Add OpenAPI documentation for cloud-auth-config service

config/_default/menus/api.en.yaml

@@ -6848,6 +6848,23 @@ menu:
           - GetAllCaseTypes
         unstable: []
         order: 1
+    - name: Cloud Authentication
+      url: /api/latest/cloud-authentication/
+      identifier: cloud-authentication
+      generated: true
+    - name: List AWS cloud authentication persona mappings
+      url: '#list-aws-cloud-authentication-persona-mappings'
+      identifier: cloud-authentication-list-aws-cloud-authentication-persona-mappings
+      parent: cloud-authentication
+      generated: true
+      params:
+        versions:
+          - v2
+        operationids:
+          - ListAWSCloudAuthPersonaMappings
+        unstable:
+          - v2
+        order: 1
     - name: Cloud Cost Management
       url: /api/latest/cloud-cost-management/
       identifier: cloud-cost-management

content/en/api/latest/cloud-authentication/_index.md

@@ -0,0 +1,3 @@
+---
+title: Cloud Authentication
+---

content/en/api/v2/cloud-authentication/_index.md

@@ -0,0 +1,4 @@
+---
+title: Cloud Authentication
+headless: true
+---

content/en/api/v2/cloud-authentication/examples.json

@@ -0,0 +1,51 @@
+{
+  "ListAWSCloudAuthPersonaMappings": {
+    "responses": {
+      "200": {
+        "json": {
+          "data": [
+            {
+              "attributes": {
+                "account_identifier": "[email protected]",
+                "account_uuid": "12bbdc5c-5966-47e0-8733-285f9e44bcf4",
+                "arn_pattern": "arn:aws:iam::123456789012:user/testuser"
+              },
+              "id": "c5c758c6-18c2-4484-ae3f-46b84128404a",
+              "type": "aws_cloud_auth_config"
+            }
+          ]
+        },
+        "html": "<div class=\"\"><div class=\"row  hasChildData \">\n          <div class=\"col-12 first-column\">\n            <div  class=\"row table-row first-row js-collapse-trigger collapse-trigger \">\n              <div class=\"col-4 column\">\n      <p class=\"key table-cell\"><span class=\"toggle-arrow\"><svg width=\"6\" height=\"9\" viewBox=\"0 0 6 9\" fill=\"none\" xmlns=\"http://www.w3.org/2000/svg\"><path d=\"M4.7294 4.45711L0.733399 7.82311L1.1294 8.29111L5.6654 4.45711L1.1294 0.641113L0.751398 1.12711L4.7294 4.45711Z\" fill=\"black\"/></svg></span> data&nbsp;[<em>required</em>]</p>\n    </div>\n              <div class=\"col-2 column\"><p class=\"table-cell\">[object]</p></div>\n              <div class=\"col-6 column\"><p class=\"table-cell\">List of AWS cloud authentication persona mappings</p></div>\n            </div>\n            <div class=\"row isNested d-none hasChildData \">\n          <div class=\"col-12 first-column\">\n            <div data-parent-field=\"data\" class=\"row table-row first-row js-collapse-trigger collapse-trigger \">\n              <div class=\"col-4 column\">\n      <p class=\"key table-cell\"><span class=\"toggle-arrow\"><svg width=\"6\" height=\"9\" viewBox=\"0 0 6 9\" fill=\"none\" xmlns=\"http://www.w3.org/2000/svg\"><path d=\"M4.7294 4.45711L0.733399 7.82311L1.1294 8.29111L5.6654 4.45711L1.1294 0.641113L0.751398 1.12711L4.7294 4.45711Z\" fill=\"black\"/></svg></span> attributes&nbsp;[<em>required</em>]</p>\n    </div>\n              <div class=\"col-2 column\"><p class=\"table-cell\">object</p></div>\n              <div class=\"col-6 column\"><p class=\"table-cell\">Attributes for AWS cloud authentication persona mapping response</p></div>\n            </div>\n            <div class=\"row isNested d-none  \">\n          <div class=\"col-12 first-column\">\n            <div data-parent-field=\"attributes\" class=\"row table-row first-row  \">\n              <div class=\"col-4 column\">\n      <p class=\"key table-cell\">account_identifier&nbsp;[<em>required</em>]</p>\n    </div>\n              <div class=\"col-2 column\"><p class=\"table-cell\">string</p></div>\n              <div class=\"col-6 column\"><p class=\"table-cell\">Datadog account identifier (email or handle) mapped to the AWS principal</p></div>\n            </div>\n            \n          </div>\n        </div><div class=\"row isNested d-none  \">\n          <div class=\"col-12 first-column\">\n            <div data-parent-field=\"attributes\" class=\"row table-row first-row  \">\n              <div class=\"col-4 column\">\n      <p class=\"key table-cell\">account_uuid&nbsp;[<em>required</em>]</p>\n    </div>\n              <div class=\"col-2 column\"><p class=\"table-cell\">string</p></div>\n              <div class=\"col-6 column\"><p class=\"table-cell\">Datadog account UUID</p></div>\n            </div>\n            \n          </div>\n        </div><div class=\"row isNested d-none  \">\n          <div class=\"col-12 first-column\">\n            <div data-parent-field=\"attributes\" class=\"row table-row first-row  \">\n              <div class=\"col-4 column\">\n      <p class=\"key table-cell\">arn_pattern&nbsp;[<em>required</em>]</p>\n    </div>\n              <div class=\"col-2 column\"><p class=\"table-cell\">string</p></div>\n              <div class=\"col-6 column\"><p class=\"table-cell\">AWS IAM ARN pattern to match for authentication</p></div>\n            </div>\n            \n          </div>\n        </div>\n          </div>\n        </div><div class=\"row isNested d-none  \">\n          <div class=\"col-12 first-column\">\n            <div data-parent-field=\"data\" class=\"row table-row first-row  \">\n              <div class=\"col-4 column\">\n      <p class=\"key table-cell\">id&nbsp;[<em>required</em>]</p>\n    </div>\n              <div class=\"col-2 column\"><p class=\"table-cell\">string</p></div>\n              <div class=\"col-6 column\"><p class=\"table-cell\">Unique identifier for the persona mapping</p></div>\n            </div>\n            \n          </div>\n        </div><div class=\"row isNested d-none  \">\n          <div class=\"col-12 first-column\">\n            <div data-parent-field=\"data\" class=\"row table-row first-row  \">\n              <div class=\"col-4 column\">\n      <p class=\"key table-cell\">type&nbsp;[<em>required</em>]</p>\n    </div>\n              <div class=\"col-2 column\"><p class=\"table-cell\">enum</p></div>\n              <div class=\"col-6 column\"><p class=\"table-cell\">Type identifier for AWS cloud authentication persona mapping \nAllowed enum values: <code>aws_cloud_auth_config</code></p></div>\n            </div>\n            \n          </div>\n        </div>\n          </div>\n        </div></div>"
+      },
+      "400": {
+        "json": {
+          "errors": [
+            "Bad Request"
+          ]
+        },
+        "html": "<div class=\"\"><div class=\"row   \">\n          <div class=\"col-12 first-column\">\n            <div  class=\"row table-row first-row  \">\n              <div class=\"col-4 column\">\n      <p class=\"key table-cell\">errors&nbsp;[<em>required</em>]</p>\n    </div>\n              <div class=\"col-2 column\"><p class=\"table-cell\">[string]</p></div>\n              <div class=\"col-6 column\"><p class=\"table-cell\">A list of errors.</p></div>\n            </div>\n            \n          </div>\n        </div></div>"
+      },
+      "403": {
+        "json": {
+          "errors": [
+            "Bad Request"
+          ]
+        },
+        "html": "<div class=\"\"><div class=\"row   \">\n          <div class=\"col-12 first-column\">\n            <div  class=\"row table-row first-row  \">\n              <div class=\"col-4 column\">\n      <p class=\"key table-cell\">errors&nbsp;[<em>required</em>]</p>\n    </div>\n              <div class=\"col-2 column\"><p class=\"table-cell\">[string]</p></div>\n              <div class=\"col-6 column\"><p class=\"table-cell\">A list of errors.</p></div>\n            </div>\n            \n          </div>\n        </div></div>"
+      },
+      "429": {
+        "json": {
+          "errors": [
+            "Bad Request"
+          ]
+        },
+        "html": "<div class=\"\"><div class=\"row   \">\n          <div class=\"col-12 first-column\">\n            <div  class=\"row table-row first-row  \">\n              <div class=\"col-4 column\">\n      <p class=\"key table-cell\">errors&nbsp;[<em>required</em>]</p>\n    </div>\n              <div class=\"col-2 column\"><p class=\"table-cell\">[string]</p></div>\n              <div class=\"col-6 column\"><p class=\"table-cell\">A list of errors.</p></div>\n            </div>\n            \n          </div>\n        </div></div>"
+      }
+    },
+    "request": {
+      "json_curl": {},
+      "json": {},
+      "html": ""
+    }
+  }
+}

data/api/v2/full_spec.yaml

@@ -1747,6 +1747,65 @@ components:
       required:
       - role_name
       type: object
+    AWSCloudAuthPersonaMappingAttributesResponse:
+      description: Attributes for AWS cloud authentication persona mapping response
+      properties:
+        account_identifier:
+          description: Datadog account identifier (email or handle) mapped to the
+            AWS principal
+          example: [email protected]
+          type: string
+        account_uuid:
+          description: Datadog account UUID
+          example: 12bbdc5c-5966-47e0-8733-285f9e44bcf4
+          type: string
+        arn_pattern:
+          description: AWS IAM ARN pattern to match for authentication
+          example: arn:aws:iam::123456789012:user/testuser
+          type: string
+      required:
+      - arn_pattern
+      - account_identifier
+      - account_uuid
+      type: object
+    AWSCloudAuthPersonaMappingDataResponse:
+      description: Data for AWS cloud authentication persona mapping response
+      properties:
+        attributes:
+          $ref: '#/components/schemas/AWSCloudAuthPersonaMappingAttributesResponse'
+        id:
+          description: Unique identifier for the persona mapping
+          example: c5c758c6-18c2-4484-ae3f-46b84128404a
+          type: string
+        type:
+          $ref: '#/components/schemas/AWSCloudAuthPersonaMappingType'
+      required:
+      - id
+      - type
+      - attributes
+      type: object
+    AWSCloudAuthPersonaMappingType:
+      description: Type identifier for AWS cloud authentication persona mapping
+      enum:
+      - aws_cloud_auth_config
+      example: aws_cloud_auth_config
+      type: string
+      x-enum-varnames:
+      - AWS_CLOUD_AUTH_CONFIG
+    AWSCloudAuthPersonaMappingsData:
+      description: List of AWS cloud authentication persona mappings
+      items:
+        $ref: '#/components/schemas/AWSCloudAuthPersonaMappingDataResponse'
+      type: array
+    AWSCloudAuthPersonaMappingsResponse:
+      description: Response containing a list of AWS cloud authentication persona
+        mappings
+      properties:
+        data:
+          $ref: '#/components/schemas/AWSCloudAuthPersonaMappingsData'
+      required:
+      - data
+      type: object
     AWSCredentials:
       description: The definition of `AWSCredentials` object.
       oneOf:
@@ -69752,6 +69811,40 @@ paths:
         permissions:
         - ci_visibility_read
         - test_optimization_read
+  /api/v2/cloud_auth/aws/persona_mapping:
+    get:
+      description: List all AWS cloud authentication persona mappings. This endpoint
+        retrieves all configured persona mappings that associate AWS IAM principals
+        with Datadog users.
+      operationId: ListAWSCloudAuthPersonaMappings
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/AWSCloudAuthPersonaMappingsResponse'
+          description: OK
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/APIErrorResponse'
+          description: Bad Request
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/APIErrorResponse'
+          description: Forbidden
+        '429':
+          $ref: '#/components/responses/TooManyRequestsResponse'
+      summary: List AWS cloud authentication persona mappings
+      tags:
+      - Cloud Authentication
+      x-menu-order: 1
+      x-unstable: '**Note**: This endpoint is in public beta and is subject to change.
+
+        If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).'
   /api/v2/cloud_security_management/custom_frameworks:
     post:
       description: Create a custom framework.
@@ -97963,6 +98056,9 @@ tags:
     Management page](https://docs.datadoghq.com/service_management/case_management/)
     for more information.
   name: Case Management Type
+- description: Configure AWS cloud authentication mappings for persona and intake
+    authentication through the Datadog API.
+  name: Cloud Authentication
 - description: The Cloud Cost Management API allows you to set up, edit, and delete
     Cloud Cost Management accounts for AWS, Azure, and Google Cloud. You can query
     your cost data by using the [Metrics endpoint](https://docs.datadoghq.com/api/latest/metrics/#query-timeseries-data-across-multiple-products)

data/api/v2/translate_actions.json

@@ -643,6 +643,10 @@
     "request_description": "",
     "request_schema_description": "The request for a tests search."
   },
+  "ListAWSCloudAuthPersonaMappings": {
+    "description": "List all AWS cloud authentication persona mappings. This endpoint retrieves all configured persona mappings that associate AWS IAM principals with Datadog users.",
+    "summary": "List AWS cloud authentication persona mappings"
+  },
   "CreateCustomFramework": {
     "description": "Create a custom framework.",
     "summary": "Create a custom framework",

data/api/v2/translate_tags.json

@@ -79,6 +79,10 @@
     "name": "Case Management Type",
     "description": "View and configure case types within Case Management. See the [Case Management page](https://docs.datadoghq.com/service_management/case_management/) for more information."
   },
+  "cloud-authentication": {
+    "name": "Cloud Authentication",
+    "description": "Configure AWS cloud authentication mappings for persona and intake authentication through the Datadog API."
+  },
   "cloud-cost-management": {
     "name": "Cloud Cost Management",
     "description": "The Cloud Cost Management API allows you to set up, edit, and delete Cloud Cost Management accounts for AWS, Azure, and Google Cloud. You can query your cost data by using the [Metrics endpoint](https://docs.datadoghq.com/api/latest/metrics/#query-timeseries-data-across-multiple-products) and the `cloud_cost` data source. For more information, see the [Cloud Cost Management documentation](https://docs.datadoghq.com/cloud_cost_management/)."