DataDog
diff --git a/‎.apigentools-info
Lines changed: 4 additions & 4 deletions b/‎.apigentools-info
Lines changed: 4 additions & 4 deletions
diff --git a/‎config/_default/menus/api.en.yaml
Lines changed: 24 additions & 0 deletions b/‎config/_default/menus/api.en.yaml
Lines changed: 24 additions & 0 deletions
diff --git a/‎content/en/api/v2/security-monitoring/examples.json
Lines changed: 140 additions & 14 deletions b/‎content/en/api/v2/security-monitoring/examples.json
Lines changed: 140 additions & 14 deletions
diff --git a/‎content/en/api/v2/security-monitoring/request.UpdateResourceEvaluationFilters.json
Lines changed: 15 additions & 0 deletions b/‎content/en/api/v2/security-monitoring/request.UpdateResourceEvaluationFilters.json
Lines changed: 15 additions & 0 deletions
diff --git a/‎data/api/v2/CodeExamples.json
Lines changed: 7 additions & 0 deletions b/‎data/api/v2/CodeExamples.json
Lines changed: 7 additions & 0 deletions
diff --git a/‎data/api/v2/full_spec.yaml
Lines changed: 211 additions & 6 deletions b/‎data/api/v2/full_spec.yaml
Lines changed: 211 additions & 6 deletions
@@ -4,13 +4,13 @@
     "spec_versions": {
         "v1": {
             "apigentools_version": "1.6.6",
-            "regenerated": "2025-05-19 17:47:22.310341",
-            "spec_repo_commit": "77e5efb9"
+            "regenerated": "2025-05-20 07:23:31.781659",
+            "spec_repo_commit": "fec20f97"
         },
         "v2": {
             "apigentools_version": "1.6.6",
-            "regenerated": "2025-05-19 17:47:31.365254",
-            "spec_repo_commit": "77e5efb9"
+            "regenerated": "2025-05-20 07:23:40.945974",
+            "spec_repo_commit": "fec20f97"
         }
     }
 }
@@ -2863,6 +2863,30 @@ menu:
         unstable:
           - v2
         order: 1
+    - name: Update resource filters
+      url: '#update-resource-filters'
+      identifier: security-monitoring-update-resource-filters
+      parent: security-monitoring
+      generated: true
+      params:
+        versions:
+          - v2
+        operationids:
+          - UpdateResourceEvaluationFilters
+        unstable: []
+        order: 27
+    - name: List resource filters
+      url: '#list-resource-filters'
+      identifier: security-monitoring-list-resource-filters
+      parent: security-monitoring
+      generated: true
+      params:
+        versions:
+          - v2
+        operationids:
+          - GetResourceEvaluationFilters
+        unstable: []
+        order: 26
     - name: Update a custom framework
       url: '#update-a-custom-framework'
       identifier: security-monitoring-update-a-custom-framework
 
@@ -0,0 +1,15 @@
+{
+  "data": {
+    "attributes": {
+      "cloud_provider": {
+        "aws": {
+          "aws_account_id": [
+            "tag1:v1"
+          ]
+        }
+      }
+    },
+    "id": "csm_resource_filter",
+    "type": "csm_resource_filter"
+  }
+}
@@ -1256,6 +1256,13 @@
       "description": "Update a suppression rule returns \"OK\" response"
     }
   ],
+  "UpdateResourceEvaluationFilters": [
+    {
+      "group": "security_monitoring",
+      "suffix": "",
+      "description": "Update resource filters returns \"OK\" response"
+    }
+  ],
   "ValidateSecurityMonitoringRule": [
     {
       "group": "security_monitoring",
 
@@ -687,6 +687,21 @@ components:
       required: true
       schema:
         type: string
+    ResourceFilterAccountID:
+      description: Filter resource filters by cloud provider account ID. This parameter
+        is only valid when provider is specified.
+      in: query
+      name: account_id
+      required: false
+      schema:
+        type: string
+    ResourceFilterProvider:
+      description: Filter resource filters by cloud provider (e.g. aws, gcp, azure).
+      in: query
+      name: cloud_provider
+      required: false
+      schema:
+        type: string
     ResourceID:
       description: 'Identifier, formatted as `type:id`. Supported types: `connection`,
         `dashboard`, `integration-account`, `integration-service`, `integration-webhook`,
@@ -826,6 +841,13 @@ components:
       required: true
       schema:
         type: string
+    SkipCache:
+      description: Skip cache for resource filters.
+      in: query
+      name: skip_cache
+      required: false
+      schema:
+        type: boolean
     SpansMetricIDParameter:
       description: The name of the span-based metric.
       in: path
@@ -15833,6 +15855,26 @@ components:
             $ref: '#/components/schemas/GetInterfacesData'
           type: array
       type: object
+    GetResourceEvaluationFiltersResponse:
+      description: The definition of `GetResourceEvaluationFiltersResponse` object.
+      properties:
+        data:
+          $ref: '#/components/schemas/GetResourceEvaluationFiltersResponseData'
+      required:
+      - data
+      type: object
+    GetResourceEvaluationFiltersResponseData:
+      description: The definition of `GetResourceFilterResponseData` object.
+      properties:
+        attributes:
+          $ref: '#/components/schemas/ResourceFilterAttributes'
+        id:
+          description: The `data` `id`.
+          example: csm_resource_filter
+          type: string
+        type:
+          $ref: '#/components/schemas/ResourceFilterRequestType'
+      type: object
     GetRuleVersionHistoryData:
       description: Data for the rule version history.
       properties:
@@ -29747,6 +29789,46 @@ components:
       required:
       - data
       type: object
+    ResourceFilterAttributes:
+      description: Attributes of a resource filter.
+      example:
+        aws:
+          '123456789':
+          - environment:production
+          - team:devops
+        azure:
+          sub-001:
+          - app:frontend
+        gcp:
+          project-abc:
+          - region:us-central1
+      properties:
+        cloud_provider:
+          additionalProperties:
+            additionalProperties:
+              items:
+                description: Tag filter in format "key:value"
+                example: environment:production
+                type: string
+              type: array
+            type: object
+          description: A map of cloud provider names (e.g., "aws", "gcp", "azure")
+            to a map of account/resource IDs and their associated tag filters.
+          type: object
+        uuid:
+          description: The UUID of the resource filter.
+          type: string
+      required:
+      - cloud_provider
+      type: object
+    ResourceFilterRequestType:
+      description: Constant string to identify the request type.
+      enum:
+      - csm_resource_filter
+      example: csm_resource_filter
+      type: string
+      x-enum-varnames:
+      - CSM_RESOURCE_FILTER
     ResponseMetaAttributes:
       description: Object describing meta attributes of response.
       properties:
@@ -32909,9 +32991,11 @@ components:
       example: true
       type: boolean
     SecurityMonitoringRuleKeepAlive:
-      description: "Once a signal is generated, the signal will remain \u201Copen\u201D
-        if a case is matched at least once within\nthis keep alive window. For third
-        party detection method, this field is not used."
+      description: 'Once a signal is generated, the signal will remain "open" if a
+        case is matched at least once within
+
+        this keep alive window. For third party detection method, this field is not
+        used.'
       enum:
       - 0
       - 60
@@ -32941,9 +33025,10 @@ components:
       - TWELVE_HOURS
       - ONE_DAY
     SecurityMonitoringRuleMaxSignalDuration:
-      description: "A signal will \u201Cclose\u201D regardless of the query being
-        matched once the time exceeds the maximum duration.\nThis time is calculated
-        from the first seen timestamp."
+      description: 'A signal will "close" regardless of the query being matched once
+        the time exceeds the maximum duration.
+
+        This time is calculated from the first seen timestamp.'
       enum:
       - 0
       - 60
@@ -39352,6 +39437,52 @@ components:
         id:
           $ref: '#/components/schemas/ApiID'
       type: object
+    UpdateResourceEvaluationFiltersRequest:
+      description: Request object to update a resource filter.
+      properties:
+          $ref: '#/components/schemas/UpdateResourceEvaluationFiltersRequestData'
+      required:
+      - data
+      type: object
+    UpdateResourceEvaluationFiltersRequestData:
+      description: The definition of `UpdateResourceFilterRequestData` object.
+      properties:
+        attributes:
+          $ref: '#/components/schemas/ResourceFilterAttributes'
+        id:
+          description: The `UpdateResourceEvaluationFiltersRequestData` `id`.
+          example: csm_resource_filter
+          type: string
+        type:
+          $ref: '#/components/schemas/ResourceFilterRequestType'
+      required:
+      - attributes
+      - type
+      type: object
+    UpdateResourceEvaluationFiltersResponse:
+      description: The definition of `UpdateResourceEvaluationFiltersResponse` object.
+      properties:
+        data:
+          $ref: '#/components/schemas/UpdateResourceEvaluationFiltersResponseData'
+      required:
+      - data
+      type: object
+    UpdateResourceEvaluationFiltersResponseData:
+      description: The definition of `UpdateResourceFilterResponseData` object.
+      properties:
+        attributes:
+          $ref: '#/components/schemas/ResourceFilterAttributes'
+        id:
+          description: The `data` `id`.
+          example: csm_resource_filter
+          type: string
+        type:
+          $ref: '#/components/schemas/ResourceFilterRequestType'
+      required:
+      - attributes
+      - type
+      type: object
     UpdateRuleRequest:
       description: Request to update a scorecard rule.
       properties:
@@ -44746,6 +44877,80 @@ paths:
         - security_monitoring_rules_write
       x-undo:
         type: idempotent
+  /api/v2/cloud_security_management/resource_filters:
+    get:
+      description: List resource filters.
+      operationId: GetResourceEvaluationFilters
+      parameters:
+      - $ref: '#/components/parameters/ResourceFilterProvider'
+      - $ref: '#/components/parameters/ResourceFilterAccountID'
+      - $ref: '#/components/parameters/SkipCache'
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GetResourceEvaluationFiltersResponse'
+          description: OK
+        '400':
+          $ref: '#/components/responses/BadRequestResponse'
+        '403':
+          $ref: '#/components/responses/NotAuthorizedResponse'
+        '429':
+          $ref: '#/components/responses/TooManyRequestsResponse'
+      security:
+      - apiKeyAuth: []
+        appKeyAuth: []
+      - AuthZ:
+        - security_monitoring_filters_read
+      summary: List resource filters
+      tags:
+      - Security Monitoring
+      x-menu-order: 26
+      x-permission:
+        operator: OR
+        permissions:
+        - security_monitoring_filters_read
+      x-undo:
+        type: safe
+    put:
+      description: Update resource filters.
+      operationId: UpdateResourceEvaluationFilters
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/UpdateResourceEvaluationFiltersRequest'
+        required: true
+      responses:
+        '201':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/UpdateResourceEvaluationFiltersResponse'
+          description: OK
+        '400':
+          $ref: '#/components/responses/BadRequestResponse'
+        '403':
+          $ref: '#/components/responses/NotAuthorizedResponse'
+        '429':
+          $ref: '#/components/responses/TooManyRequestsResponse'
+      security:
+      - apiKeyAuth: []
+        appKeyAuth: []
+      - AuthZ:
+        - security_monitoring_filters_write
+      summary: Update resource filters
+      tags:
+      - Security Monitoring
+      x-codegen-request-body-name: body
+      x-menu-order: 27
+      x-permission:
+        operator: OR
+        permissions:
+        - security_monitoring_filters_write
+      x-undo:
+        type: idempotent
   /api/v2/container_images:
     get:
       description: Get all Container Images for your organization.
Original file line number	Diff line number	Diff line change
`@@ -4,13 +4,13 @@`
`4`	`4`	`"spec_versions": {`
`5`	`5`	`"v1": {`
`6`	`6`	`"apigentools_version": "1.6.6",`
`7`		`- "regenerated": "2025-05-19 17:47:22.310341",`
`8`		`- "spec_repo_commit": "77e5efb9"`
	`7`	`+ "regenerated": "2025-05-20 07:23:31.781659",`
	`8`	`+ "spec_repo_commit": "fec20f97"`
`9`	`9`	`},`
`10`	`10`	`"v2": {`
`11`	`11`	`"apigentools_version": "1.6.6",`
`12`		`- "regenerated": "2025-05-19 17:47:31.365254",`
`13`		`- "spec_repo_commit": "77e5efb9"`
	`12`	`+ "regenerated": "2025-05-20 07:23:40.945974",`
	`13`	`+ "spec_repo_commit": "fec20f97"`
`14`	`14`	`}`
`15`	`15`	`}`
`16`	`16`	`}`
Original file line number	Diff line number	Diff line change
`@@ -1256,6 +1256,13 @@`
`1256`	`1256`	`"description": "Update a suppression rule returns \"OK\" response"`
`1257`	`1257`	`}`
`1258`	`1258`	`],`
	`1259`	`+ "UpdateResourceEvaluationFilters": [`
	`1260`	`+ {`
	`1261`	`+ "group": "security_monitoring",`
	`1262`	`+ "suffix": "",`
	`1263`	`+ "description": "Update resource filters returns \"OK\" response"`
	`1264`	`+ }`
	`1265`	`+ ],`
`1259`	`1266`	`"ValidateSecurityMonitoringRule": [`
`1260`	`1267`	`{`
`1261`	`1268`	`"group": "security_monitoring",`