Add CSM Agentless Read Endpoint (#2330)

Co-authored-by: ci.datadog-api-spec <[email protected]>

Author: api-clients-generation-pipeline[bot]

.apigentools-info

@@ -4,13 +4,13 @@
     "spec_versions": {
         "v1": {
             "apigentools_version": "1.6.6",
-            "regenerated": "2025-01-07 19:53:46.976483",
-            "spec_repo_commit": "d63fa330"
+            "regenerated": "2025-01-08 14:02:38.575019",
+            "spec_repo_commit": "1920836f"
         },
         "v2": {
             "apigentools_version": "1.6.6",
-            "regenerated": "2025-01-07 19:53:46.990711",
-            "spec_repo_commit": "d63fa330"
+            "regenerated": "2025-01-08 14:02:38.589493",
+            "spec_repo_commit": "1920836f"
         }
     }
 }

.generator/schemas/v2/openapi.yaml

@@ -2732,6 +2732,57 @@ components:
             $ref: '#/components/schemas/AwsCURConfig'
           type: array
       type: object
+    AwsScanOptionsAttributes:
+      description: Attributes for the AWS scan options.
+      properties:
+        lambda:
+          description: Indicates if scanning of Lambda functions is enabled.
+          example: true
+          type: boolean
+        sensitive_data:
+          description: Indicates if scanning for sensitive data is enabled.
+          example: false
+          type: boolean
+        vuln_containers_os:
+          description: Indicates if scanning for vulnerabilities in containers is
+            enabled.
+          example: true
+          type: boolean
+        vuln_host_os:
+          description: Indicates if scanning for vulnerabilities in hosts is enabled.
+          example: true
+          type: boolean
+      type: object
+    AwsScanOptionsData:
+      description: Single AWS Scan Options entry.
+      properties:
+        attributes:
+          $ref: '#/components/schemas/AwsScanOptionsAttributes'
+        id:
+          description: The ID of the AWS account.
+          example: '184366314700'
+          type: string
+        type:
+          $ref: '#/components/schemas/AwsScanOptionsType'
+      type: object
+    AwsScanOptionsResponse:
+      description: Response object that includes a list of AWS scan options.
+      properties:
+        data:
+          description: A list of AWS scan options.
+          items:
+            $ref: '#/components/schemas/AwsScanOptionsData'
+          type: array
+      type: object
+    AwsScanOptionsType:
+      default: aws_scan_options
+      description: The type of the resource. The value should always be `aws_scan_options`.
+      enum:
+      - aws_scan_options
+      example: aws_scan_options
+      type: string
+      x-enum-varnames:
+      - AWS_SCAN_OPTIONS
     AzureUCConfig:
       description: Azure config.
       properties:
@@ -30222,6 +30273,24 @@ info:
   version: '1.0'
 openapi: 3.0.0
 paths:
+  /api/v2/agentless_scanning/accounts/aws:
+    get:
+      description: Fetches the scan options configured for AWS accounts.
+      operationId: ListAwsScanOptions
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/AwsScanOptionsResponse'
+          description: OK
+        '403':
+          $ref: '#/components/responses/NotAuthorizedResponse'
+        '429':
+          $ref: '#/components/responses/TooManyRequestsResponse'
+      summary: Get AWS Scan Options
+      tags:
+      - Agentless Scanning
   /api/v2/api_keys:
     get:
       description: List all API keys available for your account.
@@ -48131,6 +48200,11 @@ tags:
   externalDocs:
     url: https://docs.datadoghq.com/integrations/amazon_web_services/#log-collection
   name: AWS Logs Integration
+- description: "Datadog Agentless Scanning provides visibility into risks and vulnerabilities\nwithin
+    your hosts, running containers, and serverless functions\u2014all without\nrequiring
+    teams to install Agents on every host or where Agents cannot be installed.\nGo
+    to https://www.datadoghq.com/blog/agentless-scanning/ to learn more"
+  name: Agentless Scanning
 - description: Datadog App Builder provides a low-code solution to rapidly develop
     and integrate secure, customized applications into your monitoring stack that
     are built to accelerate remediation at scale. These API endpoints allow you to

docs/datadog_api_client.v2.api.rst

@@ -4,6 +4,13 @@ datadog\_api\_client.v2.api package
 Submodules
 ----------
 
+datadog\_api\_client.v2.api.agentless\_scanning\_api module
+-----------------------------------------------------------
+
+.. automodule:: datadog_api_client.v2.api.agentless_scanning_api
+   :members:
+   :show-inheritance:
+
 datadog\_api\_client.v2.api.api\_management\_api module
 -------------------------------------------------------
 

docs/datadog_api_client.v2.model.rst

@@ -921,6 +921,34 @@ datadog\_api\_client.v2.model.aws\_resources\_config module
    :members:
    :show-inheritance:
 
+datadog\_api\_client.v2.model.aws\_scan\_options\_attributes module
+-------------------------------------------------------------------
+
+.. automodule:: datadog_api_client.v2.model.aws_scan_options_attributes
+   :members:
+   :show-inheritance:
+
+datadog\_api\_client.v2.model.aws\_scan\_options\_data module
+-------------------------------------------------------------
+
+.. automodule:: datadog_api_client.v2.model.aws_scan_options_data
+   :members:
+   :show-inheritance:
+
+datadog\_api\_client.v2.model.aws\_scan\_options\_response module
+-----------------------------------------------------------------
+
+.. automodule:: datadog_api_client.v2.model.aws_scan_options_response
+   :members:
+   :show-inheritance:
+
+datadog\_api\_client.v2.model.aws\_scan\_options\_type module
+-------------------------------------------------------------
+
+.. automodule:: datadog_api_client.v2.model.aws_scan_options_type
+   :members:
+   :show-inheritance:
+
 datadog\_api\_client.v2.model.aws\_traces\_config module
 --------------------------------------------------------
 

examples/v2/agentless-scanning/ListAwsScanOptions.py

@@ -0,0 +1,13 @@
+"""
+Get AWS Scan Options returns "OK" response
+"""
+
+from datadog_api_client import ApiClient, Configuration
+from datadog_api_client.v2.api.agentless_scanning_api import AgentlessScanningApi
+
+configuration = Configuration()
+with ApiClient(configuration) as api_client:
+    api_instance = AgentlessScanningApi(api_client)
+    response = api_instance.list_aws_scan_options()
+
+    print(response)

src/datadog_api_client/v2/api/agentless_scanning_api.py

@@ -0,0 +1,52 @@
+# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License.
+# This product includes software developed at Datadog (https://www.datadoghq.com/).
+# Copyright 2019-Present Datadog, Inc.
+from __future__ import annotations
+
+from typing import Any, Dict
+
+from datadog_api_client.api_client import ApiClient, Endpoint as _Endpoint
+from datadog_api_client.configuration import Configuration
+from datadog_api_client.v2.model.aws_scan_options_response import AwsScanOptionsResponse
+
+
+class AgentlessScanningApi:
+    """
+    Datadog Agentless Scanning provides visibility into risks and vulnerabilities
+    within your hosts, running containers, and serverless functions—all without
+    requiring teams to install Agents on every host or where Agents cannot be installed.
+    Go to https://www.datadoghq.com/blog/agentless-scanning/ to learn more
+    """
+
+    def __init__(self, api_client=None):
+        if api_client is None:
+            api_client = ApiClient(Configuration())
+        self.api_client = api_client
+
+        self._list_aws_scan_options_endpoint = _Endpoint(
+            settings={
+                "response_type": (AwsScanOptionsResponse,),
+                "auth": ["apiKeyAuth", "appKeyAuth"],
+                "endpoint_path": "/api/v2/agentless_scanning/accounts/aws",
+                "operation_id": "list_aws_scan_options",
+                "http_method": "GET",
+                "version": "v2",
+            },
+            params_map={},
+            headers_map={
+                "accept": ["application/json"],
+            },
+            api_client=api_client,
+        )
+
+    def list_aws_scan_options(
+        self,
+    ) -> AwsScanOptionsResponse:
+        """Get AWS Scan Options.
+
+        Fetches the scan options configured for AWS accounts.
+
+        :rtype: AwsScanOptionsResponse
+        """
+        kwargs: Dict[str, Any] = {}
+        return self._list_aws_scan_options_endpoint.call_with_http_info(**kwargs)

src/datadog_api_client/v2/apis/__init__.py

@@ -2,6 +2,7 @@
 from datadog_api_client.v2.api.apm_retention_filters_api import APMRetentionFiltersApi
 from datadog_api_client.v2.api.aws_integration_api import AWSIntegrationApi
 from datadog_api_client.v2.api.aws_logs_integration_api import AWSLogsIntegrationApi
+from datadog_api_client.v2.api.agentless_scanning_api import AgentlessScanningApi
 from datadog_api_client.v2.api.apps_api import AppsApi
 from datadog_api_client.v2.api.audit_api import AuditApi
 from datadog_api_client.v2.api.authn_mappings_api import AuthNMappingsApi
@@ -67,6 +68,7 @@
     "APMRetentionFiltersApi",
     "AWSIntegrationApi",
     "AWSLogsIntegrationApi",
+    "AgentlessScanningApi",
     "AppsApi",
     "AuditApi",
     "AuthNMappingsApi",

src/datadog_api_client/v2/model/aws_scan_options_attributes.py

@@ -0,0 +1,64 @@
+# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License.
+# This product includes software developed at Datadog (https://www.datadoghq.com/).
+# Copyright 2019-Present Datadog, Inc.
+from __future__ import annotations
+
+from typing import Union
+
+from datadog_api_client.model_utils import (
+    ModelNormal,
+    cached_property,
+    unset,
+    UnsetType,
+)
+
+
+class AwsScanOptionsAttributes(ModelNormal):
+    @cached_property
+    def openapi_types(_):
+        return {
+            "_lambda": (bool,),
+            "sensitive_data": (bool,),
+            "vuln_containers_os": (bool,),
+            "vuln_host_os": (bool,),
+        }
+
+    attribute_map = {
+        "_lambda": "lambda",
+        "sensitive_data": "sensitive_data",
+        "vuln_containers_os": "vuln_containers_os",
+        "vuln_host_os": "vuln_host_os",
+    }
+
+    def __init__(
+        self_,
+        _lambda: Union[bool, UnsetType] = unset,
+        sensitive_data: Union[bool, UnsetType] = unset,
+        vuln_containers_os: Union[bool, UnsetType] = unset,
+        vuln_host_os: Union[bool, UnsetType] = unset,
+        **kwargs,
+    ):
+        """
+        Attributes for the AWS scan options.
+
+        :param _lambda: Indicates if scanning of Lambda functions is enabled.
+        :type _lambda: bool, optional
+
+        :param sensitive_data: Indicates if scanning for sensitive data is enabled.
+        :type sensitive_data: bool, optional
+
+        :param vuln_containers_os: Indicates if scanning for vulnerabilities in containers is enabled.
+        :type vuln_containers_os: bool, optional
+
+        :param vuln_host_os: Indicates if scanning for vulnerabilities in hosts is enabled.
+        :type vuln_host_os: bool, optional
+        """
+        if _lambda is not unset:
+            kwargs["_lambda"] = _lambda
+        if sensitive_data is not unset:
+            kwargs["sensitive_data"] = sensitive_data
+        if vuln_containers_os is not unset:
+            kwargs["vuln_containers_os"] = vuln_containers_os
+        if vuln_host_os is not unset:
+            kwargs["vuln_host_os"] = vuln_host_os
+        super().__init__(kwargs)

src/datadog_api_client/v2/model/aws_scan_options_data.py

@@ -0,0 +1,64 @@
+# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License.
+# This product includes software developed at Datadog (https://www.datadoghq.com/).
+# Copyright 2019-Present Datadog, Inc.
+from __future__ import annotations
+
+from typing import Union, TYPE_CHECKING
+
+from datadog_api_client.model_utils import (
+    ModelNormal,
+    cached_property,
+    unset,
+    UnsetType,
+)
+
+
+if TYPE_CHECKING:
+    from datadog_api_client.v2.model.aws_scan_options_attributes import AwsScanOptionsAttributes
+    from datadog_api_client.v2.model.aws_scan_options_type import AwsScanOptionsType
+
+
+class AwsScanOptionsData(ModelNormal):
+    @cached_property
+    def openapi_types(_):
+        from datadog_api_client.v2.model.aws_scan_options_attributes import AwsScanOptionsAttributes
+        from datadog_api_client.v2.model.aws_scan_options_type import AwsScanOptionsType
+
+        return {
+            "attributes": (AwsScanOptionsAttributes,),
+            "id": (str,),
+            "type": (AwsScanOptionsType,),
+        }
+
+    attribute_map = {
+        "attributes": "attributes",
+        "id": "id",
+        "type": "type",
+    }
+
+    def __init__(
+        self_,
+        attributes: Union[AwsScanOptionsAttributes, UnsetType] = unset,
+        id: Union[str, UnsetType] = unset,
+        type: Union[AwsScanOptionsType, UnsetType] = unset,
+        **kwargs,
+    ):
+        """
+        Single AWS Scan Options entry.
+
+        :param attributes: Attributes for the AWS scan options.
+        :type attributes: AwsScanOptionsAttributes, optional
+
+        :param id: The ID of the AWS account.
+        :type id: str, optional
+
+        :param type: The type of the resource. The value should always be ``aws_scan_options``.
+        :type type: AwsScanOptionsType, optional
+        """
+        if attributes is not unset:
+            kwargs["attributes"] = attributes
+        if id is not unset:
+            kwargs["id"] = id
+        if type is not unset:
+            kwargs["type"] = type
+        super().__init__(kwargs)