Add OpenAPI documentation for cloud-auth-config service (#3115)

Co-authored-by: ci.datadog-api-spec <packages@datadoghq.com>

Author: api-clients-generation-pipeline[bot]

.generator/schemas/v2/openapi.yaml

@@ -1834,6 +1834,65 @@ components:
       required:
       - role_name
       type: object
+    AWSCloudAuthPersonaMappingAttributesResponse:
+      description: Attributes for AWS cloud authentication persona mapping response
+      properties:
+        account_identifier:
+          description: Datadog account identifier (email or handle) mapped to the
+            AWS principal
+          example: test@test.com
+          type: string
+        account_uuid:
+          description: Datadog account UUID
+          example: 12bbdc5c-5966-47e0-8733-285f9e44bcf4
+          type: string
+        arn_pattern:
+          description: AWS IAM ARN pattern to match for authentication
+          example: arn:aws:iam::123456789012:user/testuser
+          type: string
+      required:
+      - arn_pattern
+      - account_identifier
+      - account_uuid
+      type: object
+    AWSCloudAuthPersonaMappingDataResponse:
+      description: Data for AWS cloud authentication persona mapping response
+      properties:
+        attributes:
+          $ref: '#/components/schemas/AWSCloudAuthPersonaMappingAttributesResponse'
+        id:
+          description: Unique identifier for the persona mapping
+          example: c5c758c6-18c2-4484-ae3f-46b84128404a
+          type: string
+        type:
+          $ref: '#/components/schemas/AWSCloudAuthPersonaMappingType'
+      required:
+      - id
+      - type
+      - attributes
+      type: object
+    AWSCloudAuthPersonaMappingType:
+      description: Type identifier for AWS cloud authentication persona mapping
+      enum:
+      - aws_cloud_auth_config
+      example: aws_cloud_auth_config
+      type: string
+      x-enum-varnames:
+      - AWS_CLOUD_AUTH_CONFIG
+    AWSCloudAuthPersonaMappingsData:
+      description: List of AWS cloud authentication persona mappings
+      items:
+        $ref: '#/components/schemas/AWSCloudAuthPersonaMappingDataResponse'
+      type: array
+    AWSCloudAuthPersonaMappingsResponse:
+      description: Response containing a list of AWS cloud authentication persona
+        mappings
+      properties:
+        data:
+          $ref: '#/components/schemas/AWSCloudAuthPersonaMappingsData'
+      required:
+      - data
+      type: object
     AWSCredentials:
       description: The definition of `AWSCredentials` object.
       oneOf:
@@ -74551,6 +74610,39 @@ paths:
         permissions:
         - ci_visibility_read
         - test_optimization_read
+  /api/v2/cloud_auth/aws/persona_mapping:
+    get:
+      description: List all AWS cloud authentication persona mappings. This endpoint
+        retrieves all configured persona mappings that associate AWS IAM principals
+        with Datadog users.
+      operationId: ListAWSCloudAuthPersonaMappings
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/AWSCloudAuthPersonaMappingsResponse'
+          description: OK
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/JSONAPIErrorResponse'
+          description: Bad Request
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/JSONAPIErrorResponse'
+          description: Forbidden
+        '429':
+          $ref: '#/components/responses/TooManyRequestsResponse'
+      summary: List AWS cloud authentication persona mappings
+      tags:
+      - Cloud Authentication
+      x-unstable: '**Note**: This endpoint is in public beta and is subject to change.
+
+        If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).'
   /api/v2/cloud_security_management/custom_frameworks:
     post:
       description: Create a custom framework.
@@ -104331,6 +104423,9 @@ tags:
     Management page](https://docs.datadoghq.com/service_management/case_management/)
     for more information.
   name: Case Management Type
+- description: Configure AWS cloud authentication mappings for persona and intake
+    authentication through the Datadog API.
+  name: Cloud Authentication
 - description: The Cloud Cost Management API allows you to set up, edit, and delete
     Cloud Cost Management accounts for AWS, Azure, and Google Cloud. You can query
     your cost data by using the [Metrics endpoint](https://docs.datadoghq.com/api/latest/metrics/#query-timeseries-data-across-multiple-products)

docs/datadog_api_client.v2.api.rst

@@ -123,6 +123,13 @@ datadog\_api\_client.v2.api.ci\_visibility\_tests\_api module
    :members:
    :show-inheritance:
 
+datadog\_api\_client.v2.api.cloud\_authentication\_api module
+-------------------------------------------------------------
+
+.. automodule:: datadog_api_client.v2.api.cloud_authentication_api
+   :members:
+   :show-inheritance:
+
 datadog\_api\_client.v2.api.cloud\_cost\_management\_api module
 ---------------------------------------------------------------
 

docs/datadog_api_client.v2.model.rst

@@ -1782,6 +1782,34 @@ datadog\_api\_client.v2.model.aws\_auth\_config\_role module
    :members:
    :show-inheritance:
 
+datadog\_api\_client.v2.model.aws\_cloud\_auth\_persona\_mapping\_attributes\_response module
+---------------------------------------------------------------------------------------------
+
+.. automodule:: datadog_api_client.v2.model.aws_cloud_auth_persona_mapping_attributes_response
+   :members:
+   :show-inheritance:
+
+datadog\_api\_client.v2.model.aws\_cloud\_auth\_persona\_mapping\_data\_response module
+---------------------------------------------------------------------------------------
+
+.. automodule:: datadog_api_client.v2.model.aws_cloud_auth_persona_mapping_data_response
+   :members:
+   :show-inheritance:
+
+datadog\_api\_client.v2.model.aws\_cloud\_auth\_persona\_mapping\_type module
+-----------------------------------------------------------------------------
+
+.. automodule:: datadog_api_client.v2.model.aws_cloud_auth_persona_mapping_type
+   :members:
+   :show-inheritance:
+
+datadog\_api\_client.v2.model.aws\_cloud\_auth\_persona\_mappings\_response module
+----------------------------------------------------------------------------------
+
+.. automodule:: datadog_api_client.v2.model.aws_cloud_auth_persona_mappings_response
+   :members:
+   :show-inheritance:
+
 datadog\_api\_client.v2.model.aws\_credentials module
 -----------------------------------------------------
 

examples/v2/cloud-authentication/ListAWSCloudAuthPersonaMappings.py

@@ -0,0 +1,14 @@
+"""
+List AWS cloud authentication persona mappings returns "OK" response
+"""
+
+from datadog_api_client import ApiClient, Configuration
+from datadog_api_client.v2.api.cloud_authentication_api import CloudAuthenticationApi
+
+configuration = Configuration()
+configuration.unstable_operations["list_aws_cloud_auth_persona_mappings"] = True
+with ApiClient(configuration) as api_client:
+    api_instance = CloudAuthenticationApi(api_client)
+    response = api_instance.list_aws_cloud_auth_persona_mappings()
+
+    print(response)

src/datadog_api_client/configuration.py

@@ -273,6 +273,7 @@ def __init__(
                 "v2.link_jira_issue_to_case": False,
                 "v2.move_case_to_project": False,
                 "v2.unlink_jira_issue": False,
+                "v2.list_aws_cloud_auth_persona_mappings": False,
                 "v2.activate_content_pack": False,
                 "v2.cancel_threat_hunting_job": False,
                 "v2.convert_job_result_to_signal": False,

src/datadog_api_client/v2/api/cloud_authentication_api.py

@@ -0,0 +1,49 @@
+# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License.
+# This product includes software developed at Datadog (https://www.datadoghq.com/).
+# Copyright 2019-Present Datadog, Inc.
+from __future__ import annotations
+
+from typing import Any, Dict
+
+from datadog_api_client.api_client import ApiClient, Endpoint as _Endpoint
+from datadog_api_client.configuration import Configuration
+from datadog_api_client.v2.model.aws_cloud_auth_persona_mappings_response import AWSCloudAuthPersonaMappingsResponse
+
+
+class CloudAuthenticationApi:
+    """
+    Configure AWS cloud authentication mappings for persona and intake authentication through the Datadog API.
+    """
+
+    def __init__(self, api_client=None):
+        if api_client is None:
+            api_client = ApiClient(Configuration())
+        self.api_client = api_client
+
+        self._list_aws_cloud_auth_persona_mappings_endpoint = _Endpoint(
+            settings={
+                "response_type": (AWSCloudAuthPersonaMappingsResponse,),
+                "auth": ["apiKeyAuth", "appKeyAuth"],
+                "endpoint_path": "/api/v2/cloud_auth/aws/persona_mapping",
+                "operation_id": "list_aws_cloud_auth_persona_mappings",
+                "http_method": "GET",
+                "version": "v2",
+            },
+            params_map={},
+            headers_map={
+                "accept": ["application/json"],
+            },
+            api_client=api_client,
+        )
+
+    def list_aws_cloud_auth_persona_mappings(
+        self,
+    ) -> AWSCloudAuthPersonaMappingsResponse:
+        """List AWS cloud authentication persona mappings.
+
+        List all AWS cloud authentication persona mappings. This endpoint retrieves all configured persona mappings that associate AWS IAM principals with Datadog users.
+
+        :rtype: AWSCloudAuthPersonaMappingsResponse
+        """
+        kwargs: Dict[str, Any] = {}
+        return self._list_aws_cloud_auth_persona_mappings_endpoint.call_with_http_info(**kwargs)

src/datadog_api_client/v2/apis/__init__.py

@@ -18,6 +18,7 @@
 from datadog_api_client.v2.api.case_management_api import CaseManagementApi
 from datadog_api_client.v2.api.case_management_attribute_api import CaseManagementAttributeApi
 from datadog_api_client.v2.api.case_management_type_api import CaseManagementTypeApi
+from datadog_api_client.v2.api.cloud_authentication_api import CloudAuthenticationApi
 from datadog_api_client.v2.api.cloud_cost_management_api import CloudCostManagementApi
 from datadog_api_client.v2.api.cloud_network_monitoring_api import CloudNetworkMonitoringApi
 from datadog_api_client.v2.api.cloudflare_integration_api import CloudflareIntegrationApi
@@ -119,6 +120,7 @@
     "CaseManagementApi",
     "CaseManagementAttributeApi",
     "CaseManagementTypeApi",
+    "CloudAuthenticationApi",
     "CloudCostManagementApi",
     "CloudNetworkMonitoringApi",
     "CloudflareIntegrationApi",

src/datadog_api_client/v2/model/aws_cloud_auth_persona_mapping_attributes_response.py

@@ -0,0 +1,45 @@
+# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License.
+# This product includes software developed at Datadog (https://www.datadoghq.com/).
+# Copyright 2019-Present Datadog, Inc.
+from __future__ import annotations
+
+
+from datadog_api_client.model_utils import (
+    ModelNormal,
+    cached_property,
+)
+
+
+class AWSCloudAuthPersonaMappingAttributesResponse(ModelNormal):
+    @cached_property
+    def openapi_types(_):
+        return {
+            "account_identifier": (str,),
+            "account_uuid": (str,),
+            "arn_pattern": (str,),
+        }
+
+    attribute_map = {
+        "account_identifier": "account_identifier",
+        "account_uuid": "account_uuid",
+        "arn_pattern": "arn_pattern",
+    }
+
+    def __init__(self_, account_identifier: str, account_uuid: str, arn_pattern: str, **kwargs):
+        """
+        Attributes for AWS cloud authentication persona mapping response
+
+        :param account_identifier: Datadog account identifier (email or handle) mapped to the AWS principal
+        :type account_identifier: str
+
+        :param account_uuid: Datadog account UUID
+        :type account_uuid: str
+
+        :param arn_pattern: AWS IAM ARN pattern to match for authentication
+        :type arn_pattern: str
+        """
+        super().__init__(kwargs)
+
+        self_.account_identifier = account_identifier
+        self_.account_uuid = account_uuid
+        self_.arn_pattern = arn_pattern

src/datadog_api_client/v2/model/aws_cloud_auth_persona_mapping_data_response.py

@@ -0,0 +1,64 @@
+# Unless explicitly stated otherwise all files in this repository are licensed under the Apache-2.0 License.
+# This product includes software developed at Datadog (https://www.datadoghq.com/).
+# Copyright 2019-Present Datadog, Inc.
+from __future__ import annotations
+
+from typing import TYPE_CHECKING
+
+from datadog_api_client.model_utils import (
+    ModelNormal,
+    cached_property,
+)
+
+
+if TYPE_CHECKING:
+    from datadog_api_client.v2.model.aws_cloud_auth_persona_mapping_attributes_response import (
+        AWSCloudAuthPersonaMappingAttributesResponse,
+    )
+    from datadog_api_client.v2.model.aws_cloud_auth_persona_mapping_type import AWSCloudAuthPersonaMappingType
+
+
+class AWSCloudAuthPersonaMappingDataResponse(ModelNormal):
+    @cached_property
+    def openapi_types(_):
+        from datadog_api_client.v2.model.aws_cloud_auth_persona_mapping_attributes_response import (
+            AWSCloudAuthPersonaMappingAttributesResponse,
+        )
+        from datadog_api_client.v2.model.aws_cloud_auth_persona_mapping_type import AWSCloudAuthPersonaMappingType
+
+        return {
+            "attributes": (AWSCloudAuthPersonaMappingAttributesResponse,),
+            "id": (str,),
+            "type": (AWSCloudAuthPersonaMappingType,),
+        }
+
+    attribute_map = {
+        "attributes": "attributes",
+        "id": "id",
+        "type": "type",
+    }
+
+    def __init__(
+        self_,
+        attributes: AWSCloudAuthPersonaMappingAttributesResponse,
+        id: str,
+        type: AWSCloudAuthPersonaMappingType,
+        **kwargs,
+    ):
+        """
+        Data for AWS cloud authentication persona mapping response
+
+        :param attributes: Attributes for AWS cloud authentication persona mapping response
+        :type attributes: AWSCloudAuthPersonaMappingAttributesResponse
+
+        :param id: Unique identifier for the persona mapping
+        :type id: str
+
+        :param type: Type identifier for AWS cloud authentication persona mapping
+        :type type: AWSCloudAuthPersonaMappingType
+        """
+        super().__init__(kwargs)
+
+        self_.attributes = attributes
+        self_.id = id
+        self_.type = type