Exposing set action on Terraform V2

.apigentools-info

@@ -4,13 +4,13 @@
     "spec_versions": {
         "v1": {
             "apigentools_version": "1.6.6",
-            "regenerated": "2025-05-16 13:56:31.640964",
-            "spec_repo_commit": "dac51bc6"
+            "regenerated": "2025-05-16 19:11:25.377291",
+            "spec_repo_commit": "31b66a21"
         },
         "v2": {
             "apigentools_version": "1.6.6",
-            "regenerated": "2025-05-16 13:56:31.658086",
-            "spec_repo_commit": "dac51bc6"
+            "regenerated": "2025-05-16 19:11:25.393143",
+            "spec_repo_commit": "31b66a21"
         }
     }
 }

.generator/schemas/v2/openapi.yaml

@@ -7318,6 +7318,8 @@ components:
     CloudWorkloadSecurityAgentPolicyCreateAttributes:
       description: Create a new Cloud Workload Security Agent policy
       properties:
+        actions:
+          $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleActions'
         description:
           description: The description of the policy
           example: My agent policy
@@ -7399,6 +7401,8 @@ components:
     CloudWorkloadSecurityAgentPolicyUpdateAttributes:
       description: Update an existing Cloud Workload Security Agent policy
       properties:
+        actions:
+          $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleActions'
         description:
           description: The description of the policy
           example: My agent policy
@@ -7469,6 +7473,50 @@ components:
           type: string
         kill:
           $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleKill'
+        metadata:
+          $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleActionMetadata'
+        set:
+          $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleActionSet'
+      type: object
+    CloudWorkloadSecurityAgentRuleActionMetadata:
+      description: The metadata action applied on the scope matching the rule
+      properties:
+        image_tag:
+          description: The image tag of the metadata action
+          type: string
+        service:
+          description: The service of the metadata action
+          type: string
+        short_image:
+          description: The short image of the metadata action
+          type: string
+      type: object
+    CloudWorkloadSecurityAgentRuleActionSet:
+      description: The set action applied on the scope matching the rule
+      properties:
+        append:
+          description: Whether the value should be appended to the field
+          type: boolean
+        field:
+          description: The field of the set action
+          type: string
+        name:
+          description: The name of the set action
+          type: string
+        scope:
+          description: The scope of the set action
+          type: string
+        size:
+          description: The size of the set action
+          format: int64
+          type: integer
+        ttl:
+          description: The time to live of the set action
+          format: int64
+          type: integer
+        value:
+          description: The value of the set action
+          type: string
       type: object
     CloudWorkloadSecurityAgentRuleActions:
       description: The array of actions the rule can perform if triggered
@@ -7484,6 +7532,11 @@ components:
         agentConstraint:
           description: The version of the Agent
           type: string
+        blocking:
+          description: The blocking policies that the rule belongs to
+          items:
+            type: string
+          type: array
         category:
           description: The category of the Agent rule
           example: Process Activity
@@ -7507,6 +7560,11 @@ components:
           description: The description of the Agent rule
           example: My Agent rule
           type: string
+        disabled:
+          description: The disabled policies that the rule belongs to
+          items:
+            type: string
+          type: array
         enabled:
           description: Whether the Agent rule is enabled
           example: true
@@ -7520,6 +7578,11 @@ components:
           items:
             type: string
           type: array
+        monitoring:
+          description: The monitoring policies that the rule belongs to
+          items:
+            type: string
+          type: array
         name:
           description: The name of the Agent rule
           example: my_agent_rule
@@ -7554,10 +7617,22 @@ components:
     CloudWorkloadSecurityAgentRuleCreateAttributes:
       description: Create a new Cloud Workload Security Agent rule.
       properties:
+        actions:
+          $ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleActions'
+        blocking:
+          description: The blocking policies that the rule belongs to
+          items:
+            type: string
+          type: array
         description:
           description: The description of the Agent rule.
           example: My Agent rule
           type: string
+        disabled:
+          description: The disabled policies that the rule belongs to
+          items:
+            type: string
+          type: array
         enabled:
           description: Whether the Agent rule is enabled
           example: true
@@ -7571,6 +7646,11 @@ components:
           items:
             type: string
           type: array
+        monitoring:
+          description: The monitoring policies that the rule belongs to
+          items:
+            type: string
+          type: array
         name:
           description: The name of the Agent rule.
           example: my_agent_rule
@@ -7661,10 +7741,20 @@ components:
     CloudWorkloadSecurityAgentRuleUpdateAttributes:
       description: Update an existing Cloud Workload Security Agent rule
       properties:
+        blocking:
+          description: The blocking policies that the rule belongs to
+          items:
+            type: string
+          type: array
         description:
           description: The description of the Agent rule
           example: My Agent rule
           type: string
+        disabled:
+          description: The disabled policies that the rule belongs to
+          items:
+            type: string
+          type: array
         enabled:
           description: Whether the Agent rule is enabled
           example: true
@@ -7673,6 +7763,11 @@ components:
           description: The SECL expression of the Agent rule
           example: exec.file.name == "sh"
           type: string
+        monitoring:
+          description: The monitoring policies that the rule belongs to
+          items:
+            type: string
+          type: array
         policy_id:
           description: The ID of the policy where the Agent rule is saved
           example: a8c8e364-6556-434d-b798-a4c23de29c0b

examples/v2_csm-threats_CreateCSMThreatsAgentRule_1176049761.rs

@@ -0,0 +1,43 @@
+// Create a CSM Threats Agent rule with set action returns "OK" response
+use datadog_api_client::datadog;
+use datadog_api_client::datadogV2::api_csm_threats::CSMThreatsAPI;
+use datadog_api_client::datadogV2::model::CloudWorkloadSecurityAgentRuleAction;
+use datadog_api_client::datadogV2::model::CloudWorkloadSecurityAgentRuleActionSet;
+use datadog_api_client::datadogV2::model::CloudWorkloadSecurityAgentRuleCreateAttributes;
+use datadog_api_client::datadogV2::model::CloudWorkloadSecurityAgentRuleCreateData;
+use datadog_api_client::datadogV2::model::CloudWorkloadSecurityAgentRuleCreateRequest;
+use datadog_api_client::datadogV2::model::CloudWorkloadSecurityAgentRuleType;
+
+#[tokio::main]
+async fn main() {
+    // there is a valid "policy_rc" in the system
+    let policy_data_id = std::env::var("POLICY_DATA_ID").unwrap();
+    let body = CloudWorkloadSecurityAgentRuleCreateRequest::new(
+        CloudWorkloadSecurityAgentRuleCreateData::new(
+            CloudWorkloadSecurityAgentRuleCreateAttributes::new(
+                r#"exec.file.name == "sh""#.to_string(),
+                "examplecsmthreat".to_string(),
+            )
+            .actions(Some(vec![CloudWorkloadSecurityAgentRuleAction::new().set(
+                CloudWorkloadSecurityAgentRuleActionSet::new()
+                    .name("test_set".to_string())
+                    .scope("process".to_string())
+                    .value("test_value".to_string()),
+            )]))
+            .description("My Agent rule with set action".to_string())
+            .enabled(true)
+            .filters(vec![])
+            .policy_id(policy_data_id.clone())
+            .product_tags(vec![]),
+            CloudWorkloadSecurityAgentRuleType::AGENT_RULE,
+        ),
+    );
+    let configuration = datadog::Configuration::new();
+    let api = CSMThreatsAPI::with_config(configuration);
+    let resp = api.create_csm_threats_agent_rule(body).await;
+    if let Ok(value) = resp {
+        println!("{:#?}", value);
+    } else {
+        println!("{:#?}", resp.unwrap_err());
+    }
+}

src/datadogV2/model/mod.rs

@@ -3100,6 +3100,10 @@ pub mod model_cloud_workload_security_agent_rule_action;
 pub use self::model_cloud_workload_security_agent_rule_action::CloudWorkloadSecurityAgentRuleAction;
 pub mod model_cloud_workload_security_agent_rule_kill;
 pub use self::model_cloud_workload_security_agent_rule_kill::CloudWorkloadSecurityAgentRuleKill;
+pub mod model_cloud_workload_security_agent_rule_action_metadata;
+pub use self::model_cloud_workload_security_agent_rule_action_metadata::CloudWorkloadSecurityAgentRuleActionMetadata;
+pub mod model_cloud_workload_security_agent_rule_action_set;
+pub use self::model_cloud_workload_security_agent_rule_action_set::CloudWorkloadSecurityAgentRuleActionSet;
 pub mod model_cloud_workload_security_agent_rule_creator_attributes;
 pub use self::model_cloud_workload_security_agent_rule_creator_attributes::CloudWorkloadSecurityAgentRuleCreatorAttributes;
 pub mod model_cloud_workload_security_agent_rule_updater_attributes;

src/datadogV2/model/model_cloud_workload_security_agent_policy_create_attributes.rs

@@ -11,6 +11,13 @@ use std::fmt::{self, Formatter};
 #[skip_serializing_none]
 #[derive(Clone, Debug, PartialEq, Serialize)]
 pub struct CloudWorkloadSecurityAgentPolicyCreateAttributes {
+    /// The array of actions the rule can perform if triggered
+    #[serde(
+        rename = "actions",
+        default,
+        with = "::serde_with::rust::double_option"
+    )]
+    pub actions: Option<Option<Vec<crate::datadogV2::model::CloudWorkloadSecurityAgentRuleAction>>>,
     /// The description of the policy
     #[serde(rename = "description")]
     pub description: Option<String>,
@@ -36,6 +43,7 @@ pub struct CloudWorkloadSecurityAgentPolicyCreateAttributes {
 impl CloudWorkloadSecurityAgentPolicyCreateAttributes {
     pub fn new(name: String) -> CloudWorkloadSecurityAgentPolicyCreateAttributes {
         CloudWorkloadSecurityAgentPolicyCreateAttributes {
+            actions: None,
             description: None,
             enabled: None,
             host_tags: None,
@@ -46,6 +54,14 @@ impl CloudWorkloadSecurityAgentPolicyCreateAttributes {
         }
     }
 
+    pub fn actions(
+        mut self,
+        value: Option<Vec<crate::datadogV2::model::CloudWorkloadSecurityAgentRuleAction>>,
+    ) -> Self {
+        self.actions = Some(value);
+        self
+    }
+
     pub fn description(mut self, value: String) -> Self {
         self.description = Some(value);
         self
@@ -92,6 +108,9 @@ impl<'de> Deserialize<'de> for CloudWorkloadSecurityAgentPolicyCreateAttributes
             where
                 M: MapAccess<'a>,
             {
+                let mut actions: Option<
+                    Option<Vec<crate::datadogV2::model::CloudWorkloadSecurityAgentRuleAction>>,
+                > = None;
                 let mut description: Option<String> = None;
                 let mut enabled: Option<bool> = None;
                 let mut host_tags: Option<Vec<String>> = None;
@@ -105,6 +124,9 @@ impl<'de> Deserialize<'de> for CloudWorkloadSecurityAgentPolicyCreateAttributes
 
                 while let Some((k, v)) = map.next_entry::<String, serde_json::Value>()? {
                     match k.as_str() {
+                        "actions" => {
+                            actions = Some(serde_json::from_value(v).map_err(M::Error::custom)?);
+                        }
                         "description" => {
                             if v.is_null() {
                                 continue;
@@ -144,6 +166,7 @@ impl<'de> Deserialize<'de> for CloudWorkloadSecurityAgentPolicyCreateAttributes
                 let name = name.ok_or_else(|| M::Error::missing_field("name"))?;
 
                 let content = CloudWorkloadSecurityAgentPolicyCreateAttributes {
+                    actions,
                     description,
                     enabled,
                     host_tags,

src/datadogV2/model/model_cloud_workload_security_agent_policy_update_attributes.rs

@@ -11,6 +11,13 @@ use std::fmt::{self, Formatter};
 #[skip_serializing_none]
 #[derive(Clone, Debug, PartialEq, Serialize)]
 pub struct CloudWorkloadSecurityAgentPolicyUpdateAttributes {
+    /// The array of actions the rule can perform if triggered
+    #[serde(
+        rename = "actions",
+        default,
+        with = "::serde_with::rust::double_option"
+    )]
+    pub actions: Option<Option<Vec<crate::datadogV2::model::CloudWorkloadSecurityAgentRuleAction>>>,
     /// The description of the policy
     #[serde(rename = "description")]
     pub description: Option<String>,
@@ -36,6 +43,7 @@ pub struct CloudWorkloadSecurityAgentPolicyUpdateAttributes {
 impl CloudWorkloadSecurityAgentPolicyUpdateAttributes {
     pub fn new() -> CloudWorkloadSecurityAgentPolicyUpdateAttributes {
         CloudWorkloadSecurityAgentPolicyUpdateAttributes {
+            actions: None,
             description: None,
             enabled: None,
             host_tags: None,
@@ -46,6 +54,14 @@ impl CloudWorkloadSecurityAgentPolicyUpdateAttributes {
         }
     }
 
+    pub fn actions(
+        mut self,
+        value: Option<Vec<crate::datadogV2::model::CloudWorkloadSecurityAgentRuleAction>>,
+    ) -> Self {
+        self.actions = Some(value);
+        self
+    }
+
     pub fn description(mut self, value: String) -> Self {
         self.description = Some(value);
         self
@@ -103,6 +119,9 @@ impl<'de> Deserialize<'de> for CloudWorkloadSecurityAgentPolicyUpdateAttributes
             where
                 M: MapAccess<'a>,
             {
+                let mut actions: Option<
+                    Option<Vec<crate::datadogV2::model::CloudWorkloadSecurityAgentRuleAction>>,
+                > = None;
                 let mut description: Option<String> = None;
                 let mut enabled: Option<bool> = None;
                 let mut host_tags: Option<Vec<String>> = None;
@@ -116,6 +135,9 @@ impl<'de> Deserialize<'de> for CloudWorkloadSecurityAgentPolicyUpdateAttributes
 
                 while let Some((k, v)) = map.next_entry::<String, serde_json::Value>()? {
                     match k.as_str() {
+                        "actions" => {
+                            actions = Some(serde_json::from_value(v).map_err(M::Error::custom)?);
+                        }
                         "description" => {
                             if v.is_null() {
                                 continue;
@@ -157,6 +179,7 @@ impl<'de> Deserialize<'de> for CloudWorkloadSecurityAgentPolicyUpdateAttributes
                 }
 
                 let content = CloudWorkloadSecurityAgentPolicyUpdateAttributes {
+                    actions,
                     description,
                     enabled,
                     host_tags,