From b8a830b87bfaacff90a58d093cb02197df075fde Mon Sep 17 00:00:00 2001 From: "ci.datadog-api-spec" Date: Mon, 13 Jul 2026 16:33:55 +0000 Subject: [PATCH] Regenerate client from commit 86bba19 of spec repo --- config/_default/menus/api.en.yaml | 26 - .../en/api/v2/aws-integration/examples.json | 233 +---- .../api/v2/security-monitoring/examples.json | 74 +- data/api/v2/full_spec.yaml | 852 ++++++++++-------- data/api/v2/translate_actions.json | 10 - 5 files changed, 528 insertions(+), 667 deletions(-) diff --git a/config/_default/menus/api.en.yaml b/config/_default/menus/api.en.yaml index 9256bb8adb1..3dbfa1b22f9 100644 --- a/config/_default/menus/api.en.yaml +++ b/config/_default/menus/api.en.yaml @@ -83,32 +83,6 @@ menu: - ListAWSNamespaces unstable: [] order: 1 - - name: Preview AWS metric name filter - url: /api/latest/aws-integration/preview-aws-metric-name-filter/ - identifier: aws-integration-preview-aws-metric-name-filter - parent: aws-integration - generated: true - params: - versions: - - v2 - operationids: - - PreviewAWSMetricNameFilter - unstable: - - v2 - order: 20 - - name: Get AWS metric name filter preview - url: /api/latest/aws-integration/get-aws-metric-name-filter-preview/ - identifier: aws-integration-get-aws-metric-name-filter-preview - parent: aws-integration - generated: true - params: - versions: - - v2 - operationids: - - GetAWSMetricNameFilterPreview - unstable: - - v2 - order: 19 - name: Create AWS CCM config url: /api/latest/aws-integration/create-aws-ccm-config/ identifier: aws-integration-create-aws-ccm-config diff --git a/content/en/api/v2/aws-integration/examples.json b/content/en/api/v2/aws-integration/examples.json index a99b3a59f41..20a83bab20c 100644 --- a/content/en/api/v2/aws-integration/examples.json +++ b/content/en/api/v2/aws-integration/examples.json @@ -44,14 +44,6 @@ "collect_cloudwatch_alarms": false, "collect_custom_metrics": false, "enabled": true, - "metric_name_filters": [ - { - "include_only": [ - "aws.ec2.network_in" - ], - "namespace": "AWS/EC2" - } - ], "namespace_filters": { "exclude_only": [ "AWS/SQS", @@ -84,7 +76,7 @@ } ] }, - "html": "
\n
\n
\n
\n

data [required]

\n
\n

[object]

\n

List of AWS Account Integration Configs.

\n
\n
\n
\n
\n
\n

attributes

\n
\n

object

\n

AWS Account response attributes.

\n
\n
\n
\n
\n
\n

account_tags

\n
\n

[string]

\n

Tags to apply to all hosts and metrics reporting for this account. Defaults to [].

\n
\n \n
\n
\n
\n
\n
\n

auth_config

\n
\n

 <oneOf>

\n

AWS Authentication config.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

AWS Authentication config to integrate your account using an access key pair.

\n
\n
\n
\n
\n
\n

access_key_id [required]

\n
\n

string

\n

AWS Access Key ID.

\n
\n \n
\n
\n
\n
\n
\n

secret_access_key

\n
\n

string

\n

AWS Secret Access Key.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

AWS Authentication config to integrate your account using an IAM role.

\n
\n
\n
\n
\n
\n

external_id

\n
\n

string

\n

AWS IAM External ID for associated role.

\n
\n \n
\n
\n
\n
\n
\n

role_name [required]

\n
\n

string

\n

AWS IAM Role name.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

aws_account_id [required]

\n
\n

string

\n

AWS Account ID.

\n
\n \n
\n
\n
\n
\n
\n

aws_partition

\n
\n

enum

\n

AWS partition your AWS account is scoped to. Defaults to aws.\nSee Partitions\nin the AWS documentation for more information. \nAllowed enum values: aws,aws-cn,aws-us-gov

\n
\n \n
\n
\n
\n
\n
\n

aws_regions

\n
\n

 <oneOf>

\n

AWS Regions to collect data from. Defaults to include_all.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Include all regions. Defaults to true.

\n
\n
\n
\n
\n
\n

include_all [required]

\n
\n

boolean

\n

Include all regions.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these regions.

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these regions.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

created_at

\n
\n

date-time

\n

Timestamp of when the account integration was created.

\n
\n \n
\n
\n
\n
\n
\n

logs_config

\n
\n

object

\n

AWS Logs Collection config.

\n
\n
\n
\n
\n
\n

lambda_forwarder

\n
\n

object

\n

Log Autosubscription configuration for Datadog Forwarder Lambda functions.\nAutomatically set up triggers for existing and new logs for some services,\nensuring no logs from new resources are missed and saving time spent on manual configuration.

\n
\n
\n
\n
\n
\n

lambdas

\n
\n

[string]

\n

List of Datadog Lambda Log Forwarder ARNs in your AWS account. Defaults to [].

\n
\n \n
\n
\n
\n
\n
\n

log_source_config

\n
\n

object

\n

Log source configuration.

\n
\n
\n
\n
\n
\n

tag_filters

\n
\n

[object]

\n

List of AWS log source tag filters. Defaults to [].

\n
\n
\n
\n
\n
\n

source

\n
\n

string

\n

The AWS log source to which the tag filters defined in tags are applied.

\n
\n \n
\n
\n
\n
\n
\n

tags

\n
\n

[string]

\n

The AWS resource tags to filter on for the log source specified by source.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

sources

\n
\n

[string]

\n

List of service IDs set to enable automatic log collection.\nDiscover the list of available services with the\nGet list of AWS log ready\nservices\nendpoint.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

metrics_config

\n
\n

object

\n

AWS Metrics Collection config.

\n
\n
\n
\n
\n
\n

automute_enabled

\n
\n

boolean

\n

Enable EC2 automute for AWS metrics. Defaults to true.

\n
\n \n
\n
\n
\n
\n
\n

collect_cloudwatch_alarms

\n
\n

boolean

\n

Enable CloudWatch alarms collection. Defaults to false.

\n
\n \n
\n
\n
\n
\n
\n

collect_custom_metrics

\n
\n

boolean

\n

Enable custom metrics collection. Defaults to false.

\n
\n \n
\n
\n
\n
\n
\n

enabled

\n
\n

boolean

\n

Enable AWS metrics collection. Defaults to true.

\n
\n \n
\n
\n
\n
\n
\n

metric_name_filters

\n
\n

[ <oneOf>]

\n

AWS CloudWatch metric name filters. Each filter applies to a single namespace.\nExactly one of include_only or exclude_only must be set on each filter.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Include only metric names matching one of these patterns for a single namespace.

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only metric names matching one of these patterns.

\n
\n \n
\n
\n
\n
\n
\n

namespace [required]

\n
\n

string

\n

The AWS CloudWatch namespace to which this metric name filter applies.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Exclude metric names matching one of these patterns for a single namespace.

\n
\n
\n
\n
\n
\n

exclude_only [required]

\n
\n

[string]

\n

Exclude metric names matching one of these patterns.

\n
\n \n
\n
\n
\n
\n
\n

namespace [required]

\n
\n

string

\n

The AWS CloudWatch namespace to which this metric name filter applies.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

namespace_filters

\n
\n

 <oneOf>

\n

AWS Metrics namespace filters. Defaults to exclude_only.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Exclude only these namespaces from metrics collection.\nDefaults to ["AWS/SQS", "AWS/ElasticMapReduce", "AWS/Usage"].\nAWS/SQS, AWS/ElasticMapReduce, and AWS/Usage are excluded by default\nto reduce your AWS CloudWatch costs from GetMetricData API calls.

\n
\n
\n
\n
\n
\n

exclude_only [required]

\n
\n

[string]

\n

Exclude only these namespaces from metrics collection.\nDefaults to ["AWS/SQS", "AWS/ElasticMapReduce", "AWS/Usage"].\nAWS/SQS, AWS/ElasticMapReduce, and AWS/Usage are excluded by default\nto reduce your AWS CloudWatch costs from GetMetricData API calls.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these namespaces.

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these namespaces.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

tag_filters

\n
\n

[object]

\n

AWS Metrics collection tag filters list. Defaults to [].

\n
\n
\n
\n
\n
\n

namespace

\n
\n

string

\n

The AWS service for which the tag filters defined in tags will be applied.

\n
\n \n
\n
\n
\n
\n
\n

tags

\n
\n

[string]

\n

The AWS resource tags to filter on for the service specified by namespace.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

modified_at

\n
\n

date-time

\n

Timestamp of when the account integration was updated.

\n
\n \n
\n
\n
\n
\n
\n

resources_config

\n
\n

object

\n

AWS Resources Collection config.

\n
\n
\n
\n
\n
\n

cloud_security_posture_management_collection

\n
\n

boolean

\n

Enable Cloud Security Management to scan AWS resources for vulnerabilities, misconfigurations,\nidentity risks, and compliance violations. Defaults to false.\nRequires extended_collection to be set to true.

\n
\n \n
\n
\n
\n
\n
\n

extended_collection

\n
\n

boolean

\n

Whether Datadog collects additional attributes and configuration information about the resources\nin your AWS account. Defaults to true. Required for cloud_security_posture_management_collection.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

traces_config

\n
\n

object

\n

AWS Traces Collection config.

\n
\n
\n
\n
\n
\n

xray_services

\n
\n

 <oneOf>

\n

AWS X-Ray services to collect traces from. Defaults to include_only.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Include all services.

\n
\n
\n
\n
\n
\n

include_all [required]

\n
\n

boolean

\n

Include all services.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these services. Defaults to [].

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these services.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n

id [required]

\n
\n

string

\n

Unique Datadog ID of the AWS Account Integration Config.\nTo get the config ID for an account, use the\nList all AWS integrations\nendpoint and query by AWS Account ID.

\n
\n \n
\n
\n
\n
\n
\n

type [required]

\n
\n

enum

\n

AWS Account resource type. \nAllowed enum values: account

default: account

\n
\n \n
\n
\n
\n
" + "html": "
\n
\n
\n
\n

data [required]

\n
\n

[object]

\n

List of AWS Account Integration Configs.

\n
\n
\n
\n
\n
\n

attributes

\n
\n

object

\n

AWS Account response attributes.

\n
\n
\n
\n
\n
\n

account_tags

\n
\n

[string]

\n

Tags to apply to all hosts and metrics reporting for this account. Defaults to [].

\n
\n \n
\n
\n
\n
\n
\n

auth_config

\n
\n

 <oneOf>

\n

AWS Authentication config.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

AWS Authentication config to integrate your account using an access key pair.

\n
\n
\n
\n
\n
\n

access_key_id [required]

\n
\n

string

\n

AWS Access Key ID.

\n
\n \n
\n
\n
\n
\n
\n

secret_access_key

\n
\n

string

\n

AWS Secret Access Key.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

AWS Authentication config to integrate your account using an IAM role.

\n
\n
\n
\n
\n
\n

external_id

\n
\n

string

\n

AWS IAM External ID for associated role.

\n
\n \n
\n
\n
\n
\n
\n

role_name [required]

\n
\n

string

\n

AWS IAM Role name.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

aws_account_id [required]

\n
\n

string

\n

AWS Account ID.

\n
\n \n
\n
\n
\n
\n
\n

aws_partition

\n
\n

enum

\n

AWS partition your AWS account is scoped to. Defaults to aws.\nSee Partitions\nin the AWS documentation for more information. \nAllowed enum values: aws,aws-cn,aws-us-gov

\n
\n \n
\n
\n
\n
\n
\n

aws_regions

\n
\n

 <oneOf>

\n

AWS Regions to collect data from. Defaults to include_all.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Include all regions. Defaults to true.

\n
\n
\n
\n
\n
\n

include_all [required]

\n
\n

boolean

\n

Include all regions.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these regions.

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these regions.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

created_at

\n
\n

date-time

\n

Timestamp of when the account integration was created.

\n
\n \n
\n
\n
\n
\n
\n

logs_config

\n
\n

object

\n

AWS Logs Collection config.

\n
\n
\n
\n
\n
\n

lambda_forwarder

\n
\n

object

\n

Log Autosubscription configuration for Datadog Forwarder Lambda functions.\nAutomatically set up triggers for existing and new logs for some services,\nensuring no logs from new resources are missed and saving time spent on manual configuration.

\n
\n
\n
\n
\n
\n

lambdas

\n
\n

[string]

\n

List of Datadog Lambda Log Forwarder ARNs in your AWS account. Defaults to [].

\n
\n \n
\n
\n
\n
\n
\n

log_source_config

\n
\n

object

\n

Log source configuration.

\n
\n
\n
\n
\n
\n

tag_filters

\n
\n

[object]

\n

List of AWS log source tag filters. Defaults to [].

\n
\n
\n
\n
\n
\n

source

\n
\n

string

\n

The AWS log source to which the tag filters defined in tags are applied.

\n
\n \n
\n
\n
\n
\n
\n

tags

\n
\n

[string]

\n

The AWS resource tags to filter on for the log source specified by source.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

sources

\n
\n

[string]

\n

List of service IDs set to enable automatic log collection.\nDiscover the list of available services with the\nGet list of AWS log ready\nservices\nendpoint.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

metrics_config

\n
\n

object

\n

AWS Metrics Collection config.

\n
\n
\n
\n
\n
\n

automute_enabled

\n
\n

boolean

\n

Enable EC2 automute for AWS metrics. Defaults to true.

\n
\n \n
\n
\n
\n
\n
\n

collect_cloudwatch_alarms

\n
\n

boolean

\n

Enable CloudWatch alarms collection. Defaults to false.

\n
\n \n
\n
\n
\n
\n
\n

collect_custom_metrics

\n
\n

boolean

\n

Enable custom metrics collection. Defaults to false.

\n
\n \n
\n
\n
\n
\n
\n

enabled

\n
\n

boolean

\n

Enable AWS metrics collection. Defaults to true.

\n
\n \n
\n
\n
\n
\n
\n

namespace_filters

\n
\n

 <oneOf>

\n

AWS Metrics namespace filters. Defaults to exclude_only.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Exclude only these namespaces from metrics collection.\nDefaults to ["AWS/SQS", "AWS/ElasticMapReduce", "AWS/Usage"].\nAWS/SQS, AWS/ElasticMapReduce, and AWS/Usage are excluded by default\nto reduce your AWS CloudWatch costs from GetMetricData API calls.

\n
\n
\n
\n
\n
\n

exclude_only [required]

\n
\n

[string]

\n

Exclude only these namespaces from metrics collection.\nDefaults to ["AWS/SQS", "AWS/ElasticMapReduce", "AWS/Usage"].\nAWS/SQS, AWS/ElasticMapReduce, and AWS/Usage are excluded by default\nto reduce your AWS CloudWatch costs from GetMetricData API calls.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these namespaces.

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these namespaces.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

tag_filters

\n
\n

[object]

\n

AWS Metrics collection tag filters list. Defaults to [].

\n
\n
\n
\n
\n
\n

namespace

\n
\n

string

\n

The AWS service for which the tag filters defined in tags will be applied.

\n
\n \n
\n
\n
\n
\n
\n

tags

\n
\n

[string]

\n

The AWS resource tags to filter on for the service specified by namespace.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

modified_at

\n
\n

date-time

\n

Timestamp of when the account integration was updated.

\n
\n \n
\n
\n
\n
\n
\n

resources_config

\n
\n

object

\n

AWS Resources Collection config.

\n
\n
\n
\n
\n
\n

cloud_security_posture_management_collection

\n
\n

boolean

\n

Enable Cloud Security Management to scan AWS resources for vulnerabilities, misconfigurations,\nidentity risks, and compliance violations. Defaults to false.\nRequires extended_collection to be set to true.

\n
\n \n
\n
\n
\n
\n
\n

extended_collection

\n
\n

boolean

\n

Whether Datadog collects additional attributes and configuration information about the resources\nin your AWS account. Defaults to true. Required for cloud_security_posture_management_collection.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

traces_config

\n
\n

object

\n

AWS Traces Collection config.

\n
\n
\n
\n
\n
\n

xray_services

\n
\n

 <oneOf>

\n

AWS X-Ray services to collect traces from. Defaults to include_only.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Include all services.

\n
\n
\n
\n
\n
\n

include_all [required]

\n
\n

boolean

\n

Include all services.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these services. Defaults to [].

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these services.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n

id [required]

\n
\n

string

\n

Unique Datadog ID of the AWS Account Integration Config.\nTo get the config ID for an account, use the\nList all AWS integrations\nendpoint and query by AWS Account ID.

\n
\n \n
\n
\n
\n
\n
\n

type [required]

\n
\n

enum

\n

AWS Account resource type. \nAllowed enum values: account

default: account

\n
\n \n
\n
\n
\n
" }, "403": { "json": { @@ -153,14 +145,6 @@ "collect_cloudwatch_alarms": false, "collect_custom_metrics": false, "enabled": true, - "metric_name_filters": [ - { - "include_only": [ - "aws.ec2.network_in" - ], - "namespace": "AWS/EC2" - } - ], "namespace_filters": { "exclude_only": [ "AWS/SQS", @@ -192,7 +176,7 @@ "type": "account" } }, - "html": "
\n
\n
\n
\n

data [required]

\n
\n

object

\n

AWS Account response data.

\n
\n
\n
\n
\n
\n

attributes

\n
\n

object

\n

AWS Account response attributes.

\n
\n
\n
\n
\n
\n

account_tags

\n
\n

[string]

\n

Tags to apply to all hosts and metrics reporting for this account. Defaults to [].

\n
\n \n
\n
\n
\n
\n
\n

auth_config

\n
\n

 <oneOf>

\n

AWS Authentication config.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

AWS Authentication config to integrate your account using an access key pair.

\n
\n
\n
\n
\n
\n

access_key_id [required]

\n
\n

string

\n

AWS Access Key ID.

\n
\n \n
\n
\n
\n
\n
\n

secret_access_key

\n
\n

string

\n

AWS Secret Access Key.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

AWS Authentication config to integrate your account using an IAM role.

\n
\n
\n
\n
\n
\n

external_id

\n
\n

string

\n

AWS IAM External ID for associated role.

\n
\n \n
\n
\n
\n
\n
\n

role_name [required]

\n
\n

string

\n

AWS IAM Role name.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

aws_account_id [required]

\n
\n

string

\n

AWS Account ID.

\n
\n \n
\n
\n
\n
\n
\n

aws_partition

\n
\n

enum

\n

AWS partition your AWS account is scoped to. Defaults to aws.\nSee Partitions\nin the AWS documentation for more information. \nAllowed enum values: aws,aws-cn,aws-us-gov

\n
\n \n
\n
\n
\n
\n
\n

aws_regions

\n
\n

 <oneOf>

\n

AWS Regions to collect data from. Defaults to include_all.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Include all regions. Defaults to true.

\n
\n
\n
\n
\n
\n

include_all [required]

\n
\n

boolean

\n

Include all regions.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these regions.

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these regions.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

created_at

\n
\n

date-time

\n

Timestamp of when the account integration was created.

\n
\n \n
\n
\n
\n
\n
\n

logs_config

\n
\n

object

\n

AWS Logs Collection config.

\n
\n
\n
\n
\n
\n

lambda_forwarder

\n
\n

object

\n

Log Autosubscription configuration for Datadog Forwarder Lambda functions.\nAutomatically set up triggers for existing and new logs for some services,\nensuring no logs from new resources are missed and saving time spent on manual configuration.

\n
\n
\n
\n
\n
\n

lambdas

\n
\n

[string]

\n

List of Datadog Lambda Log Forwarder ARNs in your AWS account. Defaults to [].

\n
\n \n
\n
\n
\n
\n
\n

log_source_config

\n
\n

object

\n

Log source configuration.

\n
\n
\n
\n
\n
\n

tag_filters

\n
\n

[object]

\n

List of AWS log source tag filters. Defaults to [].

\n
\n
\n
\n
\n
\n

source

\n
\n

string

\n

The AWS log source to which the tag filters defined in tags are applied.

\n
\n \n
\n
\n
\n
\n
\n

tags

\n
\n

[string]

\n

The AWS resource tags to filter on for the log source specified by source.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

sources

\n
\n

[string]

\n

List of service IDs set to enable automatic log collection.\nDiscover the list of available services with the\nGet list of AWS log ready\nservices\nendpoint.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

metrics_config

\n
\n

object

\n

AWS Metrics Collection config.

\n
\n
\n
\n
\n
\n

automute_enabled

\n
\n

boolean

\n

Enable EC2 automute for AWS metrics. Defaults to true.

\n
\n \n
\n
\n
\n
\n
\n

collect_cloudwatch_alarms

\n
\n

boolean

\n

Enable CloudWatch alarms collection. Defaults to false.

\n
\n \n
\n
\n
\n
\n
\n

collect_custom_metrics

\n
\n

boolean

\n

Enable custom metrics collection. Defaults to false.

\n
\n \n
\n
\n
\n
\n
\n

enabled

\n
\n

boolean

\n

Enable AWS metrics collection. Defaults to true.

\n
\n \n
\n
\n
\n
\n
\n

metric_name_filters

\n
\n

[ <oneOf>]

\n

AWS CloudWatch metric name filters. Each filter applies to a single namespace.\nExactly one of include_only or exclude_only must be set on each filter.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Include only metric names matching one of these patterns for a single namespace.

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only metric names matching one of these patterns.

\n
\n \n
\n
\n
\n
\n
\n

namespace [required]

\n
\n

string

\n

The AWS CloudWatch namespace to which this metric name filter applies.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Exclude metric names matching one of these patterns for a single namespace.

\n
\n
\n
\n
\n
\n

exclude_only [required]

\n
\n

[string]

\n

Exclude metric names matching one of these patterns.

\n
\n \n
\n
\n
\n
\n
\n

namespace [required]

\n
\n

string

\n

The AWS CloudWatch namespace to which this metric name filter applies.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

namespace_filters

\n
\n

 <oneOf>

\n

AWS Metrics namespace filters. Defaults to exclude_only.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Exclude only these namespaces from metrics collection.\nDefaults to ["AWS/SQS", "AWS/ElasticMapReduce", "AWS/Usage"].\nAWS/SQS, AWS/ElasticMapReduce, and AWS/Usage are excluded by default\nto reduce your AWS CloudWatch costs from GetMetricData API calls.

\n
\n
\n
\n
\n
\n

exclude_only [required]

\n
\n

[string]

\n

Exclude only these namespaces from metrics collection.\nDefaults to ["AWS/SQS", "AWS/ElasticMapReduce", "AWS/Usage"].\nAWS/SQS, AWS/ElasticMapReduce, and AWS/Usage are excluded by default\nto reduce your AWS CloudWatch costs from GetMetricData API calls.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these namespaces.

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these namespaces.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

tag_filters

\n
\n

[object]

\n

AWS Metrics collection tag filters list. Defaults to [].

\n
\n
\n
\n
\n
\n

namespace

\n
\n

string

\n

The AWS service for which the tag filters defined in tags will be applied.

\n
\n \n
\n
\n
\n
\n
\n

tags

\n
\n

[string]

\n

The AWS resource tags to filter on for the service specified by namespace.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

modified_at

\n
\n

date-time

\n

Timestamp of when the account integration was updated.

\n
\n \n
\n
\n
\n
\n
\n

resources_config

\n
\n

object

\n

AWS Resources Collection config.

\n
\n
\n
\n
\n
\n

cloud_security_posture_management_collection

\n
\n

boolean

\n

Enable Cloud Security Management to scan AWS resources for vulnerabilities, misconfigurations,\nidentity risks, and compliance violations. Defaults to false.\nRequires extended_collection to be set to true.

\n
\n \n
\n
\n
\n
\n
\n

extended_collection

\n
\n

boolean

\n

Whether Datadog collects additional attributes and configuration information about the resources\nin your AWS account. Defaults to true. Required for cloud_security_posture_management_collection.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

traces_config

\n
\n

object

\n

AWS Traces Collection config.

\n
\n
\n
\n
\n
\n

xray_services

\n
\n

 <oneOf>

\n

AWS X-Ray services to collect traces from. Defaults to include_only.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Include all services.

\n
\n
\n
\n
\n
\n

include_all [required]

\n
\n

boolean

\n

Include all services.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these services. Defaults to [].

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these services.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n

id [required]

\n
\n

string

\n

Unique Datadog ID of the AWS Account Integration Config.\nTo get the config ID for an account, use the\nList all AWS integrations\nendpoint and query by AWS Account ID.

\n
\n \n
\n
\n
\n
\n
\n

type [required]

\n
\n

enum

\n

AWS Account resource type. \nAllowed enum values: account

default: account

\n
\n \n
\n
\n
\n
" + "html": "
\n
\n
\n
\n

data [required]

\n
\n

object

\n

AWS Account response data.

\n
\n
\n
\n
\n
\n

attributes

\n
\n

object

\n

AWS Account response attributes.

\n
\n
\n
\n
\n
\n

account_tags

\n
\n

[string]

\n

Tags to apply to all hosts and metrics reporting for this account. Defaults to [].

\n
\n \n
\n
\n
\n
\n
\n

auth_config

\n
\n

 <oneOf>

\n

AWS Authentication config.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

AWS Authentication config to integrate your account using an access key pair.

\n
\n
\n
\n
\n
\n

access_key_id [required]

\n
\n

string

\n

AWS Access Key ID.

\n
\n \n
\n
\n
\n
\n
\n

secret_access_key

\n
\n

string

\n

AWS Secret Access Key.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

AWS Authentication config to integrate your account using an IAM role.

\n
\n
\n
\n
\n
\n

external_id

\n
\n

string

\n

AWS IAM External ID for associated role.

\n
\n \n
\n
\n
\n
\n
\n

role_name [required]

\n
\n

string

\n

AWS IAM Role name.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

aws_account_id [required]

\n
\n

string

\n

AWS Account ID.

\n
\n \n
\n
\n
\n
\n
\n

aws_partition

\n
\n

enum

\n

AWS partition your AWS account is scoped to. Defaults to aws.\nSee Partitions\nin the AWS documentation for more information. \nAllowed enum values: aws,aws-cn,aws-us-gov

\n
\n \n
\n
\n
\n
\n
\n

aws_regions

\n
\n

 <oneOf>

\n

AWS Regions to collect data from. Defaults to include_all.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Include all regions. Defaults to true.

\n
\n
\n
\n
\n
\n

include_all [required]

\n
\n

boolean

\n

Include all regions.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these regions.

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these regions.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

created_at

\n
\n

date-time

\n

Timestamp of when the account integration was created.

\n
\n \n
\n
\n
\n
\n
\n

logs_config

\n
\n

object

\n

AWS Logs Collection config.

\n
\n
\n
\n
\n
\n

lambda_forwarder

\n
\n

object

\n

Log Autosubscription configuration for Datadog Forwarder Lambda functions.\nAutomatically set up triggers for existing and new logs for some services,\nensuring no logs from new resources are missed and saving time spent on manual configuration.

\n
\n
\n
\n
\n
\n

lambdas

\n
\n

[string]

\n

List of Datadog Lambda Log Forwarder ARNs in your AWS account. Defaults to [].

\n
\n \n
\n
\n
\n
\n
\n

log_source_config

\n
\n

object

\n

Log source configuration.

\n
\n
\n
\n
\n
\n

tag_filters

\n
\n

[object]

\n

List of AWS log source tag filters. Defaults to [].

\n
\n
\n
\n
\n
\n

source

\n
\n

string

\n

The AWS log source to which the tag filters defined in tags are applied.

\n
\n \n
\n
\n
\n
\n
\n

tags

\n
\n

[string]

\n

The AWS resource tags to filter on for the log source specified by source.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

sources

\n
\n

[string]

\n

List of service IDs set to enable automatic log collection.\nDiscover the list of available services with the\nGet list of AWS log ready\nservices\nendpoint.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

metrics_config

\n
\n

object

\n

AWS Metrics Collection config.

\n
\n
\n
\n
\n
\n

automute_enabled

\n
\n

boolean

\n

Enable EC2 automute for AWS metrics. Defaults to true.

\n
\n \n
\n
\n
\n
\n
\n

collect_cloudwatch_alarms

\n
\n

boolean

\n

Enable CloudWatch alarms collection. Defaults to false.

\n
\n \n
\n
\n
\n
\n
\n

collect_custom_metrics

\n
\n

boolean

\n

Enable custom metrics collection. Defaults to false.

\n
\n \n
\n
\n
\n
\n
\n

enabled

\n
\n

boolean

\n

Enable AWS metrics collection. Defaults to true.

\n
\n \n
\n
\n
\n
\n
\n

namespace_filters

\n
\n

 <oneOf>

\n

AWS Metrics namespace filters. Defaults to exclude_only.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Exclude only these namespaces from metrics collection.\nDefaults to ["AWS/SQS", "AWS/ElasticMapReduce", "AWS/Usage"].\nAWS/SQS, AWS/ElasticMapReduce, and AWS/Usage are excluded by default\nto reduce your AWS CloudWatch costs from GetMetricData API calls.

\n
\n
\n
\n
\n
\n

exclude_only [required]

\n
\n

[string]

\n

Exclude only these namespaces from metrics collection.\nDefaults to ["AWS/SQS", "AWS/ElasticMapReduce", "AWS/Usage"].\nAWS/SQS, AWS/ElasticMapReduce, and AWS/Usage are excluded by default\nto reduce your AWS CloudWatch costs from GetMetricData API calls.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these namespaces.

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these namespaces.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

tag_filters

\n
\n

[object]

\n

AWS Metrics collection tag filters list. Defaults to [].

\n
\n
\n
\n
\n
\n

namespace

\n
\n

string

\n

The AWS service for which the tag filters defined in tags will be applied.

\n
\n \n
\n
\n
\n
\n
\n

tags

\n
\n

[string]

\n

The AWS resource tags to filter on for the service specified by namespace.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

modified_at

\n
\n

date-time

\n

Timestamp of when the account integration was updated.

\n
\n \n
\n
\n
\n
\n
\n

resources_config

\n
\n

object

\n

AWS Resources Collection config.

\n
\n
\n
\n
\n
\n

cloud_security_posture_management_collection

\n
\n

boolean

\n

Enable Cloud Security Management to scan AWS resources for vulnerabilities, misconfigurations,\nidentity risks, and compliance violations. Defaults to false.\nRequires extended_collection to be set to true.

\n
\n \n
\n
\n
\n
\n
\n

extended_collection

\n
\n

boolean

\n

Whether Datadog collects additional attributes and configuration information about the resources\nin your AWS account. Defaults to true. Required for cloud_security_posture_management_collection.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

traces_config

\n
\n

object

\n

AWS Traces Collection config.

\n
\n
\n
\n
\n
\n

xray_services

\n
\n

 <oneOf>

\n

AWS X-Ray services to collect traces from. Defaults to include_only.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Include all services.

\n
\n
\n
\n
\n
\n

include_all [required]

\n
\n

boolean

\n

Include all services.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these services. Defaults to [].

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these services.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n

id [required]

\n
\n

string

\n

Unique Datadog ID of the AWS Account Integration Config.\nTo get the config ID for an account, use the\nList all AWS integrations\nendpoint and query by AWS Account ID.

\n
\n \n
\n
\n
\n
\n
\n

type [required]

\n
\n

enum

\n

AWS Account resource type. \nAllowed enum values: account

default: account

\n
\n \n
\n
\n
\n
" }, "400": { "json": { @@ -278,14 +262,6 @@ "collect_cloudwatch_alarms": false, "collect_custom_metrics": false, "enabled": true, - "metric_name_filters": [ - { - "include_only": [ - "aws.ec2.network_in" - ], - "namespace": "AWS/EC2" - } - ], "namespace_filters": { "exclude_only": [ "AWS/SQS", @@ -315,7 +291,7 @@ "type": "account" } }, - "html": "
\n
\n
\n
\n

data [required]

\n
\n

object

\n

AWS Account Create Request data.

\n
\n
\n
\n
\n
\n

attributes [required]

\n
\n

object

\n

The AWS Account Integration Config to be created.

\n
\n
\n
\n
\n
\n

account_tags

\n
\n

[string]

\n

Tags to apply to all hosts and metrics reporting for this account. Defaults to [].

\n
\n \n
\n
\n
\n
\n
\n

auth_config [required]

\n
\n

 <oneOf>

\n

AWS Authentication config.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

AWS Authentication config to integrate your account using an access key pair.

\n
\n
\n
\n
\n
\n

access_key_id [required]

\n
\n

string

\n

AWS Access Key ID.

\n
\n \n
\n
\n
\n
\n
\n

secret_access_key

\n
\n

string

\n

AWS Secret Access Key.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

AWS Authentication config to integrate your account using an IAM role.

\n
\n
\n
\n
\n
\n

external_id

\n
\n

string

\n

AWS IAM External ID for associated role.

\n
\n \n
\n
\n
\n
\n
\n

role_name [required]

\n
\n

string

\n

AWS IAM Role name.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

aws_account_id [required]

\n
\n

string

\n

AWS Account ID.

\n
\n \n
\n
\n
\n
\n
\n

aws_partition [required]

\n
\n

enum

\n

AWS partition your AWS account is scoped to. Defaults to aws.\nSee Partitions\nin the AWS documentation for more information. \nAllowed enum values: aws,aws-cn,aws-us-gov

\n
\n \n
\n
\n
\n
\n
\n

aws_regions

\n
\n

 <oneOf>

\n

AWS Regions to collect data from. Defaults to include_all.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Include all regions. Defaults to true.

\n
\n
\n
\n
\n
\n

include_all [required]

\n
\n

boolean

\n

Include all regions.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these regions.

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these regions.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

logs_config

\n
\n

object

\n

AWS Logs Collection config.

\n
\n
\n
\n
\n
\n

lambda_forwarder

\n
\n

object

\n

Log Autosubscription configuration for Datadog Forwarder Lambda functions.\nAutomatically set up triggers for existing and new logs for some services,\nensuring no logs from new resources are missed and saving time spent on manual configuration.

\n
\n
\n
\n
\n
\n

lambdas

\n
\n

[string]

\n

List of Datadog Lambda Log Forwarder ARNs in your AWS account. Defaults to [].

\n
\n \n
\n
\n
\n
\n
\n

log_source_config

\n
\n

object

\n

Log source configuration.

\n
\n
\n
\n
\n
\n

tag_filters

\n
\n

[object]

\n

List of AWS log source tag filters. Defaults to [].

\n
\n
\n
\n
\n
\n

source

\n
\n

string

\n

The AWS log source to which the tag filters defined in tags are applied.

\n
\n \n
\n
\n
\n
\n
\n

tags

\n
\n

[string]

\n

The AWS resource tags to filter on for the log source specified by source.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

sources

\n
\n

[string]

\n

List of service IDs set to enable automatic log collection.\nDiscover the list of available services with the\nGet list of AWS log ready\nservices\nendpoint.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

metrics_config

\n
\n

object

\n

AWS Metrics Collection config.

\n
\n
\n
\n
\n
\n

automute_enabled

\n
\n

boolean

\n

Enable EC2 automute for AWS metrics. Defaults to true.

\n
\n \n
\n
\n
\n
\n
\n

collect_cloudwatch_alarms

\n
\n

boolean

\n

Enable CloudWatch alarms collection. Defaults to false.

\n
\n \n
\n
\n
\n
\n
\n

collect_custom_metrics

\n
\n

boolean

\n

Enable custom metrics collection. Defaults to false.

\n
\n \n
\n
\n
\n
\n
\n

enabled

\n
\n

boolean

\n

Enable AWS metrics collection. Defaults to true.

\n
\n \n
\n
\n
\n
\n
\n

metric_name_filters

\n
\n

[ <oneOf>]

\n

AWS CloudWatch metric name filters. Each filter applies to a single namespace.\nExactly one of include_only or exclude_only must be set on each filter.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Include only metric names matching one of these patterns for a single namespace.

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only metric names matching one of these patterns.

\n
\n \n
\n
\n
\n
\n
\n

namespace [required]

\n
\n

string

\n

The AWS CloudWatch namespace to which this metric name filter applies.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Exclude metric names matching one of these patterns for a single namespace.

\n
\n
\n
\n
\n
\n

exclude_only [required]

\n
\n

[string]

\n

Exclude metric names matching one of these patterns.

\n
\n \n
\n
\n
\n
\n
\n

namespace [required]

\n
\n

string

\n

The AWS CloudWatch namespace to which this metric name filter applies.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

namespace_filters

\n
\n

 <oneOf>

\n

AWS Metrics namespace filters. Defaults to exclude_only.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Exclude only these namespaces from metrics collection.\nDefaults to ["AWS/SQS", "AWS/ElasticMapReduce", "AWS/Usage"].\nAWS/SQS, AWS/ElasticMapReduce, and AWS/Usage are excluded by default\nto reduce your AWS CloudWatch costs from GetMetricData API calls.

\n
\n
\n
\n
\n
\n

exclude_only [required]

\n
\n

[string]

\n

Exclude only these namespaces from metrics collection.\nDefaults to ["AWS/SQS", "AWS/ElasticMapReduce", "AWS/Usage"].\nAWS/SQS, AWS/ElasticMapReduce, and AWS/Usage are excluded by default\nto reduce your AWS CloudWatch costs from GetMetricData API calls.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these namespaces.

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these namespaces.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

tag_filters

\n
\n

[object]

\n

AWS Metrics collection tag filters list. Defaults to [].

\n
\n
\n
\n
\n
\n

namespace

\n
\n

string

\n

The AWS service for which the tag filters defined in tags will be applied.

\n
\n \n
\n
\n
\n
\n
\n

tags

\n
\n

[string]

\n

The AWS resource tags to filter on for the service specified by namespace.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

resources_config

\n
\n

object

\n

AWS Resources Collection config.

\n
\n
\n
\n
\n
\n

cloud_security_posture_management_collection

\n
\n

boolean

\n

Enable Cloud Security Management to scan AWS resources for vulnerabilities, misconfigurations,\nidentity risks, and compliance violations. Defaults to false.\nRequires extended_collection to be set to true.

\n
\n \n
\n
\n
\n
\n
\n

extended_collection

\n
\n

boolean

\n

Whether Datadog collects additional attributes and configuration information about the resources\nin your AWS account. Defaults to true. Required for cloud_security_posture_management_collection.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

traces_config

\n
\n

object

\n

AWS Traces Collection config.

\n
\n
\n
\n
\n
\n

xray_services

\n
\n

 <oneOf>

\n

AWS X-Ray services to collect traces from. Defaults to include_only.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Include all services.

\n
\n
\n
\n
\n
\n

include_all [required]

\n
\n

boolean

\n

Include all services.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these services. Defaults to [].

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these services.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n

type [required]

\n
\n

enum

\n

AWS Account resource type. \nAllowed enum values: account

default: account

\n
\n \n
\n
\n
\n
" + "html": "
\n
\n
\n
\n

data [required]

\n
\n

object

\n

AWS Account Create Request data.

\n
\n
\n
\n
\n
\n

attributes [required]

\n
\n

object

\n

The AWS Account Integration Config to be created.

\n
\n
\n
\n
\n
\n

account_tags

\n
\n

[string]

\n

Tags to apply to all hosts and metrics reporting for this account. Defaults to [].

\n
\n \n
\n
\n
\n
\n
\n

auth_config [required]

\n
\n

 <oneOf>

\n

AWS Authentication config.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

AWS Authentication config to integrate your account using an access key pair.

\n
\n
\n
\n
\n
\n

access_key_id [required]

\n
\n

string

\n

AWS Access Key ID.

\n
\n \n
\n
\n
\n
\n
\n

secret_access_key

\n
\n

string

\n

AWS Secret Access Key.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

AWS Authentication config to integrate your account using an IAM role.

\n
\n
\n
\n
\n
\n

external_id

\n
\n

string

\n

AWS IAM External ID for associated role.

\n
\n \n
\n
\n
\n
\n
\n

role_name [required]

\n
\n

string

\n

AWS IAM Role name.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

aws_account_id [required]

\n
\n

string

\n

AWS Account ID.

\n
\n \n
\n
\n
\n
\n
\n

aws_partition [required]

\n
\n

enum

\n

AWS partition your AWS account is scoped to. Defaults to aws.\nSee Partitions\nin the AWS documentation for more information. \nAllowed enum values: aws,aws-cn,aws-us-gov

\n
\n \n
\n
\n
\n
\n
\n

aws_regions

\n
\n

 <oneOf>

\n

AWS Regions to collect data from. Defaults to include_all.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Include all regions. Defaults to true.

\n
\n
\n
\n
\n
\n

include_all [required]

\n
\n

boolean

\n

Include all regions.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these regions.

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these regions.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

logs_config

\n
\n

object

\n

AWS Logs Collection config.

\n
\n
\n
\n
\n
\n

lambda_forwarder

\n
\n

object

\n

Log Autosubscription configuration for Datadog Forwarder Lambda functions.\nAutomatically set up triggers for existing and new logs for some services,\nensuring no logs from new resources are missed and saving time spent on manual configuration.

\n
\n
\n
\n
\n
\n

lambdas

\n
\n

[string]

\n

List of Datadog Lambda Log Forwarder ARNs in your AWS account. Defaults to [].

\n
\n \n
\n
\n
\n
\n
\n

log_source_config

\n
\n

object

\n

Log source configuration.

\n
\n
\n
\n
\n
\n

tag_filters

\n
\n

[object]

\n

List of AWS log source tag filters. Defaults to [].

\n
\n
\n
\n
\n
\n

source

\n
\n

string

\n

The AWS log source to which the tag filters defined in tags are applied.

\n
\n \n
\n
\n
\n
\n
\n

tags

\n
\n

[string]

\n

The AWS resource tags to filter on for the log source specified by source.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

sources

\n
\n

[string]

\n

List of service IDs set to enable automatic log collection.\nDiscover the list of available services with the\nGet list of AWS log ready\nservices\nendpoint.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

metrics_config

\n
\n

object

\n

AWS Metrics Collection config.

\n
\n
\n
\n
\n
\n

automute_enabled

\n
\n

boolean

\n

Enable EC2 automute for AWS metrics. Defaults to true.

\n
\n \n
\n
\n
\n
\n
\n

collect_cloudwatch_alarms

\n
\n

boolean

\n

Enable CloudWatch alarms collection. Defaults to false.

\n
\n \n
\n
\n
\n
\n
\n

collect_custom_metrics

\n
\n

boolean

\n

Enable custom metrics collection. Defaults to false.

\n
\n \n
\n
\n
\n
\n
\n

enabled

\n
\n

boolean

\n

Enable AWS metrics collection. Defaults to true.

\n
\n \n
\n
\n
\n
\n
\n

namespace_filters

\n
\n

 <oneOf>

\n

AWS Metrics namespace filters. Defaults to exclude_only.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Exclude only these namespaces from metrics collection.\nDefaults to ["AWS/SQS", "AWS/ElasticMapReduce", "AWS/Usage"].\nAWS/SQS, AWS/ElasticMapReduce, and AWS/Usage are excluded by default\nto reduce your AWS CloudWatch costs from GetMetricData API calls.

\n
\n
\n
\n
\n
\n

exclude_only [required]

\n
\n

[string]

\n

Exclude only these namespaces from metrics collection.\nDefaults to ["AWS/SQS", "AWS/ElasticMapReduce", "AWS/Usage"].\nAWS/SQS, AWS/ElasticMapReduce, and AWS/Usage are excluded by default\nto reduce your AWS CloudWatch costs from GetMetricData API calls.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these namespaces.

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these namespaces.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

tag_filters

\n
\n

[object]

\n

AWS Metrics collection tag filters list. Defaults to [].

\n
\n
\n
\n
\n
\n

namespace

\n
\n

string

\n

The AWS service for which the tag filters defined in tags will be applied.

\n
\n \n
\n
\n
\n
\n
\n

tags

\n
\n

[string]

\n

The AWS resource tags to filter on for the service specified by namespace.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

resources_config

\n
\n

object

\n

AWS Resources Collection config.

\n
\n
\n
\n
\n
\n

cloud_security_posture_management_collection

\n
\n

boolean

\n

Enable Cloud Security Management to scan AWS resources for vulnerabilities, misconfigurations,\nidentity risks, and compliance violations. Defaults to false.\nRequires extended_collection to be set to true.

\n
\n \n
\n
\n
\n
\n
\n

extended_collection

\n
\n

boolean

\n

Whether Datadog collects additional attributes and configuration information about the resources\nin your AWS account. Defaults to true. Required for cloud_security_posture_management_collection.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

traces_config

\n
\n

object

\n

AWS Traces Collection config.

\n
\n
\n
\n
\n
\n

xray_services

\n
\n

 <oneOf>

\n

AWS X-Ray services to collect traces from. Defaults to include_only.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Include all services.

\n
\n
\n
\n
\n
\n

include_all [required]

\n
\n

boolean

\n

Include all services.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these services. Defaults to [].

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these services.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n

type [required]

\n
\n

enum

\n

AWS Account resource type. \nAllowed enum values: account

default: account

\n
\n \n
\n
\n
\n
" } }, "DeleteAWSAccount": { @@ -403,14 +379,6 @@ "collect_cloudwatch_alarms": false, "collect_custom_metrics": false, "enabled": true, - "metric_name_filters": [ - { - "include_only": [ - "aws.ec2.network_in" - ], - "namespace": "AWS/EC2" - } - ], "namespace_filters": { "exclude_only": [ "AWS/SQS", @@ -442,7 +410,7 @@ "type": "account" } }, - "html": "
\n
\n
\n
\n

data [required]

\n
\n

object

\n

AWS Account response data.

\n
\n
\n
\n
\n
\n

attributes

\n
\n

object

\n

AWS Account response attributes.

\n
\n
\n
\n
\n
\n

account_tags

\n
\n

[string]

\n

Tags to apply to all hosts and metrics reporting for this account. Defaults to [].

\n
\n \n
\n
\n
\n
\n
\n

auth_config

\n
\n

 <oneOf>

\n

AWS Authentication config.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

AWS Authentication config to integrate your account using an access key pair.

\n
\n
\n
\n
\n
\n

access_key_id [required]

\n
\n

string

\n

AWS Access Key ID.

\n
\n \n
\n
\n
\n
\n
\n

secret_access_key

\n
\n

string

\n

AWS Secret Access Key.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

AWS Authentication config to integrate your account using an IAM role.

\n
\n
\n
\n
\n
\n

external_id

\n
\n

string

\n

AWS IAM External ID for associated role.

\n
\n \n
\n
\n
\n
\n
\n

role_name [required]

\n
\n

string

\n

AWS IAM Role name.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

aws_account_id [required]

\n
\n

string

\n

AWS Account ID.

\n
\n \n
\n
\n
\n
\n
\n

aws_partition

\n
\n

enum

\n

AWS partition your AWS account is scoped to. Defaults to aws.\nSee Partitions\nin the AWS documentation for more information. \nAllowed enum values: aws,aws-cn,aws-us-gov

\n
\n \n
\n
\n
\n
\n
\n

aws_regions

\n
\n

 <oneOf>

\n

AWS Regions to collect data from. Defaults to include_all.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Include all regions. Defaults to true.

\n
\n
\n
\n
\n
\n

include_all [required]

\n
\n

boolean

\n

Include all regions.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these regions.

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these regions.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

created_at

\n
\n

date-time

\n

Timestamp of when the account integration was created.

\n
\n \n
\n
\n
\n
\n
\n

logs_config

\n
\n

object

\n

AWS Logs Collection config.

\n
\n
\n
\n
\n
\n

lambda_forwarder

\n
\n

object

\n

Log Autosubscription configuration for Datadog Forwarder Lambda functions.\nAutomatically set up triggers for existing and new logs for some services,\nensuring no logs from new resources are missed and saving time spent on manual configuration.

\n
\n
\n
\n
\n
\n

lambdas

\n
\n

[string]

\n

List of Datadog Lambda Log Forwarder ARNs in your AWS account. Defaults to [].

\n
\n \n
\n
\n
\n
\n
\n

log_source_config

\n
\n

object

\n

Log source configuration.

\n
\n
\n
\n
\n
\n

tag_filters

\n
\n

[object]

\n

List of AWS log source tag filters. Defaults to [].

\n
\n
\n
\n
\n
\n

source

\n
\n

string

\n

The AWS log source to which the tag filters defined in tags are applied.

\n
\n \n
\n
\n
\n
\n
\n

tags

\n
\n

[string]

\n

The AWS resource tags to filter on for the log source specified by source.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

sources

\n
\n

[string]

\n

List of service IDs set to enable automatic log collection.\nDiscover the list of available services with the\nGet list of AWS log ready\nservices\nendpoint.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

metrics_config

\n
\n

object

\n

AWS Metrics Collection config.

\n
\n
\n
\n
\n
\n

automute_enabled

\n
\n

boolean

\n

Enable EC2 automute for AWS metrics. Defaults to true.

\n
\n \n
\n
\n
\n
\n
\n

collect_cloudwatch_alarms

\n
\n

boolean

\n

Enable CloudWatch alarms collection. Defaults to false.

\n
\n \n
\n
\n
\n
\n
\n

collect_custom_metrics

\n
\n

boolean

\n

Enable custom metrics collection. Defaults to false.

\n
\n \n
\n
\n
\n
\n
\n

enabled

\n
\n

boolean

\n

Enable AWS metrics collection. Defaults to true.

\n
\n \n
\n
\n
\n
\n
\n

metric_name_filters

\n
\n

[ <oneOf>]

\n

AWS CloudWatch metric name filters. Each filter applies to a single namespace.\nExactly one of include_only or exclude_only must be set on each filter.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Include only metric names matching one of these patterns for a single namespace.

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only metric names matching one of these patterns.

\n
\n \n
\n
\n
\n
\n
\n

namespace [required]

\n
\n

string

\n

The AWS CloudWatch namespace to which this metric name filter applies.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Exclude metric names matching one of these patterns for a single namespace.

\n
\n
\n
\n
\n
\n

exclude_only [required]

\n
\n

[string]

\n

Exclude metric names matching one of these patterns.

\n
\n \n
\n
\n
\n
\n
\n

namespace [required]

\n
\n

string

\n

The AWS CloudWatch namespace to which this metric name filter applies.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

namespace_filters

\n
\n

 <oneOf>

\n

AWS Metrics namespace filters. Defaults to exclude_only.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Exclude only these namespaces from metrics collection.\nDefaults to ["AWS/SQS", "AWS/ElasticMapReduce", "AWS/Usage"].\nAWS/SQS, AWS/ElasticMapReduce, and AWS/Usage are excluded by default\nto reduce your AWS CloudWatch costs from GetMetricData API calls.

\n
\n
\n
\n
\n
\n

exclude_only [required]

\n
\n

[string]

\n

Exclude only these namespaces from metrics collection.\nDefaults to ["AWS/SQS", "AWS/ElasticMapReduce", "AWS/Usage"].\nAWS/SQS, AWS/ElasticMapReduce, and AWS/Usage are excluded by default\nto reduce your AWS CloudWatch costs from GetMetricData API calls.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these namespaces.

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these namespaces.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

tag_filters

\n
\n

[object]

\n

AWS Metrics collection tag filters list. Defaults to [].

\n
\n
\n
\n
\n
\n

namespace

\n
\n

string

\n

The AWS service for which the tag filters defined in tags will be applied.

\n
\n \n
\n
\n
\n
\n
\n

tags

\n
\n

[string]

\n

The AWS resource tags to filter on for the service specified by namespace.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

modified_at

\n
\n

date-time

\n

Timestamp of when the account integration was updated.

\n
\n \n
\n
\n
\n
\n
\n

resources_config

\n
\n

object

\n

AWS Resources Collection config.

\n
\n
\n
\n
\n
\n

cloud_security_posture_management_collection

\n
\n

boolean

\n

Enable Cloud Security Management to scan AWS resources for vulnerabilities, misconfigurations,\nidentity risks, and compliance violations. Defaults to false.\nRequires extended_collection to be set to true.

\n
\n \n
\n
\n
\n
\n
\n

extended_collection

\n
\n

boolean

\n

Whether Datadog collects additional attributes and configuration information about the resources\nin your AWS account. Defaults to true. Required for cloud_security_posture_management_collection.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

traces_config

\n
\n

object

\n

AWS Traces Collection config.

\n
\n
\n
\n
\n
\n

xray_services

\n
\n

 <oneOf>

\n

AWS X-Ray services to collect traces from. Defaults to include_only.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Include all services.

\n
\n
\n
\n
\n
\n

include_all [required]

\n
\n

boolean

\n

Include all services.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these services. Defaults to [].

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these services.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n

id [required]

\n
\n

string

\n

Unique Datadog ID of the AWS Account Integration Config.\nTo get the config ID for an account, use the\nList all AWS integrations\nendpoint and query by AWS Account ID.

\n
\n \n
\n
\n
\n
\n
\n

type [required]

\n
\n

enum

\n

AWS Account resource type. \nAllowed enum values: account

default: account

\n
\n \n
\n
\n
\n
" + "html": "
\n
\n
\n
\n

data [required]

\n
\n

object

\n

AWS Account response data.

\n
\n
\n
\n
\n
\n

attributes

\n
\n

object

\n

AWS Account response attributes.

\n
\n
\n
\n
\n
\n

account_tags

\n
\n

[string]

\n

Tags to apply to all hosts and metrics reporting for this account. Defaults to [].

\n
\n \n
\n
\n
\n
\n
\n

auth_config

\n
\n

 <oneOf>

\n

AWS Authentication config.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

AWS Authentication config to integrate your account using an access key pair.

\n
\n
\n
\n
\n
\n

access_key_id [required]

\n
\n

string

\n

AWS Access Key ID.

\n
\n \n
\n
\n
\n
\n
\n

secret_access_key

\n
\n

string

\n

AWS Secret Access Key.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

AWS Authentication config to integrate your account using an IAM role.

\n
\n
\n
\n
\n
\n

external_id

\n
\n

string

\n

AWS IAM External ID for associated role.

\n
\n \n
\n
\n
\n
\n
\n

role_name [required]

\n
\n

string

\n

AWS IAM Role name.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

aws_account_id [required]

\n
\n

string

\n

AWS Account ID.

\n
\n \n
\n
\n
\n
\n
\n

aws_partition

\n
\n

enum

\n

AWS partition your AWS account is scoped to. Defaults to aws.\nSee Partitions\nin the AWS documentation for more information. \nAllowed enum values: aws,aws-cn,aws-us-gov

\n
\n \n
\n
\n
\n
\n
\n

aws_regions

\n
\n

 <oneOf>

\n

AWS Regions to collect data from. Defaults to include_all.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Include all regions. Defaults to true.

\n
\n
\n
\n
\n
\n

include_all [required]

\n
\n

boolean

\n

Include all regions.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these regions.

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these regions.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

created_at

\n
\n

date-time

\n

Timestamp of when the account integration was created.

\n
\n \n
\n
\n
\n
\n
\n

logs_config

\n
\n

object

\n

AWS Logs Collection config.

\n
\n
\n
\n
\n
\n

lambda_forwarder

\n
\n

object

\n

Log Autosubscription configuration for Datadog Forwarder Lambda functions.\nAutomatically set up triggers for existing and new logs for some services,\nensuring no logs from new resources are missed and saving time spent on manual configuration.

\n
\n
\n
\n
\n
\n

lambdas

\n
\n

[string]

\n

List of Datadog Lambda Log Forwarder ARNs in your AWS account. Defaults to [].

\n
\n \n
\n
\n
\n
\n
\n

log_source_config

\n
\n

object

\n

Log source configuration.

\n
\n
\n
\n
\n
\n

tag_filters

\n
\n

[object]

\n

List of AWS log source tag filters. Defaults to [].

\n
\n
\n
\n
\n
\n

source

\n
\n

string

\n

The AWS log source to which the tag filters defined in tags are applied.

\n
\n \n
\n
\n
\n
\n
\n

tags

\n
\n

[string]

\n

The AWS resource tags to filter on for the log source specified by source.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

sources

\n
\n

[string]

\n

List of service IDs set to enable automatic log collection.\nDiscover the list of available services with the\nGet list of AWS log ready\nservices\nendpoint.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

metrics_config

\n
\n

object

\n

AWS Metrics Collection config.

\n
\n
\n
\n
\n
\n

automute_enabled

\n
\n

boolean

\n

Enable EC2 automute for AWS metrics. Defaults to true.

\n
\n \n
\n
\n
\n
\n
\n

collect_cloudwatch_alarms

\n
\n

boolean

\n

Enable CloudWatch alarms collection. Defaults to false.

\n
\n \n
\n
\n
\n
\n
\n

collect_custom_metrics

\n
\n

boolean

\n

Enable custom metrics collection. Defaults to false.

\n
\n \n
\n
\n
\n
\n
\n

enabled

\n
\n

boolean

\n

Enable AWS metrics collection. Defaults to true.

\n
\n \n
\n
\n
\n
\n
\n

namespace_filters

\n
\n

 <oneOf>

\n

AWS Metrics namespace filters. Defaults to exclude_only.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Exclude only these namespaces from metrics collection.\nDefaults to ["AWS/SQS", "AWS/ElasticMapReduce", "AWS/Usage"].\nAWS/SQS, AWS/ElasticMapReduce, and AWS/Usage are excluded by default\nto reduce your AWS CloudWatch costs from GetMetricData API calls.

\n
\n
\n
\n
\n
\n

exclude_only [required]

\n
\n

[string]

\n

Exclude only these namespaces from metrics collection.\nDefaults to ["AWS/SQS", "AWS/ElasticMapReduce", "AWS/Usage"].\nAWS/SQS, AWS/ElasticMapReduce, and AWS/Usage are excluded by default\nto reduce your AWS CloudWatch costs from GetMetricData API calls.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these namespaces.

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these namespaces.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

tag_filters

\n
\n

[object]

\n

AWS Metrics collection tag filters list. Defaults to [].

\n
\n
\n
\n
\n
\n

namespace

\n
\n

string

\n

The AWS service for which the tag filters defined in tags will be applied.

\n
\n \n
\n
\n
\n
\n
\n

tags

\n
\n

[string]

\n

The AWS resource tags to filter on for the service specified by namespace.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

modified_at

\n
\n

date-time

\n

Timestamp of when the account integration was updated.

\n
\n \n
\n
\n
\n
\n
\n

resources_config

\n
\n

object

\n

AWS Resources Collection config.

\n
\n
\n
\n
\n
\n

cloud_security_posture_management_collection

\n
\n

boolean

\n

Enable Cloud Security Management to scan AWS resources for vulnerabilities, misconfigurations,\nidentity risks, and compliance violations. Defaults to false.\nRequires extended_collection to be set to true.

\n
\n \n
\n
\n
\n
\n
\n

extended_collection

\n
\n

boolean

\n

Whether Datadog collects additional attributes and configuration information about the resources\nin your AWS account. Defaults to true. Required for cloud_security_posture_management_collection.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

traces_config

\n
\n

object

\n

AWS Traces Collection config.

\n
\n
\n
\n
\n
\n

xray_services

\n
\n

 <oneOf>

\n

AWS X-Ray services to collect traces from. Defaults to include_only.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Include all services.

\n
\n
\n
\n
\n
\n

include_all [required]

\n
\n

boolean

\n

Include all services.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these services. Defaults to [].

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these services.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n

id [required]

\n
\n

string

\n

Unique Datadog ID of the AWS Account Integration Config.\nTo get the config ID for an account, use the\nList all AWS integrations\nendpoint and query by AWS Account ID.

\n
\n \n
\n
\n
\n
\n
\n

type [required]

\n
\n

enum

\n

AWS Account resource type. \nAllowed enum values: account

default: account

\n
\n \n
\n
\n
\n
" }, "400": { "json": { @@ -527,14 +495,6 @@ "collect_cloudwatch_alarms": false, "collect_custom_metrics": false, "enabled": true, - "metric_name_filters": [ - { - "include_only": [ - "aws.ec2.network_in" - ], - "namespace": "AWS/EC2" - } - ], "namespace_filters": { "exclude_only": [ "AWS/SQS", @@ -566,7 +526,7 @@ "type": "account" } }, - "html": "
\n
\n
\n
\n

data [required]

\n
\n

object

\n

AWS Account response data.

\n
\n
\n
\n
\n
\n

attributes

\n
\n

object

\n

AWS Account response attributes.

\n
\n
\n
\n
\n
\n

account_tags

\n
\n

[string]

\n

Tags to apply to all hosts and metrics reporting for this account. Defaults to [].

\n
\n \n
\n
\n
\n
\n
\n

auth_config

\n
\n

 <oneOf>

\n

AWS Authentication config.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

AWS Authentication config to integrate your account using an access key pair.

\n
\n
\n
\n
\n
\n

access_key_id [required]

\n
\n

string

\n

AWS Access Key ID.

\n
\n \n
\n
\n
\n
\n
\n

secret_access_key

\n
\n

string

\n

AWS Secret Access Key.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

AWS Authentication config to integrate your account using an IAM role.

\n
\n
\n
\n
\n
\n

external_id

\n
\n

string

\n

AWS IAM External ID for associated role.

\n
\n \n
\n
\n
\n
\n
\n

role_name [required]

\n
\n

string

\n

AWS IAM Role name.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

aws_account_id [required]

\n
\n

string

\n

AWS Account ID.

\n
\n \n
\n
\n
\n
\n
\n

aws_partition

\n
\n

enum

\n

AWS partition your AWS account is scoped to. Defaults to aws.\nSee Partitions\nin the AWS documentation for more information. \nAllowed enum values: aws,aws-cn,aws-us-gov

\n
\n \n
\n
\n
\n
\n
\n

aws_regions

\n
\n

 <oneOf>

\n

AWS Regions to collect data from. Defaults to include_all.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Include all regions. Defaults to true.

\n
\n
\n
\n
\n
\n

include_all [required]

\n
\n

boolean

\n

Include all regions.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these regions.

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these regions.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

created_at

\n
\n

date-time

\n

Timestamp of when the account integration was created.

\n
\n \n
\n
\n
\n
\n
\n

logs_config

\n
\n

object

\n

AWS Logs Collection config.

\n
\n
\n
\n
\n
\n

lambda_forwarder

\n
\n

object

\n

Log Autosubscription configuration for Datadog Forwarder Lambda functions.\nAutomatically set up triggers for existing and new logs for some services,\nensuring no logs from new resources are missed and saving time spent on manual configuration.

\n
\n
\n
\n
\n
\n

lambdas

\n
\n

[string]

\n

List of Datadog Lambda Log Forwarder ARNs in your AWS account. Defaults to [].

\n
\n \n
\n
\n
\n
\n
\n

log_source_config

\n
\n

object

\n

Log source configuration.

\n
\n
\n
\n
\n
\n

tag_filters

\n
\n

[object]

\n

List of AWS log source tag filters. Defaults to [].

\n
\n
\n
\n
\n
\n

source

\n
\n

string

\n

The AWS log source to which the tag filters defined in tags are applied.

\n
\n \n
\n
\n
\n
\n
\n

tags

\n
\n

[string]

\n

The AWS resource tags to filter on for the log source specified by source.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

sources

\n
\n

[string]

\n

List of service IDs set to enable automatic log collection.\nDiscover the list of available services with the\nGet list of AWS log ready\nservices\nendpoint.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

metrics_config

\n
\n

object

\n

AWS Metrics Collection config.

\n
\n
\n
\n
\n
\n

automute_enabled

\n
\n

boolean

\n

Enable EC2 automute for AWS metrics. Defaults to true.

\n
\n \n
\n
\n
\n
\n
\n

collect_cloudwatch_alarms

\n
\n

boolean

\n

Enable CloudWatch alarms collection. Defaults to false.

\n
\n \n
\n
\n
\n
\n
\n

collect_custom_metrics

\n
\n

boolean

\n

Enable custom metrics collection. Defaults to false.

\n
\n \n
\n
\n
\n
\n
\n

enabled

\n
\n

boolean

\n

Enable AWS metrics collection. Defaults to true.

\n
\n \n
\n
\n
\n
\n
\n

metric_name_filters

\n
\n

[ <oneOf>]

\n

AWS CloudWatch metric name filters. Each filter applies to a single namespace.\nExactly one of include_only or exclude_only must be set on each filter.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Include only metric names matching one of these patterns for a single namespace.

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only metric names matching one of these patterns.

\n
\n \n
\n
\n
\n
\n
\n

namespace [required]

\n
\n

string

\n

The AWS CloudWatch namespace to which this metric name filter applies.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Exclude metric names matching one of these patterns for a single namespace.

\n
\n
\n
\n
\n
\n

exclude_only [required]

\n
\n

[string]

\n

Exclude metric names matching one of these patterns.

\n
\n \n
\n
\n
\n
\n
\n

namespace [required]

\n
\n

string

\n

The AWS CloudWatch namespace to which this metric name filter applies.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

namespace_filters

\n
\n

 <oneOf>

\n

AWS Metrics namespace filters. Defaults to exclude_only.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Exclude only these namespaces from metrics collection.\nDefaults to ["AWS/SQS", "AWS/ElasticMapReduce", "AWS/Usage"].\nAWS/SQS, AWS/ElasticMapReduce, and AWS/Usage are excluded by default\nto reduce your AWS CloudWatch costs from GetMetricData API calls.

\n
\n
\n
\n
\n
\n

exclude_only [required]

\n
\n

[string]

\n

Exclude only these namespaces from metrics collection.\nDefaults to ["AWS/SQS", "AWS/ElasticMapReduce", "AWS/Usage"].\nAWS/SQS, AWS/ElasticMapReduce, and AWS/Usage are excluded by default\nto reduce your AWS CloudWatch costs from GetMetricData API calls.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these namespaces.

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these namespaces.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

tag_filters

\n
\n

[object]

\n

AWS Metrics collection tag filters list. Defaults to [].

\n
\n
\n
\n
\n
\n

namespace

\n
\n

string

\n

The AWS service for which the tag filters defined in tags will be applied.

\n
\n \n
\n
\n
\n
\n
\n

tags

\n
\n

[string]

\n

The AWS resource tags to filter on for the service specified by namespace.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

modified_at

\n
\n

date-time

\n

Timestamp of when the account integration was updated.

\n
\n \n
\n
\n
\n
\n
\n

resources_config

\n
\n

object

\n

AWS Resources Collection config.

\n
\n
\n
\n
\n
\n

cloud_security_posture_management_collection

\n
\n

boolean

\n

Enable Cloud Security Management to scan AWS resources for vulnerabilities, misconfigurations,\nidentity risks, and compliance violations. Defaults to false.\nRequires extended_collection to be set to true.

\n
\n \n
\n
\n
\n
\n
\n

extended_collection

\n
\n

boolean

\n

Whether Datadog collects additional attributes and configuration information about the resources\nin your AWS account. Defaults to true. Required for cloud_security_posture_management_collection.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

traces_config

\n
\n

object

\n

AWS Traces Collection config.

\n
\n
\n
\n
\n
\n

xray_services

\n
\n

 <oneOf>

\n

AWS X-Ray services to collect traces from. Defaults to include_only.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Include all services.

\n
\n
\n
\n
\n
\n

include_all [required]

\n
\n

boolean

\n

Include all services.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these services. Defaults to [].

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these services.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n

id [required]

\n
\n

string

\n

Unique Datadog ID of the AWS Account Integration Config.\nTo get the config ID for an account, use the\nList all AWS integrations\nendpoint and query by AWS Account ID.

\n
\n \n
\n
\n
\n
\n
\n

type [required]

\n
\n

enum

\n

AWS Account resource type. \nAllowed enum values: account

default: account

\n
\n \n
\n
\n
\n
" + "html": "
\n
\n
\n
\n

data [required]

\n
\n

object

\n

AWS Account response data.

\n
\n
\n
\n
\n
\n

attributes

\n
\n

object

\n

AWS Account response attributes.

\n
\n
\n
\n
\n
\n

account_tags

\n
\n

[string]

\n

Tags to apply to all hosts and metrics reporting for this account. Defaults to [].

\n
\n \n
\n
\n
\n
\n
\n

auth_config

\n
\n

 <oneOf>

\n

AWS Authentication config.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

AWS Authentication config to integrate your account using an access key pair.

\n
\n
\n
\n
\n
\n

access_key_id [required]

\n
\n

string

\n

AWS Access Key ID.

\n
\n \n
\n
\n
\n
\n
\n

secret_access_key

\n
\n

string

\n

AWS Secret Access Key.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

AWS Authentication config to integrate your account using an IAM role.

\n
\n
\n
\n
\n
\n

external_id

\n
\n

string

\n

AWS IAM External ID for associated role.

\n
\n \n
\n
\n
\n
\n
\n

role_name [required]

\n
\n

string

\n

AWS IAM Role name.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

aws_account_id [required]

\n
\n

string

\n

AWS Account ID.

\n
\n \n
\n
\n
\n
\n
\n

aws_partition

\n
\n

enum

\n

AWS partition your AWS account is scoped to. Defaults to aws.\nSee Partitions\nin the AWS documentation for more information. \nAllowed enum values: aws,aws-cn,aws-us-gov

\n
\n \n
\n
\n
\n
\n
\n

aws_regions

\n
\n

 <oneOf>

\n

AWS Regions to collect data from. Defaults to include_all.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Include all regions. Defaults to true.

\n
\n
\n
\n
\n
\n

include_all [required]

\n
\n

boolean

\n

Include all regions.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these regions.

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these regions.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

created_at

\n
\n

date-time

\n

Timestamp of when the account integration was created.

\n
\n \n
\n
\n
\n
\n
\n

logs_config

\n
\n

object

\n

AWS Logs Collection config.

\n
\n
\n
\n
\n
\n

lambda_forwarder

\n
\n

object

\n

Log Autosubscription configuration for Datadog Forwarder Lambda functions.\nAutomatically set up triggers for existing and new logs for some services,\nensuring no logs from new resources are missed and saving time spent on manual configuration.

\n
\n
\n
\n
\n
\n

lambdas

\n
\n

[string]

\n

List of Datadog Lambda Log Forwarder ARNs in your AWS account. Defaults to [].

\n
\n \n
\n
\n
\n
\n
\n

log_source_config

\n
\n

object

\n

Log source configuration.

\n
\n
\n
\n
\n
\n

tag_filters

\n
\n

[object]

\n

List of AWS log source tag filters. Defaults to [].

\n
\n
\n
\n
\n
\n

source

\n
\n

string

\n

The AWS log source to which the tag filters defined in tags are applied.

\n
\n \n
\n
\n
\n
\n
\n

tags

\n
\n

[string]

\n

The AWS resource tags to filter on for the log source specified by source.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

sources

\n
\n

[string]

\n

List of service IDs set to enable automatic log collection.\nDiscover the list of available services with the\nGet list of AWS log ready\nservices\nendpoint.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

metrics_config

\n
\n

object

\n

AWS Metrics Collection config.

\n
\n
\n
\n
\n
\n

automute_enabled

\n
\n

boolean

\n

Enable EC2 automute for AWS metrics. Defaults to true.

\n
\n \n
\n
\n
\n
\n
\n

collect_cloudwatch_alarms

\n
\n

boolean

\n

Enable CloudWatch alarms collection. Defaults to false.

\n
\n \n
\n
\n
\n
\n
\n

collect_custom_metrics

\n
\n

boolean

\n

Enable custom metrics collection. Defaults to false.

\n
\n \n
\n
\n
\n
\n
\n

enabled

\n
\n

boolean

\n

Enable AWS metrics collection. Defaults to true.

\n
\n \n
\n
\n
\n
\n
\n

namespace_filters

\n
\n

 <oneOf>

\n

AWS Metrics namespace filters. Defaults to exclude_only.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Exclude only these namespaces from metrics collection.\nDefaults to ["AWS/SQS", "AWS/ElasticMapReduce", "AWS/Usage"].\nAWS/SQS, AWS/ElasticMapReduce, and AWS/Usage are excluded by default\nto reduce your AWS CloudWatch costs from GetMetricData API calls.

\n
\n
\n
\n
\n
\n

exclude_only [required]

\n
\n

[string]

\n

Exclude only these namespaces from metrics collection.\nDefaults to ["AWS/SQS", "AWS/ElasticMapReduce", "AWS/Usage"].\nAWS/SQS, AWS/ElasticMapReduce, and AWS/Usage are excluded by default\nto reduce your AWS CloudWatch costs from GetMetricData API calls.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these namespaces.

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these namespaces.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

tag_filters

\n
\n

[object]

\n

AWS Metrics collection tag filters list. Defaults to [].

\n
\n
\n
\n
\n
\n

namespace

\n
\n

string

\n

The AWS service for which the tag filters defined in tags will be applied.

\n
\n \n
\n
\n
\n
\n
\n

tags

\n
\n

[string]

\n

The AWS resource tags to filter on for the service specified by namespace.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

modified_at

\n
\n

date-time

\n

Timestamp of when the account integration was updated.

\n
\n \n
\n
\n
\n
\n
\n

resources_config

\n
\n

object

\n

AWS Resources Collection config.

\n
\n
\n
\n
\n
\n

cloud_security_posture_management_collection

\n
\n

boolean

\n

Enable Cloud Security Management to scan AWS resources for vulnerabilities, misconfigurations,\nidentity risks, and compliance violations. Defaults to false.\nRequires extended_collection to be set to true.

\n
\n \n
\n
\n
\n
\n
\n

extended_collection

\n
\n

boolean

\n

Whether Datadog collects additional attributes and configuration information about the resources\nin your AWS account. Defaults to true. Required for cloud_security_posture_management_collection.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

traces_config

\n
\n

object

\n

AWS Traces Collection config.

\n
\n
\n
\n
\n
\n

xray_services

\n
\n

 <oneOf>

\n

AWS X-Ray services to collect traces from. Defaults to include_only.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Include all services.

\n
\n
\n
\n
\n
\n

include_all [required]

\n
\n

boolean

\n

Include all services.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these services. Defaults to [].

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these services.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n

id [required]

\n
\n

string

\n

Unique Datadog ID of the AWS Account Integration Config.\nTo get the config ID for an account, use the\nList all AWS integrations\nendpoint and query by AWS Account ID.

\n
\n \n
\n
\n
\n
\n
\n

type [required]

\n
\n

enum

\n

AWS Account resource type. \nAllowed enum values: account

default: account

\n
\n \n
\n
\n
\n
" }, "400": { "json": { @@ -650,14 +610,6 @@ "collect_cloudwatch_alarms": false, "collect_custom_metrics": false, "enabled": true, - "metric_name_filters": [ - { - "include_only": [ - "aws.ec2.network_in" - ], - "namespace": "AWS/EC2" - } - ], "namespace_filters": { "exclude_only": [ "AWS/SQS", @@ -688,7 +640,7 @@ "type": "account" } }, - "html": "
\n
\n
\n
\n

data [required]

\n
\n

object

\n

AWS Account Update Request data.

\n
\n
\n
\n
\n
\n

attributes [required]

\n
\n

object

\n

The AWS Account Integration Config to be updated.

\n
\n
\n
\n
\n
\n

account_tags

\n
\n

[string]

\n

Tags to apply to all hosts and metrics reporting for this account. Defaults to [].

\n
\n \n
\n
\n
\n
\n
\n

auth_config

\n
\n

 <oneOf>

\n

AWS Authentication config.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

AWS Authentication config to integrate your account using an access key pair.

\n
\n
\n
\n
\n
\n

access_key_id [required]

\n
\n

string

\n

AWS Access Key ID.

\n
\n \n
\n
\n
\n
\n
\n

secret_access_key

\n
\n

string

\n

AWS Secret Access Key.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

AWS Authentication config to integrate your account using an IAM role.

\n
\n
\n
\n
\n
\n

external_id

\n
\n

string

\n

AWS IAM External ID for associated role.

\n
\n \n
\n
\n
\n
\n
\n

role_name [required]

\n
\n

string

\n

AWS IAM Role name.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

aws_account_id [required]

\n
\n

string

\n

AWS Account ID.

\n
\n \n
\n
\n
\n
\n
\n

aws_partition

\n
\n

enum

\n

AWS partition your AWS account is scoped to. Defaults to aws.\nSee Partitions\nin the AWS documentation for more information. \nAllowed enum values: aws,aws-cn,aws-us-gov

\n
\n \n
\n
\n
\n
\n
\n

aws_regions

\n
\n

 <oneOf>

\n

AWS Regions to collect data from. Defaults to include_all.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Include all regions. Defaults to true.

\n
\n
\n
\n
\n
\n

include_all [required]

\n
\n

boolean

\n

Include all regions.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these regions.

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these regions.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

logs_config

\n
\n

object

\n

AWS Logs Collection config.

\n
\n
\n
\n
\n
\n

lambda_forwarder

\n
\n

object

\n

Log Autosubscription configuration for Datadog Forwarder Lambda functions.\nAutomatically set up triggers for existing and new logs for some services,\nensuring no logs from new resources are missed and saving time spent on manual configuration.

\n
\n
\n
\n
\n
\n

lambdas

\n
\n

[string]

\n

List of Datadog Lambda Log Forwarder ARNs in your AWS account. Defaults to [].

\n
\n \n
\n
\n
\n
\n
\n

log_source_config

\n
\n

object

\n

Log source configuration.

\n
\n
\n
\n
\n
\n

tag_filters

\n
\n

[object]

\n

List of AWS log source tag filters. Defaults to [].

\n
\n
\n
\n
\n
\n

source

\n
\n

string

\n

The AWS log source to which the tag filters defined in tags are applied.

\n
\n \n
\n
\n
\n
\n
\n

tags

\n
\n

[string]

\n

The AWS resource tags to filter on for the log source specified by source.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

sources

\n
\n

[string]

\n

List of service IDs set to enable automatic log collection.\nDiscover the list of available services with the\nGet list of AWS log ready\nservices\nendpoint.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

metrics_config

\n
\n

object

\n

AWS Metrics Collection config.

\n
\n
\n
\n
\n
\n

automute_enabled

\n
\n

boolean

\n

Enable EC2 automute for AWS metrics. Defaults to true.

\n
\n \n
\n
\n
\n
\n
\n

collect_cloudwatch_alarms

\n
\n

boolean

\n

Enable CloudWatch alarms collection. Defaults to false.

\n
\n \n
\n
\n
\n
\n
\n

collect_custom_metrics

\n
\n

boolean

\n

Enable custom metrics collection. Defaults to false.

\n
\n \n
\n
\n
\n
\n
\n

enabled

\n
\n

boolean

\n

Enable AWS metrics collection. Defaults to true.

\n
\n \n
\n
\n
\n
\n
\n

metric_name_filters

\n
\n

[ <oneOf>]

\n

AWS CloudWatch metric name filters. Each filter applies to a single namespace.\nExactly one of include_only or exclude_only must be set on each filter.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Include only metric names matching one of these patterns for a single namespace.

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only metric names matching one of these patterns.

\n
\n \n
\n
\n
\n
\n
\n

namespace [required]

\n
\n

string

\n

The AWS CloudWatch namespace to which this metric name filter applies.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Exclude metric names matching one of these patterns for a single namespace.

\n
\n
\n
\n
\n
\n

exclude_only [required]

\n
\n

[string]

\n

Exclude metric names matching one of these patterns.

\n
\n \n
\n
\n
\n
\n
\n

namespace [required]

\n
\n

string

\n

The AWS CloudWatch namespace to which this metric name filter applies.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

namespace_filters

\n
\n

 <oneOf>

\n

AWS Metrics namespace filters. Defaults to exclude_only.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Exclude only these namespaces from metrics collection.\nDefaults to ["AWS/SQS", "AWS/ElasticMapReduce", "AWS/Usage"].\nAWS/SQS, AWS/ElasticMapReduce, and AWS/Usage are excluded by default\nto reduce your AWS CloudWatch costs from GetMetricData API calls.

\n
\n
\n
\n
\n
\n

exclude_only [required]

\n
\n

[string]

\n

Exclude only these namespaces from metrics collection.\nDefaults to ["AWS/SQS", "AWS/ElasticMapReduce", "AWS/Usage"].\nAWS/SQS, AWS/ElasticMapReduce, and AWS/Usage are excluded by default\nto reduce your AWS CloudWatch costs from GetMetricData API calls.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these namespaces.

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these namespaces.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

tag_filters

\n
\n

[object]

\n

AWS Metrics collection tag filters list. Defaults to [].

\n
\n
\n
\n
\n
\n

namespace

\n
\n

string

\n

The AWS service for which the tag filters defined in tags will be applied.

\n
\n \n
\n
\n
\n
\n
\n

tags

\n
\n

[string]

\n

The AWS resource tags to filter on for the service specified by namespace.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

resources_config

\n
\n

object

\n

AWS Resources Collection config.

\n
\n
\n
\n
\n
\n

cloud_security_posture_management_collection

\n
\n

boolean

\n

Enable Cloud Security Management to scan AWS resources for vulnerabilities, misconfigurations,\nidentity risks, and compliance violations. Defaults to false.\nRequires extended_collection to be set to true.

\n
\n \n
\n
\n
\n
\n
\n

extended_collection

\n
\n

boolean

\n

Whether Datadog collects additional attributes and configuration information about the resources\nin your AWS account. Defaults to true. Required for cloud_security_posture_management_collection.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

traces_config

\n
\n

object

\n

AWS Traces Collection config.

\n
\n
\n
\n
\n
\n

xray_services

\n
\n

 <oneOf>

\n

AWS X-Ray services to collect traces from. Defaults to include_only.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Include all services.

\n
\n
\n
\n
\n
\n

include_all [required]

\n
\n

boolean

\n

Include all services.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these services. Defaults to [].

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these services.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n

id

\n
\n

string

\n

Unique Datadog ID of the AWS Account Integration Config.\nTo get the config ID for an account, use the\nList all AWS integrations\nendpoint and query by AWS Account ID.

\n
\n \n
\n
\n
\n
\n
\n

type [required]

\n
\n

enum

\n

AWS Account resource type. \nAllowed enum values: account

default: account

\n
\n \n
\n
\n
\n
" + "html": "
\n
\n
\n
\n

data [required]

\n
\n

object

\n

AWS Account Update Request data.

\n
\n
\n
\n
\n
\n

attributes [required]

\n
\n

object

\n

The AWS Account Integration Config to be updated.

\n
\n
\n
\n
\n
\n

account_tags

\n
\n

[string]

\n

Tags to apply to all hosts and metrics reporting for this account. Defaults to [].

\n
\n \n
\n
\n
\n
\n
\n

auth_config

\n
\n

 <oneOf>

\n

AWS Authentication config.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

AWS Authentication config to integrate your account using an access key pair.

\n
\n
\n
\n
\n
\n

access_key_id [required]

\n
\n

string

\n

AWS Access Key ID.

\n
\n \n
\n
\n
\n
\n
\n

secret_access_key

\n
\n

string

\n

AWS Secret Access Key.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

AWS Authentication config to integrate your account using an IAM role.

\n
\n
\n
\n
\n
\n

external_id

\n
\n

string

\n

AWS IAM External ID for associated role.

\n
\n \n
\n
\n
\n
\n
\n

role_name [required]

\n
\n

string

\n

AWS IAM Role name.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

aws_account_id [required]

\n
\n

string

\n

AWS Account ID.

\n
\n \n
\n
\n
\n
\n
\n

aws_partition

\n
\n

enum

\n

AWS partition your AWS account is scoped to. Defaults to aws.\nSee Partitions\nin the AWS documentation for more information. \nAllowed enum values: aws,aws-cn,aws-us-gov

\n
\n \n
\n
\n
\n
\n
\n

aws_regions

\n
\n

 <oneOf>

\n

AWS Regions to collect data from. Defaults to include_all.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Include all regions. Defaults to true.

\n
\n
\n
\n
\n
\n

include_all [required]

\n
\n

boolean

\n

Include all regions.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these regions.

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these regions.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

logs_config

\n
\n

object

\n

AWS Logs Collection config.

\n
\n
\n
\n
\n
\n

lambda_forwarder

\n
\n

object

\n

Log Autosubscription configuration for Datadog Forwarder Lambda functions.\nAutomatically set up triggers for existing and new logs for some services,\nensuring no logs from new resources are missed and saving time spent on manual configuration.

\n
\n
\n
\n
\n
\n

lambdas

\n
\n

[string]

\n

List of Datadog Lambda Log Forwarder ARNs in your AWS account. Defaults to [].

\n
\n \n
\n
\n
\n
\n
\n

log_source_config

\n
\n

object

\n

Log source configuration.

\n
\n
\n
\n
\n
\n

tag_filters

\n
\n

[object]

\n

List of AWS log source tag filters. Defaults to [].

\n
\n
\n
\n
\n
\n

source

\n
\n

string

\n

The AWS log source to which the tag filters defined in tags are applied.

\n
\n \n
\n
\n
\n
\n
\n

tags

\n
\n

[string]

\n

The AWS resource tags to filter on for the log source specified by source.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

sources

\n
\n

[string]

\n

List of service IDs set to enable automatic log collection.\nDiscover the list of available services with the\nGet list of AWS log ready\nservices\nendpoint.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

metrics_config

\n
\n

object

\n

AWS Metrics Collection config.

\n
\n
\n
\n
\n
\n

automute_enabled

\n
\n

boolean

\n

Enable EC2 automute for AWS metrics. Defaults to true.

\n
\n \n
\n
\n
\n
\n
\n

collect_cloudwatch_alarms

\n
\n

boolean

\n

Enable CloudWatch alarms collection. Defaults to false.

\n
\n \n
\n
\n
\n
\n
\n

collect_custom_metrics

\n
\n

boolean

\n

Enable custom metrics collection. Defaults to false.

\n
\n \n
\n
\n
\n
\n
\n

enabled

\n
\n

boolean

\n

Enable AWS metrics collection. Defaults to true.

\n
\n \n
\n
\n
\n
\n
\n

namespace_filters

\n
\n

 <oneOf>

\n

AWS Metrics namespace filters. Defaults to exclude_only.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Exclude only these namespaces from metrics collection.\nDefaults to ["AWS/SQS", "AWS/ElasticMapReduce", "AWS/Usage"].\nAWS/SQS, AWS/ElasticMapReduce, and AWS/Usage are excluded by default\nto reduce your AWS CloudWatch costs from GetMetricData API calls.

\n
\n
\n
\n
\n
\n

exclude_only [required]

\n
\n

[string]

\n

Exclude only these namespaces from metrics collection.\nDefaults to ["AWS/SQS", "AWS/ElasticMapReduce", "AWS/Usage"].\nAWS/SQS, AWS/ElasticMapReduce, and AWS/Usage are excluded by default\nto reduce your AWS CloudWatch costs from GetMetricData API calls.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these namespaces.

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these namespaces.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

tag_filters

\n
\n

[object]

\n

AWS Metrics collection tag filters list. Defaults to [].

\n
\n
\n
\n
\n
\n

namespace

\n
\n

string

\n

The AWS service for which the tag filters defined in tags will be applied.

\n
\n \n
\n
\n
\n
\n
\n

tags

\n
\n

[string]

\n

The AWS resource tags to filter on for the service specified by namespace.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

resources_config

\n
\n

object

\n

AWS Resources Collection config.

\n
\n
\n
\n
\n
\n

cloud_security_posture_management_collection

\n
\n

boolean

\n

Enable Cloud Security Management to scan AWS resources for vulnerabilities, misconfigurations,\nidentity risks, and compliance violations. Defaults to false.\nRequires extended_collection to be set to true.

\n
\n \n
\n
\n
\n
\n
\n

extended_collection

\n
\n

boolean

\n

Whether Datadog collects additional attributes and configuration information about the resources\nin your AWS account. Defaults to true. Required for cloud_security_posture_management_collection.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

traces_config

\n
\n

object

\n

AWS Traces Collection config.

\n
\n
\n
\n
\n
\n

xray_services

\n
\n

 <oneOf>

\n

AWS X-Ray services to collect traces from. Defaults to include_only.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Include all services.

\n
\n
\n
\n
\n
\n

include_all [required]

\n
\n

boolean

\n

Include all services.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Include only these services. Defaults to [].

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only these services.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n

id

\n
\n

string

\n

Unique Datadog ID of the AWS Account Integration Config.\nTo get the config ID for an account, use the\nList all AWS integrations\nendpoint and query by AWS Account ID.

\n
\n \n
\n
\n
\n
\n
\n

type [required]

\n
\n

enum

\n

AWS Account resource type. \nAllowed enum values: account

default: account

\n
\n \n
\n
\n
\n
" } }, "DeleteAWSAccountCCMConfig": { @@ -959,179 +911,6 @@ "html": "
\n
\n
\n
\n

data [required]

\n
\n

object

\n

AWS CCM Config Create/Update Request data.

\n
\n
\n
\n
\n
\n

attributes [required]

\n
\n

object

\n

AWS CCM Config attributes for Create/Update requests.

\n
\n
\n
\n
\n
\n

ccm_config [required]

\n
\n

object

\n

AWS Cloud Cost Management config.

\n
\n
\n
\n
\n
\n

data_export_configs [required]

\n
\n

[object]

\n

List of data export configurations for Cost and Usage Reports.

\n
\n
\n
\n
\n
\n

bucket_name [required]

\n
\n

string

\n

Name of the S3 bucket where the Cost and Usage Report is stored.

\n
\n \n
\n
\n
\n
\n
\n

bucket_region [required]

\n
\n

string

\n

AWS region of the S3 bucket.

\n
\n \n
\n
\n
\n
\n
\n

report_name [required]

\n
\n

string

\n

Name of the Cost and Usage Report.

\n
\n \n
\n
\n
\n
\n
\n

report_prefix [required]

\n
\n

string

\n

S3 prefix where the Cost and Usage Report is stored.

\n
\n \n
\n
\n
\n
\n
\n

report_type [required]

\n
\n

string

\n

Type of the Cost and Usage Report. Currently only CUR2.0 is supported.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n

type [required]

\n
\n

enum

\n

AWS CCM Config resource type. \nAllowed enum values: ccm_config

default: ccm_config

\n
\n \n
\n
\n
\n
" } }, - "GetAWSMetricNameFilterPreview": { - "responses": { - "200": { - "json": { - "data": { - "attributes": { - "namespaces": [ - { - "filters": [ - { - "match_count": 1, - "pattern": "aws.ec2.network_in" - } - ], - "metrics": [ - { - "cw_name": "NetworkIn", - "dd_names": [ - { - "filtered": true, - "name": "aws.ec2.network_in" - } - ] - } - ], - "namespace": "AWS/EC2" - } - ] - }, - "id": "00000000-abcd-0001-0000-000000000000", - "type": "metric_name_filter_preview" - } - }, - "html": "
\n
\n
\n
\n

data [required]

\n
\n

object

\n

AWS metric name filter preview response data.

\n
\n
\n
\n
\n
\n

attributes [required]

\n
\n

object

\n

AWS metric name filter preview response attributes.

\n
\n
\n
\n
\n
\n

namespaces [required]

\n
\n

[object]

\n

The list of namespaces affected by the previewed metric name filters.

\n
\n
\n
\n
\n
\n

filters [required]

\n
\n

[object]

\n

The metric name filter patterns evaluated for this namespace and how many metrics they matched.

\n
\n
\n
\n
\n
\n

match_count [required]

\n
\n

int64

\n

The number of Datadog metric names matched by this pattern.

\n
\n \n
\n
\n
\n
\n
\n

pattern [required]

\n
\n

string

\n

The metric name filter pattern.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

metrics [required]

\n
\n

[object]

\n

The CloudWatch metrics collected for this namespace and whether each resulting\nDatadog metric is filtered.

\n
\n
\n
\n
\n
\n

cw_name [required]

\n
\n

string

\n

The CloudWatch metric name.

\n
\n \n
\n
\n
\n
\n
\n

dd_names [required]

\n
\n

[object]

\n

The Datadog metric names produced from this CloudWatch metric.

\n
\n
\n
\n
\n
\n

filtered [required]

\n
\n

boolean

\n

Whether this Datadog metric name is filtered out.

\n
\n \n
\n
\n
\n
\n
\n

name [required]

\n
\n

string

\n

The Datadog metric name.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

namespace [required]

\n
\n

string

\n

The AWS CloudWatch namespace.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

id [required]

\n
\n

string

\n

Unique Datadog ID of the AWS Account Integration Config.\nTo get the config ID for an account, use the\nList all AWS integrations\nendpoint and query by AWS Account ID.

\n
\n \n
\n
\n
\n
\n
\n

type [required]

\n
\n

enum

\n

The AWSMetricNameFilterPreviewResponseData type. \nAllowed enum values: metric_name_filter_preview

default: metric_name_filter_preview

\n
\n \n
\n
\n
\n
" - }, - "403": { - "json": { - "errors": [ - "Bad Request" - ] - }, - "html": "
\n
\n
\n
\n

errors [required]

\n
\n

[string]

\n

A list of errors.

\n
\n \n
\n
" - }, - "404": { - "json": { - "errors": [ - "Bad Request" - ] - }, - "html": "
\n
\n
\n
\n

errors [required]

\n
\n

[string]

\n

A list of errors.

\n
\n \n
\n
" - }, - "429": { - "json": { - "errors": [ - "Bad Request" - ] - }, - "html": "
\n
\n
\n
\n

errors [required]

\n
\n

[string]

\n

A list of errors.

\n
\n \n
\n
" - } - }, - "request": { - "json_curl": {}, - "json": {}, - "html": "" - } - }, - "PreviewAWSMetricNameFilter": { - "responses": { - "200": { - "json": { - "data": { - "attributes": { - "namespaces": [ - { - "filters": [ - { - "match_count": 1, - "pattern": "aws.ec2.network_in" - } - ], - "metrics": [ - { - "cw_name": "NetworkIn", - "dd_names": [ - { - "filtered": true, - "name": "aws.ec2.network_in" - } - ] - } - ], - "namespace": "AWS/EC2" - } - ] - }, - "id": "00000000-abcd-0001-0000-000000000000", - "type": "metric_name_filter_preview" - } - }, - "html": "
\n
\n
\n
\n

data [required]

\n
\n

object

\n

AWS metric name filter preview response data.

\n
\n
\n
\n
\n
\n

attributes [required]

\n
\n

object

\n

AWS metric name filter preview response attributes.

\n
\n
\n
\n
\n
\n

namespaces [required]

\n
\n

[object]

\n

The list of namespaces affected by the previewed metric name filters.

\n
\n
\n
\n
\n
\n

filters [required]

\n
\n

[object]

\n

The metric name filter patterns evaluated for this namespace and how many metrics they matched.

\n
\n
\n
\n
\n
\n

match_count [required]

\n
\n

int64

\n

The number of Datadog metric names matched by this pattern.

\n
\n \n
\n
\n
\n
\n
\n

pattern [required]

\n
\n

string

\n

The metric name filter pattern.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

metrics [required]

\n
\n

[object]

\n

The CloudWatch metrics collected for this namespace and whether each resulting\nDatadog metric is filtered.

\n
\n
\n
\n
\n
\n

cw_name [required]

\n
\n

string

\n

The CloudWatch metric name.

\n
\n \n
\n
\n
\n
\n
\n

dd_names [required]

\n
\n

[object]

\n

The Datadog metric names produced from this CloudWatch metric.

\n
\n
\n
\n
\n
\n

filtered [required]

\n
\n

boolean

\n

Whether this Datadog metric name is filtered out.

\n
\n \n
\n
\n
\n
\n
\n

name [required]

\n
\n

string

\n

The Datadog metric name.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

namespace [required]

\n
\n

string

\n

The AWS CloudWatch namespace.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

id [required]

\n
\n

string

\n

Unique Datadog ID of the AWS Account Integration Config.\nTo get the config ID for an account, use the\nList all AWS integrations\nendpoint and query by AWS Account ID.

\n
\n \n
\n
\n
\n
\n
\n

type [required]

\n
\n

enum

\n

The AWSMetricNameFilterPreviewResponseData type. \nAllowed enum values: metric_name_filter_preview

default: metric_name_filter_preview

\n
\n \n
\n
\n
\n
" - }, - "400": { - "json": { - "errors": [ - { - "detail": "Missing required attribute in body", - "meta": {}, - "source": { - "header": "Authorization", - "parameter": "limit", - "pointer": "/data/attributes/title" - }, - "status": "400", - "title": "Bad Request" - } - ] - }, - "html": "
\n
\n
\n
\n

errors [required]

\n
\n

[object]

\n

A list of errors.

\n
\n
\n
\n
\n
\n

detail

\n
\n

string

\n

A human-readable explanation specific to this occurrence of the error.

\n
\n \n
\n
\n
\n
\n
\n

meta

\n
\n

object

\n

Non-standard meta-information about the error

\n
\n \n
\n
\n
\n
\n
\n

source

\n
\n

object

\n

References to the source of the error.

\n
\n
\n
\n
\n
\n

header

\n
\n

string

\n

A string indicating the name of a single request header which caused the error.

\n
\n \n
\n
\n
\n
\n
\n

parameter

\n
\n

string

\n

A string indicating which URI query parameter caused the error.

\n
\n \n
\n
\n
\n
\n
\n

pointer

\n
\n

string

\n

A JSON pointer to the value in the request document that caused the error.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

status

\n
\n

string

\n

Status code of the response.

\n
\n \n
\n
\n
\n
\n
\n

title

\n
\n

string

\n

Short human-readable summary of the error.

\n
\n \n
\n
\n
\n
" - }, - "403": { - "json": { - "errors": [ - "Bad Request" - ] - }, - "html": "
\n
\n
\n
\n

errors [required]

\n
\n

[string]

\n

A list of errors.

\n
\n \n
\n
" - }, - "404": { - "json": { - "errors": [ - "Bad Request" - ] - }, - "html": "
\n
\n
\n
\n

errors [required]

\n
\n

[string]

\n

A list of errors.

\n
\n \n
\n
" - }, - "429": { - "json": { - "errors": [ - "Bad Request" - ] - }, - "html": "
\n
\n
\n
\n

errors [required]

\n
\n

[string]

\n

A list of errors.

\n
\n \n
\n
" - } - }, - "request": { - "json_curl": { - "data": { - "attributes": { - "metric_name_filters": [ - {} - ] - }, - "type": "metric_name_filter_preview" - } - }, - "json": { - "data": { - "attributes": { - "metric_name_filters": [ - { - "include_only": [ - "aws.ec2.network_in" - ], - "namespace": "AWS/EC2" - } - ] - }, - "type": "metric_name_filter_preview" - } - }, - "html": "
\n
\n
\n
\n

data [required]

\n
\n

object

\n

AWS metric name filter preview request data.

\n
\n
\n
\n
\n
\n

attributes [required]

\n
\n

object

\n

AWS metric name filter preview request attributes.

\n
\n
\n
\n
\n
\n

metric_name_filters [required]

\n
\n

[ <oneOf>]

\n

The metric name filters to preview.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Include only metric names matching one of these patterns for a single namespace.

\n
\n
\n
\n
\n
\n

include_only [required]

\n
\n

[string]

\n

Include only metric names matching one of these patterns.

\n
\n \n
\n
\n
\n
\n
\n

namespace [required]

\n
\n

string

\n

The AWS CloudWatch namespace to which this metric name filter applies.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Exclude metric names matching one of these patterns for a single namespace.

\n
\n
\n
\n
\n
\n

exclude_only [required]

\n
\n

[string]

\n

Exclude metric names matching one of these patterns.

\n
\n \n
\n
\n
\n
\n
\n

namespace [required]

\n
\n

string

\n

The AWS CloudWatch namespace to which this metric name filter applies.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n

type [required]

\n
\n

enum

\n

The AWSMetricNameFilterPreviewResponseData type. \nAllowed enum values: metric_name_filter_preview

default: metric_name_filter_preview

\n
\n \n
\n
\n
\n
" - } - }, "ListAWSNamespaces": { "responses": { "200": { diff --git a/content/en/api/v2/security-monitoring/examples.json b/content/en/api/v2/security-monitoring/examples.json index e5c328af388..503b723b6eb 100644 --- a/content/en/api/v2/security-monitoring/examples.json +++ b/content/en/api/v2/security-monitoring/examples.json @@ -6624,7 +6624,7 @@ } ] }, - "html": "
\n
\n
\n
\n

data [required]

\n
\n

[object]

\n

The list of integration configurations.

\n
\n
\n
\n
\n
\n

attributes [required]

\n
\n

object

\n

The attributes of an entity context sync configuration as returned by the API.

\n
\n
\n
\n
\n
\n

created_at

\n
\n

date-time

\n

The time at which the entity context sync configuration was created.

\n
\n \n
\n
\n
\n
\n
\n

domain [required]

\n
\n

string

\n

The domain associated with the external entity source (for example, the customer's identity provider domain).

\n
\n \n
\n
\n
\n
\n
\n

enabled [required]

\n
\n

boolean

\n

Whether the sync is enabled and actively ingesting entities into Cloud SIEM.

\n
\n \n
\n
\n
\n
\n
\n

integration_type [required]

\n
\n

enum

\n

The type of external source that provides entities to Cloud SIEM. \nAllowed enum values: GOOGLE_WORKSPACE,OKTA,ENTRA_ID

\n
\n \n
\n
\n
\n
\n
\n

modified_at

\n
\n

date-time

\n

The time at which the entity context sync configuration was last modified.

\n
\n \n
\n
\n
\n
\n
\n

name

\n
\n

string

\n

The display name of the entity context sync configuration.

\n
\n \n
\n
\n
\n
\n
\n

settings

\n
\n

object

\n

Free-form, non-sensitive settings for the entity context sync. The accepted keys depend on the source type.

\n
\n \n
\n
\n
\n
\n
\n

state

\n
\n

enum

\n

The state of the credentials configured on the entity context sync. \nAllowed enum values: valid,invalid,initializing

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

id [required]

\n
\n

string

\n

The unique identifier of the integration configuration.

\n
\n \n
\n
\n
\n
\n
\n

type [required]

\n
\n

enum

\n

The type of the resource. The value should always be integration_config. \nAllowed enum values: integration_config

default: integration_config

\n
\n \n
\n
\n
\n
" + "html": "
\n
\n
\n
\n

data [required]

\n
\n

[object]

\n

The list of integration configurations.

\n
\n
\n
\n
\n
\n

attributes [required]

\n
\n

object

\n

The attributes of an entity context sync configuration as returned by the API.

\n
\n
\n
\n
\n
\n

created_at

\n
\n

date-time

\n

The time at which the entity context sync configuration was created.

\n
\n \n
\n
\n
\n
\n
\n

domain [required]

\n
\n

string

\n

The domain associated with the external entity source (for example, the customer's identity provider domain).

\n
\n \n
\n
\n
\n
\n
\n

enabled [required]

\n
\n

boolean

\n

Whether the sync is enabled and actively ingesting entities into Cloud SIEM.

\n
\n \n
\n
\n
\n
\n
\n

integration_type [required]

\n
\n

enum

\n

The type of external source that provides entities to Cloud SIEM. \nAllowed enum values: GOOGLE_WORKSPACE,OKTA,ENTRA_ID,CROWDSTRIKE,SENTINELONE

\n
\n \n
\n
\n
\n
\n
\n

modified_at

\n
\n

date-time

\n

The time at which the entity context sync configuration was last modified.

\n
\n \n
\n
\n
\n
\n
\n

name

\n
\n

string

\n

The display name of the entity context sync configuration.

\n
\n \n
\n
\n
\n
\n
\n

settings

\n
\n

object

\n

Free-form, non-sensitive settings for the entity context sync. The accepted keys depend on the source type.

\n
\n \n
\n
\n
\n
\n
\n

state

\n
\n

enum

\n

The state of the credentials configured on the entity context sync. \nAllowed enum values: valid,invalid,initializing

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

id [required]

\n
\n

string

\n

The unique identifier of the integration configuration.

\n
\n \n
\n
\n
\n
\n
\n

type [required]

\n
\n

enum

\n

The type of the resource. The value should always be integration_config. \nAllowed enum values: integration_config

default: integration_config

\n
\n \n
\n
\n
\n
" }, "403": { "json": { @@ -6670,7 +6670,7 @@ "type": "integration_config" } }, - "html": "
\n
\n
\n
\n

data [required]

\n
\n

object

\n

An entity context sync configuration.

\n
\n
\n
\n
\n
\n

attributes [required]

\n
\n

object

\n

The attributes of an entity context sync configuration as returned by the API.

\n
\n
\n
\n
\n
\n

created_at

\n
\n

date-time

\n

The time at which the entity context sync configuration was created.

\n
\n \n
\n
\n
\n
\n
\n

domain [required]

\n
\n

string

\n

The domain associated with the external entity source (for example, the customer's identity provider domain).

\n
\n \n
\n
\n
\n
\n
\n

enabled [required]

\n
\n

boolean

\n

Whether the sync is enabled and actively ingesting entities into Cloud SIEM.

\n
\n \n
\n
\n
\n
\n
\n

integration_type [required]

\n
\n

enum

\n

The type of external source that provides entities to Cloud SIEM. \nAllowed enum values: GOOGLE_WORKSPACE,OKTA,ENTRA_ID

\n
\n \n
\n
\n
\n
\n
\n

modified_at

\n
\n

date-time

\n

The time at which the entity context sync configuration was last modified.

\n
\n \n
\n
\n
\n
\n
\n

name

\n
\n

string

\n

The display name of the entity context sync configuration.

\n
\n \n
\n
\n
\n
\n
\n

settings

\n
\n

object

\n

Free-form, non-sensitive settings for the entity context sync. The accepted keys depend on the source type.

\n
\n \n
\n
\n
\n
\n
\n

state

\n
\n

enum

\n

The state of the credentials configured on the entity context sync. \nAllowed enum values: valid,invalid,initializing

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

id [required]

\n
\n

string

\n

The unique identifier of the integration configuration.

\n
\n \n
\n
\n
\n
\n
\n

type [required]

\n
\n

enum

\n

The type of the resource. The value should always be integration_config. \nAllowed enum values: integration_config

default: integration_config

\n
\n \n
\n
\n
\n
" + "html": "
\n
\n
\n
\n

data [required]

\n
\n

object

\n

An entity context sync configuration.

\n
\n
\n
\n
\n
\n

attributes [required]

\n
\n

object

\n

The attributes of an entity context sync configuration as returned by the API.

\n
\n
\n
\n
\n
\n

created_at

\n
\n

date-time

\n

The time at which the entity context sync configuration was created.

\n
\n \n
\n
\n
\n
\n
\n

domain [required]

\n
\n

string

\n

The domain associated with the external entity source (for example, the customer's identity provider domain).

\n
\n \n
\n
\n
\n
\n
\n

enabled [required]

\n
\n

boolean

\n

Whether the sync is enabled and actively ingesting entities into Cloud SIEM.

\n
\n \n
\n
\n
\n
\n
\n

integration_type [required]

\n
\n

enum

\n

The type of external source that provides entities to Cloud SIEM. \nAllowed enum values: GOOGLE_WORKSPACE,OKTA,ENTRA_ID,CROWDSTRIKE,SENTINELONE

\n
\n \n
\n
\n
\n
\n
\n

modified_at

\n
\n

date-time

\n

The time at which the entity context sync configuration was last modified.

\n
\n \n
\n
\n
\n
\n
\n

name

\n
\n

string

\n

The display name of the entity context sync configuration.

\n
\n \n
\n
\n
\n
\n
\n

settings

\n
\n

object

\n

Free-form, non-sensitive settings for the entity context sync. The accepted keys depend on the source type.

\n
\n \n
\n
\n
\n
\n
\n

state

\n
\n

enum

\n

The state of the credentials configured on the entity context sync. \nAllowed enum values: valid,invalid,initializing

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

id [required]

\n
\n

string

\n

The unique identifier of the integration configuration.

\n
\n \n
\n
\n
\n
\n
\n

type [required]

\n
\n

enum

\n

The type of the resource. The value should always be integration_config. \nAllowed enum values: integration_config

default: integration_config

\n
\n \n
\n
\n
\n
" }, "400": { "json": { @@ -6701,9 +6701,14 @@ "json_curl": { "data": { "attributes": { - "domain": "siem-test.com", - "integration_type": "GOOGLE_WORKSPACE", - "name": "My GWS Integration" + "secrets": { + "service_account_json": { + "client_email": "svc@my-project.iam.gserviceaccount.com", + "private_key": "-----BEGIN PRIVATE KEY-----\n...\n-----END PRIVATE KEY-----", + "project_id": "my-project", + "type": "service_account" + } + } }, "type": "integration_config" } @@ -6715,7 +6720,13 @@ "integration_type": "GOOGLE_WORKSPACE", "name": "My GWS Integration", "secrets": { - "admin_email": "test@example.com" + "admin_email": "admin@example.com", + "service_account_json": { + "client_email": "svc@my-project.iam.gserviceaccount.com", + "private_key": "-----BEGIN PRIVATE KEY-----\n...\n-----END PRIVATE KEY-----", + "project_id": "my-project", + "type": "service_account" + } }, "settings": { "setting1": "value1" @@ -6724,7 +6735,7 @@ "type": "integration_config" } }, - "html": "
\n
\n
\n
\n

data [required]

\n
\n

object

\n

The entity context sync configuration to create.

\n
\n
\n
\n
\n
\n

attributes [required]

\n
\n

object

\n

The attributes of the entity context sync configuration to create.

\n
\n
\n
\n
\n
\n

domain [required]

\n
\n

string

\n

The domain associated with the external entity source.

\n
\n \n
\n
\n
\n
\n
\n

integration_type [required]

\n
\n

enum

\n

The type of external source that provides entities to Cloud SIEM. \nAllowed enum values: GOOGLE_WORKSPACE,OKTA,ENTRA_ID

\n
\n \n
\n
\n
\n
\n
\n

name [required]

\n
\n

string

\n

The display name for the entity context sync configuration.

\n
\n \n
\n
\n
\n
\n
\n

secrets

\n
\n

object

\n

The secrets used to authenticate against the external entity source. The accepted keys depend on the source type\n(for example, admin_email for Google Workspace). Not required for source types that do not use secrets (for example, ENTRA_ID).

\n
\n \n
\n
\n
\n
\n
\n

settings

\n
\n

object

\n

Free-form, non-sensitive settings for the entity context sync. The accepted keys depend on the source type.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

type [required]

\n
\n

enum

\n

The type of the resource. The value should always be integration_config. \nAllowed enum values: integration_config

default: integration_config

\n
\n \n
\n
\n
\n
" + "html": "
\n
\n
\n
\n

data [required]

\n
\n

object

\n

The entity context sync configuration to create.

\n
\n
\n
\n
\n
\n

attributes [required]

\n
\n

 <oneOf>

\n

The attributes of the entity context sync configuration to create.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

The attributes of a Google Workspace entity context sync configuration to create.

\n
\n
\n
\n
\n
\n

domain [required]

\n
\n

string

\n

The domain associated with the external entity source.

\n
\n \n
\n
\n
\n
\n
\n

integration_type [required]

\n
\n

enum

\n

The source type for a Google Workspace entity context sync. \nAllowed enum values: GOOGLE_WORKSPACE

\n
\n \n
\n
\n
\n
\n
\n

name [required]

\n
\n

string

\n

The display name for the entity context sync configuration.

\n
\n \n
\n
\n
\n
\n
\n

secrets [required]

\n
\n

object

\n

Credentials for a Google Workspace entity context sync.

\n
\n
\n
\n
\n
\n

admin_email

\n
\n

string

\n

The admin email to impersonate for domain-wide delegation.

\n
\n \n
\n
\n
\n
\n
\n

service_account_json [required]

\n
\n

object

\n

The Google Cloud service account JSON used to authenticate against the Google Workspace Admin SDK. Additional keys beyond those documented are preserved.

\n
\n
\n
\n
\n
\n

client_email [required]

\n
\n

string

\n

The service account client email.

\n
\n \n
\n
\n
\n
\n
\n

private_key [required]

\n
\n

string

\n

The service account private key.

\n
\n \n
\n
\n
\n
\n
\n

project_id [required]

\n
\n

string

\n

The Google Cloud project ID that owns the service account.

\n
\n \n
\n
\n
\n
\n
\n

type [required]

\n
\n

string

\n

The service account type. Must be service_account.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

settings

\n
\n

object

\n

Free-form, non-sensitive settings for the entity context sync. The accepted keys depend on the source type.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

The attributes of an Okta entity context sync configuration to create.

\n
\n
\n
\n
\n
\n

domain [required]

\n
\n

string

\n

The domain associated with the external entity source.

\n
\n \n
\n
\n
\n
\n
\n

integration_type [required]

\n
\n

enum

\n

The source type for an Okta entity context sync. \nAllowed enum values: OKTA

\n
\n \n
\n
\n
\n
\n
\n

name [required]

\n
\n

string

\n

The display name for the entity context sync configuration.

\n
\n \n
\n
\n
\n
\n
\n

secrets [required]

\n
\n

object

\n

Credentials for an Okta entity context sync.

\n
\n
\n
\n
\n
\n

api_token [required]

\n
\n

string

\n

The Okta API token used to authenticate against the Okta API.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

settings

\n
\n

object

\n

Free-form, non-sensitive settings for the entity context sync. The accepted keys depend on the source type.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 3

\n
\n

object

\n

The attributes of an Entra ID entity context sync configuration to create.

\n
\n
\n
\n
\n
\n

domain [required]

\n
\n

string

\n

The domain associated with the external entity source.

\n
\n \n
\n
\n
\n
\n
\n

integration_type [required]

\n
\n

enum

\n

The source type for an Entra ID entity context sync. \nAllowed enum values: ENTRA_ID

\n
\n \n
\n
\n
\n
\n
\n

name [required]

\n
\n

string

\n

The display name for the entity context sync configuration.

\n
\n \n
\n
\n
\n
\n
\n

settings

\n
\n

object

\n

Free-form, non-sensitive settings for the entity context sync. The accepted keys depend on the source type.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 4

\n
\n

object

\n

The attributes of a CrowdStrike entity context sync configuration to create.

\n
\n
\n
\n
\n
\n

domain [required]

\n
\n

string

\n

The domain associated with the external entity source.

\n
\n \n
\n
\n
\n
\n
\n

integration_type [required]

\n
\n

enum

\n

The source type for a CrowdStrike entity context sync. \nAllowed enum values: CROWDSTRIKE

\n
\n \n
\n
\n
\n
\n
\n

name [required]

\n
\n

string

\n

The display name for the entity context sync configuration.

\n
\n \n
\n
\n
\n
\n
\n

secrets [required]

\n
\n

object

\n

Credentials for a CrowdStrike entity context sync.

\n
\n
\n
\n
\n
\n

client_id [required]

\n
\n

string

\n

The CrowdStrike API client ID.

\n
\n \n
\n
\n
\n
\n
\n

client_secret [required]

\n
\n

string

\n

The CrowdStrike API client secret.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

settings

\n
\n

object

\n

Free-form, non-sensitive settings for the entity context sync. The accepted keys depend on the source type.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 5

\n
\n

object

\n

The attributes of a SentinelOne entity context sync configuration to create.

\n
\n
\n
\n
\n
\n

domain [required]

\n
\n

string

\n

The domain associated with the external entity source.

\n
\n \n
\n
\n
\n
\n
\n

integration_type [required]

\n
\n

enum

\n

The source type for a SentinelOne entity context sync. \nAllowed enum values: SENTINELONE

\n
\n \n
\n
\n
\n
\n
\n

name [required]

\n
\n

string

\n

The display name for the entity context sync configuration.

\n
\n \n
\n
\n
\n
\n
\n

secrets [required]

\n
\n

object

\n

Credentials for a SentinelOne entity context sync.

\n
\n
\n
\n
\n
\n

api_token [required]

\n
\n

string

\n

The SentinelOne API token.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

settings

\n
\n

object

\n

Free-form, non-sensitive settings for the entity context sync. The accepted keys depend on the source type.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

type [required]

\n
\n

enum

\n

The type of the resource. The value should always be integration_config. \nAllowed enum values: integration_config

default: integration_config

\n
\n \n
\n
\n
\n
" } }, "GetEntraIdAzureAppRegistrations": { @@ -6807,8 +6818,14 @@ "json_curl": { "data": { "attributes": { - "domain": "siem-test.com", - "integration_type": "GOOGLE_WORKSPACE" + "secrets": { + "service_account_json": { + "client_email": "svc@my-project.iam.gserviceaccount.com", + "private_key": "-----BEGIN PRIVATE KEY-----\n...\n-----END PRIVATE KEY-----", + "project_id": "my-project", + "type": "service_account" + } + } }, "type": "integration_config" } @@ -6819,13 +6836,19 @@ "domain": "siem-test.com", "integration_type": "GOOGLE_WORKSPACE", "secrets": { - "admin_email": "test@example.com" + "admin_email": "admin@example.com", + "service_account_json": { + "client_email": "svc@my-project.iam.gserviceaccount.com", + "private_key": "-----BEGIN PRIVATE KEY-----\n...\n-----END PRIVATE KEY-----", + "project_id": "my-project", + "type": "service_account" + } } }, "type": "integration_config" } }, - "html": "
\n
\n
\n
\n

data [required]

\n
\n

object

\n

The credentials to validate.

\n
\n
\n
\n
\n
\n

attributes [required]

\n
\n

object

\n

The credentials to validate against the external entity source.

\n
\n
\n
\n
\n
\n

domain [required]

\n
\n

string

\n

The domain associated with the external entity source.

\n
\n \n
\n
\n
\n
\n
\n

integration_type [required]

\n
\n

enum

\n

The type of external source that provides entities to Cloud SIEM. \nAllowed enum values: GOOGLE_WORKSPACE,OKTA,ENTRA_ID

\n
\n \n
\n
\n
\n
\n
\n

secrets

\n
\n

object

\n

The secrets used to authenticate against the external entity source. The accepted keys depend on the source type\n(for example, admin_email for Google Workspace). Not required for source types that do not use secrets (for example, ENTRA_ID).

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

type [required]

\n
\n

enum

\n

The type of the resource. The value should always be integration_config. \nAllowed enum values: integration_config

default: integration_config

\n
\n \n
\n
\n
\n
" + "html": "
\n
\n
\n
\n

data [required]

\n
\n

object

\n

The credentials to validate.

\n
\n
\n
\n
\n
\n

attributes [required]

\n
\n

 <oneOf>

\n

The credentials to validate against the external entity source.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

The Google Workspace credentials to validate against the external entity source.

\n
\n
\n
\n
\n
\n

domain [required]

\n
\n

string

\n

The domain associated with the external entity source.

\n
\n \n
\n
\n
\n
\n
\n

integration_type [required]

\n
\n

enum

\n

The source type for a Google Workspace entity context sync. \nAllowed enum values: GOOGLE_WORKSPACE

\n
\n \n
\n
\n
\n
\n
\n

secrets [required]

\n
\n

object

\n

Credentials for a Google Workspace entity context sync.

\n
\n
\n
\n
\n
\n

admin_email

\n
\n

string

\n

The admin email to impersonate for domain-wide delegation.

\n
\n \n
\n
\n
\n
\n
\n

service_account_json [required]

\n
\n

object

\n

The Google Cloud service account JSON used to authenticate against the Google Workspace Admin SDK. Additional keys beyond those documented are preserved.

\n
\n
\n
\n
\n
\n

client_email [required]

\n
\n

string

\n

The service account client email.

\n
\n \n
\n
\n
\n
\n
\n

private_key [required]

\n
\n

string

\n

The service account private key.

\n
\n \n
\n
\n
\n
\n
\n

project_id [required]

\n
\n

string

\n

The Google Cloud project ID that owns the service account.

\n
\n \n
\n
\n
\n
\n
\n

type [required]

\n
\n

string

\n

The service account type. Must be service_account.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

The Okta credentials to validate against the external entity source.

\n
\n
\n
\n
\n
\n

domain [required]

\n
\n

string

\n

The domain associated with the external entity source.

\n
\n \n
\n
\n
\n
\n
\n

integration_type [required]

\n
\n

enum

\n

The source type for an Okta entity context sync. \nAllowed enum values: OKTA

\n
\n \n
\n
\n
\n
\n
\n

secrets [required]

\n
\n

object

\n

Credentials for an Okta entity context sync.

\n
\n
\n
\n
\n
\n

api_token [required]

\n
\n

string

\n

The Okta API token used to authenticate against the Okta API.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

Option 3

\n
\n

object

\n

The Entra ID credentials to validate against the external entity source.

\n
\n
\n
\n
\n
\n

domain [required]

\n
\n

string

\n

The domain associated with the external entity source.

\n
\n \n
\n
\n
\n
\n
\n

integration_type [required]

\n
\n

enum

\n

The source type for an Entra ID entity context sync. \nAllowed enum values: ENTRA_ID

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 4

\n
\n

object

\n

The CrowdStrike credentials to validate against the external entity source.

\n
\n
\n
\n
\n
\n

domain [required]

\n
\n

string

\n

The domain associated with the external entity source.

\n
\n \n
\n
\n
\n
\n
\n

integration_type [required]

\n
\n

enum

\n

The source type for a CrowdStrike entity context sync. \nAllowed enum values: CROWDSTRIKE

\n
\n \n
\n
\n
\n
\n
\n

secrets [required]

\n
\n

object

\n

Credentials for a CrowdStrike entity context sync.

\n
\n
\n
\n
\n
\n

client_id [required]

\n
\n

string

\n

The CrowdStrike API client ID.

\n
\n \n
\n
\n
\n
\n
\n

client_secret [required]

\n
\n

string

\n

The CrowdStrike API client secret.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

Option 5

\n
\n

object

\n

The SentinelOne credentials to validate against the external entity source.

\n
\n
\n
\n
\n
\n

domain [required]

\n
\n

string

\n

The domain associated with the external entity source.

\n
\n \n
\n
\n
\n
\n
\n

integration_type [required]

\n
\n

enum

\n

The source type for a SentinelOne entity context sync. \nAllowed enum values: SENTINELONE

\n
\n \n
\n
\n
\n
\n
\n

secrets [required]

\n
\n

object

\n

Credentials for a SentinelOne entity context sync.

\n
\n
\n
\n
\n
\n

api_token [required]

\n
\n

string

\n

The SentinelOne API token.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n

type [required]

\n
\n

enum

\n

The type of the resource. The value should always be integration_config. \nAllowed enum values: integration_config

default: integration_config

\n
\n \n
\n
\n
\n
" } }, "DeleteSecurityMonitoringIntegrationConfig": { @@ -6882,7 +6905,7 @@ "type": "integration_config" } }, - "html": "
\n
\n
\n
\n

data [required]

\n
\n

object

\n

An entity context sync configuration.

\n
\n
\n
\n
\n
\n

attributes [required]

\n
\n

object

\n

The attributes of an entity context sync configuration as returned by the API.

\n
\n
\n
\n
\n
\n

created_at

\n
\n

date-time

\n

The time at which the entity context sync configuration was created.

\n
\n \n
\n
\n
\n
\n
\n

domain [required]

\n
\n

string

\n

The domain associated with the external entity source (for example, the customer's identity provider domain).

\n
\n \n
\n
\n
\n
\n
\n

enabled [required]

\n
\n

boolean

\n

Whether the sync is enabled and actively ingesting entities into Cloud SIEM.

\n
\n \n
\n
\n
\n
\n
\n

integration_type [required]

\n
\n

enum

\n

The type of external source that provides entities to Cloud SIEM. \nAllowed enum values: GOOGLE_WORKSPACE,OKTA,ENTRA_ID

\n
\n \n
\n
\n
\n
\n
\n

modified_at

\n
\n

date-time

\n

The time at which the entity context sync configuration was last modified.

\n
\n \n
\n
\n
\n
\n
\n

name

\n
\n

string

\n

The display name of the entity context sync configuration.

\n
\n \n
\n
\n
\n
\n
\n

settings

\n
\n

object

\n

Free-form, non-sensitive settings for the entity context sync. The accepted keys depend on the source type.

\n
\n \n
\n
\n
\n
\n
\n

state

\n
\n

enum

\n

The state of the credentials configured on the entity context sync. \nAllowed enum values: valid,invalid,initializing

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

id [required]

\n
\n

string

\n

The unique identifier of the integration configuration.

\n
\n \n
\n
\n
\n
\n
\n

type [required]

\n
\n

enum

\n

The type of the resource. The value should always be integration_config. \nAllowed enum values: integration_config

default: integration_config

\n
\n \n
\n
\n
\n
" + "html": "
\n
\n
\n
\n

data [required]

\n
\n

object

\n

An entity context sync configuration.

\n
\n
\n
\n
\n
\n

attributes [required]

\n
\n

object

\n

The attributes of an entity context sync configuration as returned by the API.

\n
\n
\n
\n
\n
\n

created_at

\n
\n

date-time

\n

The time at which the entity context sync configuration was created.

\n
\n \n
\n
\n
\n
\n
\n

domain [required]

\n
\n

string

\n

The domain associated with the external entity source (for example, the customer's identity provider domain).

\n
\n \n
\n
\n
\n
\n
\n

enabled [required]

\n
\n

boolean

\n

Whether the sync is enabled and actively ingesting entities into Cloud SIEM.

\n
\n \n
\n
\n
\n
\n
\n

integration_type [required]

\n
\n

enum

\n

The type of external source that provides entities to Cloud SIEM. \nAllowed enum values: GOOGLE_WORKSPACE,OKTA,ENTRA_ID,CROWDSTRIKE,SENTINELONE

\n
\n \n
\n
\n
\n
\n
\n

modified_at

\n
\n

date-time

\n

The time at which the entity context sync configuration was last modified.

\n
\n \n
\n
\n
\n
\n
\n

name

\n
\n

string

\n

The display name of the entity context sync configuration.

\n
\n \n
\n
\n
\n
\n
\n

settings

\n
\n

object

\n

Free-form, non-sensitive settings for the entity context sync. The accepted keys depend on the source type.

\n
\n \n
\n
\n
\n
\n
\n

state

\n
\n

enum

\n

The state of the credentials configured on the entity context sync. \nAllowed enum values: valid,invalid,initializing

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

id [required]

\n
\n

string

\n

The unique identifier of the integration configuration.

\n
\n \n
\n
\n
\n
\n
\n

type [required]

\n
\n

enum

\n

The type of the resource. The value should always be integration_config. \nAllowed enum values: integration_config

default: integration_config

\n
\n \n
\n
\n
\n
" }, "403": { "json": { @@ -6936,7 +6959,7 @@ "type": "integration_config" } }, - "html": "
\n
\n
\n
\n

data [required]

\n
\n

object

\n

An entity context sync configuration.

\n
\n
\n
\n
\n
\n

attributes [required]

\n
\n

object

\n

The attributes of an entity context sync configuration as returned by the API.

\n
\n
\n
\n
\n
\n

created_at

\n
\n

date-time

\n

The time at which the entity context sync configuration was created.

\n
\n \n
\n
\n
\n
\n
\n

domain [required]

\n
\n

string

\n

The domain associated with the external entity source (for example, the customer's identity provider domain).

\n
\n \n
\n
\n
\n
\n
\n

enabled [required]

\n
\n

boolean

\n

Whether the sync is enabled and actively ingesting entities into Cloud SIEM.

\n
\n \n
\n
\n
\n
\n
\n

integration_type [required]

\n
\n

enum

\n

The type of external source that provides entities to Cloud SIEM. \nAllowed enum values: GOOGLE_WORKSPACE,OKTA,ENTRA_ID

\n
\n \n
\n
\n
\n
\n
\n

modified_at

\n
\n

date-time

\n

The time at which the entity context sync configuration was last modified.

\n
\n \n
\n
\n
\n
\n
\n

name

\n
\n

string

\n

The display name of the entity context sync configuration.

\n
\n \n
\n
\n
\n
\n
\n

settings

\n
\n

object

\n

Free-form, non-sensitive settings for the entity context sync. The accepted keys depend on the source type.

\n
\n \n
\n
\n
\n
\n
\n

state

\n
\n

enum

\n

The state of the credentials configured on the entity context sync. \nAllowed enum values: valid,invalid,initializing

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

id [required]

\n
\n

string

\n

The unique identifier of the integration configuration.

\n
\n \n
\n
\n
\n
\n
\n

type [required]

\n
\n

enum

\n

The type of the resource. The value should always be integration_config. \nAllowed enum values: integration_config

default: integration_config

\n
\n \n
\n
\n
\n
" + "html": "
\n
\n
\n
\n

data [required]

\n
\n

object

\n

An entity context sync configuration.

\n
\n
\n
\n
\n
\n

attributes [required]

\n
\n

object

\n

The attributes of an entity context sync configuration as returned by the API.

\n
\n
\n
\n
\n
\n

created_at

\n
\n

date-time

\n

The time at which the entity context sync configuration was created.

\n
\n \n
\n
\n
\n
\n
\n

domain [required]

\n
\n

string

\n

The domain associated with the external entity source (for example, the customer's identity provider domain).

\n
\n \n
\n
\n
\n
\n
\n

enabled [required]

\n
\n

boolean

\n

Whether the sync is enabled and actively ingesting entities into Cloud SIEM.

\n
\n \n
\n
\n
\n
\n
\n

integration_type [required]

\n
\n

enum

\n

The type of external source that provides entities to Cloud SIEM. \nAllowed enum values: GOOGLE_WORKSPACE,OKTA,ENTRA_ID,CROWDSTRIKE,SENTINELONE

\n
\n \n
\n
\n
\n
\n
\n

modified_at

\n
\n

date-time

\n

The time at which the entity context sync configuration was last modified.

\n
\n \n
\n
\n
\n
\n
\n

name

\n
\n

string

\n

The display name of the entity context sync configuration.

\n
\n \n
\n
\n
\n
\n
\n

settings

\n
\n

object

\n

Free-form, non-sensitive settings for the entity context sync. The accepted keys depend on the source type.

\n
\n \n
\n
\n
\n
\n
\n

state

\n
\n

enum

\n

The state of the credentials configured on the entity context sync. \nAllowed enum values: valid,invalid,initializing

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

id [required]

\n
\n

string

\n

The unique identifier of the integration configuration.

\n
\n \n
\n
\n
\n
\n
\n

type [required]

\n
\n

enum

\n

The type of the resource. The value should always be integration_config. \nAllowed enum values: integration_config

default: integration_config

\n
\n \n
\n
\n
\n
" }, "400": { "json": { @@ -6974,7 +6997,16 @@ "request": { "json_curl": { "data": { - "attributes": {}, + "attributes": { + "secrets": { + "service_account_json": { + "client_email": "svc@my-project.iam.gserviceaccount.com", + "private_key": "-----BEGIN PRIVATE KEY-----\n...\n-----END PRIVATE KEY-----", + "project_id": "my-project", + "type": "service_account" + } + } + }, "type": "integration_config" } }, @@ -6986,7 +7018,13 @@ "integration_type": "GOOGLE_WORKSPACE", "name": "My GWS Integration (renamed)", "secrets": { - "admin_email": "test@example.com" + "admin_email": "admin@example.com", + "service_account_json": { + "client_email": "svc@my-project.iam.gserviceaccount.com", + "private_key": "-----BEGIN PRIVATE KEY-----\n...\n-----END PRIVATE KEY-----", + "project_id": "my-project", + "type": "service_account" + } }, "settings": { "setting1": "value1" @@ -6995,7 +7033,7 @@ "type": "integration_config" } }, - "html": "
\n
\n
\n
\n

data [required]

\n
\n

object

\n

The entity context sync configuration fields to update.

\n
\n
\n
\n
\n
\n

attributes [required]

\n
\n

object

\n

Fields to update on the entity context sync configuration. All fields are optional.

\n
\n
\n
\n
\n
\n

domain

\n
\n

string

\n

The new domain associated with the external entity source.

\n
\n \n
\n
\n
\n
\n
\n

enabled

\n
\n

boolean

\n

Whether the entity context sync should be enabled.

\n
\n \n
\n
\n
\n
\n
\n

integration_type

\n
\n

enum

\n

The type of external source that provides entities to Cloud SIEM. \nAllowed enum values: GOOGLE_WORKSPACE,OKTA,ENTRA_ID

\n
\n \n
\n
\n
\n
\n
\n

name

\n
\n

string

\n

The new display name for the entity context sync configuration.

\n
\n \n
\n
\n
\n
\n
\n

secrets

\n
\n

object

\n

The secrets used to authenticate against the external entity source. The accepted keys depend on the source type\n(for example, admin_email for Google Workspace). Not required for source types that do not use secrets (for example, ENTRA_ID).

\n
\n \n
\n
\n
\n
\n
\n

settings

\n
\n

object

\n

Free-form, non-sensitive settings for the entity context sync. The accepted keys depend on the source type.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

type [required]

\n
\n

enum

\n

The type of the resource. The value should always be integration_config. \nAllowed enum values: integration_config

default: integration_config

\n
\n \n
\n
\n
\n
" + "html": "
\n
\n
\n
\n

data [required]

\n
\n

object

\n

The entity context sync configuration fields to update.

\n
\n
\n
\n
\n
\n

attributes [required]

\n
\n

 <oneOf>

\n

Fields to update on the entity context sync configuration. All fields other than the integration type are optional.

\n
\n
\n
\n
\n
\n

Option 1

\n
\n

object

\n

Fields to update on a Google Workspace entity context sync configuration.

\n
\n
\n
\n
\n
\n

domain

\n
\n

string

\n

The new domain associated with the external entity source.

\n
\n \n
\n
\n
\n
\n
\n

enabled

\n
\n

boolean

\n

Whether the entity context sync should be enabled.

\n
\n \n
\n
\n
\n
\n
\n

integration_type [required]

\n
\n

enum

\n

The source type for a Google Workspace entity context sync. \nAllowed enum values: GOOGLE_WORKSPACE

\n
\n \n
\n
\n
\n
\n
\n

name

\n
\n

string

\n

The new display name for the entity context sync configuration.

\n
\n \n
\n
\n
\n
\n
\n

secrets

\n
\n

object

\n

Credentials for a Google Workspace entity context sync.

\n
\n
\n
\n
\n
\n

admin_email

\n
\n

string

\n

The admin email to impersonate for domain-wide delegation.

\n
\n \n
\n
\n
\n
\n
\n

service_account_json [required]

\n
\n

object

\n

The Google Cloud service account JSON used to authenticate against the Google Workspace Admin SDK. Additional keys beyond those documented are preserved.

\n
\n
\n
\n
\n
\n

client_email [required]

\n
\n

string

\n

The service account client email.

\n
\n \n
\n
\n
\n
\n
\n

private_key [required]

\n
\n

string

\n

The service account private key.

\n
\n \n
\n
\n
\n
\n
\n

project_id [required]

\n
\n

string

\n

The Google Cloud project ID that owns the service account.

\n
\n \n
\n
\n
\n
\n
\n

type [required]

\n
\n

string

\n

The service account type. Must be service_account.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

settings

\n
\n

object

\n

Free-form, non-sensitive settings for the entity context sync. The accepted keys depend on the source type.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 2

\n
\n

object

\n

Fields to update on an Okta entity context sync configuration.

\n
\n
\n
\n
\n
\n

domain

\n
\n

string

\n

The new domain associated with the external entity source.

\n
\n \n
\n
\n
\n
\n
\n

enabled

\n
\n

boolean

\n

Whether the entity context sync should be enabled.

\n
\n \n
\n
\n
\n
\n
\n

integration_type [required]

\n
\n

enum

\n

The source type for an Okta entity context sync. \nAllowed enum values: OKTA

\n
\n \n
\n
\n
\n
\n
\n

name

\n
\n

string

\n

The new display name for the entity context sync configuration.

\n
\n \n
\n
\n
\n
\n
\n

secrets

\n
\n

object

\n

Credentials for an Okta entity context sync.

\n
\n
\n
\n
\n
\n

api_token [required]

\n
\n

string

\n

The Okta API token used to authenticate against the Okta API.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

settings

\n
\n

object

\n

Free-form, non-sensitive settings for the entity context sync. The accepted keys depend on the source type.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 3

\n
\n

object

\n

Fields to update on an Entra ID entity context sync configuration.

\n
\n
\n
\n
\n
\n

domain

\n
\n

string

\n

The new domain associated with the external entity source.

\n
\n \n
\n
\n
\n
\n
\n

enabled

\n
\n

boolean

\n

Whether the entity context sync should be enabled.

\n
\n \n
\n
\n
\n
\n
\n

integration_type [required]

\n
\n

enum

\n

The source type for an Entra ID entity context sync. \nAllowed enum values: ENTRA_ID

\n
\n \n
\n
\n
\n
\n
\n

name

\n
\n

string

\n

The new display name for the entity context sync configuration.

\n
\n \n
\n
\n
\n
\n
\n

settings

\n
\n

object

\n

Free-form, non-sensitive settings for the entity context sync. The accepted keys depend on the source type.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 4

\n
\n

object

\n

Fields to update on a CrowdStrike entity context sync configuration.

\n
\n
\n
\n
\n
\n

domain

\n
\n

string

\n

The new domain associated with the external entity source.

\n
\n \n
\n
\n
\n
\n
\n

enabled

\n
\n

boolean

\n

Whether the entity context sync should be enabled.

\n
\n \n
\n
\n
\n
\n
\n

integration_type [required]

\n
\n

enum

\n

The source type for a CrowdStrike entity context sync. \nAllowed enum values: CROWDSTRIKE

\n
\n \n
\n
\n
\n
\n
\n

name

\n
\n

string

\n

The new display name for the entity context sync configuration.

\n
\n \n
\n
\n
\n
\n
\n

secrets

\n
\n

object

\n

Credentials for a CrowdStrike entity context sync.

\n
\n
\n
\n
\n
\n

client_id [required]

\n
\n

string

\n

The CrowdStrike API client ID.

\n
\n \n
\n
\n
\n
\n
\n

client_secret [required]

\n
\n

string

\n

The CrowdStrike API client secret.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

settings

\n
\n

object

\n

Free-form, non-sensitive settings for the entity context sync. The accepted keys depend on the source type.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

Option 5

\n
\n

object

\n

Fields to update on a SentinelOne entity context sync configuration.

\n
\n
\n
\n
\n
\n

domain

\n
\n

string

\n

The new domain associated with the external entity source.

\n
\n \n
\n
\n
\n
\n
\n

enabled

\n
\n

boolean

\n

Whether the entity context sync should be enabled.

\n
\n \n
\n
\n
\n
\n
\n

integration_type [required]

\n
\n

enum

\n

The source type for a SentinelOne entity context sync. \nAllowed enum values: SENTINELONE

\n
\n \n
\n
\n
\n
\n
\n

name

\n
\n

string

\n

The new display name for the entity context sync configuration.

\n
\n \n
\n
\n
\n
\n
\n

secrets

\n
\n

object

\n

Credentials for a SentinelOne entity context sync.

\n
\n
\n
\n
\n
\n

api_token [required]

\n
\n

string

\n

The SentinelOne API token.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

settings

\n
\n

object

\n

Free-form, non-sensitive settings for the entity context sync. The accepted keys depend on the source type.

\n
\n \n
\n
\n
\n
\n
\n
\n
\n
\n
\n

type [required]

\n
\n

enum

\n

The type of the resource. The value should always be integration_config. \nAllowed enum values: integration_config

default: integration_config

\n
\n \n
\n
\n
\n
" } }, "ValidateSecurityMonitoringIntegrationConfig": { @@ -7060,7 +7098,7 @@ "type": "integration_config" } }, - "html": "
\n
\n
\n
\n

data [required]

\n
\n

object

\n

An entity context sync configuration.

\n
\n
\n
\n
\n
\n

attributes [required]

\n
\n

object

\n

The attributes of an entity context sync configuration as returned by the API.

\n
\n
\n
\n
\n
\n

created_at

\n
\n

date-time

\n

The time at which the entity context sync configuration was created.

\n
\n \n
\n
\n
\n
\n
\n

domain [required]

\n
\n

string

\n

The domain associated with the external entity source (for example, the customer's identity provider domain).

\n
\n \n
\n
\n
\n
\n
\n

enabled [required]

\n
\n

boolean

\n

Whether the sync is enabled and actively ingesting entities into Cloud SIEM.

\n
\n \n
\n
\n
\n
\n
\n

integration_type [required]

\n
\n

enum

\n

The type of external source that provides entities to Cloud SIEM. \nAllowed enum values: GOOGLE_WORKSPACE,OKTA,ENTRA_ID

\n
\n \n
\n
\n
\n
\n
\n

modified_at

\n
\n

date-time

\n

The time at which the entity context sync configuration was last modified.

\n
\n \n
\n
\n
\n
\n
\n

name

\n
\n

string

\n

The display name of the entity context sync configuration.

\n
\n \n
\n
\n
\n
\n
\n

settings

\n
\n

object

\n

Free-form, non-sensitive settings for the entity context sync. The accepted keys depend on the source type.

\n
\n \n
\n
\n
\n
\n
\n

state

\n
\n

enum

\n

The state of the credentials configured on the entity context sync. \nAllowed enum values: valid,invalid,initializing

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

id [required]

\n
\n

string

\n

The unique identifier of the integration configuration.

\n
\n \n
\n
\n
\n
\n
\n

type [required]

\n
\n

enum

\n

The type of the resource. The value should always be integration_config. \nAllowed enum values: integration_config

default: integration_config

\n
\n \n
\n
\n
\n
" + "html": "
\n
\n
\n
\n

data [required]

\n
\n

object

\n

An entity context sync configuration.

\n
\n
\n
\n
\n
\n

attributes [required]

\n
\n

object

\n

The attributes of an entity context sync configuration as returned by the API.

\n
\n
\n
\n
\n
\n

created_at

\n
\n

date-time

\n

The time at which the entity context sync configuration was created.

\n
\n \n
\n
\n
\n
\n
\n

domain [required]

\n
\n

string

\n

The domain associated with the external entity source (for example, the customer's identity provider domain).

\n
\n \n
\n
\n
\n
\n
\n

enabled [required]

\n
\n

boolean

\n

Whether the sync is enabled and actively ingesting entities into Cloud SIEM.

\n
\n \n
\n
\n
\n
\n
\n

integration_type [required]

\n
\n

enum

\n

The type of external source that provides entities to Cloud SIEM. \nAllowed enum values: GOOGLE_WORKSPACE,OKTA,ENTRA_ID,CROWDSTRIKE,SENTINELONE

\n
\n \n
\n
\n
\n
\n
\n

modified_at

\n
\n

date-time

\n

The time at which the entity context sync configuration was last modified.

\n
\n \n
\n
\n
\n
\n
\n

name

\n
\n

string

\n

The display name of the entity context sync configuration.

\n
\n \n
\n
\n
\n
\n
\n

settings

\n
\n

object

\n

Free-form, non-sensitive settings for the entity context sync. The accepted keys depend on the source type.

\n
\n \n
\n
\n
\n
\n
\n

state

\n
\n

enum

\n

The state of the credentials configured on the entity context sync. \nAllowed enum values: valid,invalid,initializing

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

id [required]

\n
\n

string

\n

The unique identifier of the integration configuration.

\n
\n \n
\n
\n
\n
\n
\n

type [required]

\n
\n

enum

\n

The type of the resource. The value should always be integration_config. \nAllowed enum values: integration_config

default: integration_config

\n
\n \n
\n
\n
\n
" }, "400": { "json": { @@ -7133,7 +7171,7 @@ "type": "integration_config" } }, - "html": "
\n
\n
\n
\n

data [required]

\n
\n

object

\n

An entity context sync configuration.

\n
\n
\n
\n
\n
\n

attributes [required]

\n
\n

object

\n

The attributes of an entity context sync configuration as returned by the API.

\n
\n
\n
\n
\n
\n

created_at

\n
\n

date-time

\n

The time at which the entity context sync configuration was created.

\n
\n \n
\n
\n
\n
\n
\n

domain [required]

\n
\n

string

\n

The domain associated with the external entity source (for example, the customer's identity provider domain).

\n
\n \n
\n
\n
\n
\n
\n

enabled [required]

\n
\n

boolean

\n

Whether the sync is enabled and actively ingesting entities into Cloud SIEM.

\n
\n \n
\n
\n
\n
\n
\n

integration_type [required]

\n
\n

enum

\n

The type of external source that provides entities to Cloud SIEM. \nAllowed enum values: GOOGLE_WORKSPACE,OKTA,ENTRA_ID

\n
\n \n
\n
\n
\n
\n
\n

modified_at

\n
\n

date-time

\n

The time at which the entity context sync configuration was last modified.

\n
\n \n
\n
\n
\n
\n
\n

name

\n
\n

string

\n

The display name of the entity context sync configuration.

\n
\n \n
\n
\n
\n
\n
\n

settings

\n
\n

object

\n

Free-form, non-sensitive settings for the entity context sync. The accepted keys depend on the source type.

\n
\n \n
\n
\n
\n
\n
\n

state

\n
\n

enum

\n

The state of the credentials configured on the entity context sync. \nAllowed enum values: valid,invalid,initializing

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

id [required]

\n
\n

string

\n

The unique identifier of the integration configuration.

\n
\n \n
\n
\n
\n
\n
\n

type [required]

\n
\n

enum

\n

The type of the resource. The value should always be integration_config. \nAllowed enum values: integration_config

default: integration_config

\n
\n \n
\n
\n
\n
" + "html": "
\n
\n
\n
\n

data [required]

\n
\n

object

\n

An entity context sync configuration.

\n
\n
\n
\n
\n
\n

attributes [required]

\n
\n

object

\n

The attributes of an entity context sync configuration as returned by the API.

\n
\n
\n
\n
\n
\n

created_at

\n
\n

date-time

\n

The time at which the entity context sync configuration was created.

\n
\n \n
\n
\n
\n
\n
\n

domain [required]

\n
\n

string

\n

The domain associated with the external entity source (for example, the customer's identity provider domain).

\n
\n \n
\n
\n
\n
\n
\n

enabled [required]

\n
\n

boolean

\n

Whether the sync is enabled and actively ingesting entities into Cloud SIEM.

\n
\n \n
\n
\n
\n
\n
\n

integration_type [required]

\n
\n

enum

\n

The type of external source that provides entities to Cloud SIEM. \nAllowed enum values: GOOGLE_WORKSPACE,OKTA,ENTRA_ID,CROWDSTRIKE,SENTINELONE

\n
\n \n
\n
\n
\n
\n
\n

modified_at

\n
\n

date-time

\n

The time at which the entity context sync configuration was last modified.

\n
\n \n
\n
\n
\n
\n
\n

name

\n
\n

string

\n

The display name of the entity context sync configuration.

\n
\n \n
\n
\n
\n
\n
\n

settings

\n
\n

object

\n

Free-form, non-sensitive settings for the entity context sync. The accepted keys depend on the source type.

\n
\n \n
\n
\n
\n
\n
\n

state

\n
\n

enum

\n

The state of the credentials configured on the entity context sync. \nAllowed enum values: valid,invalid,initializing

\n
\n \n
\n
\n
\n
\n
\n
\n
\n

id [required]

\n
\n

string

\n

The unique identifier of the integration configuration.

\n
\n \n
\n
\n
\n
\n
\n

type [required]

\n
\n

enum

\n

The type of the resource. The value should always be integration_config. \nAllowed enum values: integration_config

default: integration_config

\n
\n \n
\n
\n
\n
" }, "403": { "json": { diff --git a/data/api/v2/full_spec.yaml b/data/api/v2/full_spec.yaml index e3eaba8baaa..33a63f9c229 100644 --- a/data/api/v2/full_spec.yaml +++ b/data/api/v2/full_spec.yaml @@ -3541,196 +3541,6 @@ components: type: string x-enum-varnames: - LOGS_SERVICES - AWSMetricNameFilterPreviewDDName: - description: A Datadog metric name and whether it is filtered. - properties: - filtered: - description: Whether this Datadog metric name is filtered out. - example: true - type: boolean - name: - description: The Datadog metric name. - example: "aws.ec2.network_in" - type: string - required: - - name - - filtered - type: object - AWSMetricNameFilterPreviewFilterMatch: - description: A metric name filter pattern and how many metrics it matched. - properties: - match_count: - description: The number of Datadog metric names matched by this pattern. - example: 1 - format: int64 - type: integer - pattern: - description: The metric name filter pattern. - example: "aws.ec2.network_in" - type: string - required: - - pattern - - match_count - type: object - AWSMetricNameFilterPreviewMetric: - description: A CloudWatch metric and the Datadog metric names it produces. - properties: - cw_name: - description: The CloudWatch metric name. - example: "NetworkIn" - type: string - dd_names: - description: The Datadog metric names produced from this CloudWatch metric. - items: - $ref: "#/components/schemas/AWSMetricNameFilterPreviewDDName" - type: array - required: - - cw_name - - dd_names - type: object - AWSMetricNameFilterPreviewNamespace: - description: The metric name filter preview for a single namespace. - properties: - filters: - description: The metric name filter patterns evaluated for this namespace and how many metrics they matched. - items: - $ref: "#/components/schemas/AWSMetricNameFilterPreviewFilterMatch" - type: array - metrics: - description: |- - The CloudWatch metrics collected for this namespace and whether each resulting - Datadog metric is filtered. - items: - $ref: "#/components/schemas/AWSMetricNameFilterPreviewMetric" - type: array - namespace: - description: The AWS CloudWatch namespace. - example: "AWS/EC2" - type: string - required: - - namespace - - filters - - metrics - type: object - AWSMetricNameFilterPreviewRequest: - description: AWS metric name filter preview request body. - properties: - data: - $ref: "#/components/schemas/AWSMetricNameFilterPreviewRequestData" - required: - - data - type: object - AWSMetricNameFilterPreviewRequestAttributes: - description: AWS metric name filter preview request attributes. - properties: - metric_name_filters: - description: The metric name filters to preview. - items: - $ref: "#/components/schemas/AWSMetricNameFilters" - type: array - required: - - metric_name_filters - type: object - AWSMetricNameFilterPreviewRequestData: - description: AWS metric name filter preview request data. - properties: - attributes: - $ref: "#/components/schemas/AWSMetricNameFilterPreviewRequestAttributes" - type: - $ref: "#/components/schemas/AWSMetricNameFilterPreviewType" - required: - - type - - attributes - type: object - AWSMetricNameFilterPreviewResponse: - description: AWS metric name filter preview response body. - properties: - data: - $ref: "#/components/schemas/AWSMetricNameFilterPreviewResponseData" - required: - - data - type: object - AWSMetricNameFilterPreviewResponseAttributes: - description: AWS metric name filter preview response attributes. - properties: - namespaces: - description: The list of namespaces affected by the previewed metric name filters. - items: - $ref: "#/components/schemas/AWSMetricNameFilterPreviewNamespace" - type: array - required: - - namespaces - type: object - AWSMetricNameFilterPreviewResponseData: - description: AWS metric name filter preview response data. - properties: - attributes: - $ref: "#/components/schemas/AWSMetricNameFilterPreviewResponseAttributes" - id: - $ref: "#/components/schemas/AWSAccountConfigID" - type: - $ref: "#/components/schemas/AWSMetricNameFilterPreviewType" - required: - - id - - type - - attributes - type: object - AWSMetricNameFilterPreviewType: - default: "metric_name_filter_preview" - description: The `AWSMetricNameFilterPreviewResponseData` `type`. - enum: - - metric_name_filter_preview - example: "metric_name_filter_preview" - type: string - x-enum-varnames: - - METRIC_NAME_FILTER_PREVIEW - AWSMetricNameFilters: - description: |- - AWS CloudWatch metric name filter for a single namespace. - Exactly one of `include_only` or `exclude_only` must be set. - oneOf: - - $ref: "#/components/schemas/AWSMetricNameFiltersIncludeOnly" - - $ref: "#/components/schemas/AWSMetricNameFiltersExcludeOnly" - AWSMetricNameFiltersExcludeOnly: - description: Exclude metric names matching one of these patterns for a single namespace. - properties: - exclude_only: - description: Exclude metric names matching one of these patterns. - example: - - "aws.ec2.network_in" - items: - description: A metric name pattern to exclude. - example: "aws.ec2.network_in" - type: string - type: array - namespace: - description: The AWS CloudWatch namespace to which this metric name filter applies. - example: "AWS/EC2" - type: string - required: - - namespace - - exclude_only - type: object - AWSMetricNameFiltersIncludeOnly: - description: Include only metric names matching one of these patterns for a single namespace. - properties: - include_only: - description: Include only metric names matching one of these patterns. - example: - - "aws.ec2.network_in" - items: - description: A metric name pattern to include. - example: "aws.ec2.network_in" - type: string - type: array - namespace: - description: The AWS CloudWatch namespace to which this metric name filter applies. - example: "AWS/EC2" - type: string - required: - - namespace - - include_only - type: object AWSMetricsConfig: description: AWS Metrics Collection config. properties: @@ -3750,13 +3560,6 @@ components: description: Enable AWS metrics collection. Defaults to `true`. example: true type: boolean - metric_name_filters: - description: |- - AWS CloudWatch metric name filters. Each filter applies to a single namespace. - Exactly one of `include_only` or `exclude_only` must be set on each filter. - items: - $ref: "#/components/schemas/AWSMetricNameFilters" - type: array namespace_filters: $ref: "#/components/schemas/AWSNamespaceFilters" tag_filters: @@ -89069,6 +88872,69 @@ components: $ref: "#/components/schemas/SecurityMonitoringCriticalAsset" type: array type: object + SecurityMonitoringCrowdStrikeIntegrationConfigCreateAttributes: + description: The attributes of a CrowdStrike entity context sync configuration to create. + properties: + domain: + description: The domain associated with the external entity source. + example: api.crowdstrike.com + type: string + integration_type: + $ref: "#/components/schemas/SecurityMonitoringIntegrationTypeCrowdStrike" + name: + description: The display name for the entity context sync configuration. + example: My CrowdStrike Integration + type: string + secrets: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigCrowdStrikeSecrets" + settings: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigSettings" + required: + - integration_type + - domain + - name + - secrets + type: object + SecurityMonitoringCrowdStrikeIntegrationConfigUpdateAttributes: + description: Fields to update on a CrowdStrike entity context sync configuration. + properties: + domain: + description: The new domain associated with the external entity source. + example: api.crowdstrike.com + type: string + enabled: + description: Whether the entity context sync should be enabled. + example: true + type: boolean + integration_type: + $ref: "#/components/schemas/SecurityMonitoringIntegrationTypeCrowdStrike" + name: + description: The new display name for the entity context sync configuration. + example: My CrowdStrike Integration (renamed) + type: string + secrets: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigCrowdStrikeSecrets" + settings: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigSettings" + required: + - integration_type + type: object + SecurityMonitoringCrowdStrikeIntegrationCredentialsValidateAttributes: + description: The CrowdStrike credentials to validate against the external entity source. + properties: + domain: + description: The domain associated with the external entity source. + example: api.crowdstrike.com + type: string + integration_type: + $ref: "#/components/schemas/SecurityMonitoringIntegrationTypeCrowdStrike" + secrets: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigCrowdStrikeSecrets" + required: + - integration_type + - domain + - secrets + type: object SecurityMonitoringDatasetAttributesRequest: description: The attributes of a dataset create or update request. properties: @@ -89627,6 +89493,61 @@ components: required: - data type: object + SecurityMonitoringEntraIdIntegrationConfigCreateAttributes: + description: The attributes of an Entra ID entity context sync configuration to create. + properties: + domain: + description: The domain associated with the external entity source. + example: siem-test.com + type: string + integration_type: + $ref: "#/components/schemas/SecurityMonitoringIntegrationTypeEntraId" + name: + description: The display name for the entity context sync configuration. + example: My Entra ID Integration + type: string + settings: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigSettings" + required: + - integration_type + - domain + - name + type: object + SecurityMonitoringEntraIdIntegrationConfigUpdateAttributes: + description: Fields to update on an Entra ID entity context sync configuration. + properties: + domain: + description: The new domain associated with the external entity source. + example: siem-test.com + type: string + enabled: + description: Whether the entity context sync should be enabled. + example: true + type: boolean + integration_type: + $ref: "#/components/schemas/SecurityMonitoringIntegrationTypeEntraId" + name: + description: The new display name for the entity context sync configuration. + example: My Entra ID Integration (renamed) + type: string + settings: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigSettings" + required: + - integration_type + type: object + SecurityMonitoringEntraIdIntegrationCredentialsValidateAttributes: + description: The Entra ID credentials to validate against the external entity source. + properties: + domain: + description: The domain associated with the external entity source. + example: siem-test.com + type: string + integration_type: + $ref: "#/components/schemas/SecurityMonitoringIntegrationTypeEntraId" + required: + - integration_type + - domain + type: object SecurityMonitoringFilter: description: The rule's suppression filter. properties: @@ -89645,6 +89566,69 @@ components: x-enum-varnames: - REQUIRE - SUPPRESS + SecurityMonitoringGoogleWorkspaceIntegrationConfigCreateAttributes: + description: The attributes of a Google Workspace entity context sync configuration to create. + properties: + domain: + description: The domain associated with the external entity source. + example: siem-test.com + type: string + integration_type: + $ref: "#/components/schemas/SecurityMonitoringIntegrationTypeGoogleWorkspace" + name: + description: The display name for the entity context sync configuration. + example: My GWS Integration + type: string + secrets: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigGoogleWorkspaceSecrets" + settings: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigSettings" + required: + - integration_type + - domain + - name + - secrets + type: object + SecurityMonitoringGoogleWorkspaceIntegrationConfigUpdateAttributes: + description: Fields to update on a Google Workspace entity context sync configuration. + properties: + domain: + description: The new domain associated with the external entity source. + example: siem-test.com + type: string + enabled: + description: Whether the entity context sync should be enabled. + example: true + type: boolean + integration_type: + $ref: "#/components/schemas/SecurityMonitoringIntegrationTypeGoogleWorkspace" + name: + description: The new display name for the entity context sync configuration. + example: My GWS Integration (renamed) + type: string + secrets: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigGoogleWorkspaceSecrets" + settings: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigSettings" + required: + - integration_type + type: object + SecurityMonitoringGoogleWorkspaceIntegrationCredentialsValidateAttributes: + description: The Google Workspace credentials to validate against the external entity source. + properties: + domain: + description: The domain associated with the external entity source. + example: siem-test.com + type: string + integration_type: + $ref: "#/components/schemas/SecurityMonitoringIntegrationTypeGoogleWorkspace" + secrets: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigGoogleWorkspaceSecrets" + required: + - integration_type + - domain + - secrets + type: object SecurityMonitoringIntegrationActivateAttributes: description: Overrides applied when activating the integration. All fields are optional. properties: @@ -89720,26 +89704,20 @@ components: type: object SecurityMonitoringIntegrationConfigCreateAttributes: description: The attributes of the entity context sync configuration to create. - properties: - domain: - description: The domain associated with the external entity source. - example: siem-test.com - type: string - integration_type: - $ref: "#/components/schemas/SecurityMonitoringIntegrationType" - name: - description: The display name for the entity context sync configuration. - example: My GWS Integration - type: string - secrets: - $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigSecrets" - settings: - $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigSettings" - required: - - integration_type - - domain - - name - type: object + discriminator: + mapping: + CROWDSTRIKE: "#/components/schemas/SecurityMonitoringCrowdStrikeIntegrationConfigCreateAttributes" + ENTRA_ID: "#/components/schemas/SecurityMonitoringEntraIdIntegrationConfigCreateAttributes" + GOOGLE_WORKSPACE: "#/components/schemas/SecurityMonitoringGoogleWorkspaceIntegrationConfigCreateAttributes" + OKTA: "#/components/schemas/SecurityMonitoringOktaIntegrationConfigCreateAttributes" + SENTINELONE: "#/components/schemas/SecurityMonitoringSentinelOneIntegrationConfigCreateAttributes" + propertyName: integration_type + oneOf: + - $ref: "#/components/schemas/SecurityMonitoringGoogleWorkspaceIntegrationConfigCreateAttributes" + - $ref: "#/components/schemas/SecurityMonitoringOktaIntegrationConfigCreateAttributes" + - $ref: "#/components/schemas/SecurityMonitoringEntraIdIntegrationConfigCreateAttributes" + - $ref: "#/components/schemas/SecurityMonitoringCrowdStrikeIntegrationConfigCreateAttributes" + - $ref: "#/components/schemas/SecurityMonitoringSentinelOneIntegrationConfigCreateAttributes" SecurityMonitoringIntegrationConfigCreateData: description: The entity context sync configuration to create. properties: @@ -89759,6 +89737,21 @@ components: required: - data type: object + SecurityMonitoringIntegrationConfigCrowdStrikeSecrets: + description: Credentials for a CrowdStrike entity context sync. + properties: + client_id: + description: The CrowdStrike API client ID. + example: abcdef0123456789abcdef0123456789 + type: string + client_secret: + description: The CrowdStrike API client secret. + example: aBcDeFgHiJkLmNoPqRsTuVwXyZ0123456789ABCDEF + type: string + required: + - client_id + - client_secret + type: object SecurityMonitoringIntegrationConfigData: description: An entity context sync configuration. properties: @@ -89775,6 +89768,54 @@ components: - type - attributes type: object + SecurityMonitoringIntegrationConfigGoogleWorkspaceSecrets: + description: Credentials for a Google Workspace entity context sync. + properties: + admin_email: + description: The admin email to impersonate for domain-wide delegation. + example: admin@example.com + type: string + service_account_json: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigGoogleWorkspaceServiceAccount" + required: + - service_account_json + type: object + SecurityMonitoringIntegrationConfigGoogleWorkspaceServiceAccount: + additionalProperties: {} + description: The Google Cloud service account JSON used to authenticate against the Google Workspace Admin SDK. Additional keys beyond those documented are preserved. + properties: + client_email: + description: The service account client email. + example: svc@my-project.iam.gserviceaccount.com + type: string + private_key: + description: The service account private key. + example: "-----BEGIN PRIVATE KEY-----\n...\n-----END PRIVATE KEY-----" + type: string + project_id: + description: The Google Cloud project ID that owns the service account. + example: my-project + type: string + type: + description: The service account type. Must be `service_account`. + example: service_account + type: string + required: + - type + - project_id + - private_key + - client_email + type: object + SecurityMonitoringIntegrationConfigOktaSecrets: + description: Credentials for an Okta entity context sync. + properties: + api_token: + description: The Okta API token used to authenticate against the Okta API. + example: 00aBcDeFgHiJkLmNoPqRsTuVwXyZ + type: string + required: + - api_token + type: object SecurityMonitoringIntegrationConfigResourceType: default: integration_config description: The type of the resource. The value should always be `integration_config`. @@ -89792,13 +89833,15 @@ components: required: - data type: object - SecurityMonitoringIntegrationConfigSecrets: - additionalProperties: {} - description: |- - The secrets used to authenticate against the external entity source. The accepted keys depend on the source type - (for example, `admin_email` for Google Workspace). Not required for source types that do not use secrets (for example, `ENTRA_ID`). - example: - admin_email: test@example.com + SecurityMonitoringIntegrationConfigSentinelOneSecrets: + description: Credentials for a SentinelOne entity context sync. + properties: + api_token: + description: The SentinelOne API token. + example: aBcDeFgHiJkLmNoPqRsTuVwXyZ0123456789 + type: string + required: + - api_token type: object SecurityMonitoringIntegrationConfigSettings: additionalProperties: {} @@ -89819,27 +89862,21 @@ components: - INVALID - INITIALIZING SecurityMonitoringIntegrationConfigUpdateAttributes: - description: Fields to update on the entity context sync configuration. All fields are optional. - properties: - domain: - description: The new domain associated with the external entity source. - example: siem-test.com - type: string - enabled: - description: Whether the entity context sync should be enabled. - example: true - type: boolean - integration_type: - $ref: "#/components/schemas/SecurityMonitoringIntegrationType" - name: - description: The new display name for the entity context sync configuration. - example: My GWS Integration (renamed) - type: string - secrets: - $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigSecrets" - settings: - $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigSettings" - type: object + description: Fields to update on the entity context sync configuration. All fields other than the integration type are optional. + discriminator: + mapping: + CROWDSTRIKE: "#/components/schemas/SecurityMonitoringCrowdStrikeIntegrationConfigUpdateAttributes" + ENTRA_ID: "#/components/schemas/SecurityMonitoringEntraIdIntegrationConfigUpdateAttributes" + GOOGLE_WORKSPACE: "#/components/schemas/SecurityMonitoringGoogleWorkspaceIntegrationConfigUpdateAttributes" + OKTA: "#/components/schemas/SecurityMonitoringOktaIntegrationConfigUpdateAttributes" + SENTINELONE: "#/components/schemas/SecurityMonitoringSentinelOneIntegrationConfigUpdateAttributes" + propertyName: integration_type + oneOf: + - $ref: "#/components/schemas/SecurityMonitoringGoogleWorkspaceIntegrationConfigUpdateAttributes" + - $ref: "#/components/schemas/SecurityMonitoringOktaIntegrationConfigUpdateAttributes" + - $ref: "#/components/schemas/SecurityMonitoringEntraIdIntegrationConfigUpdateAttributes" + - $ref: "#/components/schemas/SecurityMonitoringCrowdStrikeIntegrationConfigUpdateAttributes" + - $ref: "#/components/schemas/SecurityMonitoringSentinelOneIntegrationConfigUpdateAttributes" SecurityMonitoringIntegrationConfigUpdateData: description: The entity context sync configuration fields to update. properties: @@ -89872,19 +89909,20 @@ components: type: object SecurityMonitoringIntegrationCredentialsValidateAttributes: description: The credentials to validate against the external entity source. - properties: - domain: - description: The domain associated with the external entity source. - example: siem-test.com - type: string - integration_type: - $ref: "#/components/schemas/SecurityMonitoringIntegrationType" - secrets: - $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigSecrets" - required: - - integration_type - - domain - type: object + discriminator: + mapping: + CROWDSTRIKE: "#/components/schemas/SecurityMonitoringCrowdStrikeIntegrationCredentialsValidateAttributes" + ENTRA_ID: "#/components/schemas/SecurityMonitoringEntraIdIntegrationCredentialsValidateAttributes" + GOOGLE_WORKSPACE: "#/components/schemas/SecurityMonitoringGoogleWorkspaceIntegrationCredentialsValidateAttributes" + OKTA: "#/components/schemas/SecurityMonitoringOktaIntegrationCredentialsValidateAttributes" + SENTINELONE: "#/components/schemas/SecurityMonitoringSentinelOneIntegrationCredentialsValidateAttributes" + propertyName: integration_type + oneOf: + - $ref: "#/components/schemas/SecurityMonitoringGoogleWorkspaceIntegrationCredentialsValidateAttributes" + - $ref: "#/components/schemas/SecurityMonitoringOktaIntegrationCredentialsValidateAttributes" + - $ref: "#/components/schemas/SecurityMonitoringEntraIdIntegrationCredentialsValidateAttributes" + - $ref: "#/components/schemas/SecurityMonitoringCrowdStrikeIntegrationCredentialsValidateAttributes" + - $ref: "#/components/schemas/SecurityMonitoringSentinelOneIntegrationCredentialsValidateAttributes" SecurityMonitoringIntegrationCredentialsValidateData: description: The credentials to validate. properties: @@ -89910,12 +89948,56 @@ components: - GOOGLE_WORKSPACE - OKTA - ENTRA_ID + - CROWDSTRIKE + - SENTINELONE example: GOOGLE_WORKSPACE type: string x-enum-varnames: - GOOGLE_WORKSPACE - OKTA - ENTRA_ID + - CROWDSTRIKE + - SENTINELONE + SecurityMonitoringIntegrationTypeCrowdStrike: + description: The source type for a CrowdStrike entity context sync. + enum: + - CROWDSTRIKE + example: CROWDSTRIKE + type: string + x-enum-varnames: + - CROWDSTRIKE + SecurityMonitoringIntegrationTypeEntraId: + description: The source type for an Entra ID entity context sync. + enum: + - ENTRA_ID + example: ENTRA_ID + type: string + x-enum-varnames: + - ENTRA_ID + SecurityMonitoringIntegrationTypeGoogleWorkspace: + description: The source type for a Google Workspace entity context sync. + enum: + - GOOGLE_WORKSPACE + example: GOOGLE_WORKSPACE + type: string + x-enum-varnames: + - GOOGLE_WORKSPACE + SecurityMonitoringIntegrationTypeOkta: + description: The source type for an Okta entity context sync. + enum: + - OKTA + example: OKTA + type: string + x-enum-varnames: + - OKTA + SecurityMonitoringIntegrationTypeSentinelOne: + description: The source type for a SentinelOne entity context sync. + enum: + - SENTINELONE + example: SENTINELONE + type: string + x-enum-varnames: + - SENTINELONE SecurityMonitoringListRulesResponse: description: List of rules. properties: @@ -89927,6 +90009,69 @@ components: meta: $ref: "#/components/schemas/ResponseMetaAttributes" type: object + SecurityMonitoringOktaIntegrationConfigCreateAttributes: + description: The attributes of an Okta entity context sync configuration to create. + properties: + domain: + description: The domain associated with the external entity source. + example: siem-test.com + type: string + integration_type: + $ref: "#/components/schemas/SecurityMonitoringIntegrationTypeOkta" + name: + description: The display name for the entity context sync configuration. + example: My Okta Integration + type: string + secrets: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigOktaSecrets" + settings: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigSettings" + required: + - integration_type + - domain + - name + - secrets + type: object + SecurityMonitoringOktaIntegrationConfigUpdateAttributes: + description: Fields to update on an Okta entity context sync configuration. + properties: + domain: + description: The new domain associated with the external entity source. + example: siem-test.com + type: string + enabled: + description: Whether the entity context sync should be enabled. + example: true + type: boolean + integration_type: + $ref: "#/components/schemas/SecurityMonitoringIntegrationTypeOkta" + name: + description: The new display name for the entity context sync configuration. + example: My Okta Integration (renamed) + type: string + secrets: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigOktaSecrets" + settings: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigSettings" + required: + - integration_type + type: object + SecurityMonitoringOktaIntegrationCredentialsValidateAttributes: + description: The Okta credentials to validate against the external entity source. + properties: + domain: + description: The domain associated with the external entity source. + example: siem-test.com + type: string + integration_type: + $ref: "#/components/schemas/SecurityMonitoringIntegrationTypeOkta" + secrets: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigOktaSecrets" + required: + - integration_type + - domain + - secrets + type: object SecurityMonitoringPaginatedSuppressionsResponse: description: Response object containing the available suppression rules with pagination metadata. properties: @@ -90887,6 +91032,69 @@ components: example: America/New_York type: string type: object + SecurityMonitoringSentinelOneIntegrationConfigCreateAttributes: + description: The attributes of a SentinelOne entity context sync configuration to create. + properties: + domain: + description: The domain associated with the external entity source. + example: acme.sentinelone.net + type: string + integration_type: + $ref: "#/components/schemas/SecurityMonitoringIntegrationTypeSentinelOne" + name: + description: The display name for the entity context sync configuration. + example: My SentinelOne Integration + type: string + secrets: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigSentinelOneSecrets" + settings: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigSettings" + required: + - integration_type + - domain + - name + - secrets + type: object + SecurityMonitoringSentinelOneIntegrationConfigUpdateAttributes: + description: Fields to update on a SentinelOne entity context sync configuration. + properties: + domain: + description: The new domain associated with the external entity source. + example: acme.sentinelone.net + type: string + enabled: + description: Whether the entity context sync should be enabled. + example: true + type: boolean + integration_type: + $ref: "#/components/schemas/SecurityMonitoringIntegrationTypeSentinelOne" + name: + description: The new display name for the entity context sync configuration. + example: My SentinelOne Integration (renamed) + type: string + secrets: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigSentinelOneSecrets" + settings: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigSettings" + required: + - integration_type + type: object + SecurityMonitoringSentinelOneIntegrationCredentialsValidateAttributes: + description: The SentinelOne credentials to validate against the external entity source. + properties: + domain: + description: The domain associated with the external entity source. + example: acme.sentinelone.net + type: string + integration_type: + $ref: "#/components/schemas/SecurityMonitoringIntegrationTypeSentinelOne" + secrets: + $ref: "#/components/schemas/SecurityMonitoringIntegrationConfigSentinelOneSecrets" + required: + - integration_type + - domain + - secrets + type: object SecurityMonitoringSignal: description: Object description of a security signal. properties: @@ -142975,10 +143183,6 @@ paths: collect_cloudwatch_alarms: false collect_custom_metrics: false enabled: true - metric_name_filters: - - include_only: - - aws.ec2.network_in - namespace: AWS/EC2 tag_filters: - namespace: AWS/EC2 resources_config: @@ -143120,10 +143324,6 @@ paths: collect_cloudwatch_alarms: false collect_custom_metrics: false enabled: true - metric_name_filters: - - include_only: - - aws.ec2.network_in - namespace: AWS/EC2 tag_filters: - namespace: AWS/EC2 resources_config: @@ -143373,126 +143573,6 @@ paths: x-unstable: |- **Note**: This endpoint is in preview and may be subject to change. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). - /api/v2/integration/aws/accounts/{aws_account_config_id}/metric_name_filter_preview: - get: - description: |- - Preview which collected CloudWatch metrics would be filtered by the account's saved metric name filters. - operationId: GetAWSMetricNameFilterPreview - parameters: - - $ref: "#/components/parameters/AWSAccountConfigIDPathParameter" - responses: - "200": - content: - application/json: - examples: - default: - value: - data: - attributes: - namespaces: - - filters: - - match_count: 1 - pattern: "aws.ec2.network_in" - metrics: - - cw_name: "NetworkIn" - dd_names: - - filtered: true - name: "aws.ec2.network_in" - namespace: "AWS/EC2" - id: "00000000-0000-0000-0000-000000000001" - type: metric_name_filter_preview - schema: - $ref: "#/components/schemas/AWSMetricNameFilterPreviewResponse" - description: AWS metric name filter preview result - "403": - $ref: "#/components/responses/ForbiddenResponse" - "404": - $ref: "#/components/responses/NotFoundResponse" - "429": - $ref: "#/components/responses/TooManyRequestsResponse" - summary: Get AWS metric name filter preview - tags: - - AWS Integration - x-menu-order: 19 - "x-permission": - operator: OR - permissions: - - aws_configuration_read - x-unstable: |- - **Note**: This endpoint is in preview and is subject to change. - If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). - post: - description: |- - Preview which collected CloudWatch metrics would be filtered by the supplied metric name filters. - The filters are not persisted. - operationId: PreviewAWSMetricNameFilter - parameters: - - $ref: "#/components/parameters/AWSAccountConfigIDPathParameter" - requestBody: - content: - application/json: - examples: - default: - value: - data: - attributes: - metric_name_filters: - - exclude_only: - - "aws.ec2.network_in" - namespace: "AWS/EC2" - type: metric_name_filter_preview - schema: - $ref: "#/components/schemas/AWSMetricNameFilterPreviewRequest" - description: The metric name filters to preview. - required: true - responses: - "200": - content: - application/json: - examples: - default: - value: - data: - attributes: - namespaces: - - filters: - - match_count: 1 - pattern: "aws.ec2.network_in" - metrics: - - cw_name: "NetworkIn" - dd_names: - - filtered: true - name: "aws.ec2.network_in" - namespace: "AWS/EC2" - id: "00000000-0000-0000-0000-000000000001" - type: metric_name_filter_preview - schema: - $ref: "#/components/schemas/AWSMetricNameFilterPreviewResponse" - description: AWS metric name filter preview result - "400": - content: - application/json: - schema: - $ref: "#/components/schemas/JSONAPIErrorResponse" - description: Bad Request - "403": - $ref: "#/components/responses/ForbiddenResponse" - "404": - $ref: "#/components/responses/NotFoundResponse" - "429": - $ref: "#/components/responses/TooManyRequestsResponse" - summary: Preview AWS metric name filter - tags: - - AWS Integration - x-codegen-request-body-name: body - x-menu-order: 20 - "x-permission": - operator: OR - permissions: - - aws_configuration_read - x-unstable: |- - **Note**: This endpoint is in preview and is subject to change. - If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). /api/v2/integration/aws/available_namespaces: get: description: Get a list of available AWS CloudWatch namespaces that can send metrics to Datadog. diff --git a/data/api/v2/translate_actions.json b/data/api/v2/translate_actions.json index d2aad45f2dc..03164905664 100644 --- a/data/api/v2/translate_actions.json +++ b/data/api/v2/translate_actions.json @@ -2328,16 +2328,6 @@ "request_description": "Create a Cloud Cost Management config for an AWS Account Integration Config.", "request_schema_description": "AWS CCM Config Create/Update Request body." }, - "GetAWSMetricNameFilterPreview": { - "description": "Preview which collected CloudWatch metrics would be filtered by the account's saved metric name filters.", - "summary": "Get AWS metric name filter preview" - }, - "PreviewAWSMetricNameFilter": { - "description": "Preview which collected CloudWatch metrics would be filtered by the supplied metric name filters.\nThe filters are not persisted.", - "summary": "Preview AWS metric name filter", - "request_description": "The metric name filters to preview.", - "request_schema_description": "AWS metric name filter preview request body." - }, "ListAWSNamespaces": { "description": "Get a list of available AWS CloudWatch namespaces that can send metrics to Datadog.", "summary": "List available namespaces"