diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index b17c8433bd55..a07ab7db9ff9 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -1932,6 +1932,15 @@ components: required: false schema: $ref: "#/components/schemas/WebhooksAuthMethodProtocol" + WifConfigUUID: + description: The UUID of the WIF configuration to operate on. + example: c5c758c6-18c2-4484-ae3f-46b84128404a + in: path + name: config_uuid + required: true + schema: + format: uuid + type: string WorkflowId: description: The ID of the workflow. in: path @@ -12146,6 +12155,181 @@ components: required: - data type: object + AwsWifIntakeMappingAttributes: + description: Attributes of an AWS WIF intake mapping. + properties: + arn_pattern: + description: |- + The AWS IAM ARN pattern identifying the role or user permitted to obtain an intake API key. + Supports wildcards (`*`) to match multiple principals within an account. + example: "arn:aws:iam::123456789012:role/my-agent-role" + type: string + required: + - arn_pattern + type: object + AwsWifIntakeMappingCreateData: + description: Data for creating an AWS WIF intake mapping. + properties: + attributes: + $ref: "#/components/schemas/AwsWifIntakeMappingAttributes" + type: + $ref: "#/components/schemas/AwsWifIntakeMappingType" + required: + - type + - attributes + type: object + AwsWifIntakeMappingCreateRequest: + description: Request body for creating an AWS WIF intake mapping. + properties: + data: + $ref: "#/components/schemas/AwsWifIntakeMappingCreateData" + required: + - data + type: object + AwsWifIntakeMappingData: + description: An AWS WIF intake mapping resource. + properties: + attributes: + $ref: "#/components/schemas/AwsWifIntakeMappingAttributes" + id: + description: The UUID of the intake mapping. + example: "a1b2c3d4-e5f6-7890-abcd-ef1234567890" + format: uuid + type: string + type: + $ref: "#/components/schemas/AwsWifIntakeMappingType" + required: + - id + - type + - attributes + type: object + AwsWifIntakeMappingResponse: + description: Response containing a single AWS WIF intake mapping. + properties: + data: + $ref: "#/components/schemas/AwsWifIntakeMappingData" + required: + - data + type: object + AwsWifIntakeMappingType: + description: Type identifier for an AWS WIF intake mapping. + enum: + - aws_wif_intake_mapping + example: aws_wif_intake_mapping + type: string + x-enum-varnames: + - AWS_WIF_INTAKE_MAPPING + AwsWifIntakeMappingsResponse: + description: Response containing a list of AWS WIF intake mappings. + properties: + data: + items: + $ref: "#/components/schemas/AwsWifIntakeMappingData" + type: array + required: + - data + type: object + AwsWifPersonaMappingAttributes: + description: Attributes of an AWS WIF persona mapping. + properties: + account_identifier: + description: The Datadog user handle (email address) to map the AWS principal to. + example: "user@example.com" + type: string + account_uuid: + description: The Datadog user UUID corresponding to `account_identifier`. Read-only — set by the server. + example: "12bbdc5c-5966-47e0-8733-285f9e44bcf4" + format: uuid + type: string + arn_pattern: + description: |- + The AWS IAM ARN pattern identifying the role or user that will be mapped. + Supports wildcards (`*`) to match multiple principals within an account. + example: "arn:aws:iam::123456789012:role/my-workload-role" + type: string + required: + - arn_pattern + - account_identifier + type: object + AwsWifPersonaMappingCreateAttributes: + description: Attributes for creating an AWS WIF persona mapping. + properties: + account_identifier: + description: The Datadog user handle (email address) to map the AWS principal to. + example: "user@example.com" + type: string + arn_pattern: + description: |- + The AWS IAM ARN pattern identifying the role or user that will be mapped. + Supports wildcards (`*`) to match multiple principals within an account. + example: "arn:aws:iam::123456789012:role/my-workload-role" + type: string + required: + - arn_pattern + - account_identifier + type: object + AwsWifPersonaMappingCreateData: + description: Data for creating an AWS WIF persona mapping. + properties: + attributes: + $ref: "#/components/schemas/AwsWifPersonaMappingCreateAttributes" + type: + $ref: "#/components/schemas/AwsWifPersonaMappingType" + required: + - type + - attributes + type: object + AwsWifPersonaMappingCreateRequest: + description: Request body for creating an AWS WIF persona mapping. + properties: + data: + $ref: "#/components/schemas/AwsWifPersonaMappingCreateData" + required: + - data + type: object + AwsWifPersonaMappingData: + description: An AWS WIF persona mapping resource. + properties: + attributes: + $ref: "#/components/schemas/AwsWifPersonaMappingAttributes" + id: + description: The UUID of the persona mapping. + example: "c5c758c6-18c2-4484-ae3f-46b84128404a" + format: uuid + type: string + type: + $ref: "#/components/schemas/AwsWifPersonaMappingType" + required: + - id + - type + - attributes + type: object + AwsWifPersonaMappingResponse: + description: Response containing a single AWS WIF persona mapping. + properties: + data: + $ref: "#/components/schemas/AwsWifPersonaMappingData" + required: + - data + type: object + AwsWifPersonaMappingType: + description: Type identifier for an AWS WIF persona mapping. + enum: + - aws_wif_config + example: aws_wif_config + type: string + x-enum-varnames: + - AWS_WIF_CONFIG + AwsWifPersonaMappingsResponse: + description: Response containing a list of AWS WIF persona mappings. + properties: + data: + items: + $ref: "#/components/schemas/AwsWifPersonaMappingData" + type: array + required: + - data + type: object AzureCredentials: description: The definition of the `AzureCredentials` object. oneOf: @@ -29812,6 +29996,55 @@ components: oneOf: - $ref: "#/components/schemas/StatusPagesUser" - $ref: "#/components/schemas/StatusPageAsIncluded" + DelegatedTokenAttributes: + description: Attributes of a delegated token. + properties: + access_token: + description: A short-lived JWT representing the authenticated Datadog user. Pass this as a bearer token in subsequent API calls. + example: "eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCJ9..." + type: string + expires: + description: The expiry time of the token. + example: "2024-01-15T11:30:00Z" + format: date-time + type: string + required: + - access_token + - expires + type: object + DelegatedTokenData: + description: A delegated token resource. + properties: + attributes: + $ref: "#/components/schemas/DelegatedTokenAttributes" + id: + description: A random UUID assigned to this token issuance. + example: "550e8400-e29b-41d4-a716-446655440000" + format: uuid + type: string + type: + $ref: "#/components/schemas/DelegatedTokenType" + required: + - id + - type + - attributes + type: object + DelegatedTokenResponse: + description: Response containing a delegated user token. + properties: + data: + $ref: "#/components/schemas/DelegatedTokenData" + required: + - data + type: object + DelegatedTokenType: + description: The resource type for a delegated token. + enum: + - token + example: token + type: string + x-enum-varnames: + - TOKEN DeleteAppResponse: description: The response object after an app is successfully deleted. properties: @@ -45556,6 +45789,54 @@ components: - ARRAY_NUMBER - ARRAY_BOOLEAN - ARRAY_OBJECT + IntakeAPIKeyAttributes: + description: Attributes of an intake API key returned after successful authentication. + properties: + api_key: + description: The Datadog API key the workload can use to send telemetry. + example: "abc123def456..." + type: string + org_id: + description: The numeric ID of the Datadog organization the API key belongs to. + example: 123456 + format: int64 + type: integer + required: + - api_key + - org_id + type: object + IntakeAPIKeyData: + description: An intake API key resource. + properties: + attributes: + $ref: "#/components/schemas/IntakeAPIKeyAttributes" + id: + description: A stable identifier for the intake key, scoped to the matched organization. + example: "intake-123456" + type: string + type: + $ref: "#/components/schemas/IntakeAPIKeyType" + required: + - id + - type + - attributes + type: object + IntakeAPIKeyResponse: + description: Response containing an intake API key for the authenticated cloud workload. + properties: + data: + $ref: "#/components/schemas/IntakeAPIKeyData" + required: + - data + type: object + IntakeAPIKeyType: + description: The resource type for an intake API key. + enum: + - intake_api_key + example: intake_api_key + type: string + x-enum-varnames: + - INTAKE_API_KEY IntakePayloadAccepted: description: The payload accepted for intake. properties: @@ -120040,6 +120321,7 @@ paths: - test_optimization_read /api/v2/cloud_auth/aws/persona_mapping: get: + deprecated: true description: List all AWS cloud authentication persona mappings. This endpoint retrieves all configured persona mappings that associate AWS IAM principals with Datadog users. operationId: ListAWSCloudAuthPersonaMappings responses: @@ -120076,10 +120358,14 @@ paths: summary: List AWS cloud authentication persona mappings tags: - Cloud Authentication + x-deprecated: |- + **Deprecated**: Use `ListAwsWifPersonaMappings` (`GET /api/v2/wif/aws/persona_mapping`) instead. + x-sunset: "2027-01-01" x-unstable: |- **Note**: This endpoint is in public beta and is subject to change. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). post: + deprecated: true description: Create an AWS cloud authentication persona mapping. This endpoint associates an AWS IAM principal with a Datadog user. operationId: CreateAWSCloudAuthPersonaMapping requestBody: @@ -120137,11 +120423,15 @@ paths: tags: - Cloud Authentication x-codegen-request-body-name: body + x-deprecated: |- + **Deprecated**: Use `CreateAwsWifPersonaMapping` (`POST /api/v2/wif/aws/persona_mapping`) instead. + x-sunset: "2027-01-01" x-unstable: |- **Note**: This endpoint is in public beta and is subject to change. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). /api/v2/cloud_auth/aws/persona_mapping/{persona_mapping_id}: delete: + deprecated: true description: Delete an AWS cloud authentication persona mapping by ID. This removes the association between an AWS IAM principal and a Datadog user. operationId: DeleteAWSCloudAuthPersonaMapping parameters: @@ -120166,10 +120456,14 @@ paths: summary: Delete an AWS cloud authentication persona mapping tags: - Cloud Authentication + x-deprecated: |- + **Deprecated**: Use `DeleteAwsWifPersonaMapping` (`DELETE /api/v2/wif/aws/persona_mapping/{config_uuid}`) instead. + x-sunset: "2027-01-01" x-unstable: |- **Note**: This endpoint is in public beta and is subject to change. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). get: + deprecated: true description: Get a specific AWS cloud authentication persona mapping by ID. This endpoint retrieves a single configured persona mapping that associates an AWS IAM principal with a Datadog user. operationId: GetAWSCloudAuthPersonaMapping parameters: @@ -120208,6 +120502,9 @@ paths: summary: Get an AWS cloud authentication persona mapping tags: - Cloud Authentication + x-deprecated: |- + **Deprecated**: Use `GetAwsWifPersonaMapping` (`GET /api/v2/wif/aws/persona_mapping/{config_uuid}`) instead. + x-sunset: "2027-01-01" x-unstable: |- **Note**: This endpoint is in public beta and is subject to change. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). @@ -127393,6 +127690,54 @@ paths: x-unstable: |- **Note: Data Access is in preview. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).** + /api/v2/delegated-token: + post: + description: |- + Exchange a Workload Identity Federation (WIF) proof or Datadog credentials for a short-lived access token + scoped to a Datadog user. + + To authenticate with a WIF identity, pass the cloud-provider token in the `Authorization` header using + the `Bearer` or `Delegated` scheme. Datadog resolves the Datadog user from the persona mapping configured + for that cloud identity. + + To obtain a token for the calling user directly, authenticate with standard Datadog API and application keys. + + Use the returned `access_token` as a bearer token in subsequent API calls. + operationId: GetDelegatedToken + responses: + "200": + content: + application/json: + examples: + default: + value: + data: + attributes: + access_token: "eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCJ9..." + expires: "2024-01-15T11:30:00Z" + id: "550e8400-e29b-41d4-a716-446655440000" + type: token + schema: + $ref: "#/components/schemas/DelegatedTokenResponse" + description: OK + "401": + content: + application/json: + schema: + $ref: "#/components/schemas/JSONAPIErrorResponse" + description: Unauthorized — missing or invalid authorization proof. + "403": + content: + application/json: + schema: + $ref: "#/components/schemas/JSONAPIErrorResponse" + description: Forbidden — the cloud identity is not mapped to any Datadog user, or the authenticated user does not have access. + "429": + $ref: "#/components/responses/TooManyRequestsResponse" + security: [] + summary: Get a delegated token + tags: + - Delegated Token /api/v2/deletion/data/{product}: post: description: Creates a data deletion request by providing a query and a timeframe targeting the proper data. @@ -136004,6 +136349,55 @@ paths: x-unstable: |- **Note**: This endpoint is in public beta. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). + /api/v2/intake-key: + post: + description: |- + Exchanges a Workload Identity Federation (WIF) identity proof for a Datadog API key associated with the matching WIF intake mapping. + + Pass a cloud-provider token in the `Authorization` header using the `Bearer` or `Delegated` scheme. + The token is validated against the WIF intake mappings configured for the caller's organization. On success, + a managed-rotation API key is returned that the workload can use to send telemetry to Datadog. + + Unlike the delegated-token endpoint (`POST /api/v2/delegated-token`), this endpoint authenticates + the cloud workload at the organization level rather than mapping it to a specific Datadog user. + + Standard Datadog API and application key authentication is not accepted. Authenticate using a + cloud-provider token in the `Authorization: Bearer` header. + operationId: GetIntakeKey + responses: + "200": + content: + application/json: + examples: + default: + value: + data: + attributes: + api_key: "abc123def456..." + org_id: 123456 + id: "intake-123456" + type: intake_api_key + schema: + $ref: "#/components/schemas/IntakeAPIKeyResponse" + description: OK + "401": + content: + application/json: + schema: + $ref: "#/components/schemas/JSONAPIErrorResponse" + description: Unauthorized — missing or invalid authorization proof. + "403": + content: + application/json: + schema: + $ref: "#/components/schemas/JSONAPIErrorResponse" + description: Forbidden — the cloud identity is not matched by any intake mapping for this organization. + "429": + $ref: "#/components/responses/TooManyRequestsResponse" + security: [] + summary: Get an intake API key + tags: + - Intake Key /api/v2/integration/aws/accounts: get: description: Get a list of AWS Account Integration Configs. @@ -189631,6 +190025,373 @@ paths: - generate_log_reports - manage_log_reports - product_analytics_saved_widgets_write + /api/v2/wif/aws/intake_mapping: + get: + description: List every AWS WIF intake mapping configured for the caller's organization. + operationId: ListAwsWifIntakeMappings + responses: + "200": + content: + application/json: + examples: + default: + value: + data: + - attributes: + arn_pattern: "arn:aws:iam::123456789012:role/my-agent-role" + id: "a1b2c3d4-e5f6-7890-abcd-ef1234567890" + type: aws_wif_intake_mapping + schema: + $ref: "#/components/schemas/AwsWifIntakeMappingsResponse" + description: OK + "403": + content: + application/json: + schema: + $ref: "#/components/schemas/JSONAPIErrorResponse" + description: Forbidden + "429": + $ref: "#/components/responses/TooManyRequestsResponse" + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - workload_identity_federation_read + summary: List AWS WIF intake mappings + tags: + - AWS WIF + post: + description: Create an AWS WIF intake mapping. The mapping binds an IAM role ARN pattern to a managed-rotation API key, allowing AWS workloads to send telemetry to Datadog without requiring a delegated user token. + operationId: CreateAwsWifIntakeMapping + requestBody: + content: + application/json: + examples: + default: + value: + data: + attributes: + arn_pattern: "arn:aws:iam::123456789012:role/my-agent-role" + type: aws_wif_intake_mapping + schema: + $ref: "#/components/schemas/AwsWifIntakeMappingCreateRequest" + required: true + responses: + "201": + content: + application/json: + examples: + default: + value: + data: + attributes: + arn_pattern: "arn:aws:iam::123456789012:role/my-agent-role" + id: "a1b2c3d4-e5f6-7890-abcd-ef1234567890" + type: aws_wif_intake_mapping + schema: + $ref: "#/components/schemas/AwsWifIntakeMappingResponse" + description: Created + "400": + content: + application/json: + schema: + $ref: "#/components/schemas/JSONAPIErrorResponse" + description: Bad Request + "403": + content: + application/json: + schema: + $ref: "#/components/schemas/JSONAPIErrorResponse" + description: Forbidden + "409": + content: + application/json: + schema: + $ref: "#/components/schemas/JSONAPIErrorResponse" + description: Conflict + "429": + $ref: "#/components/responses/TooManyRequestsResponse" + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - workload_identity_federation_write + summary: Create an AWS WIF intake mapping + tags: + - AWS WIF + x-codegen-request-body-name: body + /api/v2/wif/aws/intake_mapping/{config_uuid}: + delete: + description: Delete an AWS WIF intake mapping by UUID. The associated managed-rotation API key is left intact, but AWS workloads that previously matched this mapping will lose intake access. + operationId: DeleteAwsWifIntakeMapping + parameters: + - $ref: "#/components/parameters/WifConfigUUID" + responses: + "204": + description: No Content + "400": + content: + application/json: + schema: + $ref: "#/components/schemas/JSONAPIErrorResponse" + description: Bad Request + "403": + content: + application/json: + schema: + $ref: "#/components/schemas/JSONAPIErrorResponse" + description: Forbidden + "404": + content: + application/json: + schema: + $ref: "#/components/schemas/JSONAPIErrorResponse" + description: Not Found + "429": + $ref: "#/components/responses/TooManyRequestsResponse" + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - workload_identity_federation_write + summary: Delete an AWS WIF intake mapping + tags: + - AWS WIF + get: + description: Retrieve a single AWS WIF intake mapping by UUID. + operationId: GetAwsWifIntakeMapping + parameters: + - $ref: "#/components/parameters/WifConfigUUID" + responses: + "200": + content: + application/json: + examples: + default: + value: + data: + attributes: + arn_pattern: "arn:aws:iam::123456789012:role/my-agent-role" + id: "a1b2c3d4-e5f6-7890-abcd-ef1234567890" + type: aws_wif_intake_mapping + schema: + $ref: "#/components/schemas/AwsWifIntakeMappingResponse" + description: OK + "400": + content: + application/json: + schema: + $ref: "#/components/schemas/JSONAPIErrorResponse" + description: Bad Request + "403": + content: + application/json: + schema: + $ref: "#/components/schemas/JSONAPIErrorResponse" + description: Forbidden + "404": + content: + application/json: + schema: + $ref: "#/components/schemas/JSONAPIErrorResponse" + description: Not Found + "429": + $ref: "#/components/responses/TooManyRequestsResponse" + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - workload_identity_federation_read + summary: Get an AWS WIF intake mapping + tags: + - AWS WIF + /api/v2/wif/aws/persona_mapping: + get: + description: List every AWS WIF persona mapping configured for the caller's organization. + operationId: ListAwsWifPersonaMappings + responses: + "200": + content: + application/json: + examples: + default: + value: + data: + - attributes: + account_identifier: "user@example.com" + account_uuid: "12bbdc5c-5966-47e0-8733-285f9e44bcf4" + arn_pattern: "arn:aws:iam::123456789012:role/my-workload-role" + id: "c5c758c6-18c2-4484-ae3f-46b84128404a" + type: aws_wif_config + schema: + $ref: "#/components/schemas/AwsWifPersonaMappingsResponse" + description: OK + "403": + content: + application/json: + schema: + $ref: "#/components/schemas/JSONAPIErrorResponse" + description: Forbidden + "429": + $ref: "#/components/responses/TooManyRequestsResponse" + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - workload_identity_federation_read + summary: List AWS WIF persona mappings + tags: + - AWS WIF + post: + description: Create an AWS Workload Identity Federation (WIF) persona mapping. The mapping binds an IAM role ARN pattern to a Datadog user handle, which is used to authenticate delegated-token requests from that AWS identity. + operationId: CreateAwsWifPersonaMapping + requestBody: + content: + application/json: + examples: + default: + value: + data: + attributes: + account_identifier: "user@example.com" + arn_pattern: "arn:aws:iam::123456789012:role/my-workload-role" + type: aws_wif_config + schema: + $ref: "#/components/schemas/AwsWifPersonaMappingCreateRequest" + required: true + responses: + "201": + content: + application/json: + examples: + default: + value: + data: + attributes: + account_identifier: "user@example.com" + account_uuid: "12bbdc5c-5966-47e0-8733-285f9e44bcf4" + arn_pattern: "arn:aws:iam::123456789012:role/my-workload-role" + id: "c5c758c6-18c2-4484-ae3f-46b84128404a" + type: aws_wif_config + schema: + $ref: "#/components/schemas/AwsWifPersonaMappingResponse" + description: Created + "400": + content: + application/json: + schema: + $ref: "#/components/schemas/JSONAPIErrorResponse" + description: Bad Request + "403": + content: + application/json: + schema: + $ref: "#/components/schemas/JSONAPIErrorResponse" + description: Forbidden + "409": + content: + application/json: + schema: + $ref: "#/components/schemas/JSONAPIErrorResponse" + description: Conflict + "429": + $ref: "#/components/responses/TooManyRequestsResponse" + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - workload_identity_federation_write + summary: Create an AWS WIF persona mapping + tags: + - AWS WIF + x-codegen-request-body-name: body + /api/v2/wif/aws/persona_mapping/{config_uuid}: + delete: + description: Delete an AWS WIF persona mapping by UUID. Subsequent delegated-token requests from the previously mapped AWS identity will be denied. + operationId: DeleteAwsWifPersonaMapping + parameters: + - $ref: "#/components/parameters/WifConfigUUID" + responses: + "204": + description: No Content + "400": + content: + application/json: + schema: + $ref: "#/components/schemas/JSONAPIErrorResponse" + description: Bad Request + "403": + content: + application/json: + schema: + $ref: "#/components/schemas/JSONAPIErrorResponse" + description: Forbidden + "404": + content: + application/json: + schema: + $ref: "#/components/schemas/JSONAPIErrorResponse" + description: Not Found + "429": + $ref: "#/components/responses/TooManyRequestsResponse" + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - workload_identity_federation_write + summary: Delete an AWS WIF persona mapping + tags: + - AWS WIF + get: + description: Retrieve a single AWS WIF persona mapping by UUID. + operationId: GetAwsWifPersonaMapping + parameters: + - $ref: "#/components/parameters/WifConfigUUID" + responses: + "200": + content: + application/json: + examples: + default: + value: + data: + attributes: + account_identifier: "user@example.com" + account_uuid: "12bbdc5c-5966-47e0-8733-285f9e44bcf4" + arn_pattern: "arn:aws:iam::123456789012:role/my-workload-role" + id: "c5c758c6-18c2-4484-ae3f-46b84128404a" + type: aws_wif_config + schema: + $ref: "#/components/schemas/AwsWifPersonaMappingResponse" + description: OK + "400": + content: + application/json: + schema: + $ref: "#/components/schemas/JSONAPIErrorResponse" + description: Bad Request + "403": + content: + application/json: + schema: + $ref: "#/components/schemas/JSONAPIErrorResponse" + description: Forbidden + "404": + content: + application/json: + schema: + $ref: "#/components/schemas/JSONAPIErrorResponse" + description: Not Found + "429": + $ref: "#/components/responses/TooManyRequestsResponse" + security: + - apiKeyAuth: [] + appKeyAuth: [] + - AuthZ: + - workload_identity_federation_read + summary: Get an AWS WIF persona mapping + tags: + - AWS WIF /api/v2/workflows: get: description: List all workflows in your organization. This API requires a [registered application key](https://docs.datadoghq.com/api/latest/action-connection/#register-a-new-app-key). Alternatively, you can configure these permissions [in the UI](https://docs.datadoghq.com/account_management/api-app-keys/#actions-api-access). @@ -190292,6 +191053,11 @@ tags: externalDocs: url: https://docs.datadoghq.com/integrations/amazon_web_services/#log-collection name: AWS Logs Integration + - description: |- + Manage AWS Workload Identity Federation (WIF) mappings. + Persona mappings link IAM role ARN patterns to Datadog users for delegated-token authentication. + Intake mappings link IAM role ARN patterns to managed-rotation API keys for agent telemetry ingestion. + name: AWS WIF - description: |- Action connections extend your installed integrations and allow you to take action in your third-party systems (e.g. AWS, GitLab, and Statuspage) with Datadog’s Workflow Automation and App Builder products. @@ -190463,6 +191229,10 @@ tags: access to sensitive data. By defining Restricted Datasets, you can ensure that only specific teams or roles can view certain types of telemetry (for example, logs, traces, metrics, and RUM data). name: Datasets + - description: |- + Exchange a cloud-provider identity proof or Datadog credential for a short-lived delegated-user JWT + via Workload Identity Federation. + name: Delegated Token - description: |- Manage Deployment Gates using this API to reduce the likelihood and impact of incidents caused by deployments. See the [Deployment Gates documentation](https://docs.datadoghq.com/deployment_gates/) for more information. name: Deployment Gates @@ -190547,6 +191317,9 @@ tags: name: IP Allowlist - description: Manage incident response, as well as associated attachments, metadata, and todos. See the [Incident Management page](https://docs.datadoghq.com/service_management/incident_management/) for more information. name: Incidents + - description: |- + Exchange a cloud-provider identity proof for a Datadog API key via Workload Identity Federation intake mappings. + name: Intake Key - description: |- The Integrations API is used to list available integrations and retrieve information about their installation status. diff --git a/features/v2/aws_wif.feature b/features/v2/aws_wif.feature new file mode 100644 index 000000000000..922431ffee3d --- /dev/null +++ b/features/v2/aws_wif.feature @@ -0,0 +1,149 @@ +@endpoint(aws-wif) @endpoint(aws-wif-v2) +Feature: AWS WIF + Manage AWS Workload Identity Federation (WIF) mappings. Persona mappings + link IAM role ARN patterns to Datadog users for delegated-token + authentication. Intake mappings link IAM role ARN patterns to managed- + rotation API keys for agent telemetry ingestion. + + Background: + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And an instance of "AWSWIF" API + + @generated @skip @team:DataDog/delegated-auth-login + Scenario: Create an AWS WIF intake mapping returns "Bad Request" response + Given new "CreateAwsWifIntakeMapping" request + And body with value {"data": {"attributes": {"arn_pattern": "arn:aws:iam::123456789012:role/my-agent-role"}, "type": "aws_wif_intake_mapping"}} + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/delegated-auth-login + Scenario: Create an AWS WIF intake mapping returns "Conflict" response + Given new "CreateAwsWifIntakeMapping" request + And body with value {"data": {"attributes": {"arn_pattern": "arn:aws:iam::123456789012:role/my-agent-role"}, "type": "aws_wif_intake_mapping"}} + When the request is sent + Then the response status is 409 Conflict + + @generated @skip @team:DataDog/delegated-auth-login + Scenario: Create an AWS WIF intake mapping returns "Created" response + Given new "CreateAwsWifIntakeMapping" request + And body with value {"data": {"attributes": {"arn_pattern": "arn:aws:iam::123456789012:role/my-agent-role"}, "type": "aws_wif_intake_mapping"}} + When the request is sent + Then the response status is 201 Created + + @generated @skip @team:DataDog/delegated-auth-login + Scenario: Create an AWS WIF persona mapping returns "Bad Request" response + Given new "CreateAwsWifPersonaMapping" request + And body with value {"data": {"attributes": {"account_identifier": "user@example.com", "arn_pattern": "arn:aws:iam::123456789012:role/my-workload-role"}, "type": "aws_wif_config"}} + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/delegated-auth-login + Scenario: Create an AWS WIF persona mapping returns "Conflict" response + Given new "CreateAwsWifPersonaMapping" request + And body with value {"data": {"attributes": {"account_identifier": "user@example.com", "arn_pattern": "arn:aws:iam::123456789012:role/my-workload-role"}, "type": "aws_wif_config"}} + When the request is sent + Then the response status is 409 Conflict + + @generated @skip @team:DataDog/delegated-auth-login + Scenario: Create an AWS WIF persona mapping returns "Created" response + Given new "CreateAwsWifPersonaMapping" request + And body with value {"data": {"attributes": {"account_identifier": "user@example.com", "arn_pattern": "arn:aws:iam::123456789012:role/my-workload-role"}, "type": "aws_wif_config"}} + When the request is sent + Then the response status is 201 Created + + @generated @skip @team:DataDog/delegated-auth-login + Scenario: Delete an AWS WIF intake mapping returns "Bad Request" response + Given new "DeleteAwsWifIntakeMapping" request + And request contains "config_uuid" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/delegated-auth-login + Scenario: Delete an AWS WIF intake mapping returns "No Content" response + Given new "DeleteAwsWifIntakeMapping" request + And request contains "config_uuid" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 204 No Content + + @generated @skip @team:DataDog/delegated-auth-login + Scenario: Delete an AWS WIF intake mapping returns "Not Found" response + Given new "DeleteAwsWifIntakeMapping" request + And request contains "config_uuid" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 404 Not Found + + @generated @skip @team:DataDog/delegated-auth-login + Scenario: Delete an AWS WIF persona mapping returns "Bad Request" response + Given new "DeleteAwsWifPersonaMapping" request + And request contains "config_uuid" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/delegated-auth-login + Scenario: Delete an AWS WIF persona mapping returns "No Content" response + Given new "DeleteAwsWifPersonaMapping" request + And request contains "config_uuid" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 204 No Content + + @generated @skip @team:DataDog/delegated-auth-login + Scenario: Delete an AWS WIF persona mapping returns "Not Found" response + Given new "DeleteAwsWifPersonaMapping" request + And request contains "config_uuid" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 404 Not Found + + @generated @skip @team:DataDog/delegated-auth-login + Scenario: Get an AWS WIF intake mapping returns "Bad Request" response + Given new "GetAwsWifIntakeMapping" request + And request contains "config_uuid" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/delegated-auth-login + Scenario: Get an AWS WIF intake mapping returns "Not Found" response + Given new "GetAwsWifIntakeMapping" request + And request contains "config_uuid" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 404 Not Found + + @generated @skip @team:DataDog/delegated-auth-login + Scenario: Get an AWS WIF intake mapping returns "OK" response + Given new "GetAwsWifIntakeMapping" request + And request contains "config_uuid" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 200 OK + + @generated @skip @team:DataDog/delegated-auth-login + Scenario: Get an AWS WIF persona mapping returns "Bad Request" response + Given new "GetAwsWifPersonaMapping" request + And request contains "config_uuid" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 400 Bad Request + + @generated @skip @team:DataDog/delegated-auth-login + Scenario: Get an AWS WIF persona mapping returns "Not Found" response + Given new "GetAwsWifPersonaMapping" request + And request contains "config_uuid" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 404 Not Found + + @generated @skip @team:DataDog/delegated-auth-login + Scenario: Get an AWS WIF persona mapping returns "OK" response + Given new "GetAwsWifPersonaMapping" request + And request contains "config_uuid" parameter from "REPLACE.ME" + When the request is sent + Then the response status is 200 OK + + @generated @skip @team:DataDog/delegated-auth-login + Scenario: List AWS WIF intake mappings returns "OK" response + Given new "ListAwsWifIntakeMappings" request + When the request is sent + Then the response status is 200 OK + + @generated @skip @team:DataDog/delegated-auth-login + Scenario: List AWS WIF persona mappings returns "OK" response + Given new "ListAwsWifPersonaMappings" request + When the request is sent + Then the response status is 200 OK diff --git a/features/v2/cloud_authentication.feature b/features/v2/cloud_authentication.feature index c444f1469c23..03888e59bb81 100644 --- a/features/v2/cloud_authentication.feature +++ b/features/v2/cloud_authentication.feature @@ -8,7 +8,7 @@ Feature: Cloud Authentication And a valid "appKeyAuth" key in the system And an instance of "CloudAuthentication" API - @generated @skip @team:DataDog/team-aaaauthn + @generated @skip @team:DataDog/delegated-auth-login Scenario: Create an AWS cloud authentication persona mapping returns "Bad Request" response Given operation "CreateAWSCloudAuthPersonaMapping" enabled And new "CreateAWSCloudAuthPersonaMapping" request @@ -16,7 +16,7 @@ Feature: Cloud Authentication When the request is sent Then the response status is 400 Bad Request - @generated @skip @team:DataDog/team-aaaauthn + @generated @skip @team:DataDog/delegated-auth-login Scenario: Create an AWS cloud authentication persona mapping returns "Conflict" response Given operation "CreateAWSCloudAuthPersonaMapping" enabled And new "CreateAWSCloudAuthPersonaMapping" request @@ -24,7 +24,7 @@ Feature: Cloud Authentication When the request is sent Then the response status is 409 Conflict - @generated @skip @team:DataDog/team-aaaauthn + @generated @skip @team:DataDog/delegated-auth-login Scenario: Create an AWS cloud authentication persona mapping returns "Created" response Given operation "CreateAWSCloudAuthPersonaMapping" enabled And new "CreateAWSCloudAuthPersonaMapping" request @@ -32,7 +32,7 @@ Feature: Cloud Authentication When the request is sent Then the response status is 201 Created - @generated @skip @team:DataDog/team-aaaauthn + @generated @skip @team:DataDog/delegated-auth-login Scenario: Delete an AWS cloud authentication persona mapping returns "No Content" response Given operation "DeleteAWSCloudAuthPersonaMapping" enabled And new "DeleteAWSCloudAuthPersonaMapping" request @@ -40,7 +40,7 @@ Feature: Cloud Authentication When the request is sent Then the response status is 204 No Content - @generated @skip @team:DataDog/team-aaaauthn + @generated @skip @team:DataDog/delegated-auth-login Scenario: Delete an AWS cloud authentication persona mapping returns "Not Found" response Given operation "DeleteAWSCloudAuthPersonaMapping" enabled And new "DeleteAWSCloudAuthPersonaMapping" request @@ -48,7 +48,7 @@ Feature: Cloud Authentication When the request is sent Then the response status is 404 Not Found - @generated @skip @team:DataDog/team-aaaauthn + @generated @skip @team:DataDog/delegated-auth-login Scenario: Get an AWS cloud authentication persona mapping returns "Not Found" response Given operation "GetAWSCloudAuthPersonaMapping" enabled And new "GetAWSCloudAuthPersonaMapping" request @@ -56,7 +56,7 @@ Feature: Cloud Authentication When the request is sent Then the response status is 404 Not Found - @generated @skip @team:DataDog/team-aaaauthn + @generated @skip @team:DataDog/delegated-auth-login Scenario: Get an AWS cloud authentication persona mapping returns "OK" response Given operation "GetAWSCloudAuthPersonaMapping" enabled And new "GetAWSCloudAuthPersonaMapping" request @@ -64,14 +64,14 @@ Feature: Cloud Authentication When the request is sent Then the response status is 200 OK - @generated @skip @team:DataDog/team-aaaauthn + @generated @skip @team:DataDog/delegated-auth-login Scenario: List AWS cloud authentication persona mappings returns "Bad Request" response Given operation "ListAWSCloudAuthPersonaMappings" enabled And new "ListAWSCloudAuthPersonaMappings" request When the request is sent Then the response status is 400 Bad Request - @generated @skip @team:DataDog/team-aaaauthn + @generated @skip @team:DataDog/delegated-auth-login Scenario: List AWS cloud authentication persona mappings returns "OK" response Given operation "ListAWSCloudAuthPersonaMappings" enabled And new "ListAWSCloudAuthPersonaMappings" request diff --git a/features/v2/delegated_token.feature b/features/v2/delegated_token.feature new file mode 100644 index 000000000000..343463af38d5 --- /dev/null +++ b/features/v2/delegated_token.feature @@ -0,0 +1,13 @@ +@endpoint(delegated-token) @endpoint(delegated-token-v2) +Feature: Delegated Token + Exchange a cloud-provider identity proof or Datadog credential for a + short-lived delegated-user JWT via Workload Identity Federation. + + @generated @skip @team:DataDog/delegated-auth-login + Scenario: Get a delegated token returns "OK" response + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And an instance of "DelegatedToken" API + And new "GetDelegatedToken" request + When the request is sent + Then the response status is 200 OK diff --git a/features/v2/intake_key.feature b/features/v2/intake_key.feature new file mode 100644 index 000000000000..ddcc5a81f129 --- /dev/null +++ b/features/v2/intake_key.feature @@ -0,0 +1,13 @@ +@endpoint(intake-key) @endpoint(intake-key-v2) +Feature: Intake Key + Exchange a cloud-provider identity proof for a Datadog API key via + Workload Identity Federation intake mappings. + + @generated @skip @team:DataDog/credentials-management + Scenario: Get an intake API key returns "OK" response + Given a valid "apiKeyAuth" key in the system + And a valid "appKeyAuth" key in the system + And an instance of "IntakeKey" API + And new "GetIntakeKey" request + When the request is sent + Then the response status is 200 OK diff --git a/features/v2/undo.json b/features/v2/undo.json index 049cc1252219..d96495cf2733 100644 --- a/features/v2/undo.json +++ b/features/v2/undo.json @@ -2255,6 +2255,12 @@ "type": "idempotent" } }, + "GetDelegatedToken": { + "tag": "Delegated Token", + "undo": { + "type": "idempotent" + } + }, "CreateDataDeletionRequest": { "tag": "Data Deletion", "undo": { @@ -3233,6 +3239,12 @@ "type": "idempotent" } }, + "GetIntakeKey": { + "tag": "Intake Key", + "undo": { + "type": "idempotent" + } + }, "ListAWSAccounts": { "tag": "AWS Integration", "undo": { @@ -9246,6 +9258,68 @@ "type": "safe" } }, + "ListAwsWifIntakeMappings": { + "tag": "AWS WIF", + "undo": { + "type": "safe" + } + }, + "CreateAwsWifIntakeMapping": { + "tag": "AWS WIF", + "undo": { + "operationId": "DeleteAwsWifIntakeMapping", + "parameters": [ + { + "name": "config_uuid", + "source": "data.id" + } + ], + "type": "unsafe" + } + }, + "DeleteAwsWifIntakeMapping": { + "tag": "AWS WIF", + "undo": { + "type": "idempotent" + } + }, + "GetAwsWifIntakeMapping": { + "tag": "AWS WIF", + "undo": { + "type": "safe" + } + }, + "ListAwsWifPersonaMappings": { + "tag": "AWS WIF", + "undo": { + "type": "safe" + } + }, + "CreateAwsWifPersonaMapping": { + "tag": "AWS WIF", + "undo": { + "operationId": "DeleteAwsWifPersonaMapping", + "parameters": [ + { + "name": "config_uuid", + "source": "data.id" + } + ], + "type": "unsafe" + } + }, + "DeleteAwsWifPersonaMapping": { + "tag": "AWS WIF", + "undo": { + "type": "idempotent" + } + }, + "GetAwsWifPersonaMapping": { + "tag": "AWS WIF", + "undo": { + "type": "safe" + } + }, "ListWorkflows": { "tag": "Workflow Automation", "undo": { diff --git a/packages/datadog-api-client/README.md b/packages/datadog-api-client/README.md index 9ed5056d71cf..56da9d26227f 100644 --- a/packages/datadog-api-client/README.md +++ b/packages/datadog-api-client/README.md @@ -361,6 +361,7 @@ apiInstance | AuthN Mappings | @datadog/datadog-api-client-auth-n-mappings | [README.md](../../services/auth-n-mappings/README.md) | | AWS Integration | @datadog/datadog-api-client-aws-integration | [README.md](../../services/aws-integration/README.md) | | AWS Logs Integration | @datadog/datadog-api-client-aws-logs-integration | [README.md](../../services/aws-logs-integration/README.md) | +| AWS WIF | @datadog/datadog-api-client-aws-wif | [README.md](../../services/aws-wif/README.md) | | Azure Integration | @datadog/datadog-api-client-azure-integration | [README.md](../../services/azure-integration/README.md) | | Bits AI | @datadog/datadog-api-client-bits-ai | [README.md](../../services/bits-ai/README.md) | | Case Management | @datadog/datadog-api-client-case-management | [README.md](../../services/case-management/README.md) | @@ -391,6 +392,7 @@ apiInstance | Data Deletion | @datadog/datadog-api-client-data-deletion | [README.md](../../services/data-deletion/README.md) | | Data Observability | @datadog/datadog-api-client-data-observability | [README.md](../../services/data-observability/README.md) | | Datasets | @datadog/datadog-api-client-datasets | [README.md](../../services/datasets/README.md) | +| Delegated Token | @datadog/datadog-api-client-delegated-token | [README.md](../../services/delegated-token/README.md) | | Deployment Gates | @datadog/datadog-api-client-deployment-gates | [README.md](../../services/deployment-gates/README.md) | | Domain Allowlist | @datadog/datadog-api-client-domain-allowlist | [README.md](../../services/domain-allowlist/README.md) | | DORA Metrics | @datadog/datadog-api-client-dora-metrics | [README.md](../../services/dora-metrics/README.md) | @@ -409,6 +411,7 @@ apiInstance | High Availability MultiRegion | @datadog/datadog-api-client-high-availability-multi-region | [README.md](../../services/high-availability-multi-region/README.md) | | Hosts | @datadog/datadog-api-client-hosts | [README.md](../../services/hosts/README.md) | | Incidents | @datadog/datadog-api-client-incidents | [README.md](../../services/incidents/README.md) | +| Intake Key | @datadog/datadog-api-client-intake-key | [README.md](../../services/intake-key/README.md) | | Integrations | @datadog/datadog-api-client-integrations | [README.md](../../services/integrations/README.md) | | IP Allowlist | @datadog/datadog-api-client-ip-allowlist | [README.md](../../services/ip-allowlist/README.md) | | IP Ranges | @datadog/datadog-api-client-ip-ranges | [README.md](../../services/ip-ranges/README.md) | diff --git a/private/bdd_runner/src/support/scenarios_model_mapping.ts b/private/bdd_runner/src/support/scenarios_model_mapping.ts index ac277e254975..df55a914e97e 100644 --- a/private/bdd_runner/src/support/scenarios_model_mapping.ts +++ b/private/bdd_runner/src/support/scenarios_model_mapping.ts @@ -8601,6 +8601,9 @@ export const ScenariosModelMappings: { [key: string]: OperationMapping } = { }, operationResponseType: "{}", }, + "DelegatedTokenApi.V2.GetDelegatedToken": { + operationResponseType: "DelegatedTokenResponse", + }, "DataDeletionApi.V2.CreateDataDeletionRequest": { product: { type: "string", @@ -10017,6 +10020,9 @@ export const ScenariosModelMappings: { [key: string]: OperationMapping } = { }, operationResponseType: "IncidentTodoResponse", }, + "IntakeKeyApi.V2.GetIntakeKey": { + operationResponseType: "IntakeAPIKeyResponse", + }, "AWSIntegrationApi.V2.ListAWSAccounts": { awsAccountId: { type: "string", @@ -16715,6 +16721,54 @@ export const ScenariosModelMappings: { [key: string]: OperationMapping } = { }, operationResponseType: "{}", }, + "AWSWIFApi.V2.ListAwsWifIntakeMappings": { + operationResponseType: "AwsWifIntakeMappingsResponse", + }, + "AWSWIFApi.V2.CreateAwsWifIntakeMapping": { + body: { + type: "AwsWifIntakeMappingCreateRequest", + format: "", + }, + operationResponseType: "AwsWifIntakeMappingResponse", + }, + "AWSWIFApi.V2.GetAwsWifIntakeMapping": { + configUuid: { + type: "string", + format: "uuid", + }, + operationResponseType: "AwsWifIntakeMappingResponse", + }, + "AWSWIFApi.V2.DeleteAwsWifIntakeMapping": { + configUuid: { + type: "string", + format: "uuid", + }, + operationResponseType: "{}", + }, + "AWSWIFApi.V2.ListAwsWifPersonaMappings": { + operationResponseType: "AwsWifPersonaMappingsResponse", + }, + "AWSWIFApi.V2.CreateAwsWifPersonaMapping": { + body: { + type: "AwsWifPersonaMappingCreateRequest", + format: "", + }, + operationResponseType: "AwsWifPersonaMappingResponse", + }, + "AWSWIFApi.V2.GetAwsWifPersonaMapping": { + configUuid: { + type: "string", + format: "uuid", + }, + operationResponseType: "AwsWifPersonaMappingResponse", + }, + "AWSWIFApi.V2.DeleteAwsWifPersonaMapping": { + configUuid: { + type: "string", + format: "uuid", + }, + operationResponseType: "{}", + }, "WorkflowAutomationApi.V2.ListWorkflows": { limit: { type: "number", diff --git a/services/aws_wif/.yarnrc.yml b/services/aws_wif/.yarnrc.yml new file mode 100644 index 000000000000..3186f3f0795a --- /dev/null +++ b/services/aws_wif/.yarnrc.yml @@ -0,0 +1 @@ +nodeLinker: node-modules diff --git a/services/aws_wif/README.md b/services/aws_wif/README.md new file mode 100644 index 000000000000..b5ffdd8c047b --- /dev/null +++ b/services/aws_wif/README.md @@ -0,0 +1,37 @@ +# @datadog/datadog-api-client-aws-wif + +## Description + +Manage AWS Workload Identity Federation (WIF) mappings. +Persona mappings link IAM role ARN patterns to Datadog users for delegated-token authentication. +Intake mappings link IAM role ARN patterns to managed-rotation API keys for agent telemetry ingestion. + +## Navigation + +- [Installation](#installation) +- [Getting Started](#getting-started) + +## Installation + +```sh +# NPM +npm install @datadog/datadog-api-client-aws-wif +# Yarn +yarn add @datadog/datadog-api-client-aws-wif +``` + +## Getting Started +```ts +import { createConfiguration } from "@datadog/datadog-api-client"; +import { AWSWIFApiV2 } from "@datadog/datadog-api-client-aws-wif"; +import { v2 } from "@datadog/datadog-api-client-aws-wif"; + +const configuration = createConfiguration(); +const apiInstance = new AWSWIFApiV2(configuration); + +apiInstance.listAwsWifIntakeMappings().then((data) => { + console.log("API called successfully. Returned data: " + JSON.stringify(data)); +}).catch((error) => { + console.error("Error calling API: " + error); +}); +``` \ No newline at end of file diff --git a/services/aws_wif/package.json b/services/aws_wif/package.json new file mode 100644 index 000000000000..298211273f3d --- /dev/null +++ b/services/aws_wif/package.json @@ -0,0 +1,43 @@ +{ + "name": "@datadog/datadog-api-client-aws-wif", + "description": "", + "author": "", + "keywords": [ + "api", + "fetch", + "typescript" + ], + "license": "Apache-2.0", + "licenses": [ + { + "type": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + ], + "repository": { + "type": "git", + "url": "https://github.com/DataDog/datadog-api-client-typescript.git", + "directory": "services/aws-wif" + }, + "files": [ + "dist/**/*" + ], + "main": "./dist/index.js", + "typings": "./dist/index.d.ts", + "scripts": { + "prepack": "yarn workspace @datadog/datadog-api-client build && yarn build", + "build": "yarn generate-version-files && tsc", + "generate-version-files": "node -p \"'export const version = ' + JSON.stringify(require('./package.json').version)\" > src/version.ts" + }, + "dependencies": { + "@datadog/datadog-api-client": "^2.0.0-beta.2" + }, + "devDependencies": { + "typescript": "5.8.3" + }, + "engines": { + "node": ">=18.0.0" + }, + "version": "0.0.1", + "packageManager": "yarn@4.9.1" +} diff --git a/services/aws_wif/src/index.ts b/services/aws_wif/src/index.ts new file mode 100644 index 000000000000..08b258d5f9be --- /dev/null +++ b/services/aws_wif/src/index.ts @@ -0,0 +1,3 @@ +export * as v2 from "./v2"; + +export { AWSWIFApi as AWSWIFApiV2 } from "./v2/AWSWIFApi"; diff --git a/services/aws_wif/src/v2/AWSWIFApi.ts b/services/aws_wif/src/v2/AWSWIFApi.ts new file mode 100644 index 000000000000..b4122ad7c69e --- /dev/null +++ b/services/aws_wif/src/v2/AWSWIFApi.ts @@ -0,0 +1,1257 @@ +import { + ApiException, + BaseAPIRequestFactory, + BaseServerConfiguration, + buildUserAgent, + Configuration, + createConfiguration, + deserialize, + getPreferredMediaType, + HttpMethod, + isBrowser, + logger, + normalizeMediaType, + parse, + RequiredError, + RequestContext, + ResponseContext, + serialize, + ServerConfiguration, + stringify, + applySecurityAuthentication, +} from "@datadog/datadog-api-client"; + +import { TypingInfo } from "./models/TypingInfo"; +import { APIErrorResponse } from "./models/APIErrorResponse"; +import { AwsWifIntakeMappingCreateRequest } from "./models/AwsWifIntakeMappingCreateRequest"; +import { AwsWifIntakeMappingResponse } from "./models/AwsWifIntakeMappingResponse"; +import { AwsWifIntakeMappingsResponse } from "./models/AwsWifIntakeMappingsResponse"; +import { AwsWifPersonaMappingCreateRequest } from "./models/AwsWifPersonaMappingCreateRequest"; +import { AwsWifPersonaMappingResponse } from "./models/AwsWifPersonaMappingResponse"; +import { AwsWifPersonaMappingsResponse } from "./models/AwsWifPersonaMappingsResponse"; +import { JSONAPIErrorResponse } from "./models/JSONAPIErrorResponse"; +import { version } from "../version"; + +export class AWSWIFApiRequestFactory extends BaseAPIRequestFactory { + public userAgent: string | undefined; + + public constructor(configuration: Configuration) { + super(configuration); + if (!isBrowser) { + this.userAgent = buildUserAgent("aws-wif", version); + } + } + public async createAwsWifIntakeMapping( + body: AwsWifIntakeMappingCreateRequest, + _options?: Configuration, + ): Promise { + const _config = _options || this.configuration; + + // verify required parameter 'body' is not null or undefined + if (body === null || body === undefined) { + throw new RequiredError("body", "createAwsWifIntakeMapping"); + } + + // Path Params + const localVarPath = "/api/v2/wif/aws/intake_mapping"; + + // Make Request Context + const { server, overrides } = _config.getServerAndOverrides( + "AWSWIFApi.v2.createAwsWifIntakeMapping", + AWSWIFApi.operationServers, + ); + const requestContext = server.makeRequestContext( + localVarPath, + HttpMethod.POST, + overrides, + ); + requestContext.setHeaderParam("Accept", "application/json"); + requestContext.setHttpConfig(_config.httpConfig); + + // Set User-Agent + if (this.userAgent) { + requestContext.setHeaderParam("User-Agent", this.userAgent); + } + + // Body Params + const contentType = getPreferredMediaType(["application/json"]); + requestContext.setHeaderParam("Content-Type", contentType); + const serializedBody = stringify( + serialize(body, TypingInfo, "AwsWifIntakeMappingCreateRequest", ""), + contentType, + ); + requestContext.setBody(serializedBody); + + // Apply auth methods + applySecurityAuthentication(_config, requestContext, [ + "apiKeyAuth", + "appKeyAuth", + "AuthZ", + ]); + + return requestContext; + } + + public async createAwsWifPersonaMapping( + body: AwsWifPersonaMappingCreateRequest, + _options?: Configuration, + ): Promise { + const _config = _options || this.configuration; + + // verify required parameter 'body' is not null or undefined + if (body === null || body === undefined) { + throw new RequiredError("body", "createAwsWifPersonaMapping"); + } + + // Path Params + const localVarPath = "/api/v2/wif/aws/persona_mapping"; + + // Make Request Context + const { server, overrides } = _config.getServerAndOverrides( + "AWSWIFApi.v2.createAwsWifPersonaMapping", + AWSWIFApi.operationServers, + ); + const requestContext = server.makeRequestContext( + localVarPath, + HttpMethod.POST, + overrides, + ); + requestContext.setHeaderParam("Accept", "application/json"); + requestContext.setHttpConfig(_config.httpConfig); + + // Set User-Agent + if (this.userAgent) { + requestContext.setHeaderParam("User-Agent", this.userAgent); + } + + // Body Params + const contentType = getPreferredMediaType(["application/json"]); + requestContext.setHeaderParam("Content-Type", contentType); + const serializedBody = stringify( + serialize(body, TypingInfo, "AwsWifPersonaMappingCreateRequest", ""), + contentType, + ); + requestContext.setBody(serializedBody); + + // Apply auth methods + applySecurityAuthentication(_config, requestContext, [ + "apiKeyAuth", + "appKeyAuth", + "AuthZ", + ]); + + return requestContext; + } + + public async deleteAwsWifIntakeMapping( + configUuid: string, + _options?: Configuration, + ): Promise { + const _config = _options || this.configuration; + + // verify required parameter 'configUuid' is not null or undefined + if (configUuid === null || configUuid === undefined) { + throw new RequiredError("configUuid", "deleteAwsWifIntakeMapping"); + } + + // Path Params + const localVarPath = "/api/v2/wif/aws/intake_mapping/{config_uuid}".replace( + "{config_uuid}", + encodeURIComponent(String(configUuid)), + ); + + // Make Request Context + const { server, overrides } = _config.getServerAndOverrides( + "AWSWIFApi.v2.deleteAwsWifIntakeMapping", + AWSWIFApi.operationServers, + ); + const requestContext = server.makeRequestContext( + localVarPath, + HttpMethod.DELETE, + overrides, + ); + requestContext.setHeaderParam("Accept", "*/*"); + requestContext.setHttpConfig(_config.httpConfig); + + // Set User-Agent + if (this.userAgent) { + requestContext.setHeaderParam("User-Agent", this.userAgent); + } + + // Apply auth methods + applySecurityAuthentication(_config, requestContext, [ + "apiKeyAuth", + "appKeyAuth", + "AuthZ", + ]); + + return requestContext; + } + + public async deleteAwsWifPersonaMapping( + configUuid: string, + _options?: Configuration, + ): Promise { + const _config = _options || this.configuration; + + // verify required parameter 'configUuid' is not null or undefined + if (configUuid === null || configUuid === undefined) { + throw new RequiredError("configUuid", "deleteAwsWifPersonaMapping"); + } + + // Path Params + const localVarPath = + "/api/v2/wif/aws/persona_mapping/{config_uuid}".replace( + "{config_uuid}", + encodeURIComponent(String(configUuid)), + ); + + // Make Request Context + const { server, overrides } = _config.getServerAndOverrides( + "AWSWIFApi.v2.deleteAwsWifPersonaMapping", + AWSWIFApi.operationServers, + ); + const requestContext = server.makeRequestContext( + localVarPath, + HttpMethod.DELETE, + overrides, + ); + requestContext.setHeaderParam("Accept", "*/*"); + requestContext.setHttpConfig(_config.httpConfig); + + // Set User-Agent + if (this.userAgent) { + requestContext.setHeaderParam("User-Agent", this.userAgent); + } + + // Apply auth methods + applySecurityAuthentication(_config, requestContext, [ + "apiKeyAuth", + "appKeyAuth", + "AuthZ", + ]); + + return requestContext; + } + + public async getAwsWifIntakeMapping( + configUuid: string, + _options?: Configuration, + ): Promise { + const _config = _options || this.configuration; + + // verify required parameter 'configUuid' is not null or undefined + if (configUuid === null || configUuid === undefined) { + throw new RequiredError("configUuid", "getAwsWifIntakeMapping"); + } + + // Path Params + const localVarPath = "/api/v2/wif/aws/intake_mapping/{config_uuid}".replace( + "{config_uuid}", + encodeURIComponent(String(configUuid)), + ); + + // Make Request Context + const { server, overrides } = _config.getServerAndOverrides( + "AWSWIFApi.v2.getAwsWifIntakeMapping", + AWSWIFApi.operationServers, + ); + const requestContext = server.makeRequestContext( + localVarPath, + HttpMethod.GET, + overrides, + ); + requestContext.setHeaderParam("Accept", "application/json"); + requestContext.setHttpConfig(_config.httpConfig); + + // Set User-Agent + if (this.userAgent) { + requestContext.setHeaderParam("User-Agent", this.userAgent); + } + + // Apply auth methods + applySecurityAuthentication(_config, requestContext, [ + "apiKeyAuth", + "appKeyAuth", + "AuthZ", + ]); + + return requestContext; + } + + public async getAwsWifPersonaMapping( + configUuid: string, + _options?: Configuration, + ): Promise { + const _config = _options || this.configuration; + + // verify required parameter 'configUuid' is not null or undefined + if (configUuid === null || configUuid === undefined) { + throw new RequiredError("configUuid", "getAwsWifPersonaMapping"); + } + + // Path Params + const localVarPath = + "/api/v2/wif/aws/persona_mapping/{config_uuid}".replace( + "{config_uuid}", + encodeURIComponent(String(configUuid)), + ); + + // Make Request Context + const { server, overrides } = _config.getServerAndOverrides( + "AWSWIFApi.v2.getAwsWifPersonaMapping", + AWSWIFApi.operationServers, + ); + const requestContext = server.makeRequestContext( + localVarPath, + HttpMethod.GET, + overrides, + ); + requestContext.setHeaderParam("Accept", "application/json"); + requestContext.setHttpConfig(_config.httpConfig); + + // Set User-Agent + if (this.userAgent) { + requestContext.setHeaderParam("User-Agent", this.userAgent); + } + + // Apply auth methods + applySecurityAuthentication(_config, requestContext, [ + "apiKeyAuth", + "appKeyAuth", + "AuthZ", + ]); + + return requestContext; + } + + public async listAwsWifIntakeMappings( + _options?: Configuration, + ): Promise { + const _config = _options || this.configuration; + + // Path Params + const localVarPath = "/api/v2/wif/aws/intake_mapping"; + + // Make Request Context + const { server, overrides } = _config.getServerAndOverrides( + "AWSWIFApi.v2.listAwsWifIntakeMappings", + AWSWIFApi.operationServers, + ); + const requestContext = server.makeRequestContext( + localVarPath, + HttpMethod.GET, + overrides, + ); + requestContext.setHeaderParam("Accept", "application/json"); + requestContext.setHttpConfig(_config.httpConfig); + + // Set User-Agent + if (this.userAgent) { + requestContext.setHeaderParam("User-Agent", this.userAgent); + } + + // Apply auth methods + applySecurityAuthentication(_config, requestContext, [ + "apiKeyAuth", + "appKeyAuth", + "AuthZ", + ]); + + return requestContext; + } + + public async listAwsWifPersonaMappings( + _options?: Configuration, + ): Promise { + const _config = _options || this.configuration; + + // Path Params + const localVarPath = "/api/v2/wif/aws/persona_mapping"; + + // Make Request Context + const { server, overrides } = _config.getServerAndOverrides( + "AWSWIFApi.v2.listAwsWifPersonaMappings", + AWSWIFApi.operationServers, + ); + const requestContext = server.makeRequestContext( + localVarPath, + HttpMethod.GET, + overrides, + ); + requestContext.setHeaderParam("Accept", "application/json"); + requestContext.setHttpConfig(_config.httpConfig); + + // Set User-Agent + if (this.userAgent) { + requestContext.setHeaderParam("User-Agent", this.userAgent); + } + + // Apply auth methods + applySecurityAuthentication(_config, requestContext, [ + "apiKeyAuth", + "appKeyAuth", + "AuthZ", + ]); + + return requestContext; + } +} + +export class AWSWIFApiResponseProcessor { + /** + * Unwraps the actual response sent by the server from the response context and deserializes the response content + * to the expected objects + * + * @params response Response returned by the server for a request to createAwsWifIntakeMapping + * @throws ApiException if the response code was not in [200, 299] + */ + public async createAwsWifIntakeMapping( + response: ResponseContext, + ): Promise { + const contentType = normalizeMediaType(response.headers["content-type"]); + if (response.httpStatusCode === 201) { + const body: AwsWifIntakeMappingResponse = deserialize( + parse(await response.body.text(), contentType), + TypingInfo, + "AwsWifIntakeMappingResponse", + ) as AwsWifIntakeMappingResponse; + return body; + } + if ( + response.httpStatusCode === 400 || + response.httpStatusCode === 403 || + response.httpStatusCode === 409 + ) { + const bodyText = parse(await response.body.text(), contentType); + let body: JSONAPIErrorResponse; + try { + body = deserialize( + bodyText, + TypingInfo, + "JSONAPIErrorResponse", + ) as JSONAPIErrorResponse; + } catch (error) { + logger.debug(`Got error deserializing error: ${error}`); + throw new ApiException( + response.httpStatusCode, + bodyText, + ); + } + throw new ApiException( + response.httpStatusCode, + body, + ); + } + if (response.httpStatusCode === 429) { + const bodyText = parse(await response.body.text(), contentType); + let body: APIErrorResponse; + try { + body = deserialize( + bodyText, + TypingInfo, + "APIErrorResponse", + ) as APIErrorResponse; + } catch (error) { + logger.debug(`Got error deserializing error: ${error}`); + throw new ApiException( + response.httpStatusCode, + bodyText, + ); + } + throw new ApiException(response.httpStatusCode, body); + } + + // Work around for missing responses in specification, e.g. for petstore.yaml + if (response.httpStatusCode >= 200 && response.httpStatusCode <= 299) { + const body: AwsWifIntakeMappingResponse = deserialize( + parse(await response.body.text(), contentType), + TypingInfo, + "AwsWifIntakeMappingResponse", + "", + ) as AwsWifIntakeMappingResponse; + return body; + } + + const body = (await response.body.text()) || ""; + throw new ApiException( + response.httpStatusCode, + 'Unknown API Status Code!\nBody: "' + body + '"', + ); + } + + /** + * Unwraps the actual response sent by the server from the response context and deserializes the response content + * to the expected objects + * + * @params response Response returned by the server for a request to createAwsWifPersonaMapping + * @throws ApiException if the response code was not in [200, 299] + */ + public async createAwsWifPersonaMapping( + response: ResponseContext, + ): Promise { + const contentType = normalizeMediaType(response.headers["content-type"]); + if (response.httpStatusCode === 201) { + const body: AwsWifPersonaMappingResponse = deserialize( + parse(await response.body.text(), contentType), + TypingInfo, + "AwsWifPersonaMappingResponse", + ) as AwsWifPersonaMappingResponse; + return body; + } + if ( + response.httpStatusCode === 400 || + response.httpStatusCode === 403 || + response.httpStatusCode === 409 + ) { + const bodyText = parse(await response.body.text(), contentType); + let body: JSONAPIErrorResponse; + try { + body = deserialize( + bodyText, + TypingInfo, + "JSONAPIErrorResponse", + ) as JSONAPIErrorResponse; + } catch (error) { + logger.debug(`Got error deserializing error: ${error}`); + throw new ApiException( + response.httpStatusCode, + bodyText, + ); + } + throw new ApiException( + response.httpStatusCode, + body, + ); + } + if (response.httpStatusCode === 429) { + const bodyText = parse(await response.body.text(), contentType); + let body: APIErrorResponse; + try { + body = deserialize( + bodyText, + TypingInfo, + "APIErrorResponse", + ) as APIErrorResponse; + } catch (error) { + logger.debug(`Got error deserializing error: ${error}`); + throw new ApiException( + response.httpStatusCode, + bodyText, + ); + } + throw new ApiException(response.httpStatusCode, body); + } + + // Work around for missing responses in specification, e.g. for petstore.yaml + if (response.httpStatusCode >= 200 && response.httpStatusCode <= 299) { + const body: AwsWifPersonaMappingResponse = deserialize( + parse(await response.body.text(), contentType), + TypingInfo, + "AwsWifPersonaMappingResponse", + "", + ) as AwsWifPersonaMappingResponse; + return body; + } + + const body = (await response.body.text()) || ""; + throw new ApiException( + response.httpStatusCode, + 'Unknown API Status Code!\nBody: "' + body + '"', + ); + } + + /** + * Unwraps the actual response sent by the server from the response context and deserializes the response content + * to the expected objects + * + * @params response Response returned by the server for a request to deleteAwsWifIntakeMapping + * @throws ApiException if the response code was not in [200, 299] + */ + public async deleteAwsWifIntakeMapping( + response: ResponseContext, + ): Promise { + const contentType = normalizeMediaType(response.headers["content-type"]); + if (response.httpStatusCode === 204) { + return; + } + if ( + response.httpStatusCode === 400 || + response.httpStatusCode === 403 || + response.httpStatusCode === 404 + ) { + const bodyText = parse(await response.body.text(), contentType); + let body: JSONAPIErrorResponse; + try { + body = deserialize( + bodyText, + TypingInfo, + "JSONAPIErrorResponse", + ) as JSONAPIErrorResponse; + } catch (error) { + logger.debug(`Got error deserializing error: ${error}`); + throw new ApiException( + response.httpStatusCode, + bodyText, + ); + } + throw new ApiException( + response.httpStatusCode, + body, + ); + } + if (response.httpStatusCode === 429) { + const bodyText = parse(await response.body.text(), contentType); + let body: APIErrorResponse; + try { + body = deserialize( + bodyText, + TypingInfo, + "APIErrorResponse", + ) as APIErrorResponse; + } catch (error) { + logger.debug(`Got error deserializing error: ${error}`); + throw new ApiException( + response.httpStatusCode, + bodyText, + ); + } + throw new ApiException(response.httpStatusCode, body); + } + + // Work around for missing responses in specification, e.g. for petstore.yaml + if (response.httpStatusCode >= 200 && response.httpStatusCode <= 299) { + return; + } + + const body = (await response.body.text()) || ""; + throw new ApiException( + response.httpStatusCode, + 'Unknown API Status Code!\nBody: "' + body + '"', + ); + } + + /** + * Unwraps the actual response sent by the server from the response context and deserializes the response content + * to the expected objects + * + * @params response Response returned by the server for a request to deleteAwsWifPersonaMapping + * @throws ApiException if the response code was not in [200, 299] + */ + public async deleteAwsWifPersonaMapping( + response: ResponseContext, + ): Promise { + const contentType = normalizeMediaType(response.headers["content-type"]); + if (response.httpStatusCode === 204) { + return; + } + if ( + response.httpStatusCode === 400 || + response.httpStatusCode === 403 || + response.httpStatusCode === 404 + ) { + const bodyText = parse(await response.body.text(), contentType); + let body: JSONAPIErrorResponse; + try { + body = deserialize( + bodyText, + TypingInfo, + "JSONAPIErrorResponse", + ) as JSONAPIErrorResponse; + } catch (error) { + logger.debug(`Got error deserializing error: ${error}`); + throw new ApiException( + response.httpStatusCode, + bodyText, + ); + } + throw new ApiException( + response.httpStatusCode, + body, + ); + } + if (response.httpStatusCode === 429) { + const bodyText = parse(await response.body.text(), contentType); + let body: APIErrorResponse; + try { + body = deserialize( + bodyText, + TypingInfo, + "APIErrorResponse", + ) as APIErrorResponse; + } catch (error) { + logger.debug(`Got error deserializing error: ${error}`); + throw new ApiException( + response.httpStatusCode, + bodyText, + ); + } + throw new ApiException(response.httpStatusCode, body); + } + + // Work around for missing responses in specification, e.g. for petstore.yaml + if (response.httpStatusCode >= 200 && response.httpStatusCode <= 299) { + return; + } + + const body = (await response.body.text()) || ""; + throw new ApiException( + response.httpStatusCode, + 'Unknown API Status Code!\nBody: "' + body + '"', + ); + } + + /** + * Unwraps the actual response sent by the server from the response context and deserializes the response content + * to the expected objects + * + * @params response Response returned by the server for a request to getAwsWifIntakeMapping + * @throws ApiException if the response code was not in [200, 299] + */ + public async getAwsWifIntakeMapping( + response: ResponseContext, + ): Promise { + const contentType = normalizeMediaType(response.headers["content-type"]); + if (response.httpStatusCode === 200) { + const body: AwsWifIntakeMappingResponse = deserialize( + parse(await response.body.text(), contentType), + TypingInfo, + "AwsWifIntakeMappingResponse", + ) as AwsWifIntakeMappingResponse; + return body; + } + if ( + response.httpStatusCode === 400 || + response.httpStatusCode === 403 || + response.httpStatusCode === 404 + ) { + const bodyText = parse(await response.body.text(), contentType); + let body: JSONAPIErrorResponse; + try { + body = deserialize( + bodyText, + TypingInfo, + "JSONAPIErrorResponse", + ) as JSONAPIErrorResponse; + } catch (error) { + logger.debug(`Got error deserializing error: ${error}`); + throw new ApiException( + response.httpStatusCode, + bodyText, + ); + } + throw new ApiException( + response.httpStatusCode, + body, + ); + } + if (response.httpStatusCode === 429) { + const bodyText = parse(await response.body.text(), contentType); + let body: APIErrorResponse; + try { + body = deserialize( + bodyText, + TypingInfo, + "APIErrorResponse", + ) as APIErrorResponse; + } catch (error) { + logger.debug(`Got error deserializing error: ${error}`); + throw new ApiException( + response.httpStatusCode, + bodyText, + ); + } + throw new ApiException(response.httpStatusCode, body); + } + + // Work around for missing responses in specification, e.g. for petstore.yaml + if (response.httpStatusCode >= 200 && response.httpStatusCode <= 299) { + const body: AwsWifIntakeMappingResponse = deserialize( + parse(await response.body.text(), contentType), + TypingInfo, + "AwsWifIntakeMappingResponse", + "", + ) as AwsWifIntakeMappingResponse; + return body; + } + + const body = (await response.body.text()) || ""; + throw new ApiException( + response.httpStatusCode, + 'Unknown API Status Code!\nBody: "' + body + '"', + ); + } + + /** + * Unwraps the actual response sent by the server from the response context and deserializes the response content + * to the expected objects + * + * @params response Response returned by the server for a request to getAwsWifPersonaMapping + * @throws ApiException if the response code was not in [200, 299] + */ + public async getAwsWifPersonaMapping( + response: ResponseContext, + ): Promise { + const contentType = normalizeMediaType(response.headers["content-type"]); + if (response.httpStatusCode === 200) { + const body: AwsWifPersonaMappingResponse = deserialize( + parse(await response.body.text(), contentType), + TypingInfo, + "AwsWifPersonaMappingResponse", + ) as AwsWifPersonaMappingResponse; + return body; + } + if ( + response.httpStatusCode === 400 || + response.httpStatusCode === 403 || + response.httpStatusCode === 404 + ) { + const bodyText = parse(await response.body.text(), contentType); + let body: JSONAPIErrorResponse; + try { + body = deserialize( + bodyText, + TypingInfo, + "JSONAPIErrorResponse", + ) as JSONAPIErrorResponse; + } catch (error) { + logger.debug(`Got error deserializing error: ${error}`); + throw new ApiException( + response.httpStatusCode, + bodyText, + ); + } + throw new ApiException( + response.httpStatusCode, + body, + ); + } + if (response.httpStatusCode === 429) { + const bodyText = parse(await response.body.text(), contentType); + let body: APIErrorResponse; + try { + body = deserialize( + bodyText, + TypingInfo, + "APIErrorResponse", + ) as APIErrorResponse; + } catch (error) { + logger.debug(`Got error deserializing error: ${error}`); + throw new ApiException( + response.httpStatusCode, + bodyText, + ); + } + throw new ApiException(response.httpStatusCode, body); + } + + // Work around for missing responses in specification, e.g. for petstore.yaml + if (response.httpStatusCode >= 200 && response.httpStatusCode <= 299) { + const body: AwsWifPersonaMappingResponse = deserialize( + parse(await response.body.text(), contentType), + TypingInfo, + "AwsWifPersonaMappingResponse", + "", + ) as AwsWifPersonaMappingResponse; + return body; + } + + const body = (await response.body.text()) || ""; + throw new ApiException( + response.httpStatusCode, + 'Unknown API Status Code!\nBody: "' + body + '"', + ); + } + + /** + * Unwraps the actual response sent by the server from the response context and deserializes the response content + * to the expected objects + * + * @params response Response returned by the server for a request to listAwsWifIntakeMappings + * @throws ApiException if the response code was not in [200, 299] + */ + public async listAwsWifIntakeMappings( + response: ResponseContext, + ): Promise { + const contentType = normalizeMediaType(response.headers["content-type"]); + if (response.httpStatusCode === 200) { + const body: AwsWifIntakeMappingsResponse = deserialize( + parse(await response.body.text(), contentType), + TypingInfo, + "AwsWifIntakeMappingsResponse", + ) as AwsWifIntakeMappingsResponse; + return body; + } + if (response.httpStatusCode === 403) { + const bodyText = parse(await response.body.text(), contentType); + let body: JSONAPIErrorResponse; + try { + body = deserialize( + bodyText, + TypingInfo, + "JSONAPIErrorResponse", + ) as JSONAPIErrorResponse; + } catch (error) { + logger.debug(`Got error deserializing error: ${error}`); + throw new ApiException( + response.httpStatusCode, + bodyText, + ); + } + throw new ApiException( + response.httpStatusCode, + body, + ); + } + if (response.httpStatusCode === 429) { + const bodyText = parse(await response.body.text(), contentType); + let body: APIErrorResponse; + try { + body = deserialize( + bodyText, + TypingInfo, + "APIErrorResponse", + ) as APIErrorResponse; + } catch (error) { + logger.debug(`Got error deserializing error: ${error}`); + throw new ApiException( + response.httpStatusCode, + bodyText, + ); + } + throw new ApiException(response.httpStatusCode, body); + } + + // Work around for missing responses in specification, e.g. for petstore.yaml + if (response.httpStatusCode >= 200 && response.httpStatusCode <= 299) { + const body: AwsWifIntakeMappingsResponse = deserialize( + parse(await response.body.text(), contentType), + TypingInfo, + "AwsWifIntakeMappingsResponse", + "", + ) as AwsWifIntakeMappingsResponse; + return body; + } + + const body = (await response.body.text()) || ""; + throw new ApiException( + response.httpStatusCode, + 'Unknown API Status Code!\nBody: "' + body + '"', + ); + } + + /** + * Unwraps the actual response sent by the server from the response context and deserializes the response content + * to the expected objects + * + * @params response Response returned by the server for a request to listAwsWifPersonaMappings + * @throws ApiException if the response code was not in [200, 299] + */ + public async listAwsWifPersonaMappings( + response: ResponseContext, + ): Promise { + const contentType = normalizeMediaType(response.headers["content-type"]); + if (response.httpStatusCode === 200) { + const body: AwsWifPersonaMappingsResponse = deserialize( + parse(await response.body.text(), contentType), + TypingInfo, + "AwsWifPersonaMappingsResponse", + ) as AwsWifPersonaMappingsResponse; + return body; + } + if (response.httpStatusCode === 403) { + const bodyText = parse(await response.body.text(), contentType); + let body: JSONAPIErrorResponse; + try { + body = deserialize( + bodyText, + TypingInfo, + "JSONAPIErrorResponse", + ) as JSONAPIErrorResponse; + } catch (error) { + logger.debug(`Got error deserializing error: ${error}`); + throw new ApiException( + response.httpStatusCode, + bodyText, + ); + } + throw new ApiException( + response.httpStatusCode, + body, + ); + } + if (response.httpStatusCode === 429) { + const bodyText = parse(await response.body.text(), contentType); + let body: APIErrorResponse; + try { + body = deserialize( + bodyText, + TypingInfo, + "APIErrorResponse", + ) as APIErrorResponse; + } catch (error) { + logger.debug(`Got error deserializing error: ${error}`); + throw new ApiException( + response.httpStatusCode, + bodyText, + ); + } + throw new ApiException(response.httpStatusCode, body); + } + + // Work around for missing responses in specification, e.g. for petstore.yaml + if (response.httpStatusCode >= 200 && response.httpStatusCode <= 299) { + const body: AwsWifPersonaMappingsResponse = deserialize( + parse(await response.body.text(), contentType), + TypingInfo, + "AwsWifPersonaMappingsResponse", + "", + ) as AwsWifPersonaMappingsResponse; + return body; + } + + const body = (await response.body.text()) || ""; + throw new ApiException( + response.httpStatusCode, + 'Unknown API Status Code!\nBody: "' + body + '"', + ); + } +} + +export interface AWSWIFApiCreateAwsWifIntakeMappingRequest { + /** + * @type AwsWifIntakeMappingCreateRequest + */ + body: AwsWifIntakeMappingCreateRequest; +} + +export interface AWSWIFApiCreateAwsWifPersonaMappingRequest { + /** + * @type AwsWifPersonaMappingCreateRequest + */ + body: AwsWifPersonaMappingCreateRequest; +} + +export interface AWSWIFApiDeleteAwsWifIntakeMappingRequest { + /** + * The UUID of the WIF configuration to operate on. + * @type string + */ + configUuid: string; +} + +export interface AWSWIFApiDeleteAwsWifPersonaMappingRequest { + /** + * The UUID of the WIF configuration to operate on. + * @type string + */ + configUuid: string; +} + +export interface AWSWIFApiGetAwsWifIntakeMappingRequest { + /** + * The UUID of the WIF configuration to operate on. + * @type string + */ + configUuid: string; +} + +export interface AWSWIFApiGetAwsWifPersonaMappingRequest { + /** + * The UUID of the WIF configuration to operate on. + * @type string + */ + configUuid: string; +} + +export class AWSWIFApi { + private requestFactory: AWSWIFApiRequestFactory; + private responseProcessor: AWSWIFApiResponseProcessor; + private configuration: Configuration; + + static operationServers: { [key: string]: BaseServerConfiguration[] } = {}; + + public constructor( + configuration?: Configuration, + requestFactory?: AWSWIFApiRequestFactory, + responseProcessor?: AWSWIFApiResponseProcessor, + ) { + this.configuration = configuration || createConfiguration(); + this.requestFactory = + requestFactory || new AWSWIFApiRequestFactory(this.configuration); + this.responseProcessor = + responseProcessor || new AWSWIFApiResponseProcessor(); + } + + /** + * Create an AWS WIF intake mapping. The mapping binds an IAM role ARN pattern to a managed-rotation API key, allowing AWS workloads to send telemetry to Datadog without requiring a delegated user token. + * @param param The request object + */ + public createAwsWifIntakeMapping( + param: AWSWIFApiCreateAwsWifIntakeMappingRequest, + options?: Configuration, + ): Promise { + const requestContextPromise = this.requestFactory.createAwsWifIntakeMapping( + param.body, + options, + ); + return requestContextPromise.then((requestContext) => { + return this.configuration.httpApi + .send(requestContext) + .then((responseContext) => { + return this.responseProcessor.createAwsWifIntakeMapping( + responseContext, + ); + }); + }); + } + + /** + * Create an AWS Workload Identity Federation (WIF) persona mapping. The mapping binds an IAM role ARN pattern to a Datadog user handle, which is used to authenticate delegated-token requests from that AWS identity. + * @param param The request object + */ + public createAwsWifPersonaMapping( + param: AWSWIFApiCreateAwsWifPersonaMappingRequest, + options?: Configuration, + ): Promise { + const requestContextPromise = + this.requestFactory.createAwsWifPersonaMapping(param.body, options); + return requestContextPromise.then((requestContext) => { + return this.configuration.httpApi + .send(requestContext) + .then((responseContext) => { + return this.responseProcessor.createAwsWifPersonaMapping( + responseContext, + ); + }); + }); + } + + /** + * Delete an AWS WIF intake mapping by UUID. The associated managed-rotation API key is left intact, but AWS workloads that previously matched this mapping will lose intake access. + * @param param The request object + */ + public deleteAwsWifIntakeMapping( + param: AWSWIFApiDeleteAwsWifIntakeMappingRequest, + options?: Configuration, + ): Promise { + const requestContextPromise = this.requestFactory.deleteAwsWifIntakeMapping( + param.configUuid, + options, + ); + return requestContextPromise.then((requestContext) => { + return this.configuration.httpApi + .send(requestContext) + .then((responseContext) => { + return this.responseProcessor.deleteAwsWifIntakeMapping( + responseContext, + ); + }); + }); + } + + /** + * Delete an AWS WIF persona mapping by UUID. Subsequent delegated-token requests from the previously mapped AWS identity will be denied. + * @param param The request object + */ + public deleteAwsWifPersonaMapping( + param: AWSWIFApiDeleteAwsWifPersonaMappingRequest, + options?: Configuration, + ): Promise { + const requestContextPromise = + this.requestFactory.deleteAwsWifPersonaMapping(param.configUuid, options); + return requestContextPromise.then((requestContext) => { + return this.configuration.httpApi + .send(requestContext) + .then((responseContext) => { + return this.responseProcessor.deleteAwsWifPersonaMapping( + responseContext, + ); + }); + }); + } + + /** + * Retrieve a single AWS WIF intake mapping by UUID. + * @param param The request object + */ + public getAwsWifIntakeMapping( + param: AWSWIFApiGetAwsWifIntakeMappingRequest, + options?: Configuration, + ): Promise { + const requestContextPromise = this.requestFactory.getAwsWifIntakeMapping( + param.configUuid, + options, + ); + return requestContextPromise.then((requestContext) => { + return this.configuration.httpApi + .send(requestContext) + .then((responseContext) => { + return this.responseProcessor.getAwsWifIntakeMapping(responseContext); + }); + }); + } + + /** + * Retrieve a single AWS WIF persona mapping by UUID. + * @param param The request object + */ + public getAwsWifPersonaMapping( + param: AWSWIFApiGetAwsWifPersonaMappingRequest, + options?: Configuration, + ): Promise { + const requestContextPromise = this.requestFactory.getAwsWifPersonaMapping( + param.configUuid, + options, + ); + return requestContextPromise.then((requestContext) => { + return this.configuration.httpApi + .send(requestContext) + .then((responseContext) => { + return this.responseProcessor.getAwsWifPersonaMapping( + responseContext, + ); + }); + }); + } + + /** + * List every AWS WIF intake mapping configured for the caller's organization. + * @param param The request object + */ + public listAwsWifIntakeMappings( + options?: Configuration, + ): Promise { + const requestContextPromise = + this.requestFactory.listAwsWifIntakeMappings(options); + return requestContextPromise.then((requestContext) => { + return this.configuration.httpApi + .send(requestContext) + .then((responseContext) => { + return this.responseProcessor.listAwsWifIntakeMappings( + responseContext, + ); + }); + }); + } + + /** + * List every AWS WIF persona mapping configured for the caller's organization. + * @param param The request object + */ + public listAwsWifPersonaMappings( + options?: Configuration, + ): Promise { + const requestContextPromise = + this.requestFactory.listAwsWifPersonaMappings(options); + return requestContextPromise.then((requestContext) => { + return this.configuration.httpApi + .send(requestContext) + .then((responseContext) => { + return this.responseProcessor.listAwsWifPersonaMappings( + responseContext, + ); + }); + }); + } +} diff --git a/services/aws_wif/src/v2/index.ts b/services/aws_wif/src/v2/index.ts new file mode 100644 index 000000000000..46715499270b --- /dev/null +++ b/services/aws_wif/src/v2/index.ts @@ -0,0 +1,29 @@ +export { + AWSWIFApiCreateAwsWifIntakeMappingRequest, + AWSWIFApiCreateAwsWifPersonaMappingRequest, + AWSWIFApiDeleteAwsWifIntakeMappingRequest, + AWSWIFApiDeleteAwsWifPersonaMappingRequest, + AWSWIFApiGetAwsWifIntakeMappingRequest, + AWSWIFApiGetAwsWifPersonaMappingRequest, + AWSWIFApi, +} from "./AWSWIFApi"; + +export { APIErrorResponse } from "./models/APIErrorResponse"; +export { AwsWifIntakeMappingAttributes } from "./models/AwsWifIntakeMappingAttributes"; +export { AwsWifIntakeMappingCreateData } from "./models/AwsWifIntakeMappingCreateData"; +export { AwsWifIntakeMappingCreateRequest } from "./models/AwsWifIntakeMappingCreateRequest"; +export { AwsWifIntakeMappingData } from "./models/AwsWifIntakeMappingData"; +export { AwsWifIntakeMappingResponse } from "./models/AwsWifIntakeMappingResponse"; +export { AwsWifIntakeMappingsResponse } from "./models/AwsWifIntakeMappingsResponse"; +export { AwsWifIntakeMappingType } from "./models/AwsWifIntakeMappingType"; +export { AwsWifPersonaMappingAttributes } from "./models/AwsWifPersonaMappingAttributes"; +export { AwsWifPersonaMappingCreateAttributes } from "./models/AwsWifPersonaMappingCreateAttributes"; +export { AwsWifPersonaMappingCreateData } from "./models/AwsWifPersonaMappingCreateData"; +export { AwsWifPersonaMappingCreateRequest } from "./models/AwsWifPersonaMappingCreateRequest"; +export { AwsWifPersonaMappingData } from "./models/AwsWifPersonaMappingData"; +export { AwsWifPersonaMappingResponse } from "./models/AwsWifPersonaMappingResponse"; +export { AwsWifPersonaMappingsResponse } from "./models/AwsWifPersonaMappingsResponse"; +export { AwsWifPersonaMappingType } from "./models/AwsWifPersonaMappingType"; +export { JSONAPIErrorItem } from "./models/JSONAPIErrorItem"; +export { JSONAPIErrorItemSource } from "./models/JSONAPIErrorItemSource"; +export { JSONAPIErrorResponse } from "./models/JSONAPIErrorResponse"; diff --git a/services/aws_wif/src/v2/models/APIErrorResponse.ts b/services/aws_wif/src/v2/models/APIErrorResponse.ts new file mode 100644 index 000000000000..58d6c35b80f0 --- /dev/null +++ b/services/aws_wif/src/v2/models/APIErrorResponse.ts @@ -0,0 +1,45 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +/** + * API error response. + */ +export class APIErrorResponse { + /** + * A list of errors. + */ + "errors": Array; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + errors: { + baseName: "errors", + type: "Array", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return APIErrorResponse.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/aws_wif/src/v2/models/AwsWifIntakeMappingAttributes.ts b/services/aws_wif/src/v2/models/AwsWifIntakeMappingAttributes.ts new file mode 100644 index 000000000000..227962185e32 --- /dev/null +++ b/services/aws_wif/src/v2/models/AwsWifIntakeMappingAttributes.ts @@ -0,0 +1,46 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +/** + * Attributes of an AWS WIF intake mapping. + */ +export class AwsWifIntakeMappingAttributes { + /** + * The AWS IAM ARN pattern identifying the role or user permitted to obtain an intake API key. + * Supports wildcards (`*`) to match multiple principals within an account. + */ + "arnPattern": string; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + arnPattern: { + baseName: "arn_pattern", + type: "string", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return AwsWifIntakeMappingAttributes.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/aws_wif/src/v2/models/AwsWifIntakeMappingCreateData.ts b/services/aws_wif/src/v2/models/AwsWifIntakeMappingCreateData.ts new file mode 100644 index 000000000000..cd5acd0d1b7d --- /dev/null +++ b/services/aws_wif/src/v2/models/AwsWifIntakeMappingCreateData.ts @@ -0,0 +1,57 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +import { AwsWifIntakeMappingAttributes } from "./AwsWifIntakeMappingAttributes"; +import { AwsWifIntakeMappingType } from "./AwsWifIntakeMappingType"; + +/** + * Data for creating an AWS WIF intake mapping. + */ +export class AwsWifIntakeMappingCreateData { + /** + * Attributes of an AWS WIF intake mapping. + */ + "attributes": AwsWifIntakeMappingAttributes; + /** + * Type identifier for an AWS WIF intake mapping. + */ + "type": AwsWifIntakeMappingType; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + attributes: { + baseName: "attributes", + type: "AwsWifIntakeMappingAttributes", + required: true, + }, + type: { + baseName: "type", + type: "AwsWifIntakeMappingType", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return AwsWifIntakeMappingCreateData.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/aws_wif/src/v2/models/AwsWifIntakeMappingCreateRequest.ts b/services/aws_wif/src/v2/models/AwsWifIntakeMappingCreateRequest.ts new file mode 100644 index 000000000000..a4eb417f4b27 --- /dev/null +++ b/services/aws_wif/src/v2/models/AwsWifIntakeMappingCreateRequest.ts @@ -0,0 +1,47 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +import { AwsWifIntakeMappingCreateData } from "./AwsWifIntakeMappingCreateData"; + +/** + * Request body for creating an AWS WIF intake mapping. + */ +export class AwsWifIntakeMappingCreateRequest { + /** + * Data for creating an AWS WIF intake mapping. + */ + "data": AwsWifIntakeMappingCreateData; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + data: { + baseName: "data", + type: "AwsWifIntakeMappingCreateData", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return AwsWifIntakeMappingCreateRequest.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/aws_wif/src/v2/models/AwsWifIntakeMappingData.ts b/services/aws_wif/src/v2/models/AwsWifIntakeMappingData.ts new file mode 100644 index 000000000000..42e7926066ae --- /dev/null +++ b/services/aws_wif/src/v2/models/AwsWifIntakeMappingData.ts @@ -0,0 +1,67 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +import { AwsWifIntakeMappingAttributes } from "./AwsWifIntakeMappingAttributes"; +import { AwsWifIntakeMappingType } from "./AwsWifIntakeMappingType"; + +/** + * An AWS WIF intake mapping resource. + */ +export class AwsWifIntakeMappingData { + /** + * Attributes of an AWS WIF intake mapping. + */ + "attributes": AwsWifIntakeMappingAttributes; + /** + * The UUID of the intake mapping. + */ + "id": string; + /** + * Type identifier for an AWS WIF intake mapping. + */ + "type": AwsWifIntakeMappingType; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + attributes: { + baseName: "attributes", + type: "AwsWifIntakeMappingAttributes", + required: true, + }, + id: { + baseName: "id", + type: "string", + required: true, + format: "uuid", + }, + type: { + baseName: "type", + type: "AwsWifIntakeMappingType", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return AwsWifIntakeMappingData.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/aws_wif/src/v2/models/AwsWifIntakeMappingResponse.ts b/services/aws_wif/src/v2/models/AwsWifIntakeMappingResponse.ts new file mode 100644 index 000000000000..5986bb6c2743 --- /dev/null +++ b/services/aws_wif/src/v2/models/AwsWifIntakeMappingResponse.ts @@ -0,0 +1,47 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +import { AwsWifIntakeMappingData } from "./AwsWifIntakeMappingData"; + +/** + * Response containing a single AWS WIF intake mapping. + */ +export class AwsWifIntakeMappingResponse { + /** + * An AWS WIF intake mapping resource. + */ + "data": AwsWifIntakeMappingData; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + data: { + baseName: "data", + type: "AwsWifIntakeMappingData", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return AwsWifIntakeMappingResponse.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/aws_wif/src/v2/models/AwsWifIntakeMappingType.ts b/services/aws_wif/src/v2/models/AwsWifIntakeMappingType.ts new file mode 100644 index 000000000000..7c9c7cc7717e --- /dev/null +++ b/services/aws_wif/src/v2/models/AwsWifIntakeMappingType.ts @@ -0,0 +1,9 @@ +import { UnparsedObject } from "@datadog/datadog-api-client"; + +/** + * Type identifier for an AWS WIF intake mapping. + */ +export type AwsWifIntakeMappingType = + | typeof AWS_WIF_INTAKE_MAPPING + | UnparsedObject; +export const AWS_WIF_INTAKE_MAPPING = "aws_wif_intake_mapping"; diff --git a/services/aws_wif/src/v2/models/AwsWifIntakeMappingsResponse.ts b/services/aws_wif/src/v2/models/AwsWifIntakeMappingsResponse.ts new file mode 100644 index 000000000000..2c29df16f4d1 --- /dev/null +++ b/services/aws_wif/src/v2/models/AwsWifIntakeMappingsResponse.ts @@ -0,0 +1,44 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +import { AwsWifIntakeMappingData } from "./AwsWifIntakeMappingData"; + +/** + * Response containing a list of AWS WIF intake mappings. + */ +export class AwsWifIntakeMappingsResponse { + "data": Array; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + data: { + baseName: "data", + type: "Array", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return AwsWifIntakeMappingsResponse.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/aws_wif/src/v2/models/AwsWifPersonaMappingAttributes.ts b/services/aws_wif/src/v2/models/AwsWifPersonaMappingAttributes.ts new file mode 100644 index 000000000000..fb949a290aa3 --- /dev/null +++ b/services/aws_wif/src/v2/models/AwsWifPersonaMappingAttributes.ts @@ -0,0 +1,64 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +/** + * Attributes of an AWS WIF persona mapping. + */ +export class AwsWifPersonaMappingAttributes { + /** + * The Datadog user handle (email address) to map the AWS principal to. + */ + "accountIdentifier": string; + /** + * The Datadog user UUID corresponding to `account_identifier`. Read-only — set by the server. + */ + "accountUuid"?: string; + /** + * The AWS IAM ARN pattern identifying the role or user that will be mapped. + * Supports wildcards (`*`) to match multiple principals within an account. + */ + "arnPattern": string; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + accountIdentifier: { + baseName: "account_identifier", + type: "string", + required: true, + }, + accountUuid: { + baseName: "account_uuid", + type: "string", + format: "uuid", + }, + arnPattern: { + baseName: "arn_pattern", + type: "string", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return AwsWifPersonaMappingAttributes.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/aws_wif/src/v2/models/AwsWifPersonaMappingCreateAttributes.ts b/services/aws_wif/src/v2/models/AwsWifPersonaMappingCreateAttributes.ts new file mode 100644 index 000000000000..0ab34d6b8ee6 --- /dev/null +++ b/services/aws_wif/src/v2/models/AwsWifPersonaMappingCreateAttributes.ts @@ -0,0 +1,55 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +/** + * Attributes for creating an AWS WIF persona mapping. + */ +export class AwsWifPersonaMappingCreateAttributes { + /** + * The Datadog user handle (email address) to map the AWS principal to. + */ + "accountIdentifier": string; + /** + * The AWS IAM ARN pattern identifying the role or user that will be mapped. + * Supports wildcards (`*`) to match multiple principals within an account. + */ + "arnPattern": string; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + accountIdentifier: { + baseName: "account_identifier", + type: "string", + required: true, + }, + arnPattern: { + baseName: "arn_pattern", + type: "string", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return AwsWifPersonaMappingCreateAttributes.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/aws_wif/src/v2/models/AwsWifPersonaMappingCreateData.ts b/services/aws_wif/src/v2/models/AwsWifPersonaMappingCreateData.ts new file mode 100644 index 000000000000..9684093c847f --- /dev/null +++ b/services/aws_wif/src/v2/models/AwsWifPersonaMappingCreateData.ts @@ -0,0 +1,57 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +import { AwsWifPersonaMappingCreateAttributes } from "./AwsWifPersonaMappingCreateAttributes"; +import { AwsWifPersonaMappingType } from "./AwsWifPersonaMappingType"; + +/** + * Data for creating an AWS WIF persona mapping. + */ +export class AwsWifPersonaMappingCreateData { + /** + * Attributes for creating an AWS WIF persona mapping. + */ + "attributes": AwsWifPersonaMappingCreateAttributes; + /** + * Type identifier for an AWS WIF persona mapping. + */ + "type": AwsWifPersonaMappingType; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + attributes: { + baseName: "attributes", + type: "AwsWifPersonaMappingCreateAttributes", + required: true, + }, + type: { + baseName: "type", + type: "AwsWifPersonaMappingType", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return AwsWifPersonaMappingCreateData.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/aws_wif/src/v2/models/AwsWifPersonaMappingCreateRequest.ts b/services/aws_wif/src/v2/models/AwsWifPersonaMappingCreateRequest.ts new file mode 100644 index 000000000000..39b4c6f6b0b4 --- /dev/null +++ b/services/aws_wif/src/v2/models/AwsWifPersonaMappingCreateRequest.ts @@ -0,0 +1,47 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +import { AwsWifPersonaMappingCreateData } from "./AwsWifPersonaMappingCreateData"; + +/** + * Request body for creating an AWS WIF persona mapping. + */ +export class AwsWifPersonaMappingCreateRequest { + /** + * Data for creating an AWS WIF persona mapping. + */ + "data": AwsWifPersonaMappingCreateData; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + data: { + baseName: "data", + type: "AwsWifPersonaMappingCreateData", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return AwsWifPersonaMappingCreateRequest.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/aws_wif/src/v2/models/AwsWifPersonaMappingData.ts b/services/aws_wif/src/v2/models/AwsWifPersonaMappingData.ts new file mode 100644 index 000000000000..54eef874be47 --- /dev/null +++ b/services/aws_wif/src/v2/models/AwsWifPersonaMappingData.ts @@ -0,0 +1,67 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +import { AwsWifPersonaMappingAttributes } from "./AwsWifPersonaMappingAttributes"; +import { AwsWifPersonaMappingType } from "./AwsWifPersonaMappingType"; + +/** + * An AWS WIF persona mapping resource. + */ +export class AwsWifPersonaMappingData { + /** + * Attributes of an AWS WIF persona mapping. + */ + "attributes": AwsWifPersonaMappingAttributes; + /** + * The UUID of the persona mapping. + */ + "id": string; + /** + * Type identifier for an AWS WIF persona mapping. + */ + "type": AwsWifPersonaMappingType; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + attributes: { + baseName: "attributes", + type: "AwsWifPersonaMappingAttributes", + required: true, + }, + id: { + baseName: "id", + type: "string", + required: true, + format: "uuid", + }, + type: { + baseName: "type", + type: "AwsWifPersonaMappingType", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return AwsWifPersonaMappingData.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/aws_wif/src/v2/models/AwsWifPersonaMappingResponse.ts b/services/aws_wif/src/v2/models/AwsWifPersonaMappingResponse.ts new file mode 100644 index 000000000000..9f6c492a6c13 --- /dev/null +++ b/services/aws_wif/src/v2/models/AwsWifPersonaMappingResponse.ts @@ -0,0 +1,47 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +import { AwsWifPersonaMappingData } from "./AwsWifPersonaMappingData"; + +/** + * Response containing a single AWS WIF persona mapping. + */ +export class AwsWifPersonaMappingResponse { + /** + * An AWS WIF persona mapping resource. + */ + "data": AwsWifPersonaMappingData; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + data: { + baseName: "data", + type: "AwsWifPersonaMappingData", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return AwsWifPersonaMappingResponse.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/aws_wif/src/v2/models/AwsWifPersonaMappingType.ts b/services/aws_wif/src/v2/models/AwsWifPersonaMappingType.ts new file mode 100644 index 000000000000..d33534df50ba --- /dev/null +++ b/services/aws_wif/src/v2/models/AwsWifPersonaMappingType.ts @@ -0,0 +1,7 @@ +import { UnparsedObject } from "@datadog/datadog-api-client"; + +/** + * Type identifier for an AWS WIF persona mapping. + */ +export type AwsWifPersonaMappingType = typeof AWS_WIF_CONFIG | UnparsedObject; +export const AWS_WIF_CONFIG = "aws_wif_config"; diff --git a/services/aws_wif/src/v2/models/AwsWifPersonaMappingsResponse.ts b/services/aws_wif/src/v2/models/AwsWifPersonaMappingsResponse.ts new file mode 100644 index 000000000000..5c3d44e481b7 --- /dev/null +++ b/services/aws_wif/src/v2/models/AwsWifPersonaMappingsResponse.ts @@ -0,0 +1,44 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +import { AwsWifPersonaMappingData } from "./AwsWifPersonaMappingData"; + +/** + * Response containing a list of AWS WIF persona mappings. + */ +export class AwsWifPersonaMappingsResponse { + "data": Array; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + data: { + baseName: "data", + type: "Array", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return AwsWifPersonaMappingsResponse.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/aws_wif/src/v2/models/JSONAPIErrorItem.ts b/services/aws_wif/src/v2/models/JSONAPIErrorItem.ts new file mode 100644 index 000000000000..a1ca45cd463c --- /dev/null +++ b/services/aws_wif/src/v2/models/JSONAPIErrorItem.ts @@ -0,0 +1,78 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +import { JSONAPIErrorItemSource } from "./JSONAPIErrorItemSource"; + +/** + * API error response body + */ +export class JSONAPIErrorItem { + /** + * A human-readable explanation specific to this occurrence of the error. + */ + "detail"?: string; + /** + * Non-standard meta-information about the error + */ + "meta"?: { [key: string]: any }; + /** + * References to the source of the error. + */ + "source"?: JSONAPIErrorItemSource; + /** + * Status code of the response. + */ + "status"?: string; + /** + * Short human-readable summary of the error. + */ + "title"?: string; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + detail: { + baseName: "detail", + type: "string", + }, + meta: { + baseName: "meta", + type: "{ [key: string]: any; }", + }, + source: { + baseName: "source", + type: "JSONAPIErrorItemSource", + }, + status: { + baseName: "status", + type: "string", + }, + title: { + baseName: "title", + type: "string", + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return JSONAPIErrorItem.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/aws_wif/src/v2/models/JSONAPIErrorItemSource.ts b/services/aws_wif/src/v2/models/JSONAPIErrorItemSource.ts new file mode 100644 index 000000000000..5889114315fa --- /dev/null +++ b/services/aws_wif/src/v2/models/JSONAPIErrorItemSource.ts @@ -0,0 +1,60 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +/** + * References to the source of the error. + */ +export class JSONAPIErrorItemSource { + /** + * A string indicating the name of a single request header which caused the error. + */ + "header"?: string; + /** + * A string indicating which URI query parameter caused the error. + */ + "parameter"?: string; + /** + * A JSON pointer to the value in the request document that caused the error. + */ + "pointer"?: string; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + header: { + baseName: "header", + type: "string", + }, + parameter: { + baseName: "parameter", + type: "string", + }, + pointer: { + baseName: "pointer", + type: "string", + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return JSONAPIErrorItemSource.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/aws_wif/src/v2/models/JSONAPIErrorResponse.ts b/services/aws_wif/src/v2/models/JSONAPIErrorResponse.ts new file mode 100644 index 000000000000..68aa04ffc27b --- /dev/null +++ b/services/aws_wif/src/v2/models/JSONAPIErrorResponse.ts @@ -0,0 +1,47 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +import { JSONAPIErrorItem } from "./JSONAPIErrorItem"; + +/** + * API error response. + */ +export class JSONAPIErrorResponse { + /** + * A list of errors. + */ + "errors": Array; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + errors: { + baseName: "errors", + type: "Array", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return JSONAPIErrorResponse.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/aws_wif/src/v2/models/TypingInfo.ts b/services/aws_wif/src/v2/models/TypingInfo.ts new file mode 100644 index 000000000000..e9f9cc35af8e --- /dev/null +++ b/services/aws_wif/src/v2/models/TypingInfo.ts @@ -0,0 +1,46 @@ +import { ModelTypingInfo } from "@datadog/datadog-api-client"; + +import { APIErrorResponse } from "./APIErrorResponse"; +import { AwsWifIntakeMappingAttributes } from "./AwsWifIntakeMappingAttributes"; +import { AwsWifIntakeMappingCreateData } from "./AwsWifIntakeMappingCreateData"; +import { AwsWifIntakeMappingCreateRequest } from "./AwsWifIntakeMappingCreateRequest"; +import { AwsWifIntakeMappingData } from "./AwsWifIntakeMappingData"; +import { AwsWifIntakeMappingResponse } from "./AwsWifIntakeMappingResponse"; +import { AwsWifIntakeMappingsResponse } from "./AwsWifIntakeMappingsResponse"; +import { AwsWifPersonaMappingAttributes } from "./AwsWifPersonaMappingAttributes"; +import { AwsWifPersonaMappingCreateAttributes } from "./AwsWifPersonaMappingCreateAttributes"; +import { AwsWifPersonaMappingCreateData } from "./AwsWifPersonaMappingCreateData"; +import { AwsWifPersonaMappingCreateRequest } from "./AwsWifPersonaMappingCreateRequest"; +import { AwsWifPersonaMappingData } from "./AwsWifPersonaMappingData"; +import { AwsWifPersonaMappingResponse } from "./AwsWifPersonaMappingResponse"; +import { AwsWifPersonaMappingsResponse } from "./AwsWifPersonaMappingsResponse"; +import { JSONAPIErrorItem } from "./JSONAPIErrorItem"; +import { JSONAPIErrorItemSource } from "./JSONAPIErrorItemSource"; +import { JSONAPIErrorResponse } from "./JSONAPIErrorResponse"; + +export const TypingInfo: ModelTypingInfo = { + enumsMap: { + AwsWifIntakeMappingType: ["aws_wif_intake_mapping"], + AwsWifPersonaMappingType: ["aws_wif_config"], + }, + oneOfMap: {}, + typeMap: { + APIErrorResponse: APIErrorResponse, + AwsWifIntakeMappingAttributes: AwsWifIntakeMappingAttributes, + AwsWifIntakeMappingCreateData: AwsWifIntakeMappingCreateData, + AwsWifIntakeMappingCreateRequest: AwsWifIntakeMappingCreateRequest, + AwsWifIntakeMappingData: AwsWifIntakeMappingData, + AwsWifIntakeMappingResponse: AwsWifIntakeMappingResponse, + AwsWifIntakeMappingsResponse: AwsWifIntakeMappingsResponse, + AwsWifPersonaMappingAttributes: AwsWifPersonaMappingAttributes, + AwsWifPersonaMappingCreateAttributes: AwsWifPersonaMappingCreateAttributes, + AwsWifPersonaMappingCreateData: AwsWifPersonaMappingCreateData, + AwsWifPersonaMappingCreateRequest: AwsWifPersonaMappingCreateRequest, + AwsWifPersonaMappingData: AwsWifPersonaMappingData, + AwsWifPersonaMappingResponse: AwsWifPersonaMappingResponse, + AwsWifPersonaMappingsResponse: AwsWifPersonaMappingsResponse, + JSONAPIErrorItem: JSONAPIErrorItem, + JSONAPIErrorItemSource: JSONAPIErrorItemSource, + JSONAPIErrorResponse: JSONAPIErrorResponse, + }, +}; diff --git a/services/aws_wif/tsconfig.json b/services/aws_wif/tsconfig.json new file mode 100644 index 000000000000..d6c32bfb893c --- /dev/null +++ b/services/aws_wif/tsconfig.json @@ -0,0 +1,28 @@ +{ + "compilerOptions": { + "strict": true, + /* Basic Options */ + "target": "es6", + "module": "commonjs", + "moduleResolution": "node", + "declaration": true, + + "esModuleInterop": true, + "resolveJsonModule": true, + + "noImplicitAny": true, + "noImplicitThis": true, + + /* Additional Checks */ + "noUnusedLocals": false /* Report errors on unused locals. */, // TODO: reenable (unused imports!) + "noUnusedParameters": false /* Report errors on unused parameters. */, // TODO: set to true again + "noImplicitReturns": true /* Report error when not all code paths in function return a value. */, + "noFallthroughCasesInSwitch": true /* Report errors for fallthrough cases in switch statement. */, + + "sourceMap": true, + "outDir": "./dist", + "lib": ["es6", "es7"] + }, + "exclude": ["dist", "node_modules", "tests"], + "include": ["src"] +} diff --git a/services/delegated_token/.yarnrc.yml b/services/delegated_token/.yarnrc.yml new file mode 100644 index 000000000000..3186f3f0795a --- /dev/null +++ b/services/delegated_token/.yarnrc.yml @@ -0,0 +1 @@ +nodeLinker: node-modules diff --git a/services/delegated_token/README.md b/services/delegated_token/README.md new file mode 100644 index 000000000000..bd63d60608a3 --- /dev/null +++ b/services/delegated_token/README.md @@ -0,0 +1,36 @@ +# @datadog/datadog-api-client-delegated-token + +## Description + +Exchange a cloud-provider identity proof or Datadog credential for a short-lived delegated-user JWT +via Workload Identity Federation. + +## Navigation + +- [Installation](#installation) +- [Getting Started](#getting-started) + +## Installation + +```sh +# NPM +npm install @datadog/datadog-api-client-delegated-token +# Yarn +yarn add @datadog/datadog-api-client-delegated-token +``` + +## Getting Started +```ts +import { createConfiguration } from "@datadog/datadog-api-client"; +import { DelegatedTokenApiV2 } from "@datadog/datadog-api-client-delegated-token"; +import { v2 } from "@datadog/datadog-api-client-delegated-token"; + +const configuration = createConfiguration(); +const apiInstance = new DelegatedTokenApiV2(configuration); + +apiInstance.getDelegatedToken().then((data) => { + console.log("API called successfully. Returned data: " + JSON.stringify(data)); +}).catch((error) => { + console.error("Error calling API: " + error); +}); +``` \ No newline at end of file diff --git a/services/delegated_token/package.json b/services/delegated_token/package.json new file mode 100644 index 000000000000..aba8aa3930e6 --- /dev/null +++ b/services/delegated_token/package.json @@ -0,0 +1,43 @@ +{ + "name": "@datadog/datadog-api-client-delegated-token", + "description": "", + "author": "", + "keywords": [ + "api", + "fetch", + "typescript" + ], + "license": "Apache-2.0", + "licenses": [ + { + "type": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + ], + "repository": { + "type": "git", + "url": "https://github.com/DataDog/datadog-api-client-typescript.git", + "directory": "services/delegated-token" + }, + "files": [ + "dist/**/*" + ], + "main": "./dist/index.js", + "typings": "./dist/index.d.ts", + "scripts": { + "prepack": "yarn workspace @datadog/datadog-api-client build && yarn build", + "build": "yarn generate-version-files && tsc", + "generate-version-files": "node -p \"'export const version = ' + JSON.stringify(require('./package.json').version)\" > src/version.ts" + }, + "dependencies": { + "@datadog/datadog-api-client": "^2.0.0-beta.2" + }, + "devDependencies": { + "typescript": "5.8.3" + }, + "engines": { + "node": ">=18.0.0" + }, + "version": "0.0.1", + "packageManager": "yarn@4.9.1" +} diff --git a/services/delegated_token/src/index.ts b/services/delegated_token/src/index.ts new file mode 100644 index 000000000000..6d6289ebadc4 --- /dev/null +++ b/services/delegated_token/src/index.ts @@ -0,0 +1,3 @@ +export * as v2 from "./v2"; + +export { DelegatedTokenApi as DelegatedTokenApiV2 } from "./v2/DelegatedTokenApi"; diff --git a/services/delegated_token/src/v2/DelegatedTokenApi.ts b/services/delegated_token/src/v2/DelegatedTokenApi.ts new file mode 100644 index 000000000000..601a4ad233a3 --- /dev/null +++ b/services/delegated_token/src/v2/DelegatedTokenApi.ts @@ -0,0 +1,192 @@ +import { + ApiException, + BaseAPIRequestFactory, + BaseServerConfiguration, + buildUserAgent, + Configuration, + createConfiguration, + deserialize, + getPreferredMediaType, + HttpMethod, + isBrowser, + logger, + normalizeMediaType, + parse, + RequiredError, + RequestContext, + ResponseContext, + serialize, + ServerConfiguration, + stringify, +} from "@datadog/datadog-api-client"; + +import { TypingInfo } from "./models/TypingInfo"; +import { APIErrorResponse } from "./models/APIErrorResponse"; +import { DelegatedTokenResponse } from "./models/DelegatedTokenResponse"; +import { JSONAPIErrorResponse } from "./models/JSONAPIErrorResponse"; +import { version } from "../version"; + +export class DelegatedTokenApiRequestFactory extends BaseAPIRequestFactory { + public userAgent: string | undefined; + + public constructor(configuration: Configuration) { + super(configuration); + if (!isBrowser) { + this.userAgent = buildUserAgent("delegated-token", version); + } + } + public async getDelegatedToken( + _options?: Configuration, + ): Promise { + const _config = _options || this.configuration; + + // Path Params + const localVarPath = "/api/v2/delegated-token"; + + // Make Request Context + const { server, overrides } = _config.getServerAndOverrides( + "DelegatedTokenApi.v2.getDelegatedToken", + DelegatedTokenApi.operationServers, + ); + const requestContext = server.makeRequestContext( + localVarPath, + HttpMethod.POST, + overrides, + ); + requestContext.setHeaderParam("Accept", "application/json"); + requestContext.setHttpConfig(_config.httpConfig); + + // Set User-Agent + if (this.userAgent) { + requestContext.setHeaderParam("User-Agent", this.userAgent); + } + + return requestContext; + } +} + +export class DelegatedTokenApiResponseProcessor { + /** + * Unwraps the actual response sent by the server from the response context and deserializes the response content + * to the expected objects + * + * @params response Response returned by the server for a request to getDelegatedToken + * @throws ApiException if the response code was not in [200, 299] + */ + public async getDelegatedToken( + response: ResponseContext, + ): Promise { + const contentType = normalizeMediaType(response.headers["content-type"]); + if (response.httpStatusCode === 200) { + const body: DelegatedTokenResponse = deserialize( + parse(await response.body.text(), contentType), + TypingInfo, + "DelegatedTokenResponse", + ) as DelegatedTokenResponse; + return body; + } + if (response.httpStatusCode === 401 || response.httpStatusCode === 403) { + const bodyText = parse(await response.body.text(), contentType); + let body: JSONAPIErrorResponse; + try { + body = deserialize( + bodyText, + TypingInfo, + "JSONAPIErrorResponse", + ) as JSONAPIErrorResponse; + } catch (error) { + logger.debug(`Got error deserializing error: ${error}`); + throw new ApiException( + response.httpStatusCode, + bodyText, + ); + } + throw new ApiException( + response.httpStatusCode, + body, + ); + } + if (response.httpStatusCode === 429) { + const bodyText = parse(await response.body.text(), contentType); + let body: APIErrorResponse; + try { + body = deserialize( + bodyText, + TypingInfo, + "APIErrorResponse", + ) as APIErrorResponse; + } catch (error) { + logger.debug(`Got error deserializing error: ${error}`); + throw new ApiException( + response.httpStatusCode, + bodyText, + ); + } + throw new ApiException(response.httpStatusCode, body); + } + + // Work around for missing responses in specification, e.g. for petstore.yaml + if (response.httpStatusCode >= 200 && response.httpStatusCode <= 299) { + const body: DelegatedTokenResponse = deserialize( + parse(await response.body.text(), contentType), + TypingInfo, + "DelegatedTokenResponse", + "", + ) as DelegatedTokenResponse; + return body; + } + + const body = (await response.body.text()) || ""; + throw new ApiException( + response.httpStatusCode, + 'Unknown API Status Code!\nBody: "' + body + '"', + ); + } +} + +export class DelegatedTokenApi { + private requestFactory: DelegatedTokenApiRequestFactory; + private responseProcessor: DelegatedTokenApiResponseProcessor; + private configuration: Configuration; + + static operationServers: { [key: string]: BaseServerConfiguration[] } = {}; + + public constructor( + configuration?: Configuration, + requestFactory?: DelegatedTokenApiRequestFactory, + responseProcessor?: DelegatedTokenApiResponseProcessor, + ) { + this.configuration = configuration || createConfiguration(); + this.requestFactory = + requestFactory || new DelegatedTokenApiRequestFactory(this.configuration); + this.responseProcessor = + responseProcessor || new DelegatedTokenApiResponseProcessor(); + } + + /** + * Exchange a Workload Identity Federation (WIF) proof or Datadog credentials for a short-lived access token + * scoped to a Datadog user. + * + * To authenticate with a WIF identity, pass the cloud-provider token in the `Authorization` header using + * the `Bearer` or `Delegated` scheme. Datadog resolves the Datadog user from the persona mapping configured + * for that cloud identity. + * + * To obtain a token for the calling user directly, authenticate with standard Datadog API and application keys. + * + * Use the returned `access_token` as a bearer token in subsequent API calls. + * @param param The request object + */ + public getDelegatedToken( + options?: Configuration, + ): Promise { + const requestContextPromise = + this.requestFactory.getDelegatedToken(options); + return requestContextPromise.then((requestContext) => { + return this.configuration.httpApi + .send(requestContext) + .then((responseContext) => { + return this.responseProcessor.getDelegatedToken(responseContext); + }); + }); + } +} diff --git a/services/delegated_token/src/v2/index.ts b/services/delegated_token/src/v2/index.ts new file mode 100644 index 000000000000..9f011edb0f04 --- /dev/null +++ b/services/delegated_token/src/v2/index.ts @@ -0,0 +1,10 @@ +export { DelegatedTokenApi } from "./DelegatedTokenApi"; + +export { APIErrorResponse } from "./models/APIErrorResponse"; +export { DelegatedTokenAttributes } from "./models/DelegatedTokenAttributes"; +export { DelegatedTokenData } from "./models/DelegatedTokenData"; +export { DelegatedTokenResponse } from "./models/DelegatedTokenResponse"; +export { DelegatedTokenType } from "./models/DelegatedTokenType"; +export { JSONAPIErrorItem } from "./models/JSONAPIErrorItem"; +export { JSONAPIErrorItemSource } from "./models/JSONAPIErrorItemSource"; +export { JSONAPIErrorResponse } from "./models/JSONAPIErrorResponse"; diff --git a/services/delegated_token/src/v2/models/APIErrorResponse.ts b/services/delegated_token/src/v2/models/APIErrorResponse.ts new file mode 100644 index 000000000000..58d6c35b80f0 --- /dev/null +++ b/services/delegated_token/src/v2/models/APIErrorResponse.ts @@ -0,0 +1,45 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +/** + * API error response. + */ +export class APIErrorResponse { + /** + * A list of errors. + */ + "errors": Array; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + errors: { + baseName: "errors", + type: "Array", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return APIErrorResponse.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/delegated_token/src/v2/models/DelegatedTokenAttributes.ts b/services/delegated_token/src/v2/models/DelegatedTokenAttributes.ts new file mode 100644 index 000000000000..1e8e615d99dd --- /dev/null +++ b/services/delegated_token/src/v2/models/DelegatedTokenAttributes.ts @@ -0,0 +1,55 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +/** + * Attributes of a delegated token. + */ +export class DelegatedTokenAttributes { + /** + * A short-lived JWT representing the authenticated Datadog user. Pass this as a bearer token in subsequent API calls. + */ + "accessToken": string; + /** + * The expiry time of the token. + */ + "expires": Date; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + accessToken: { + baseName: "access_token", + type: "string", + required: true, + }, + expires: { + baseName: "expires", + type: "Date", + required: true, + format: "date-time", + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return DelegatedTokenAttributes.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/delegated_token/src/v2/models/DelegatedTokenData.ts b/services/delegated_token/src/v2/models/DelegatedTokenData.ts new file mode 100644 index 000000000000..c58102969132 --- /dev/null +++ b/services/delegated_token/src/v2/models/DelegatedTokenData.ts @@ -0,0 +1,67 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +import { DelegatedTokenAttributes } from "./DelegatedTokenAttributes"; +import { DelegatedTokenType } from "./DelegatedTokenType"; + +/** + * A delegated token resource. + */ +export class DelegatedTokenData { + /** + * Attributes of a delegated token. + */ + "attributes": DelegatedTokenAttributes; + /** + * A random UUID assigned to this token issuance. + */ + "id": string; + /** + * The resource type for a delegated token. + */ + "type": DelegatedTokenType; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + attributes: { + baseName: "attributes", + type: "DelegatedTokenAttributes", + required: true, + }, + id: { + baseName: "id", + type: "string", + required: true, + format: "uuid", + }, + type: { + baseName: "type", + type: "DelegatedTokenType", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return DelegatedTokenData.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/delegated_token/src/v2/models/DelegatedTokenResponse.ts b/services/delegated_token/src/v2/models/DelegatedTokenResponse.ts new file mode 100644 index 000000000000..e53508af3a60 --- /dev/null +++ b/services/delegated_token/src/v2/models/DelegatedTokenResponse.ts @@ -0,0 +1,47 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +import { DelegatedTokenData } from "./DelegatedTokenData"; + +/** + * Response containing a delegated user token. + */ +export class DelegatedTokenResponse { + /** + * A delegated token resource. + */ + "data": DelegatedTokenData; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + data: { + baseName: "data", + type: "DelegatedTokenData", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return DelegatedTokenResponse.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/delegated_token/src/v2/models/DelegatedTokenType.ts b/services/delegated_token/src/v2/models/DelegatedTokenType.ts new file mode 100644 index 000000000000..16973d7fa089 --- /dev/null +++ b/services/delegated_token/src/v2/models/DelegatedTokenType.ts @@ -0,0 +1,7 @@ +import { UnparsedObject } from "@datadog/datadog-api-client"; + +/** + * The resource type for a delegated token. + */ +export type DelegatedTokenType = typeof TOKEN | UnparsedObject; +export const TOKEN = "token"; diff --git a/services/delegated_token/src/v2/models/JSONAPIErrorItem.ts b/services/delegated_token/src/v2/models/JSONAPIErrorItem.ts new file mode 100644 index 000000000000..a1ca45cd463c --- /dev/null +++ b/services/delegated_token/src/v2/models/JSONAPIErrorItem.ts @@ -0,0 +1,78 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +import { JSONAPIErrorItemSource } from "./JSONAPIErrorItemSource"; + +/** + * API error response body + */ +export class JSONAPIErrorItem { + /** + * A human-readable explanation specific to this occurrence of the error. + */ + "detail"?: string; + /** + * Non-standard meta-information about the error + */ + "meta"?: { [key: string]: any }; + /** + * References to the source of the error. + */ + "source"?: JSONAPIErrorItemSource; + /** + * Status code of the response. + */ + "status"?: string; + /** + * Short human-readable summary of the error. + */ + "title"?: string; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + detail: { + baseName: "detail", + type: "string", + }, + meta: { + baseName: "meta", + type: "{ [key: string]: any; }", + }, + source: { + baseName: "source", + type: "JSONAPIErrorItemSource", + }, + status: { + baseName: "status", + type: "string", + }, + title: { + baseName: "title", + type: "string", + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return JSONAPIErrorItem.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/delegated_token/src/v2/models/JSONAPIErrorItemSource.ts b/services/delegated_token/src/v2/models/JSONAPIErrorItemSource.ts new file mode 100644 index 000000000000..5889114315fa --- /dev/null +++ b/services/delegated_token/src/v2/models/JSONAPIErrorItemSource.ts @@ -0,0 +1,60 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +/** + * References to the source of the error. + */ +export class JSONAPIErrorItemSource { + /** + * A string indicating the name of a single request header which caused the error. + */ + "header"?: string; + /** + * A string indicating which URI query parameter caused the error. + */ + "parameter"?: string; + /** + * A JSON pointer to the value in the request document that caused the error. + */ + "pointer"?: string; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + header: { + baseName: "header", + type: "string", + }, + parameter: { + baseName: "parameter", + type: "string", + }, + pointer: { + baseName: "pointer", + type: "string", + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return JSONAPIErrorItemSource.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/delegated_token/src/v2/models/JSONAPIErrorResponse.ts b/services/delegated_token/src/v2/models/JSONAPIErrorResponse.ts new file mode 100644 index 000000000000..68aa04ffc27b --- /dev/null +++ b/services/delegated_token/src/v2/models/JSONAPIErrorResponse.ts @@ -0,0 +1,47 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +import { JSONAPIErrorItem } from "./JSONAPIErrorItem"; + +/** + * API error response. + */ +export class JSONAPIErrorResponse { + /** + * A list of errors. + */ + "errors": Array; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + errors: { + baseName: "errors", + type: "Array", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return JSONAPIErrorResponse.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/delegated_token/src/v2/models/TypingInfo.ts b/services/delegated_token/src/v2/models/TypingInfo.ts new file mode 100644 index 000000000000..6d6c1a54e828 --- /dev/null +++ b/services/delegated_token/src/v2/models/TypingInfo.ts @@ -0,0 +1,25 @@ +import { ModelTypingInfo } from "@datadog/datadog-api-client"; + +import { APIErrorResponse } from "./APIErrorResponse"; +import { DelegatedTokenAttributes } from "./DelegatedTokenAttributes"; +import { DelegatedTokenData } from "./DelegatedTokenData"; +import { DelegatedTokenResponse } from "./DelegatedTokenResponse"; +import { JSONAPIErrorItem } from "./JSONAPIErrorItem"; +import { JSONAPIErrorItemSource } from "./JSONAPIErrorItemSource"; +import { JSONAPIErrorResponse } from "./JSONAPIErrorResponse"; + +export const TypingInfo: ModelTypingInfo = { + enumsMap: { + DelegatedTokenType: ["token"], + }, + oneOfMap: {}, + typeMap: { + APIErrorResponse: APIErrorResponse, + DelegatedTokenAttributes: DelegatedTokenAttributes, + DelegatedTokenData: DelegatedTokenData, + DelegatedTokenResponse: DelegatedTokenResponse, + JSONAPIErrorItem: JSONAPIErrorItem, + JSONAPIErrorItemSource: JSONAPIErrorItemSource, + JSONAPIErrorResponse: JSONAPIErrorResponse, + }, +}; diff --git a/services/delegated_token/tsconfig.json b/services/delegated_token/tsconfig.json new file mode 100644 index 000000000000..d6c32bfb893c --- /dev/null +++ b/services/delegated_token/tsconfig.json @@ -0,0 +1,28 @@ +{ + "compilerOptions": { + "strict": true, + /* Basic Options */ + "target": "es6", + "module": "commonjs", + "moduleResolution": "node", + "declaration": true, + + "esModuleInterop": true, + "resolveJsonModule": true, + + "noImplicitAny": true, + "noImplicitThis": true, + + /* Additional Checks */ + "noUnusedLocals": false /* Report errors on unused locals. */, // TODO: reenable (unused imports!) + "noUnusedParameters": false /* Report errors on unused parameters. */, // TODO: set to true again + "noImplicitReturns": true /* Report error when not all code paths in function return a value. */, + "noFallthroughCasesInSwitch": true /* Report errors for fallthrough cases in switch statement. */, + + "sourceMap": true, + "outDir": "./dist", + "lib": ["es6", "es7"] + }, + "exclude": ["dist", "node_modules", "tests"], + "include": ["src"] +} diff --git a/services/intake_key/.yarnrc.yml b/services/intake_key/.yarnrc.yml new file mode 100644 index 000000000000..3186f3f0795a --- /dev/null +++ b/services/intake_key/.yarnrc.yml @@ -0,0 +1 @@ +nodeLinker: node-modules diff --git a/services/intake_key/README.md b/services/intake_key/README.md new file mode 100644 index 000000000000..21aae9660861 --- /dev/null +++ b/services/intake_key/README.md @@ -0,0 +1,35 @@ +# @datadog/datadog-api-client-intake-key + +## Description + +Exchange a cloud-provider identity proof for a Datadog API key via Workload Identity Federation intake mappings. + +## Navigation + +- [Installation](#installation) +- [Getting Started](#getting-started) + +## Installation + +```sh +# NPM +npm install @datadog/datadog-api-client-intake-key +# Yarn +yarn add @datadog/datadog-api-client-intake-key +``` + +## Getting Started +```ts +import { createConfiguration } from "@datadog/datadog-api-client"; +import { IntakeKeyApiV2 } from "@datadog/datadog-api-client-intake-key"; +import { v2 } from "@datadog/datadog-api-client-intake-key"; + +const configuration = createConfiguration(); +const apiInstance = new IntakeKeyApiV2(configuration); + +apiInstance.getIntakeKey().then((data) => { + console.log("API called successfully. Returned data: " + JSON.stringify(data)); +}).catch((error) => { + console.error("Error calling API: " + error); +}); +``` \ No newline at end of file diff --git a/services/intake_key/package.json b/services/intake_key/package.json new file mode 100644 index 000000000000..1ebc49291913 --- /dev/null +++ b/services/intake_key/package.json @@ -0,0 +1,43 @@ +{ + "name": "@datadog/datadog-api-client-intake-key", + "description": "", + "author": "", + "keywords": [ + "api", + "fetch", + "typescript" + ], + "license": "Apache-2.0", + "licenses": [ + { + "type": "Apache-2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0" + } + ], + "repository": { + "type": "git", + "url": "https://github.com/DataDog/datadog-api-client-typescript.git", + "directory": "services/intake-key" + }, + "files": [ + "dist/**/*" + ], + "main": "./dist/index.js", + "typings": "./dist/index.d.ts", + "scripts": { + "prepack": "yarn workspace @datadog/datadog-api-client build && yarn build", + "build": "yarn generate-version-files && tsc", + "generate-version-files": "node -p \"'export const version = ' + JSON.stringify(require('./package.json').version)\" > src/version.ts" + }, + "dependencies": { + "@datadog/datadog-api-client": "^2.0.0-beta.2" + }, + "devDependencies": { + "typescript": "5.8.3" + }, + "engines": { + "node": ">=18.0.0" + }, + "version": "0.0.1", + "packageManager": "yarn@4.9.1" +} diff --git a/services/intake_key/src/index.ts b/services/intake_key/src/index.ts new file mode 100644 index 000000000000..8d8703741e56 --- /dev/null +++ b/services/intake_key/src/index.ts @@ -0,0 +1,3 @@ +export * as v2 from "./v2"; + +export { IntakeKeyApi as IntakeKeyApiV2 } from "./v2/IntakeKeyApi"; diff --git a/services/intake_key/src/v2/IntakeKeyApi.ts b/services/intake_key/src/v2/IntakeKeyApi.ts new file mode 100644 index 000000000000..d9db61488b58 --- /dev/null +++ b/services/intake_key/src/v2/IntakeKeyApi.ts @@ -0,0 +1,188 @@ +import { + ApiException, + BaseAPIRequestFactory, + BaseServerConfiguration, + buildUserAgent, + Configuration, + createConfiguration, + deserialize, + getPreferredMediaType, + HttpMethod, + isBrowser, + logger, + normalizeMediaType, + parse, + RequiredError, + RequestContext, + ResponseContext, + serialize, + ServerConfiguration, + stringify, +} from "@datadog/datadog-api-client"; + +import { TypingInfo } from "./models/TypingInfo"; +import { APIErrorResponse } from "./models/APIErrorResponse"; +import { IntakeAPIKeyResponse } from "./models/IntakeAPIKeyResponse"; +import { JSONAPIErrorResponse } from "./models/JSONAPIErrorResponse"; +import { version } from "../version"; + +export class IntakeKeyApiRequestFactory extends BaseAPIRequestFactory { + public userAgent: string | undefined; + + public constructor(configuration: Configuration) { + super(configuration); + if (!isBrowser) { + this.userAgent = buildUserAgent("intake-key", version); + } + } + public async getIntakeKey(_options?: Configuration): Promise { + const _config = _options || this.configuration; + + // Path Params + const localVarPath = "/api/v2/intake-key"; + + // Make Request Context + const { server, overrides } = _config.getServerAndOverrides( + "IntakeKeyApi.v2.getIntakeKey", + IntakeKeyApi.operationServers, + ); + const requestContext = server.makeRequestContext( + localVarPath, + HttpMethod.POST, + overrides, + ); + requestContext.setHeaderParam("Accept", "application/json"); + requestContext.setHttpConfig(_config.httpConfig); + + // Set User-Agent + if (this.userAgent) { + requestContext.setHeaderParam("User-Agent", this.userAgent); + } + + return requestContext; + } +} + +export class IntakeKeyApiResponseProcessor { + /** + * Unwraps the actual response sent by the server from the response context and deserializes the response content + * to the expected objects + * + * @params response Response returned by the server for a request to getIntakeKey + * @throws ApiException if the response code was not in [200, 299] + */ + public async getIntakeKey( + response: ResponseContext, + ): Promise { + const contentType = normalizeMediaType(response.headers["content-type"]); + if (response.httpStatusCode === 200) { + const body: IntakeAPIKeyResponse = deserialize( + parse(await response.body.text(), contentType), + TypingInfo, + "IntakeAPIKeyResponse", + ) as IntakeAPIKeyResponse; + return body; + } + if (response.httpStatusCode === 401 || response.httpStatusCode === 403) { + const bodyText = parse(await response.body.text(), contentType); + let body: JSONAPIErrorResponse; + try { + body = deserialize( + bodyText, + TypingInfo, + "JSONAPIErrorResponse", + ) as JSONAPIErrorResponse; + } catch (error) { + logger.debug(`Got error deserializing error: ${error}`); + throw new ApiException( + response.httpStatusCode, + bodyText, + ); + } + throw new ApiException( + response.httpStatusCode, + body, + ); + } + if (response.httpStatusCode === 429) { + const bodyText = parse(await response.body.text(), contentType); + let body: APIErrorResponse; + try { + body = deserialize( + bodyText, + TypingInfo, + "APIErrorResponse", + ) as APIErrorResponse; + } catch (error) { + logger.debug(`Got error deserializing error: ${error}`); + throw new ApiException( + response.httpStatusCode, + bodyText, + ); + } + throw new ApiException(response.httpStatusCode, body); + } + + // Work around for missing responses in specification, e.g. for petstore.yaml + if (response.httpStatusCode >= 200 && response.httpStatusCode <= 299) { + const body: IntakeAPIKeyResponse = deserialize( + parse(await response.body.text(), contentType), + TypingInfo, + "IntakeAPIKeyResponse", + "", + ) as IntakeAPIKeyResponse; + return body; + } + + const body = (await response.body.text()) || ""; + throw new ApiException( + response.httpStatusCode, + 'Unknown API Status Code!\nBody: "' + body + '"', + ); + } +} + +export class IntakeKeyApi { + private requestFactory: IntakeKeyApiRequestFactory; + private responseProcessor: IntakeKeyApiResponseProcessor; + private configuration: Configuration; + + static operationServers: { [key: string]: BaseServerConfiguration[] } = {}; + + public constructor( + configuration?: Configuration, + requestFactory?: IntakeKeyApiRequestFactory, + responseProcessor?: IntakeKeyApiResponseProcessor, + ) { + this.configuration = configuration || createConfiguration(); + this.requestFactory = + requestFactory || new IntakeKeyApiRequestFactory(this.configuration); + this.responseProcessor = + responseProcessor || new IntakeKeyApiResponseProcessor(); + } + + /** + * Exchanges a Workload Identity Federation (WIF) identity proof for a Datadog API key associated with the matching WIF intake mapping. + * + * Pass a cloud-provider token in the `Authorization` header using the `Bearer` or `Delegated` scheme. + * The token is validated against the WIF intake mappings configured for the caller's organization. On success, + * a managed-rotation API key is returned that the workload can use to send telemetry to Datadog. + * + * Unlike the delegated-token endpoint (`POST /api/v2/delegated-token`), this endpoint authenticates + * the cloud workload at the organization level rather than mapping it to a specific Datadog user. + * + * Standard Datadog API and application key authentication is not accepted. Authenticate using a + * cloud-provider token in the `Authorization: Bearer` header. + * @param param The request object + */ + public getIntakeKey(options?: Configuration): Promise { + const requestContextPromise = this.requestFactory.getIntakeKey(options); + return requestContextPromise.then((requestContext) => { + return this.configuration.httpApi + .send(requestContext) + .then((responseContext) => { + return this.responseProcessor.getIntakeKey(responseContext); + }); + }); + } +} diff --git a/services/intake_key/src/v2/index.ts b/services/intake_key/src/v2/index.ts new file mode 100644 index 000000000000..2f92a5976d5e --- /dev/null +++ b/services/intake_key/src/v2/index.ts @@ -0,0 +1,10 @@ +export { IntakeKeyApi } from "./IntakeKeyApi"; + +export { APIErrorResponse } from "./models/APIErrorResponse"; +export { IntakeAPIKeyAttributes } from "./models/IntakeAPIKeyAttributes"; +export { IntakeAPIKeyData } from "./models/IntakeAPIKeyData"; +export { IntakeAPIKeyResponse } from "./models/IntakeAPIKeyResponse"; +export { IntakeAPIKeyType } from "./models/IntakeAPIKeyType"; +export { JSONAPIErrorItem } from "./models/JSONAPIErrorItem"; +export { JSONAPIErrorItemSource } from "./models/JSONAPIErrorItemSource"; +export { JSONAPIErrorResponse } from "./models/JSONAPIErrorResponse"; diff --git a/services/intake_key/src/v2/models/APIErrorResponse.ts b/services/intake_key/src/v2/models/APIErrorResponse.ts new file mode 100644 index 000000000000..58d6c35b80f0 --- /dev/null +++ b/services/intake_key/src/v2/models/APIErrorResponse.ts @@ -0,0 +1,45 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +/** + * API error response. + */ +export class APIErrorResponse { + /** + * A list of errors. + */ + "errors": Array; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + errors: { + baseName: "errors", + type: "Array", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return APIErrorResponse.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/intake_key/src/v2/models/IntakeAPIKeyAttributes.ts b/services/intake_key/src/v2/models/IntakeAPIKeyAttributes.ts new file mode 100644 index 000000000000..a35776cd4aaa --- /dev/null +++ b/services/intake_key/src/v2/models/IntakeAPIKeyAttributes.ts @@ -0,0 +1,55 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +/** + * Attributes of an intake API key returned after successful authentication. + */ +export class IntakeAPIKeyAttributes { + /** + * The Datadog API key the workload can use to send telemetry. + */ + "apiKey": string; + /** + * The numeric ID of the Datadog organization the API key belongs to. + */ + "orgId": number; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + apiKey: { + baseName: "api_key", + type: "string", + required: true, + }, + orgId: { + baseName: "org_id", + type: "number", + required: true, + format: "int64", + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return IntakeAPIKeyAttributes.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/intake_key/src/v2/models/IntakeAPIKeyData.ts b/services/intake_key/src/v2/models/IntakeAPIKeyData.ts new file mode 100644 index 000000000000..a6e9f439b7c5 --- /dev/null +++ b/services/intake_key/src/v2/models/IntakeAPIKeyData.ts @@ -0,0 +1,66 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +import { IntakeAPIKeyAttributes } from "./IntakeAPIKeyAttributes"; +import { IntakeAPIKeyType } from "./IntakeAPIKeyType"; + +/** + * An intake API key resource. + */ +export class IntakeAPIKeyData { + /** + * Attributes of an intake API key returned after successful authentication. + */ + "attributes": IntakeAPIKeyAttributes; + /** + * A stable identifier for the intake key, scoped to the matched organization. + */ + "id": string; + /** + * The resource type for an intake API key. + */ + "type": IntakeAPIKeyType; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + attributes: { + baseName: "attributes", + type: "IntakeAPIKeyAttributes", + required: true, + }, + id: { + baseName: "id", + type: "string", + required: true, + }, + type: { + baseName: "type", + type: "IntakeAPIKeyType", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return IntakeAPIKeyData.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/intake_key/src/v2/models/IntakeAPIKeyResponse.ts b/services/intake_key/src/v2/models/IntakeAPIKeyResponse.ts new file mode 100644 index 000000000000..253a918ffbc1 --- /dev/null +++ b/services/intake_key/src/v2/models/IntakeAPIKeyResponse.ts @@ -0,0 +1,47 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +import { IntakeAPIKeyData } from "./IntakeAPIKeyData"; + +/** + * Response containing an intake API key for the authenticated cloud workload. + */ +export class IntakeAPIKeyResponse { + /** + * An intake API key resource. + */ + "data": IntakeAPIKeyData; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + data: { + baseName: "data", + type: "IntakeAPIKeyData", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return IntakeAPIKeyResponse.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/intake_key/src/v2/models/IntakeAPIKeyType.ts b/services/intake_key/src/v2/models/IntakeAPIKeyType.ts new file mode 100644 index 000000000000..409ad998983b --- /dev/null +++ b/services/intake_key/src/v2/models/IntakeAPIKeyType.ts @@ -0,0 +1,7 @@ +import { UnparsedObject } from "@datadog/datadog-api-client"; + +/** + * The resource type for an intake API key. + */ +export type IntakeAPIKeyType = typeof INTAKE_API_KEY | UnparsedObject; +export const INTAKE_API_KEY = "intake_api_key"; diff --git a/services/intake_key/src/v2/models/JSONAPIErrorItem.ts b/services/intake_key/src/v2/models/JSONAPIErrorItem.ts new file mode 100644 index 000000000000..a1ca45cd463c --- /dev/null +++ b/services/intake_key/src/v2/models/JSONAPIErrorItem.ts @@ -0,0 +1,78 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +import { JSONAPIErrorItemSource } from "./JSONAPIErrorItemSource"; + +/** + * API error response body + */ +export class JSONAPIErrorItem { + /** + * A human-readable explanation specific to this occurrence of the error. + */ + "detail"?: string; + /** + * Non-standard meta-information about the error + */ + "meta"?: { [key: string]: any }; + /** + * References to the source of the error. + */ + "source"?: JSONAPIErrorItemSource; + /** + * Status code of the response. + */ + "status"?: string; + /** + * Short human-readable summary of the error. + */ + "title"?: string; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + detail: { + baseName: "detail", + type: "string", + }, + meta: { + baseName: "meta", + type: "{ [key: string]: any; }", + }, + source: { + baseName: "source", + type: "JSONAPIErrorItemSource", + }, + status: { + baseName: "status", + type: "string", + }, + title: { + baseName: "title", + type: "string", + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return JSONAPIErrorItem.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/intake_key/src/v2/models/JSONAPIErrorItemSource.ts b/services/intake_key/src/v2/models/JSONAPIErrorItemSource.ts new file mode 100644 index 000000000000..5889114315fa --- /dev/null +++ b/services/intake_key/src/v2/models/JSONAPIErrorItemSource.ts @@ -0,0 +1,60 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +/** + * References to the source of the error. + */ +export class JSONAPIErrorItemSource { + /** + * A string indicating the name of a single request header which caused the error. + */ + "header"?: string; + /** + * A string indicating which URI query parameter caused the error. + */ + "parameter"?: string; + /** + * A JSON pointer to the value in the request document that caused the error. + */ + "pointer"?: string; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + header: { + baseName: "header", + type: "string", + }, + parameter: { + baseName: "parameter", + type: "string", + }, + pointer: { + baseName: "pointer", + type: "string", + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return JSONAPIErrorItemSource.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/intake_key/src/v2/models/JSONAPIErrorResponse.ts b/services/intake_key/src/v2/models/JSONAPIErrorResponse.ts new file mode 100644 index 000000000000..68aa04ffc27b --- /dev/null +++ b/services/intake_key/src/v2/models/JSONAPIErrorResponse.ts @@ -0,0 +1,47 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +import { JSONAPIErrorItem } from "./JSONAPIErrorItem"; + +/** + * API error response. + */ +export class JSONAPIErrorResponse { + /** + * A list of errors. + */ + "errors": Array; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + errors: { + baseName: "errors", + type: "Array", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return JSONAPIErrorResponse.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/intake_key/src/v2/models/TypingInfo.ts b/services/intake_key/src/v2/models/TypingInfo.ts new file mode 100644 index 000000000000..5834d954e96f --- /dev/null +++ b/services/intake_key/src/v2/models/TypingInfo.ts @@ -0,0 +1,25 @@ +import { ModelTypingInfo } from "@datadog/datadog-api-client"; + +import { APIErrorResponse } from "./APIErrorResponse"; +import { IntakeAPIKeyAttributes } from "./IntakeAPIKeyAttributes"; +import { IntakeAPIKeyData } from "./IntakeAPIKeyData"; +import { IntakeAPIKeyResponse } from "./IntakeAPIKeyResponse"; +import { JSONAPIErrorItem } from "./JSONAPIErrorItem"; +import { JSONAPIErrorItemSource } from "./JSONAPIErrorItemSource"; +import { JSONAPIErrorResponse } from "./JSONAPIErrorResponse"; + +export const TypingInfo: ModelTypingInfo = { + enumsMap: { + IntakeAPIKeyType: ["intake_api_key"], + }, + oneOfMap: {}, + typeMap: { + APIErrorResponse: APIErrorResponse, + IntakeAPIKeyAttributes: IntakeAPIKeyAttributes, + IntakeAPIKeyData: IntakeAPIKeyData, + IntakeAPIKeyResponse: IntakeAPIKeyResponse, + JSONAPIErrorItem: JSONAPIErrorItem, + JSONAPIErrorItemSource: JSONAPIErrorItemSource, + JSONAPIErrorResponse: JSONAPIErrorResponse, + }, +}; diff --git a/services/intake_key/tsconfig.json b/services/intake_key/tsconfig.json new file mode 100644 index 000000000000..d6c32bfb893c --- /dev/null +++ b/services/intake_key/tsconfig.json @@ -0,0 +1,28 @@ +{ + "compilerOptions": { + "strict": true, + /* Basic Options */ + "target": "es6", + "module": "commonjs", + "moduleResolution": "node", + "declaration": true, + + "esModuleInterop": true, + "resolveJsonModule": true, + + "noImplicitAny": true, + "noImplicitThis": true, + + /* Additional Checks */ + "noUnusedLocals": false /* Report errors on unused locals. */, // TODO: reenable (unused imports!) + "noUnusedParameters": false /* Report errors on unused parameters. */, // TODO: set to true again + "noImplicitReturns": true /* Report error when not all code paths in function return a value. */, + "noFallthroughCasesInSwitch": true /* Report errors for fallthrough cases in switch statement. */, + + "sourceMap": true, + "outDir": "./dist", + "lib": ["es6", "es7"] + }, + "exclude": ["dist", "node_modules", "tests"], + "include": ["src"] +} diff --git a/yarn.lock b/yarn.lock index 3be50b1152e5..94702a5b01bb 100644 --- a/yarn.lock +++ b/yarn.lock @@ -388,6 +388,15 @@ __metadata: languageName: unknown linkType: soft +"@datadog/datadog-api-client-aws-wif@workspace:services/aws_wif": + version: 0.0.0-use.local + resolution: "@datadog/datadog-api-client-aws-wif@workspace:services/aws_wif" + dependencies: + "@datadog/datadog-api-client": "npm:^2.0.0-beta.2" + typescript: "npm:5.8.3" + languageName: unknown + linkType: soft + "@datadog/datadog-api-client-azure-integration@workspace:services/azure_integration": version: 0.0.0-use.local resolution: "@datadog/datadog-api-client-azure-integration@workspace:services/azure_integration" @@ -667,6 +676,15 @@ __metadata: languageName: unknown linkType: soft +"@datadog/datadog-api-client-delegated-token@workspace:services/delegated_token": + version: 0.0.0-use.local + resolution: "@datadog/datadog-api-client-delegated-token@workspace:services/delegated_token" + dependencies: + "@datadog/datadog-api-client": "npm:^2.0.0-beta.2" + typescript: "npm:5.8.3" + languageName: unknown + linkType: soft + "@datadog/datadog-api-client-deployment-gates@workspace:services/deployment_gates": version: 0.0.0-use.local resolution: "@datadog/datadog-api-client-deployment-gates@workspace:services/deployment_gates" @@ -856,6 +874,15 @@ __metadata: languageName: unknown linkType: soft +"@datadog/datadog-api-client-intake-key@workspace:services/intake_key": + version: 0.0.0-use.local + resolution: "@datadog/datadog-api-client-intake-key@workspace:services/intake_key" + dependencies: + "@datadog/datadog-api-client": "npm:^2.0.0-beta.2" + typescript: "npm:5.8.3" + languageName: unknown + linkType: soft + "@datadog/datadog-api-client-integrations@workspace:services/integrations": version: 0.0.0-use.local resolution: "@datadog/datadog-api-client-integrations@workspace:services/integrations"