Document Agentless AWS on demand routes

.apigentools-info

@@ -4,13 +4,13 @@
     "spec_versions": {
         "v1": {
             "apigentools_version": "1.6.6",
-            "regenerated": "2025-03-05 14:38:20.340456",
-            "spec_repo_commit": "0c376cca"
+            "regenerated": "2025-03-05 15:55:05.520239",
+            "spec_repo_commit": "fe5af5dc"
         },
         "v2": {
             "apigentools_version": "1.6.6",
-            "regenerated": "2025-03-05 14:38:20.356470",
-            "spec_repo_commit": "0c376cca"
+            "regenerated": "2025-03-05 15:55:05.536111",
+            "spec_repo_commit": "fe5af5dc"
         }
     }
 }

.generator/schemas/v2/openapi.yaml

@@ -554,6 +554,14 @@ components:
       required: false
       schema:
         type: string
+    OnDemandTaskId:
+      description: The UUID of the task.
+      example: 6d09294c-9ad9-42fd-a759-a0c1599b4828
+      in: path
+      name: task_id
+      required: true
+      schema:
+        type: string
     OpsgenieServiceIDPathParameter:
       description: The UUID of the service.
       in: path
@@ -1750,10 +1758,6 @@ components:
             type: string
           type: array
       type: object
-    AccountId:
-      description: The ID of the AWS account.
-      example: '184366314700'
-      type: string
     ActionConnectionAttributes:
       description: The definition of `ActionConnectionAttributes` object.
       properties:
@@ -3093,7 +3097,7 @@ components:
       x-enum-varnames:
       - AUTHN_MAPPINGS
     AwsAccountId:
-      description: The ID of an AWS account.
+      description: The ID of the AWS account.
       example: '123456789012'
       type: string
     AwsCURConfig:
@@ -3300,6 +3304,100 @@ components:
             $ref: '#/components/schemas/AwsCURConfig'
           type: array
       type: object
+    AwsOnDemandAttributes:
+      description: Attributes for the AWS on demand task.
+      properties:
+        arn:
+          description: The arn of the resource to scan.
+          example: arn:aws:ec2:us-east-1:727000456123:instance/i-0eabb50529b67a1ba
+          type: string
+        assigned_at:
+          description: Specifies the assignment timestamp if the task has been already
+            assigned to a scanner.
+          example: '2025-02-11T18:25:04.550564Z'
+          type: string
+        created_at:
+          description: The task submission timestamp.
+          example: '2025-02-11T18:13:24.576915Z'
+          type: string
+        status:
+          description: 'Indicates the status of the task.
+
+            QUEUED: the task has been submitted successfully and the resource has
+            not been assigned to a scanner yet.
+
+            ASSIGNED: the task has been assigned.
+
+            ABORTED: the scan has been aborted after a period of time due to technical
+            reasons, such as resource not found, insufficient permissions, or the
+            absence of a configured scanner.'
+          example: QUEUED
+          type: string
+      type: object
+    AwsOnDemandCreateAttributes:
+      description: Attributes for the AWS on demand task.
+      properties:
+        arn:
+          description: The arn of the resource to scan. Agentless supports the scan
+            of EC2 instances, lambda functions, AMI, ECR, RDS and S3 buckets.
+          example: arn:aws:ec2:us-east-1:727000456123:instance/i-0eabb50529b67a1ba
+          type: string
+      type: object
+    AwsOnDemandCreateData:
+      description: Object for a single AWS on demand task.
+      properties:
+        attributes:
+          $ref: '#/components/schemas/AwsOnDemandCreateAttributes'
+        type:
+          $ref: '#/components/schemas/AwsOnDemandType'
+      required:
+      - type
+      - attributes
+      type: object
+    AwsOnDemandCreateRequest:
+      description: Request object that includes the on demand task to submit.
+      properties:
+        data:
+          $ref: '#/components/schemas/AwsOnDemandCreateData'
+      required:
+      - data
+      type: object
+    AwsOnDemandData:
+      description: Single AWS on demand task.
+      properties:
+        attributes:
+          $ref: '#/components/schemas/AwsOnDemandAttributes'
+        id:
+          description: The UUID of the task.
+          example: 6d09294c-9ad9-42fd-a759-a0c1599b4828
+          type: string
+        type:
+          $ref: '#/components/schemas/AwsOnDemandType'
+      type: object
+    AwsOnDemandListResponse:
+      description: Response object that includes a list of AWS on demand tasks.
+      properties:
+        data:
+          description: A list of on demand tasks.
+          items:
+            $ref: '#/components/schemas/AwsOnDemandData'
+          type: array
+      type: object
+    AwsOnDemandResponse:
+      description: Response object that includes an AWS on demand task.
+      properties:
+        data:
+          $ref: '#/components/schemas/AwsOnDemandData'
+      type: object
+    AwsOnDemandType:
+      default: aws_resource
+      description: The type of the on demand task. The value should always be `aws_resource`.
+      enum:
+      - aws_resource
+      example: aws_resource
+      type: string
+      x-enum-varnames:
+      - AWS_RESOURCE
     AwsScanOptionsAttributes:
       description: Attributes for the AWS scan options.
       properties:
@@ -3321,19 +3419,40 @@ components:
           example: true
           type: boolean
       type: object
+    AwsScanOptionsCreateAttributes:
+      description: Attributes for the AWS scan options to create.
+      properties:
+        lambda:
+          description: Indicates if scanning of Lambda functions is enabled.
+          example: true
+          type: boolean
+        sensitive_data:
+          description: Indicates if scanning for sensitive data is enabled.
+          example: false
+          type: boolean
+        vuln_containers_os:
+          description: Indicates if scanning for vulnerabilities in containers is
+            enabled.
+          example: true
+          type: boolean
+        vuln_host_os:
+          description: Indicates if scanning for vulnerabilities in hosts is enabled.
+          example: true
+          type: boolean
+      type: object
     AwsScanOptionsCreateData:
       description: Object for the scan options of a single AWS account.
       properties:
         attributes:
-          $ref: '#/components/schemas/AwsScanOptionsAttributes'
+          $ref: '#/components/schemas/AwsScanOptionsCreateAttributes'
         id:
           $ref: '#/components/schemas/AwsAccountId'
         type:
           $ref: '#/components/schemas/AwsScanOptionsType'
       required:
       - id
-      - attributes
       - type
+      - attributes
       type: object
     AwsScanOptionsCreateRequest:
       description: Request object that includes the scan options to create.
@@ -3406,12 +3525,13 @@ components:
         attributes:
           $ref: '#/components/schemas/AwsScanOptionsUpdateAttributes'
         id:
-          $ref: '#/components/schemas/AccountId'
+          $ref: '#/components/schemas/AwsAccountId'
         type:
           $ref: '#/components/schemas/AwsScanOptionsType'
       required:
-      - attributes
+      - id
       - type
+      - attributes
       type: object
     AwsScanOptionsUpdateRequest:
       description: Request object that includes the scan options to update.
@@ -33059,6 +33179,87 @@ paths:
       tags:
       - Agentless Scanning
       x-codegen-request-body-name: body
+  /api/v2/agentless_scanning/ondemand/aws:
+    get:
+      description: Fetches the most recent 1000 AWS on demand tasks.
+      operationId: ListAwsOnDemandTasks
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/AwsOnDemandListResponse'
+          description: OK
+        '403':
+          $ref: '#/components/responses/NotAuthorizedResponse'
+        '429':
+          $ref: '#/components/responses/TooManyRequestsResponse'
+      summary: Get AWS On Demand tasks
+      tags:
+      - Agentless Scanning
+      x-permission:
+        operator: OR
+        permissions:
+        - security_monitoring_findings_read
+    post:
+      description: Trigger the scan of an AWS resource with a high priority.
+      operationId: CreateAwsOnDemandTask
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/AwsOnDemandCreateRequest'
+        description: The definition of the on demand task.
+        required: true
+      responses:
+        '201':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/AwsOnDemandResponse'
+          description: AWS on demand task created successfully.
+        '400':
+          $ref: '#/components/responses/BadRequestResponse'
+        '403':
+          $ref: '#/components/responses/NotAuthorizedResponse'
+        '429':
+          $ref: '#/components/responses/TooManyRequestsResponse'
+      summary: Post an AWS on demand task
+      tags:
+      - Agentless Scanning
+      x-codegen-request-body-name: body
+      x-permission:
+        operator: OR
+        permissions:
+        - security_monitoring_findings_write
+  /api/v2/agentless_scanning/ondemand/aws/{task_id}:
+    get:
+      description: Fetch the data of a specific on demand task.
+      operationId: RetrieveAwsOnDemandTask
+      parameters:
+      - $ref: '#/components/parameters/OnDemandTaskId'
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/AwsOnDemandResponse'
+          description: OK.
+        '400':
+          $ref: '#/components/responses/BadRequestResponse'
+        '403':
+          $ref: '#/components/responses/NotAuthorizedResponse'
+        '404':
+          $ref: '#/components/responses/NotFoundResponse'
+        '429':
+          $ref: '#/components/responses/TooManyRequestsResponse'
+      summary: Get AWS On Demand task by id
+      tags:
+      - Agentless Scanning
+      x-permission:
+        operator: OR
+        permissions:
+        - security_monitoring_findings_read
   /api/v2/api_keys:
     get:
       description: List all API keys available for your account.

examples/v2_agentless-scanning_CreateAwsOnDemandTask.rs

@@ -0,0 +1,26 @@
+// Post an AWS on demand task returns "AWS on demand task created successfully."
+// response
+use datadog_api_client::datadog;
+use datadog_api_client::datadogV2::api_agentless_scanning::AgentlessScanningAPI;
+use datadog_api_client::datadogV2::model::AwsOnDemandCreateAttributes;
+use datadog_api_client::datadogV2::model::AwsOnDemandCreateData;
+use datadog_api_client::datadogV2::model::AwsOnDemandCreateRequest;
+use datadog_api_client::datadogV2::model::AwsOnDemandType;
+
+#[tokio::main]
+async fn main() {
+    let body = AwsOnDemandCreateRequest::new(AwsOnDemandCreateData::new(
+        AwsOnDemandCreateAttributes::new().arn(
+            "arn:aws:lambda:eu-west-3:376334461865:function:This-Is-An-Api-Spec-Test".to_string(),
+        ),
+        AwsOnDemandType::AWS_RESOURCE,
+    ));
+    let configuration = datadog::Configuration::new();
+    let api = AgentlessScanningAPI::with_config(configuration);
+    let resp = api.create_aws_on_demand_task(body).await;
+    if let Ok(value) = resp {
+        println!("{:#?}", value);
+    } else {
+        println!("{:#?}", resp.unwrap_err());
+    }
+}

examples/v2_agentless-scanning_CreateAwsScanOptions.rs

@@ -2,15 +2,15 @@
 // response
 use datadog_api_client::datadog;
 use datadog_api_client::datadogV2::api_agentless_scanning::AgentlessScanningAPI;
-use datadog_api_client::datadogV2::model::AwsScanOptionsAttributes;
+use datadog_api_client::datadogV2::model::AwsScanOptionsCreateAttributes;
 use datadog_api_client::datadogV2::model::AwsScanOptionsCreateData;
 use datadog_api_client::datadogV2::model::AwsScanOptionsCreateRequest;
 use datadog_api_client::datadogV2::model::AwsScanOptionsType;
 
 #[tokio::main]
 async fn main() {
     let body = AwsScanOptionsCreateRequest::new(AwsScanOptionsCreateData::new(
-        AwsScanOptionsAttributes::new()
+        AwsScanOptionsCreateAttributes::new()
             .lambda(true)
             .sensitive_data(false)
             .vuln_containers_os(true)

examples/v2_agentless-scanning_ListAwsOnDemandTasks.rs

@@ -0,0 +1,15 @@
+// Get AWS On Demand tasks returns "OK" response
+use datadog_api_client::datadog;
+use datadog_api_client::datadogV2::api_agentless_scanning::AgentlessScanningAPI;
+
+#[tokio::main]
+async fn main() {
+    let configuration = datadog::Configuration::new();
+    let api = AgentlessScanningAPI::with_config(configuration);
+    let resp = api.list_aws_on_demand_tasks().await;
+    if let Ok(value) = resp {
+        println!("{:#?}", value);
+    } else {
+        println!("{:#?}", resp.unwrap_err());
+    }
+}

examples/v2_agentless-scanning_RetrieveAwsOnDemandTask.rs

@@ -0,0 +1,17 @@
+// Get AWS On Demand task by id returns "OK." response
+use datadog_api_client::datadog;
+use datadog_api_client::datadogV2::api_agentless_scanning::AgentlessScanningAPI;
+
+#[tokio::main]
+async fn main() {
+    let configuration = datadog::Configuration::new();
+    let api = AgentlessScanningAPI::with_config(configuration);
+    let resp = api
+        .retrieve_aws_on_demand_task("63d6b4f5-e5d0-4d90-824a-9580f05f026a".to_string())
+        .await;
+    if let Ok(value) = resp {
+        println!("{:#?}", value);
+    } else {
+        println!("{:#?}", resp.unwrap_err());
+    }
+}