to change.
+ If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).
/api/v2/security/cloud_workload/policy/download:
get:
description: |-
diff --git a/examples/v2/entity-risk-scores/GetEntityRiskScore.java b/examples/v2/entity-risk-scores/GetEntityRiskScore.java
new file mode 100644
index 00000000000..7560200fa7d
--- /dev/null
+++ b/examples/v2/entity-risk-scores/GetEntityRiskScore.java
@@ -0,0 +1,26 @@
+// Get Entity Risk Score returns "OK" response
+
+import com.datadog.api.client.ApiClient;
+import com.datadog.api.client.ApiException;
+import com.datadog.api.client.v2.api.EntityRiskScoresApi;
+import com.datadog.api.client.v2.model.SecurityEntityRiskScoreResponse;
+
+public class Example {
+ public static void main(String[] args) {
+ ApiClient defaultClient = ApiClient.getDefaultApiClient();
+ defaultClient.setUnstableOperationEnabled("v2.getEntityRiskScore", true);
+ EntityRiskScoresApi apiInstance = new EntityRiskScoresApi(defaultClient);
+
+ try {
+ SecurityEntityRiskScoreResponse result =
+ apiInstance.getEntityRiskScore("arn:aws:iam::123456789012:user/john.doe");
+ System.out.println(result);
+ } catch (ApiException e) {
+ System.err.println("Exception when calling EntityRiskScoresApi#getEntityRiskScore");
+ System.err.println("Status code: " + e.getCode());
+ System.err.println("Reason: " + e.getResponseBody());
+ System.err.println("Response headers: " + e.getResponseHeaders());
+ e.printStackTrace();
+ }
+ }
+}
diff --git a/src/main/java/com/datadog/api/client/ApiClient.java b/src/main/java/com/datadog/api/client/ApiClient.java
index 33a7b9a1da6..5a6f55591da 100644
--- a/src/main/java/com/datadog/api/client/ApiClient.java
+++ b/src/main/java/com/datadog/api/client/ApiClient.java
@@ -1137,6 +1137,7 @@ public class ApiClient {
put("v2.queryAggregatedSignalsProblems", false);
put("v2.queryAggregatedWaterfall", false);
put("v2.createScorecardOutcomesBatch", false);
+ put("v2.getEntityRiskScore", false);
put("v2.listEntityRiskScores", false);
put("v2.createIncidentService", false);
put("v2.deleteIncidentService", false);
diff --git a/src/main/java/com/datadog/api/client/v2/api/EntityRiskScoresApi.java b/src/main/java/com/datadog/api/client/v2/api/EntityRiskScoresApi.java
index 8de2b86b173..fc2a70581b2 100644
--- a/src/main/java/com/datadog/api/client/v2/api/EntityRiskScoresApi.java
+++ b/src/main/java/com/datadog/api/client/v2/api/EntityRiskScoresApi.java
@@ -4,6 +4,7 @@
import com.datadog.api.client.ApiException;
import com.datadog.api.client.ApiResponse;
import com.datadog.api.client.Pair;
+import com.datadog.api.client.v2.model.SecurityEntityRiskScoreResponse;
import com.datadog.api.client.v2.model.SecurityEntityRiskScoresResponse;
import jakarta.ws.rs.client.Invocation;
import jakarta.ws.rs.core.GenericType;
@@ -44,6 +45,165 @@ public void setApiClient(ApiClient apiClient) {
this.apiClient = apiClient;
}
+ /**
+ * Get Entity Risk Score.
+ *
+ * See {@link #getEntityRiskScoreWithHttpInfo}.
+ *
+ * @param entityId The URL-encoded unique identifier for the entity. (required)
+ * @return SecurityEntityRiskScoreResponse
+ * @throws ApiException if fails to make API call
+ */
+ public SecurityEntityRiskScoreResponse getEntityRiskScore(String entityId) throws ApiException {
+ return getEntityRiskScoreWithHttpInfo(entityId).getData();
+ }
+
+ /**
+ * Get Entity Risk Score.
+ *
+ *
See {@link #getEntityRiskScoreWithHttpInfoAsync}.
+ *
+ * @param entityId The URL-encoded unique identifier for the entity. (required)
+ * @return CompletableFuture<SecurityEntityRiskScoreResponse>
+ */
+ public CompletableFuture getEntityRiskScoreAsync(
+ String entityId) {
+ return getEntityRiskScoreWithHttpInfoAsync(entityId)
+ .thenApply(
+ response -> {
+ return response.getData();
+ });
+ }
+
+ /**
+ * Get the risk score for a specific entity by its ID. Returns security risk assessment including
+ * risk score, severity, detected signals, misconfigurations, and identity risks.
+ *
+ * @param entityId The URL-encoded unique identifier for the entity. (required)
+ * @return ApiResponse<SecurityEntityRiskScoreResponse>
+ * @throws ApiException if fails to make API call
+ * @http.response.details
+ *
+ * Response details
+ * | Status Code | Description | Response Headers |
+ * | 200 | OK | - |
+ * | 400 | Bad Request | - |
+ * | 401 | Unauthorized | - |
+ * | 403 | Forbidden | - |
+ * | 404 | Not Found | - |
+ * | 429 | Too many requests | - |
+ *
+ */
+ public ApiResponse getEntityRiskScoreWithHttpInfo(
+ String entityId) throws ApiException {
+ // Check if unstable operation is enabled
+ String operationId = "getEntityRiskScore";
+ if (apiClient.isUnstableOperationEnabled("v2." + operationId)) {
+ apiClient.getLogger().warning(String.format("Using unstable operation '%s'", operationId));
+ } else {
+ throw new ApiException(0, String.format("Unstable operation '%s' is disabled", operationId));
+ }
+ Object localVarPostBody = null;
+
+ // verify the required parameter 'entityId' is set
+ if (entityId == null) {
+ throw new ApiException(
+ 400, "Missing the required parameter 'entityId' when calling getEntityRiskScore");
+ }
+ // create path and map variables
+ String localVarPath =
+ "/api/v2/security-entities/risk-scores/{entity_id}"
+ .replaceAll("\\{" + "entity_id" + "\\}", apiClient.escapeString(entityId.toString()));
+
+ Map localVarHeaderParams = new HashMap();
+
+ Invocation.Builder builder =
+ apiClient.createBuilder(
+ "v2.EntityRiskScoresApi.getEntityRiskScore",
+ localVarPath,
+ new ArrayList(),
+ localVarHeaderParams,
+ new HashMap(),
+ new String[] {"application/json"},
+ new String[] {"apiKeyAuth", "appKeyAuth"});
+ return apiClient.invokeAPI(
+ "GET",
+ builder,
+ localVarHeaderParams,
+ new String[] {},
+ localVarPostBody,
+ new HashMap(),
+ false,
+ new GenericType() {});
+ }
+
+ /**
+ * Get Entity Risk Score.
+ *
+ * See {@link #getEntityRiskScoreWithHttpInfo}.
+ *
+ * @param entityId The URL-encoded unique identifier for the entity. (required)
+ * @return CompletableFuture<ApiResponse<SecurityEntityRiskScoreResponse>>
+ */
+ public CompletableFuture>
+ getEntityRiskScoreWithHttpInfoAsync(String entityId) {
+ // Check if unstable operation is enabled
+ String operationId = "getEntityRiskScore";
+ if (apiClient.isUnstableOperationEnabled("v2." + operationId)) {
+ apiClient.getLogger().warning(String.format("Using unstable operation '%s'", operationId));
+ } else {
+ CompletableFuture> result =
+ new CompletableFuture<>();
+ result.completeExceptionally(
+ new ApiException(0, String.format("Unstable operation '%s' is disabled", operationId)));
+ return result;
+ }
+ Object localVarPostBody = null;
+
+ // verify the required parameter 'entityId' is set
+ if (entityId == null) {
+ CompletableFuture> result =
+ new CompletableFuture<>();
+ result.completeExceptionally(
+ new ApiException(
+ 400, "Missing the required parameter 'entityId' when calling getEntityRiskScore"));
+ return result;
+ }
+ // create path and map variables
+ String localVarPath =
+ "/api/v2/security-entities/risk-scores/{entity_id}"
+ .replaceAll("\\{" + "entity_id" + "\\}", apiClient.escapeString(entityId.toString()));
+
+ Map localVarHeaderParams = new HashMap();
+
+ Invocation.Builder builder;
+ try {
+ builder =
+ apiClient.createBuilder(
+ "v2.EntityRiskScoresApi.getEntityRiskScore",
+ localVarPath,
+ new ArrayList(),
+ localVarHeaderParams,
+ new HashMap(),
+ new String[] {"application/json"},
+ new String[] {"apiKeyAuth", "appKeyAuth"});
+ } catch (ApiException ex) {
+ CompletableFuture> result =
+ new CompletableFuture<>();
+ result.completeExceptionally(ex);
+ return result;
+ }
+ return apiClient.invokeAPIAsync(
+ "GET",
+ builder,
+ localVarHeaderParams,
+ new String[] {},
+ localVarPostBody,
+ new HashMap(),
+ false,
+ new GenericType() {});
+ }
+
/** Manage optional parameters to listEntityRiskScores. */
public static class ListEntityRiskScoresOptionalParameters {
private Long from;
diff --git a/src/main/java/com/datadog/api/client/v2/model/SecurityEntityRiskScore.java b/src/main/java/com/datadog/api/client/v2/model/SecurityEntityRiskScore.java
index ff56bb87435..bb065e6532a 100644
--- a/src/main/java/com/datadog/api/client/v2/model/SecurityEntityRiskScore.java
+++ b/src/main/java/com/datadog/api/client/v2/model/SecurityEntityRiskScore.java
@@ -58,7 +58,7 @@ public SecurityEntityRiskScore attributes(SecurityEntityRiskScoreAttributes attr
}
/**
- * Attributes of an entity risk score
+ * Attributes of an entity risk score.
*
* @return attributes
*/
@@ -99,7 +99,7 @@ public SecurityEntityRiskScore type(SecurityEntityRiskScoreType type) {
}
/**
- * Resource type
+ * Resource type.
*
* @return type
*/
diff --git a/src/main/java/com/datadog/api/client/v2/model/SecurityEntityRiskScoreAttributes.java b/src/main/java/com/datadog/api/client/v2/model/SecurityEntityRiskScoreAttributes.java
index 26956efe942..413a42cfd74 100644
--- a/src/main/java/com/datadog/api/client/v2/model/SecurityEntityRiskScoreAttributes.java
+++ b/src/main/java/com/datadog/api/client/v2/model/SecurityEntityRiskScoreAttributes.java
@@ -19,15 +19,17 @@
import java.util.Map;
import java.util.Objects;
-/** Attributes of an entity risk score */
+/** Attributes of an entity risk score. */
@JsonPropertyOrder({
+ SecurityEntityRiskScoreAttributes.JSON_PROPERTY_ACCOUNT_IDS,
SecurityEntityRiskScoreAttributes.JSON_PROPERTY_CONFIG_RISKS,
- SecurityEntityRiskScoreAttributes.JSON_PROPERTY_ENTITY_ID,
SecurityEntityRiskScoreAttributes.JSON_PROPERTY_ENTITY_METADATA,
SecurityEntityRiskScoreAttributes.JSON_PROPERTY_ENTITY_NAME,
SecurityEntityRiskScoreAttributes.JSON_PROPERTY_ENTITY_PROVIDERS,
SecurityEntityRiskScoreAttributes.JSON_PROPERTY_ENTITY_ROLES,
+ SecurityEntityRiskScoreAttributes.JSON_PROPERTY_ENTITY_SUB_TYPES,
SecurityEntityRiskScoreAttributes.JSON_PROPERTY_ENTITY_TYPE,
+ SecurityEntityRiskScoreAttributes.JSON_PROPERTY_ENTITY_TYPES,
SecurityEntityRiskScoreAttributes.JSON_PROPERTY_FIRST_DETECTED,
SecurityEntityRiskScoreAttributes.JSON_PROPERTY_LAST_ACTIVITY_TITLE,
SecurityEntityRiskScoreAttributes.JSON_PROPERTY_LAST_DETECTED,
@@ -40,12 +42,12 @@
value = "https://github.com/DataDog/datadog-api-client-java/blob/master/.generator")
public class SecurityEntityRiskScoreAttributes {
@JsonIgnore public boolean unparsed = false;
+ public static final String JSON_PROPERTY_ACCOUNT_IDS = "accountIds";
+ private List accountIds = new ArrayList<>();
+
public static final String JSON_PROPERTY_CONFIG_RISKS = "configRisks";
private SecurityEntityConfigRisks configRisks;
- public static final String JSON_PROPERTY_ENTITY_ID = "entityID";
- private String entityId;
-
public static final String JSON_PROPERTY_ENTITY_METADATA = "entityMetadata";
private SecurityEntityMetadata entityMetadata;
@@ -58,9 +60,15 @@ public class SecurityEntityRiskScoreAttributes {
public static final String JSON_PROPERTY_ENTITY_ROLES = "entityRoles";
private List entityRoles = null;
+ public static final String JSON_PROPERTY_ENTITY_SUB_TYPES = "entitySubTypes";
+ private List entitySubTypes = new ArrayList<>();
+
public static final String JSON_PROPERTY_ENTITY_TYPE = "entityType";
private String entityType;
+ public static final String JSON_PROPERTY_ENTITY_TYPES = "entityTypes";
+ private List entityTypes = null;
+
public static final String JSON_PROPERTY_FIRST_DETECTED = "firstDetected";
private Long firstDetected;
@@ -86,14 +94,15 @@ public SecurityEntityRiskScoreAttributes() {}
@JsonCreator
public SecurityEntityRiskScoreAttributes(
+ @JsonProperty(required = true, value = JSON_PROPERTY_ACCOUNT_IDS) List accountIds,
@JsonProperty(required = true, value = JSON_PROPERTY_CONFIG_RISKS)
SecurityEntityConfigRisks configRisks,
- @JsonProperty(required = true, value = JSON_PROPERTY_ENTITY_ID) String entityId,
@JsonProperty(required = true, value = JSON_PROPERTY_ENTITY_METADATA)
SecurityEntityMetadata entityMetadata,
@JsonProperty(required = true, value = JSON_PROPERTY_ENTITY_PROVIDERS)
List entityProviders,
- @JsonProperty(required = true, value = JSON_PROPERTY_ENTITY_TYPE) String entityType,
+ @JsonProperty(required = true, value = JSON_PROPERTY_ENTITY_SUB_TYPES)
+ List entitySubTypes,
@JsonProperty(required = true, value = JSON_PROPERTY_FIRST_DETECTED) Long firstDetected,
@JsonProperty(required = true, value = JSON_PROPERTY_LAST_ACTIVITY_TITLE)
String lastActivityTitle,
@@ -104,13 +113,13 @@ public SecurityEntityRiskScoreAttributes(
@JsonProperty(required = true, value = JSON_PROPERTY_SEVERITY)
SecurityEntityRiskScoreAttributesSeverity severity,
@JsonProperty(required = true, value = JSON_PROPERTY_SIGNALS_DETECTED) Long signalsDetected) {
+ this.accountIds = accountIds;
this.configRisks = configRisks;
this.unparsed |= configRisks.unparsed;
- this.entityId = entityId;
this.entityMetadata = entityMetadata;
this.unparsed |= entityMetadata.unparsed;
this.entityProviders = entityProviders;
- this.entityType = entityType;
+ this.entitySubTypes = entitySubTypes;
this.firstDetected = firstDetected;
this.lastActivityTitle = lastActivityTitle;
this.lastDetected = lastDetected;
@@ -121,45 +130,50 @@ public SecurityEntityRiskScoreAttributes(
this.signalsDetected = signalsDetected;
}
- public SecurityEntityRiskScoreAttributes configRisks(SecurityEntityConfigRisks configRisks) {
- this.configRisks = configRisks;
- this.unparsed |= configRisks.unparsed;
+ public SecurityEntityRiskScoreAttributes accountIds(List accountIds) {
+ this.accountIds = accountIds;
+ return this;
+ }
+
+ public SecurityEntityRiskScoreAttributes addAccountIdsItem(String accountIdsItem) {
+ this.accountIds.add(accountIdsItem);
return this;
}
/**
- * Configuration risks associated with the entity
+ * Cloud account IDs associated with the entity.
*
- * @return configRisks
+ * @return accountIds
*/
- @JsonProperty(JSON_PROPERTY_CONFIG_RISKS)
+ @JsonProperty(JSON_PROPERTY_ACCOUNT_IDS)
@JsonInclude(value = JsonInclude.Include.ALWAYS)
- public SecurityEntityConfigRisks getConfigRisks() {
- return configRisks;
+ public List getAccountIds() {
+ return accountIds;
}
- public void setConfigRisks(SecurityEntityConfigRisks configRisks) {
- this.configRisks = configRisks;
+ public void setAccountIds(List accountIds) {
+ this.accountIds = accountIds;
}
- public SecurityEntityRiskScoreAttributes entityId(String entityId) {
- this.entityId = entityId;
+ public SecurityEntityRiskScoreAttributes configRisks(SecurityEntityConfigRisks configRisks) {
+ this.configRisks = configRisks;
+ this.unparsed |= configRisks.unparsed;
return this;
}
/**
- * Unique identifier for the entity
+ * Configuration risks associated with the entity
*
- * @return entityId
+ * @return configRisks
*/
- @JsonProperty(JSON_PROPERTY_ENTITY_ID)
+ @JsonProperty(JSON_PROPERTY_CONFIG_RISKS)
@JsonInclude(value = JsonInclude.Include.ALWAYS)
- public String getEntityId() {
- return entityId;
+ public SecurityEntityConfigRisks getConfigRisks() {
+ return configRisks;
}
- public void setEntityId(String entityId) {
- this.entityId = entityId;
+ public void setConfigRisks(SecurityEntityConfigRisks configRisks) {
+ this.configRisks = configRisks;
}
public SecurityEntityRiskScoreAttributes entityMetadata(SecurityEntityMetadata entityMetadata) {
@@ -189,7 +203,7 @@ public SecurityEntityRiskScoreAttributes entityName(String entityName) {
}
/**
- * Human-readable name of the entity
+ * Human-readable name of the entity.
*
* @return entityName
*/
@@ -215,7 +229,7 @@ public SecurityEntityRiskScoreAttributes addEntityProvidersItem(String entityPro
}
/**
- * Cloud providers associated with the entity
+ * Cloud providers associated with the entity.
*
* @return entityProviders
*/
@@ -243,7 +257,7 @@ public SecurityEntityRiskScoreAttributes addEntityRolesItem(String entityRolesIt
}
/**
- * Roles associated with the entity
+ * Roles associated with the entity.
*
* @return entityRoles
*/
@@ -258,18 +272,44 @@ public void setEntityRoles(List entityRoles) {
this.entityRoles = entityRoles;
}
+ public SecurityEntityRiskScoreAttributes entitySubTypes(List entitySubTypes) {
+ this.entitySubTypes = entitySubTypes;
+ return this;
+ }
+
+ public SecurityEntityRiskScoreAttributes addEntitySubTypesItem(String entitySubTypesItem) {
+ this.entitySubTypes.add(entitySubTypesItem);
+ return this;
+ }
+
+ /**
+ * Sub-types associated with the entity.
+ *
+ * @return entitySubTypes
+ */
+ @JsonProperty(JSON_PROPERTY_ENTITY_SUB_TYPES)
+ @JsonInclude(value = JsonInclude.Include.ALWAYS)
+ public List getEntitySubTypes() {
+ return entitySubTypes;
+ }
+
+ public void setEntitySubTypes(List entitySubTypes) {
+ this.entitySubTypes = entitySubTypes;
+ }
+
public SecurityEntityRiskScoreAttributes entityType(String entityType) {
this.entityType = entityType;
return this;
}
/**
- * Type of the entity (e.g., aws_iam_user, aws_ec2_instance)
+ * Type of the entity (for example, aws_iam_user, aws_ec2_instance).
*
* @return entityType
*/
+ @jakarta.annotation.Nullable
@JsonProperty(JSON_PROPERTY_ENTITY_TYPE)
- @JsonInclude(value = JsonInclude.Include.ALWAYS)
+ @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS)
public String getEntityType() {
return entityType;
}
@@ -278,13 +318,42 @@ public void setEntityType(String entityType) {
this.entityType = entityType;
}
+ public SecurityEntityRiskScoreAttributes entityTypes(List entityTypes) {
+ this.entityTypes = entityTypes;
+ return this;
+ }
+
+ public SecurityEntityRiskScoreAttributes addEntityTypesItem(String entityTypesItem) {
+ if (this.entityTypes == null) {
+ this.entityTypes = new ArrayList<>();
+ }
+ this.entityTypes.add(entityTypesItem);
+ return this;
+ }
+
+ /**
+ * All types associated with the entity.
+ *
+ * @return entityTypes
+ */
+ @jakarta.annotation.Nullable
+ @JsonProperty(JSON_PROPERTY_ENTITY_TYPES)
+ @JsonInclude(value = JsonInclude.Include.USE_DEFAULTS)
+ public List getEntityTypes() {
+ return entityTypes;
+ }
+
+ public void setEntityTypes(List entityTypes) {
+ this.entityTypes = entityTypes;
+ }
+
public SecurityEntityRiskScoreAttributes firstDetected(Long firstDetected) {
this.firstDetected = firstDetected;
return this;
}
/**
- * Timestamp when the entity was first detected (Unix milliseconds)
+ * Timestamp when the entity was first detected (Unix milliseconds).
*
* @return firstDetected
*/
@@ -304,7 +373,7 @@ public SecurityEntityRiskScoreAttributes lastActivityTitle(String lastActivityTi
}
/**
- * Title of the most recent signal detected for this entity
+ * Title of the most recent signal detected for this entity.
*
* @return lastActivityTitle
*/
@@ -324,7 +393,7 @@ public SecurityEntityRiskScoreAttributes lastDetected(Long lastDetected) {
}
/**
- * Timestamp when the entity was last detected (Unix milliseconds)
+ * Timestamp when the entity was last detected (Unix milliseconds).
*
* @return lastDetected
*/
@@ -344,7 +413,7 @@ public SecurityEntityRiskScoreAttributes riskScore(Long riskScore) {
}
/**
- * Current risk score for the entity
+ * Current risk score for the entity.
*
* @return riskScore
*/
@@ -364,7 +433,7 @@ public SecurityEntityRiskScoreAttributes riskScoreEvolution(Long riskScoreEvolut
}
/**
- * Change in risk score compared to previous period
+ * Change in risk score compared to previous period.
*
* @return riskScoreEvolution
*/
@@ -409,7 +478,7 @@ public SecurityEntityRiskScoreAttributes signalsDetected(Long signalsDetected) {
}
/**
- * Number of security signals detected for this entity
+ * Number of security signals detected for this entity.
*
* @return signalsDetected
*/
@@ -480,13 +549,15 @@ public boolean equals(Object o) {
}
SecurityEntityRiskScoreAttributes securityEntityRiskScoreAttributes =
(SecurityEntityRiskScoreAttributes) o;
- return Objects.equals(this.configRisks, securityEntityRiskScoreAttributes.configRisks)
- && Objects.equals(this.entityId, securityEntityRiskScoreAttributes.entityId)
+ return Objects.equals(this.accountIds, securityEntityRiskScoreAttributes.accountIds)
+ && Objects.equals(this.configRisks, securityEntityRiskScoreAttributes.configRisks)
&& Objects.equals(this.entityMetadata, securityEntityRiskScoreAttributes.entityMetadata)
&& Objects.equals(this.entityName, securityEntityRiskScoreAttributes.entityName)
&& Objects.equals(this.entityProviders, securityEntityRiskScoreAttributes.entityProviders)
&& Objects.equals(this.entityRoles, securityEntityRiskScoreAttributes.entityRoles)
+ && Objects.equals(this.entitySubTypes, securityEntityRiskScoreAttributes.entitySubTypes)
&& Objects.equals(this.entityType, securityEntityRiskScoreAttributes.entityType)
+ && Objects.equals(this.entityTypes, securityEntityRiskScoreAttributes.entityTypes)
&& Objects.equals(this.firstDetected, securityEntityRiskScoreAttributes.firstDetected)
&& Objects.equals(
this.lastActivityTitle, securityEntityRiskScoreAttributes.lastActivityTitle)
@@ -503,13 +574,15 @@ public boolean equals(Object o) {
@Override
public int hashCode() {
return Objects.hash(
+ accountIds,
configRisks,
- entityId,
entityMetadata,
entityName,
entityProviders,
entityRoles,
+ entitySubTypes,
entityType,
+ entityTypes,
firstDetected,
lastActivityTitle,
lastDetected,
@@ -524,13 +597,15 @@ public int hashCode() {
public String toString() {
StringBuilder sb = new StringBuilder();
sb.append("class SecurityEntityRiskScoreAttributes {\n");
+ sb.append(" accountIds: ").append(toIndentedString(accountIds)).append("\n");
sb.append(" configRisks: ").append(toIndentedString(configRisks)).append("\n");
- sb.append(" entityId: ").append(toIndentedString(entityId)).append("\n");
sb.append(" entityMetadata: ").append(toIndentedString(entityMetadata)).append("\n");
sb.append(" entityName: ").append(toIndentedString(entityName)).append("\n");
sb.append(" entityProviders: ").append(toIndentedString(entityProviders)).append("\n");
sb.append(" entityRoles: ").append(toIndentedString(entityRoles)).append("\n");
+ sb.append(" entitySubTypes: ").append(toIndentedString(entitySubTypes)).append("\n");
sb.append(" entityType: ").append(toIndentedString(entityType)).append("\n");
+ sb.append(" entityTypes: ").append(toIndentedString(entityTypes)).append("\n");
sb.append(" firstDetected: ").append(toIndentedString(firstDetected)).append("\n");
sb.append(" lastActivityTitle: ").append(toIndentedString(lastActivityTitle)).append("\n");
sb.append(" lastDetected: ").append(toIndentedString(lastDetected)).append("\n");
diff --git a/src/main/java/com/datadog/api/client/v2/model/SecurityEntityRiskScoreResponse.java b/src/main/java/com/datadog/api/client/v2/model/SecurityEntityRiskScoreResponse.java
new file mode 100644
index 00000000000..aeb4998560b
--- /dev/null
+++ b/src/main/java/com/datadog/api/client/v2/model/SecurityEntityRiskScoreResponse.java
@@ -0,0 +1,147 @@
+/*
+ * Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License.
+ * This product includes software developed at Datadog (https://www.datadoghq.com/).
+ * Copyright 2019-Present Datadog, Inc.
+ */
+
+package com.datadog.api.client.v2.model;
+
+import com.fasterxml.jackson.annotation.JsonAnyGetter;
+import com.fasterxml.jackson.annotation.JsonAnySetter;
+import com.fasterxml.jackson.annotation.JsonCreator;
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.annotation.JsonPropertyOrder;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Objects;
+
+/** Response containing a single entity risk score */
+@JsonPropertyOrder({SecurityEntityRiskScoreResponse.JSON_PROPERTY_DATA})
+@jakarta.annotation.Generated(
+ value = "https://github.com/DataDog/datadog-api-client-java/blob/master/.generator")
+public class SecurityEntityRiskScoreResponse {
+ @JsonIgnore public boolean unparsed = false;
+ public static final String JSON_PROPERTY_DATA = "data";
+ private SecurityEntityRiskScore data;
+
+ public SecurityEntityRiskScoreResponse() {}
+
+ @JsonCreator
+ public SecurityEntityRiskScoreResponse(
+ @JsonProperty(required = true, value = JSON_PROPERTY_DATA) SecurityEntityRiskScore data) {
+ this.data = data;
+ this.unparsed |= data.unparsed;
+ }
+
+ public SecurityEntityRiskScoreResponse data(SecurityEntityRiskScore data) {
+ this.data = data;
+ this.unparsed |= data.unparsed;
+ return this;
+ }
+
+ /**
+ * An entity risk score containing security risk assessment information
+ *
+ * @return data
+ */
+ @JsonProperty(JSON_PROPERTY_DATA)
+ @JsonInclude(value = JsonInclude.Include.ALWAYS)
+ public SecurityEntityRiskScore getData() {
+ return data;
+ }
+
+ public void setData(SecurityEntityRiskScore data) {
+ this.data = data;
+ }
+
+ /**
+ * A container for additional, undeclared properties. This is a holder for any undeclared
+ * properties as specified with the 'additionalProperties' keyword in the OAS document.
+ */
+ private Map additionalProperties;
+
+ /**
+ * Set the additional (undeclared) property with the specified name and value. If the property
+ * does not already exist, create it otherwise replace it.
+ *
+ * @param key The arbitrary key to set
+ * @param value The associated value
+ * @return SecurityEntityRiskScoreResponse
+ */
+ @JsonAnySetter
+ public SecurityEntityRiskScoreResponse putAdditionalProperty(String key, Object value) {
+ if (this.additionalProperties == null) {
+ this.additionalProperties = new HashMap();
+ }
+ this.additionalProperties.put(key, value);
+ return this;
+ }
+
+ /**
+ * Return the additional (undeclared) property.
+ *
+ * @return The additional properties
+ */
+ @JsonAnyGetter
+ public Map getAdditionalProperties() {
+ return additionalProperties;
+ }
+
+ /**
+ * Return the additional (undeclared) property with the specified name.
+ *
+ * @param key The arbitrary key to get
+ * @return The specific additional property for the given key
+ */
+ public Object getAdditionalProperty(String key) {
+ if (this.additionalProperties == null) {
+ return null;
+ }
+ return this.additionalProperties.get(key);
+ }
+
+ /** Return true if this SecurityEntityRiskScoreResponse object is equal to o. */
+ @Override
+ public boolean equals(Object o) {
+ if (this == o) {
+ return true;
+ }
+ if (o == null || getClass() != o.getClass()) {
+ return false;
+ }
+ SecurityEntityRiskScoreResponse securityEntityRiskScoreResponse =
+ (SecurityEntityRiskScoreResponse) o;
+ return Objects.equals(this.data, securityEntityRiskScoreResponse.data)
+ && Objects.equals(
+ this.additionalProperties, securityEntityRiskScoreResponse.additionalProperties);
+ }
+
+ @Override
+ public int hashCode() {
+ return Objects.hash(data, additionalProperties);
+ }
+
+ @Override
+ public String toString() {
+ StringBuilder sb = new StringBuilder();
+ sb.append("class SecurityEntityRiskScoreResponse {\n");
+ sb.append(" data: ").append(toIndentedString(data)).append("\n");
+ sb.append(" additionalProperties: ")
+ .append(toIndentedString(additionalProperties))
+ .append("\n");
+ sb.append('}');
+ return sb.toString();
+ }
+
+ /**
+ * Convert the given object to string with each line indented by 4 spaces (except the first line).
+ */
+ private String toIndentedString(Object o) {
+ if (o == null) {
+ return "null";
+ }
+ return o.toString().replace("\n", "\n ");
+ }
+}
diff --git a/src/main/java/com/datadog/api/client/v2/model/SecurityEntityRiskScoreType.java b/src/main/java/com/datadog/api/client/v2/model/SecurityEntityRiskScoreType.java
index 17ecfeb69d3..f04ecb2cc43 100644
--- a/src/main/java/com/datadog/api/client/v2/model/SecurityEntityRiskScoreType.java
+++ b/src/main/java/com/datadog/api/client/v2/model/SecurityEntityRiskScoreType.java
@@ -18,15 +18,15 @@
import java.util.HashSet;
import java.util.Set;
-/** Resource type */
+/** Resource type. */
@JsonSerialize(using = SecurityEntityRiskScoreType.SecurityEntityRiskScoreTypeSerializer.class)
public class SecurityEntityRiskScoreType extends ModelEnum {
private static final Set allowedValues =
- new HashSet(Arrays.asList("security_entity_risk_score"));
+ new HashSet(Arrays.asList("SecurityEntityRiskScore"));
public static final SecurityEntityRiskScoreType SECURITY_ENTITY_RISK_SCORE =
- new SecurityEntityRiskScoreType("security_entity_risk_score");
+ new SecurityEntityRiskScoreType("SecurityEntityRiskScore");
SecurityEntityRiskScoreType(String value) {
super(value, allowedValues);
diff --git a/src/test/resources/com/datadog/api/client/v2/api/entity_risk_scores.feature b/src/test/resources/com/datadog/api/client/v2/api/entity_risk_scores.feature
index f6e28ae7405..be283af2fba 100644
--- a/src/test/resources/com/datadog/api/client/v2/api/entity_risk_scores.feature
+++ b/src/test/resources/com/datadog/api/client/v2/api/entity_risk_scores.feature
@@ -6,15 +6,41 @@ Feature: Entity Risk Scores
Given a valid "apiKeyAuth" key in the system
And a valid "appKeyAuth" key in the system
And an instance of "EntityRiskScores" API
- And operation "ListEntityRiskScores" enabled
- And new "ListEntityRiskScores" request
+
+ @generated @skip @team:DataDog/cloud-siem
+ Scenario: Get Entity Risk Score returns "Bad Request" response
+ Given operation "GetEntityRiskScore" enabled
+ And new "GetEntityRiskScore" request
+ And request contains "entity_id" parameter from "REPLACE.ME"
+ When the request is sent
+ Then the response status is 400 Bad Request
+
+ @generated @skip @team:DataDog/cloud-siem
+ Scenario: Get Entity Risk Score returns "Not Found" response
+ Given operation "GetEntityRiskScore" enabled
+ And new "GetEntityRiskScore" request
+ And request contains "entity_id" parameter from "REPLACE.ME"
+ When the request is sent
+ Then the response status is 404 Not Found
+
+ @generated @skip @team:DataDog/cloud-siem
+ Scenario: Get Entity Risk Score returns "OK" response
+ Given operation "GetEntityRiskScore" enabled
+ And new "GetEntityRiskScore" request
+ And request contains "entity_id" parameter from "REPLACE.ME"
+ When the request is sent
+ Then the response status is 200 OK
@generated @skip @team:DataDog/cloud-siem
Scenario: List Entity Risk Scores returns "Bad Request" response
+ Given operation "ListEntityRiskScores" enabled
+ And new "ListEntityRiskScores" request
When the request is sent
Then the response status is 400 Bad Request
@generated @skip @team:DataDog/cloud-siem
Scenario: List Entity Risk Scores returns "OK" response
+ Given operation "ListEntityRiskScores" enabled
+ And new "ListEntityRiskScores" request
When the request is sent
Then the response status is 200 OK
diff --git a/src/test/resources/com/datadog/api/client/v2/api/undo.json b/src/test/resources/com/datadog/api/client/v2/api/undo.json
index 8e00370969b..07db45886a9 100644
--- a/src/test/resources/com/datadog/api/client/v2/api/undo.json
+++ b/src/test/resources/com/datadog/api/client/v2/api/undo.json
@@ -6396,6 +6396,12 @@
"type": "safe"
}
},
+ "GetEntityRiskScore": {
+ "tag": "Entity Risk Scores",
+ "undo": {
+ "type": "safe"
+ }
+ },
"DownloadCloudWorkloadPolicyFile": {
"tag": "CSM Threats",
"undo": {