diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index 7c9668ae4282..d526b0a4ebb6 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -23536,6 +23536,13 @@ components: product for this service account. Note: This requires resource_collection_enabled to be set to true.' type: boolean + is_global_location_enabled: + default: true + description: When enabled, Datadog collects metrics where location is explicitly + stated as "global" or where location information cannot be deduced from + GCP labels. + example: true + type: boolean is_per_project_quota_enabled: default: false description: When enabled, Datadog applies the `X-Goog-User-Project` header, @@ -23577,6 +23584,18 @@ components: items: $ref: '#/components/schemas/GCPMonitoredResourceConfig' type: array + region_filter_configs: + description: Configurations for GCP location filtering, such as region, + multi-region, or zone. Only monitored resources that match the specified + regions are imported into Datadog. By default, Datadog collects from all + locations. + example: + - nam4 + - europe-north1 + items: + description: Region Filter Configs + type: string + type: array resource_collection_enabled: description: When enabled, Datadog scans for all resources in your GCP environment. type: boolean diff --git a/features/v2/gcp_integration.feature b/features/v2/gcp_integration.feature index 6d47a1508eb6..6dcb271ec177 100644 --- a/features/v2/gcp_integration.feature +++ b/features/v2/gcp_integration.feature @@ -34,14 +34,14 @@ Feature: GCP Integration @generated @skip @team:DataDog/gcp-integrations Scenario: Create a new entry for your service account returns "Bad Request" response Given new "CreateGCPSTSAccount" request - And body with value {"data": {"attributes": {"account_tags": [], "client_email": "datadog-service-account@test-project.iam.gserviceaccount.com", "cloud_run_revision_filters": ["$KEY:$VALUE"], "host_filters": ["$KEY:$VALUE"], "is_per_project_quota_enabled": true, "is_resource_change_collection_enabled": true, "is_security_command_center_enabled": true, "metric_namespace_configs": [{"disabled": true, "id": "aiplatform"}, {"filters": ["snapshot.*", "!*_by_region"], "id": "pubsub"}], "monitored_resource_configs": [{"filters": ["$KEY:$VALUE"], "type": "gce_instance"}]}, "type": "gcp_service_account"}} + And body with value {"data": {"attributes": {"account_tags": [], "client_email": "datadog-service-account@test-project.iam.gserviceaccount.com", "cloud_run_revision_filters": ["$KEY:$VALUE"], "host_filters": ["$KEY:$VALUE"], "is_global_location_enabled": true, "is_per_project_quota_enabled": true, "is_resource_change_collection_enabled": true, "is_security_command_center_enabled": true, "metric_namespace_configs": [{"disabled": true, "id": "aiplatform"}, {"filters": ["snapshot.*", "!*_by_region"], "id": "pubsub"}], "monitored_resource_configs": [{"filters": ["$KEY:$VALUE"], "type": "gce_instance"}], "region_filter_configs": ["nam4", "europe-north1"]}, "type": "gcp_service_account"}} When the request is sent Then the response status is 400 Bad Request @generated @skip @team:DataDog/gcp-integrations Scenario: Create a new entry for your service account returns "Conflict" response Given new "CreateGCPSTSAccount" request - And body with value {"data": {"attributes": {"account_tags": [], "client_email": "datadog-service-account@test-project.iam.gserviceaccount.com", "cloud_run_revision_filters": ["$KEY:$VALUE"], "host_filters": ["$KEY:$VALUE"], "is_per_project_quota_enabled": true, "is_resource_change_collection_enabled": true, "is_security_command_center_enabled": true, "metric_namespace_configs": [{"disabled": true, "id": "aiplatform"}, {"filters": ["snapshot.*", "!*_by_region"], "id": "pubsub"}], "monitored_resource_configs": [{"filters": ["$KEY:$VALUE"], "type": "gce_instance"}]}, "type": "gcp_service_account"}} + And body with value {"data": {"attributes": {"account_tags": [], "client_email": "datadog-service-account@test-project.iam.gserviceaccount.com", "cloud_run_revision_filters": ["$KEY:$VALUE"], "host_filters": ["$KEY:$VALUE"], "is_global_location_enabled": true, "is_per_project_quota_enabled": true, "is_resource_change_collection_enabled": true, "is_security_command_center_enabled": true, "metric_namespace_configs": [{"disabled": true, "id": "aiplatform"}, {"filters": ["snapshot.*", "!*_by_region"], "id": "pubsub"}], "monitored_resource_configs": [{"filters": ["$KEY:$VALUE"], "type": "gce_instance"}], "region_filter_configs": ["nam4", "europe-north1"]}, "type": "gcp_service_account"}} When the request is sent Then the response status is 409 Conflict @@ -151,7 +151,7 @@ Feature: GCP Integration Scenario: Update STS Service Account returns "Bad Request" response Given new "UpdateGCPSTSAccount" request And request contains "account_id" parameter from "REPLACE.ME" - And body with value {"data": {"attributes": {"account_tags": [], "client_email": "datadog-service-account@test-project.iam.gserviceaccount.com", "cloud_run_revision_filters": ["$KEY:$VALUE"], "host_filters": ["$KEY:$VALUE"], "is_per_project_quota_enabled": true, "is_resource_change_collection_enabled": true, "is_security_command_center_enabled": true, "metric_namespace_configs": [{"disabled": true, "id": "aiplatform"}, {"filters": ["snapshot.*", "!*_by_region"], "id": "pubsub"}], "monitored_resource_configs": [{"filters": ["$KEY:$VALUE"], "type": "gce_instance"}]}, "id": "d291291f-12c2-22g4-j290-123456678897", "type": "gcp_service_account"}} + And body with value {"data": {"attributes": {"account_tags": [], "client_email": "datadog-service-account@test-project.iam.gserviceaccount.com", "cloud_run_revision_filters": ["$KEY:$VALUE"], "host_filters": ["$KEY:$VALUE"], "is_global_location_enabled": true, "is_per_project_quota_enabled": true, "is_resource_change_collection_enabled": true, "is_security_command_center_enabled": true, "metric_namespace_configs": [{"disabled": true, "id": "aiplatform"}, {"filters": ["snapshot.*", "!*_by_region"], "id": "pubsub"}], "monitored_resource_configs": [{"filters": ["$KEY:$VALUE"], "type": "gce_instance"}], "region_filter_configs": ["nam4", "europe-north1"]}, "id": "d291291f-12c2-22g4-j290-123456678897", "type": "gcp_service_account"}} When the request is sent Then the response status is 400 Bad Request @@ -159,7 +159,7 @@ Feature: GCP Integration Scenario: Update STS Service Account returns "Not Found" response Given new "UpdateGCPSTSAccount" request And request contains "account_id" parameter from "REPLACE.ME" - And body with value {"data": {"attributes": {"account_tags": [], "client_email": "datadog-service-account@test-project.iam.gserviceaccount.com", "cloud_run_revision_filters": ["$KEY:$VALUE"], "host_filters": ["$KEY:$VALUE"], "is_per_project_quota_enabled": true, "is_resource_change_collection_enabled": true, "is_security_command_center_enabled": true, "metric_namespace_configs": [{"disabled": true, "id": "aiplatform"}, {"filters": ["snapshot.*", "!*_by_region"], "id": "pubsub"}], "monitored_resource_configs": [{"filters": ["$KEY:$VALUE"], "type": "gce_instance"}]}, "id": "d291291f-12c2-22g4-j290-123456678897", "type": "gcp_service_account"}} + And body with value {"data": {"attributes": {"account_tags": [], "client_email": "datadog-service-account@test-project.iam.gserviceaccount.com", "cloud_run_revision_filters": ["$KEY:$VALUE"], "host_filters": ["$KEY:$VALUE"], "is_global_location_enabled": true, "is_per_project_quota_enabled": true, "is_resource_change_collection_enabled": true, "is_security_command_center_enabled": true, "metric_namespace_configs": [{"disabled": true, "id": "aiplatform"}, {"filters": ["snapshot.*", "!*_by_region"], "id": "pubsub"}], "monitored_resource_configs": [{"filters": ["$KEY:$VALUE"], "type": "gce_instance"}], "region_filter_configs": ["nam4", "europe-north1"]}, "id": "d291291f-12c2-22g4-j290-123456678897", "type": "gcp_service_account"}} When the request is sent Then the response status is 404 Not Found diff --git a/services/gcp_integration/src/v2/models/GCPSTSServiceAccountAttributes.ts b/services/gcp_integration/src/v2/models/GCPSTSServiceAccountAttributes.ts index 818610c1e767..718ff8b8d99e 100644 --- a/services/gcp_integration/src/v2/models/GCPSTSServiceAccountAttributes.ts +++ b/services/gcp_integration/src/v2/models/GCPSTSServiceAccountAttributes.ts @@ -35,6 +35,10 @@ export class GCPSTSServiceAccountAttributes { * When enabled, Datadog will activate the Cloud Security Monitoring product for this service account. Note: This requires resource_collection_enabled to be set to true. */ "isCspmEnabled"?: boolean; + /** + * When enabled, Datadog collects metrics where location is explicitly stated as "global" or where location information cannot be deduced from GCP labels. + */ + "isGlobalLocationEnabled"?: boolean; /** * When enabled, Datadog applies the `X-Goog-User-Project` header, attributing Google Cloud billing and quota usage to the project being monitored rather than the default service account project. */ @@ -55,6 +59,10 @@ export class GCPSTSServiceAccountAttributes { * Configurations for GCP monitored resources. */ "monitoredResourceConfigs"?: Array; + /** + * Configurations for GCP location filtering, such as region, multi-region, or zone. Only monitored resources that match the specified regions are imported into Datadog. By default, Datadog collects from all locations. + */ + "regionFilterConfigs"?: Array; /** * When enabled, Datadog scans for all resources in your GCP environment. */ @@ -98,6 +106,10 @@ export class GCPSTSServiceAccountAttributes { baseName: "is_cspm_enabled", type: "boolean", }, + isGlobalLocationEnabled: { + baseName: "is_global_location_enabled", + type: "boolean", + }, isPerProjectQuotaEnabled: { baseName: "is_per_project_quota_enabled", type: "boolean", @@ -118,6 +130,10 @@ export class GCPSTSServiceAccountAttributes { baseName: "monitored_resource_configs", type: "Array", }, + regionFilterConfigs: { + baseName: "region_filter_configs", + type: "Array", + }, resourceCollectionEnabled: { baseName: "resource_collection_enabled", type: "boolean",