Add CSM Agentless Read Endpoint

.apigentools-info

@@ -4,13 +4,13 @@
     "spec_versions": {
         "v1": {
             "apigentools_version": "1.6.6",
-            "regenerated": "2025-01-07 19:53:43.056949",
-            "spec_repo_commit": "d63fa330"
+            "regenerated": "2025-01-08 14:02:25.736805",
+            "spec_repo_commit": "1920836f"
         },
         "v2": {
             "apigentools_version": "1.6.6",
-            "regenerated": "2025-01-07 19:53:43.071705",
-            "spec_repo_commit": "d63fa330"
+            "regenerated": "2025-01-08 14:02:25.752564",
+            "spec_repo_commit": "1920836f"
         }
     }
 }

.generator/schemas/v2/openapi.yaml

@@ -2732,6 +2732,57 @@ components:
             $ref: '#/components/schemas/AwsCURConfig'
           type: array
       type: object
+    AwsScanOptionsAttributes:
+      description: Attributes for the AWS scan options.
+      properties:
+        lambda:
+          description: Indicates if scanning of Lambda functions is enabled.
+          example: true
+          type: boolean
+        sensitive_data:
+          description: Indicates if scanning for sensitive data is enabled.
+          example: false
+          type: boolean
+        vuln_containers_os:
+          description: Indicates if scanning for vulnerabilities in containers is
+            enabled.
+          example: true
+          type: boolean
+        vuln_host_os:
+          description: Indicates if scanning for vulnerabilities in hosts is enabled.
+          example: true
+          type: boolean
+      type: object
+    AwsScanOptionsData:
+      description: Single AWS Scan Options entry.
+      properties:
+        attributes:
+          $ref: '#/components/schemas/AwsScanOptionsAttributes'
+        id:
+          description: The ID of the AWS account.
+          example: '184366314700'
+          type: string
+        type:
+          $ref: '#/components/schemas/AwsScanOptionsType'
+      type: object
+    AwsScanOptionsResponse:
+      description: Response object that includes a list of AWS scan options.
+      properties:
+        data:
+          description: A list of AWS scan options.
+          items:
+            $ref: '#/components/schemas/AwsScanOptionsData'
+          type: array
+      type: object
+    AwsScanOptionsType:
+      default: aws_scan_options
+      description: The type of the resource. The value should always be `aws_scan_options`.
+      enum:
+      - aws_scan_options
+      example: aws_scan_options
+      type: string
+      x-enum-varnames:
+      - AWS_SCAN_OPTIONS
     AzureUCConfig:
       description: Azure config.
       properties:
@@ -30222,6 +30273,24 @@ info:
   version: '1.0'
 openapi: 3.0.0
 paths:
+  /api/v2/agentless_scanning/accounts/aws:
+    get:
+      description: Fetches the scan options configured for AWS accounts.
+      operationId: ListAwsScanOptions
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/AwsScanOptionsResponse'
+          description: OK
+        '403':
+          $ref: '#/components/responses/NotAuthorizedResponse'
+        '429':
+          $ref: '#/components/responses/TooManyRequestsResponse'
+      summary: Get AWS Scan Options
+      tags:
+      - Agentless Scanning
   /api/v2/api_keys:
     get:
       description: List all API keys available for your account.
@@ -48131,6 +48200,11 @@ tags:
   externalDocs:
     url: https://docs.datadoghq.com/integrations/amazon_web_services/#log-collection
   name: AWS Logs Integration
+- description: "Datadog Agentless Scanning provides visibility into risks and vulnerabilities\nwithin
+    your hosts, running containers, and serverless functions\u2014all without\nrequiring
+    teams to install Agents on every host or where Agents cannot be installed.\nGo
+    to https://www.datadoghq.com/blog/agentless-scanning/ to learn more"
+  name: Agentless Scanning
 - description: Datadog App Builder provides a low-code solution to rapidly develop
     and integrate secure, customized applications into your monitoring stack that
     are built to accelerate remediation at scale. These API endpoints allow you to

cassettes/features/v2/agentless_scanning/Get-AWS-Scan-Options-returns-OK-response.frozen

@@ -0,0 +1 @@
+2024-12-18T15:40:11.636Z

examples/v2/agentless-scanning/ListAwsScanOptions.rb

@@ -0,0 +1,5 @@
+# Get AWS Scan Options returns "OK" response
+
+require "datadog_api_client"
+api_instance = DatadogAPIClient::V2::AgentlessScanningAPI.new
+p api_instance.list_aws_scan_options()

features/v2/agentless_scanning.feature

@@ -0,0 +1,16 @@
+@endpoint(agentless-scanning) @endpoint(agentless-scanning-v2)
+Feature: Agentless Scanning
+  Datadog Agentless Scanning provides visibility into risks and
+  vulnerabilities within your hosts, running containers, and serverless
+  functions—all without requiring teams to install Agents on every host or
+  where Agents cannot be installed. Go to
+  https://www.datadoghq.com/blog/agentless-scanning/ to learn more
+
+  @team:DataDog/k9-cloud-security-platform
+  Scenario: Get AWS Scan Options returns "OK" response
+    Given a valid "apiKeyAuth" key in the system
+    And a valid "appKeyAuth" key in the system
+    And an instance of "AgentlessScanning" API
+    And new "ListAwsScanOptions" request
+    When the request is sent
+    Then the response status is 200 OK

features/v2/undo.json

@@ -1,4 +1,10 @@
 {
+  "ListAwsScanOptions": {
+    "tag": "Agentless Scanning",
+    "undo": {
+      "type": "safe"
+    }
+  },
   "ListAPIKeys": {
     "tag": "Key Management",
     "undo": {

lib/datadog_api_client/inflector.rb

@@ -1038,6 +1038,10 @@ def overrides
           "v2.aws_regions_include_all" => "AWSRegionsIncludeAll",
           "v2.aws_regions_include_only" => "AWSRegionsIncludeOnly",
           "v2.aws_resources_config" => "AWSResourcesConfig",
+          "v2.aws_scan_options_attributes" => "AwsScanOptionsAttributes",
+          "v2.aws_scan_options_data" => "AwsScanOptionsData",
+          "v2.aws_scan_options_response" => "AwsScanOptionsResponse",
+          "v2.aws_scan_options_type" => "AwsScanOptionsType",
           "v2.aws_traces_config" => "AWSTracesConfig",
           "v2.azure_uc_config" => "AzureUCConfig",
           "v2.azure_uc_config_pair" => "AzureUCConfigPair",
@@ -2824,6 +2828,7 @@ def overrides
         "v1.usage_metering_api" => "UsageMeteringAPI",
         "v1.users_api" => "UsersAPI",
         "v1.webhooks_integration_api" => "WebhooksIntegrationAPI",
+        "v2.agentless_scanning_api" => "AgentlessScanningAPI",
         "v2.api_management_api" => "APIManagementAPI",
         "v2.apm_retention_filters_api" => "APMRetentionFiltersAPI",
         "v2.apps_api" => "AppsAPI",

lib/datadog_api_client/v2/api/agentless_scanning_api.rb

@@ -0,0 +1,86 @@
+=begin
+#Datadog API V2 Collection
+
+#Collection of all Datadog Public endpoints.
+
+The version of the OpenAPI document: 1.0
+Contact: [email protected]
+Generated by: https://github.com/DataDog/datadog-api-client-ruby/tree/master/.generator
+
+ Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License.
+ This product includes software developed at Datadog (https://www.datadoghq.com/).
+ Copyright 2020-Present Datadog, Inc.
+
+=end
+
+require 'cgi'
+
+module DatadogAPIClient::V2
+  class AgentlessScanningAPI
+    attr_accessor :api_client
+
+    def initialize(api_client = DatadogAPIClient::APIClient.default)
+      @api_client = api_client
+    end
+
+    # Get AWS Scan Options.
+    #
+    # @see #list_aws_scan_options_with_http_info
+    def list_aws_scan_options(opts = {})
+      data, _status_code, _headers = list_aws_scan_options_with_http_info(opts)
+      data
+    end
+
+    # Get AWS Scan Options.
+    #
+    # Fetches the scan options configured for AWS accounts.
+    #
+    # @param opts [Hash] the optional parameters
+    # @return [Array<(AwsScanOptionsResponse, Integer, Hash)>] AwsScanOptionsResponse data, response status code and response headers
+    def list_aws_scan_options_with_http_info(opts = {})
+
+      if @api_client.config.debugging
+        @api_client.config.logger.debug 'Calling API: AgentlessScanningAPI.list_aws_scan_options ...'
+      end
+      # resource path
+      local_var_path = '/api/v2/agentless_scanning/accounts/aws'
+
+      # query parameters
+      query_params = opts[:query_params] || {}
+
+      # header parameters
+      header_params = opts[:header_params] || {}
+      # HTTP header 'Accept' (if needed)
+      header_params['Accept'] = @api_client.select_header_accept(['application/json'])
+
+      # form parameters
+      form_params = opts[:form_params] || {}
+
+      # http body (model)
+      post_body = opts[:debug_body]
+
+      # return_type
+      return_type = opts[:debug_return_type] || 'AwsScanOptionsResponse'
+
+      # auth_names
+      auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth]
+
+      new_options = opts.merge(
+        :operation => :list_aws_scan_options,
+        :header_params => header_params,
+        :query_params => query_params,
+        :form_params => form_params,
+        :body => post_body,
+        :auth_names => auth_names,
+        :return_type => return_type,
+        :api_version => "V2"
+      )
+
+      data, status_code, headers = @api_client.call_api(Net::HTTP::Get, local_var_path, new_options)
+      if @api_client.config.debugging
+        @api_client.config.logger.debug "API called: AgentlessScanningAPI#list_aws_scan_options\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+      end
+      return data, status_code, headers
+    end
+  end
+end