Document bulk delete security monitoring rules endpoint (DataDog#3260)

Co-authored-by: ci.datadog-api-spec <packages@datadoghq.com>

Author: api-clients-generation-pipeline[bot]

.generator/schemas/v2/openapi.yaml

@@ -64151,6 +64151,63 @@ components:
         - TWO_DAYS
         - ONE_WEEK
         - TWO_WEEKS
+    SecurityMonitoringRuleBulkDeleteAttributes:
+      description: Attributes for bulk deleting security monitoring rules.
+      properties:
+        ruleIds:
+          description: List of rule IDs to delete.
+          example:
+            - abc-000-u7q
+            - abc-000-7dd
+          items:
+            description: A rule ID to delete.
+            type: string
+          minItems: 1
+          type: array
+      required:
+        - ruleIds
+      type: object
+    SecurityMonitoringRuleBulkDeleteData:
+      description: Data for bulk deleting security monitoring rules.
+      properties:
+        attributes:
+          $ref: "#/components/schemas/SecurityMonitoringRuleBulkDeleteAttributes"
+        type:
+          $ref: "#/components/schemas/SecurityMonitoringRuleBulkDeleteRequestDataType"
+      required:
+        - attributes
+        - type
+      type: object
+    SecurityMonitoringRuleBulkDeletePayload:
+      description: Payload for bulk deleting security monitoring rules.
+      properties:
+        data:
+          $ref: "#/components/schemas/SecurityMonitoringRuleBulkDeleteData"
+      required:
+        - data
+      type: object
+    SecurityMonitoringRuleBulkDeleteRequestDataType:
+      description: The resource type for a bulk delete request.
+      enum:
+        - bulk_delete_rules
+      example: bulk_delete_rules
+      type: string
+      x-enum-varnames:
+        - BULK_DELETE_RULES
+    SecurityMonitoringRuleBulkDeleteResponse:
+      description: Response for bulk deleting security monitoring rules.
+      properties:
+        deletedRules:
+          description: List of successfully deleted rule IDs.
+          items:
+            type: string
+          type: array
+        failedRules:
+          description: List of rule IDs that could not be deleted.
+          items:
+            type: string
+          type: array
+      type: object
     SecurityMonitoringRuleBulkExportAttributes:
       description: Attributes for bulk exporting security monitoring rules.
       properties:
@@ -123130,6 +123187,53 @@ paths:
         operator: OR
         permissions:
           - security_monitoring_rules_write
+  /api/v2/security_monitoring/rules/bulk_delete:
+    delete:
+      description: |-
+        Delete multiple security monitoring rules in a single request. Default rules cannot be deleted.
+      operationId: BulkDeleteSecurityMonitoringRules
+      requestBody:
+        content:
+          application/json:
+            examples:
+              default:
+                value:
+                  data:
+                    attributes:
+                      ruleIds:
+                        - abc-000-u7q
+                        - abc-000-7dd
+                    type: bulk_delete_rules
+            schema:
+              $ref: "#/components/schemas/SecurityMonitoringRuleBulkDeletePayload"
+        required: true
+      responses:
+        "200":
+          content:
+            "application/json":
+              schema:
+                $ref: "#/components/schemas/SecurityMonitoringRuleBulkDeleteResponse"
+          description: OK
+        "400":
+          $ref: "#/components/responses/BadRequestResponse"
+        "403":
+          $ref: "#/components/responses/NotAuthorizedResponse"
+        "404":
+          $ref: "#/components/responses/NotFoundResponse"
+        "429":
+          $ref: "#/components/responses/TooManyRequestsResponse"
+      security:
+        - apiKeyAuth: []
+          appKeyAuth: []
+        - AuthZ:
+            - security_monitoring_rules_write
+      summary: Bulk delete security monitoring rules
+      tags: ["Security Monitoring"]
+      x-codegen-request-body-name: body
+      "x-permission":
+        operator: OR
+        permissions:
+          - security_monitoring_rules_write
   /api/v2/security_monitoring/rules/bulk_export:
     post:
       description: |-

examples/v2/security-monitoring/BulkDeleteSecurityMonitoringRules.rb

@@ -0,0 +1,17 @@
+# Bulk delete security monitoring rules returns "OK" response
+
+require "datadog_api_client"
+api_instance = DatadogAPIClient::V2::SecurityMonitoringAPI.new
+
+body = DatadogAPIClient::V2::SecurityMonitoringRuleBulkDeletePayload.new({
+  data: DatadogAPIClient::V2::SecurityMonitoringRuleBulkDeleteData.new({
+    attributes: DatadogAPIClient::V2::SecurityMonitoringRuleBulkDeleteAttributes.new({
+      rule_ids: [
+        "abc-000-u7q",
+        "abc-000-7dd",
+      ],
+    }),
+    type: DatadogAPIClient::V2::SecurityMonitoringRuleBulkDeleteRequestDataType::BULK_DELETE_RULES,
+  }),
+})
+p api_instance.bulk_delete_security_monitoring_rules(body)

features/scenarios_model_mapping.rb

@@ -1934,6 +1934,9 @@
     "v2.CreateSecurityMonitoringRule" => {
             "body" => "SecurityMonitoringRuleCreatePayload",
     },
+    "v2.BulkDeleteSecurityMonitoringRules" => {
+            "body" => "SecurityMonitoringRuleBulkDeletePayload",
+    },
     "v2.BulkExportSecurityMonitoringRules" => {
             "body" => "SecurityMonitoringRuleBulkExportPayload",
     },

features/v2/security_monitoring.feature

@@ -99,6 +99,27 @@ Feature: Security Monitoring
     And the response "data.attributes.insights" has item with field "resource_id" with value "ZGZhMDI3ZjdjMDM3YjJmNzcxNTlhZGMwMjdmZWNiNTZ-MTVlYTNmYWU3NjNlOTNlYTE2YjM4N2JmZmI4Yjk5N2Y="
     And the response "data.attributes.insights" has item with field "resource_id" with value "MmUzMzZkODQ2YTI3NDU0OTk4NDk3NzhkOTY5YjU2Zjh-YWJjZGI1ODI4OTYzNWM3ZmUwZTBlOWRkYTRiMGUyOGQ="
 
+  @generated @skip @team:DataDog/k9-cloud-siem
+  Scenario: Bulk delete security monitoring rules returns "Bad Request" response
+    Given new "BulkDeleteSecurityMonitoringRules" request
+    And body with value {"data": {"attributes": {"ruleIds": ["abc-000-u7q", "abc-000-7dd"]}, "type": "bulk_delete_rules"}}
+    When the request is sent
+    Then the response status is 400 Bad Request
+
+  @generated @skip @team:DataDog/k9-cloud-siem
+  Scenario: Bulk delete security monitoring rules returns "Not Found" response
+    Given new "BulkDeleteSecurityMonitoringRules" request
+    And body with value {"data": {"attributes": {"ruleIds": ["abc-000-u7q", "abc-000-7dd"]}, "type": "bulk_delete_rules"}}
+    When the request is sent
+    Then the response status is 404 Not Found
+
+  @generated @skip @team:DataDog/k9-cloud-siem
+  Scenario: Bulk delete security monitoring rules returns "OK" response
+    Given new "BulkDeleteSecurityMonitoringRules" request
+    And body with value {"data": {"attributes": {"ruleIds": ["abc-000-u7q", "abc-000-7dd"]}, "type": "bulk_delete_rules"}}
+    When the request is sent
+    Then the response status is 200 OK
+
   @skip @team:DataDog/k9-cloud-siem
   Scenario: Bulk export security monitoring rules returns "Bad Request" response
     Given new "BulkExportSecurityMonitoringRules" request

features/v2/undo.json

@@ -5675,6 +5675,12 @@
       "type": "unsafe"
     }
   },
+  "BulkDeleteSecurityMonitoringRules": {
+    "tag": "Security Monitoring",
+    "undo": {
+      "type": "idempotent"
+    }
+  },
   "BulkExportSecurityMonitoringRules": {
     "tag": "Security Monitoring",
     "undo": {

lib/datadog_api_client/inflector.rb

@@ -5149,6 +5149,11 @@ def overrides
           "v2.security_monitoring_rule_anomaly_detection_options_bucket_duration" => "SecurityMonitoringRuleAnomalyDetectionOptionsBucketDuration",
           "v2.security_monitoring_rule_anomaly_detection_options_detection_tolerance" => "SecurityMonitoringRuleAnomalyDetectionOptionsDetectionTolerance",
           "v2.security_monitoring_rule_anomaly_detection_options_learning_duration" => "SecurityMonitoringRuleAnomalyDetectionOptionsLearningDuration",
+          "v2.security_monitoring_rule_bulk_delete_attributes" => "SecurityMonitoringRuleBulkDeleteAttributes",
+          "v2.security_monitoring_rule_bulk_delete_data" => "SecurityMonitoringRuleBulkDeleteData",
+          "v2.security_monitoring_rule_bulk_delete_payload" => "SecurityMonitoringRuleBulkDeletePayload",
+          "v2.security_monitoring_rule_bulk_delete_request_data_type" => "SecurityMonitoringRuleBulkDeleteRequestDataType",
+          "v2.security_monitoring_rule_bulk_delete_response" => "SecurityMonitoringRuleBulkDeleteResponse",
           "v2.security_monitoring_rule_bulk_export_attributes" => "SecurityMonitoringRuleBulkExportAttributes",
           "v2.security_monitoring_rule_bulk_export_data" => "SecurityMonitoringRuleBulkExportData",
           "v2.security_monitoring_rule_bulk_export_data_type" => "SecurityMonitoringRuleBulkExportDataType",

lib/datadog_api_client/v2/api/security_monitoring_api.rb

@@ -237,6 +237,73 @@ def attach_jira_issue_with_http_info(body, opts = {})
       return data, status_code, headers
     end
 
+    # Bulk delete security monitoring rules.
+    #
+    # @see #bulk_delete_security_monitoring_rules_with_http_info
+    def bulk_delete_security_monitoring_rules(body, opts = {})
+      data, _status_code, _headers = bulk_delete_security_monitoring_rules_with_http_info(body, opts)
+      data
+    end
+
+    # Bulk delete security monitoring rules.
+    #
+    # Delete multiple security monitoring rules in a single request. Default rules cannot be deleted.
+    #
+    # @param body [SecurityMonitoringRuleBulkDeletePayload] 
+    # @param opts [Hash] the optional parameters
+    # @return [Array<(SecurityMonitoringRuleBulkDeleteResponse, Integer, Hash)>] SecurityMonitoringRuleBulkDeleteResponse data, response status code and response headers
+    def bulk_delete_security_monitoring_rules_with_http_info(body, opts = {})
+
+      if @api_client.config.debugging
+        @api_client.config.logger.debug 'Calling API: SecurityMonitoringAPI.bulk_delete_security_monitoring_rules ...'
+      end
+      # verify the required parameter 'body' is set
+      if @api_client.config.client_side_validation && body.nil?
+        fail ArgumentError, "Missing the required parameter 'body' when calling SecurityMonitoringAPI.bulk_delete_security_monitoring_rules"
+      end
+      # resource path
+      local_var_path = '/api/v2/security_monitoring/rules/bulk_delete'
+
+      # query parameters
+      query_params = opts[:query_params] || {}
+
+      # header parameters
+      header_params = opts[:header_params] || {}
+      # HTTP header 'Accept' (if needed)
+      header_params['Accept'] = @api_client.select_header_accept(['application/json'])
+      # HTTP header 'Content-Type'
+      header_params['Content-Type'] = @api_client.select_header_content_type(['application/json'])
+
+      # form parameters
+      form_params = opts[:form_params] || {}
+
+      # http body (model)
+      post_body = opts[:debug_body] || @api_client.object_to_http_body(body)
+
+      # return_type
+      return_type = opts[:debug_return_type] || 'SecurityMonitoringRuleBulkDeleteResponse'
+
+      # auth_names
+      auth_names = opts[:debug_auth_names] || [:apiKeyAuth, :appKeyAuth, :AuthZ]
+
+      new_options = opts.merge(
+        :operation => :bulk_delete_security_monitoring_rules,
+        :header_params => header_params,
+        :query_params => query_params,
+        :form_params => form_params,
+        :body => post_body,
+        :auth_names => auth_names,
+        :return_type => return_type,
+        :api_version => "V2"
+      )
+
+      data, status_code, headers = @api_client.call_api(Net::HTTP::Delete, local_var_path, new_options)
+      if @api_client.config.debugging
+        @api_client.config.logger.debug "API called: SecurityMonitoringAPI#bulk_delete_security_monitoring_rules\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+      end
+      return data, status_code, headers
+    end
+
     # Bulk update security signals.
     #
     # @see #bulk_edit_security_monitoring_signals_with_http_info