datadog_api_client 2.0.2 → 2.2.0

data/.generator/schemas/v2/openapi.yaml

@@ -145,6 +145,26 @@ components:
       required: true
       schema:
         type: string
+    IncidentAttachmentFilterQueryParameter:
+      description: Specifies which types of attachments are included in the response.
+      explode: false
+      in: query
+      name: filter[attachment_type]
+      required: false
+      schema:
+        items:
+          $ref: '#/components/schemas/IncidentAttachmentAttachmentType'
+        type: array
+    IncidentAttachmentIncludeQueryParameter:
+      description: Specifies which types of related objects are included in the response.
+      explode: false
+      in: query
+      name: include
+      required: false
+      schema:
+        items:
+          $ref: '#/components/schemas/IncidentAttachmentRelatedObject'
+        type: array
     IncidentIDPathParameter:
       description: The UUID of the incident.
       in: path
@@ -1270,10 +1290,12 @@ components:
     ContentEncoding:
       description: HTTP header used to compress the media-type.
       enum:
+      - identity
       - gzip
       - deflate
       type: string
       x-enum-varnames:
+      - IDENTITY
       - GZIP
       - DEFLATE
     CostByOrg:
@@ -1869,7 +1891,6 @@ components:
           description: The API key.
           readOnly: true
           type: string
-          x-secret: true
         last4:
           description: The last four characters of the API key.
           example: abcd
@@ -1877,7 +1898,6 @@ components:
           minLength: 4
           readOnly: true
           type: string
-          x-secret: true
         modified_at:
           description: Date the API key was last modified.
           example: '2020-11-23T10:00:00.000Z'
@@ -1913,7 +1933,6 @@ components:
           description: The application key.
           readOnly: true
           type: string
-          x-secret: true
         last4:
           description: The last four characters of the application key.
           example: abcd
@@ -1921,7 +1940,6 @@ components:
           minLength: 4
           readOnly: true
           type: string
-          x-secret: true
         name:
           description: Name of the application key.
           example: Application Key for managing dashboards
@@ -2116,6 +2134,243 @@ components:
           type: string
           x-mimetype: application/xml
       type: object
+    IncidentAttachmentAttachmentType:
+      description: The type of the incident attachment attributes.
+      enum:
+      - link
+      - postmortem
+      example: link
+      type: string
+      x-enum-varnames:
+      - LINK
+      - POSTMORTEM
+    IncidentAttachmentAttributes:
+      description: The attributes object for an attachment.
+      oneOf:
+      - $ref: '#/components/schemas/IncidentAttachmentPostmortemAttributes'
+      - $ref: '#/components/schemas/IncidentAttachmentLinkAttributes'
+      type: object
+    IncidentAttachmentData:
+      description: A single incident attachment.
+      example:
+        attributes:
+          attachment:
+            documentUrl: ''
+            title: Postmortem IR-123
+          attachment_type: postmortem
+        id: 00000000-abcd-0002-0000-000000000000
+        relationships:
+          last_modified_by_user:
+            data:
+              id: 00000000-0000-0000-cccc-000000000000
+              type: users
+        type: incident_attachments
+      properties:
+        attributes:
+          $ref: '#/components/schemas/IncidentAttachmentAttributes'
+        id:
+          description: A unique identifier that represents the incident attachment.
+          example: 00000000-abcd-0001-0000-000000000000
+          type: string
+        relationships:
+          $ref: '#/components/schemas/IncidentAttachmentRelationships'
+        type:
+          $ref: '#/components/schemas/IncidentAttachmentType'
+      required:
+      - type
+      - attributes
+      - id
+      - relationships
+      type: object
+    IncidentAttachmentLinkAttachmentType:
+      default: link
+      description: The type of link attachment attributes.
+      enum:
+      - link
+      example: link
+      type: string
+      x-enum-varnames:
+      - LINK
+    IncidentAttachmentLinkAttributes:
+      description: The attributes object for a link attachment.
+      properties:
+        attachment:
+          $ref: '#/components/schemas/IncidentAttachmentLinkAttributesAttachmentObject'
+        attachment_type:
+          $ref: '#/components/schemas/IncidentAttachmentLinkAttachmentType'
+      required:
+      - attachment_type
+      - attachment
+      type: object
+    IncidentAttachmentLinkAttributesAttachmentObject:
+      description: The link attachment.
+      properties:
+        documentUrl:
+          description: The URL of this link attachment.
+          example: https://www.example.com/webstore-failure-runbook
+          type: string
+        title:
+          description: The title of this link attachment.
+          example: Runbook for webstore service failures
+          type: string
+      required:
+      - documentUrl
+      - title
+      type: object
+    IncidentAttachmentPostmortemAttachmentType:
+      default: postmortem
+      description: The type of postmortem attachment attributes.
+      enum:
+      - postmortem
+      example: postmortem
+      type: string
+      x-enum-varnames:
+      - POSTMORTEM
+    IncidentAttachmentPostmortemAttributes:
+      description: The attributes object for a postmortem attachment.
+      properties:
+        attachment:
+          $ref: '#/components/schemas/IncidentAttachmentsPostmortemAttributesAttachmentObject'
+        attachment_type:
+          $ref: '#/components/schemas/IncidentAttachmentPostmortemAttachmentType'
+      required:
+      - attachment_type
+      - attachment
+      type: object
+    IncidentAttachmentRelatedObject:
+      description: The object related to an incident attachment.
+      enum:
+      - users
+      type: string
+      x-enum-varnames:
+      - USERS
+    IncidentAttachmentRelationships:
+      description: The incident attachment's relationships.
+      properties:
+        last_modified_by_user:
+          $ref: '#/components/schemas/RelationshipToUser'
+      type: object
+    IncidentAttachmentType:
+      default: incident_attachments
+      description: The incident attachment resource type.
+      enum:
+      - incident_attachments
+      example: incident_attachments
+      type: string
+      x-enum-varnames:
+      - INCIDENT_ATTACHMENTS
+    IncidentAttachmentUpdateAttributes:
+      description: Incident attachment attributes.
+      oneOf:
+      - $ref: '#/components/schemas/IncidentAttachmentPostmortemAttributes'
+      - $ref: '#/components/schemas/IncidentAttachmentLinkAttributes'
+      type: object
+    IncidentAttachmentUpdateData:
+      description: A single incident attachment.
+      properties:
+        attributes:
+          $ref: '#/components/schemas/IncidentAttachmentUpdateAttributes'
+        id:
+          description: A unique identifier that represents the incident attachment.
+          example: 00000000-abcd-0001-0000-000000000000
+          type: string
+        type:
+          $ref: '#/components/schemas/IncidentAttachmentType'
+      required:
+      - type
+      type: object
+    IncidentAttachmentUpdateRequest:
+      description: The update request for an incident's attachments.
+      properties:
+        data:
+          description: 'An array of incident attachments. An attachment object without
+            an "id" key indicates that you want to
+
+            create that attachment. An attachment object without an "attributes" key
+            indicates that you want to
+
+            delete that attachment. An attachment object with both the "id" key and
+            a populated "attributes" object
+
+            indicates that you want to update that attachment.'
+          example:
+          - attributes:
+              attachment:
+                documentUrl: https://app.datadoghq.com/notebook/123
+                title: Postmortem IR-123
+              attachment_type: postmortem
+            id: 00000000-abcd-0002-0000-000000000000
+            type: incident_attachments
+          - attributes:
+              attachment:
+                documentUrl: https://www.example.com/webstore-failure-runbook
+                title: Runbook for webstore service failures
+              attachment_type: link
+            type: incident_attachments
+          - id: 00000000-abcd-0003-0000-000000000000
+            type: incident_attachments
+          items:
+            $ref: '#/components/schemas/IncidentAttachmentUpdateData'
+          type: array
+      required:
+      - data
+      type: object
+    IncidentAttachmentUpdateResponse:
+      description: The response object containing the created or updated incident
+        attachments.
+      properties:
+        data:
+          description: 'An array of incident attachments. Only the attachments that
+            were created or updated by the request are
+
+            returned.'
+          items:
+            $ref: '#/components/schemas/IncidentAttachmentData'
+          type: array
+        included:
+          description: Included related resources that the user requested.
+          items:
+            $ref: '#/components/schemas/IncidentAttachmentsResponseIncludedItem'
+          type: array
+      required:
+      - data
+      type: object
+    IncidentAttachmentsPostmortemAttributesAttachmentObject:
+      description: The postmortem attachment.
+      properties:
+        documentUrl:
+          description: The URL of this notebook attachment.
+          example: https://app.datadoghq.com/notebook/123
+          type: string
+        title:
+          description: The title of this postmortem attachment.
+          example: Postmortem IR-123
+          type: string
+      required:
+      - documentUrl
+      - title
+      type: object
+    IncidentAttachmentsResponse:
+      description: The response object containing an incident's attachments.
+      properties:
+        data:
+          description: An array of incident attachments.
+          items:
+            $ref: '#/components/schemas/IncidentAttachmentData'
+          type: array
+        included:
+          description: Included related resources that the user requested.
+          items:
+            $ref: '#/components/schemas/IncidentAttachmentsResponseIncludedItem'
+          type: array
+      required:
+      - data
+      type: object
+    IncidentAttachmentsResponseIncludedItem:
+      description: An object related to an attachment that is included in the response.
+      oneOf:
+      - $ref: '#/components/schemas/User'
+      type: object
     IncidentCreateAttributes:
       description: The incident's attributes for a create request.
       properties:
@@ -2280,9 +2535,11 @@ components:
       description: Object related to an incident.
       enum:
       - users
+      - attachments
       type: string
       x-enum-varnames:
       - USERS
+      - ATTACHMENTS
     IncidentResponse:
       description: Response with an incident.
       properties:
@@ -2357,10 +2614,6 @@ components:
             $ref: '#/components/schemas/IncidentNotificationHandle'
           nullable: true
           type: array
-        postmortem_id:
-          description: The UUID of the postmortem object attached to the incident.
-          example: 00000000-0000-0000-7890-000000000000
-          type: string
         public_id:
           description: The monotonically increasing integer ID for the incident.
           example: 1
@@ -2425,6 +2678,7 @@ components:
       description: An object related to an incident that is included in the response.
       oneOf:
       - $ref: '#/components/schemas/User'
+      - $ref: '#/components/schemas/IncidentAttachmentData'
       type: object
     IncidentResponseMeta:
       description: The metadata object containing pagination metadata.
@@ -2456,6 +2710,8 @@ components:
     IncidentResponseRelationships:
       description: The incident's relationships from a response.
       properties:
+        attachments:
+          $ref: '#/components/schemas/RelationshipToIncidentAttachment'
         commander_user:
           $ref: '#/components/schemas/NullableRelationshipToUser'
         created_by_user:
@@ -2464,8 +2720,6 @@ components:
           $ref: '#/components/schemas/RelationshipToIncidentIntegrationMetadatas'
         last_modified_by_user:
           $ref: '#/components/schemas/RelationshipToUser'
-        postmortem:
-          $ref: '#/components/schemas/RelationshipToIncidentPostmortem'
       type: object
     IncidentServiceCreateAttributes:
       description: The incident service's attributes for a create request.
@@ -2936,7 +3190,6 @@ components:
               customer_impacted: false
               detected: '2020-04-14T00:00:00+00:00'
               modified: '2020-09-17T14:16:58.696424+00:00'
-              postmortem_id: 00000000-0000-bbbb-0000-000000000000
               public_id: 1
               resolved: null
               severity: SEV-1
@@ -2947,6 +3200,12 @@ components:
               title: Example Incident
             id: 00000000-aaaa-0000-0000-000000000000
             relationships:
+              attachments:
+                data:
+                - id: 00000000-9999-0000-0000-000000000000
+                  type: incident_attachments
+                - id: 00000000-1234-0000-0000-000000000000
+                  type: incident_attachments
               commander_user:
                 data:
                   id: 00000000-0000-0000-cccc-000000000000
@@ -2965,10 +3224,6 @@ components:
                 data:
                   id: 00000000-0000-0000-cccc-000000000000
                   type: users
-              postmortem:
-                data:
-                  id: 00000000-9999-0000-0000-000000000000
-                  type: incident_postmortems
             type: incidents
           - attributes:
               created: '2020-04-21T15:34:08.627205+00:00'
@@ -2980,7 +3235,6 @@ components:
               customer_impacted: false
               detected: '2020-04-14T00:00:00+00:00'
               modified: '2020-09-17T14:16:58.696424+00:00'
-              postmortem_id: 00000000-6006-0000-0000-000000000000
               public_id: 2
               resolved: null
               severity: SEV-5
@@ -2991,6 +3245,10 @@ components:
               title: Example Incident 2
             id: 00000000-1111-0000-0000-000000000000
             relationships:
+              attachments:
+                data:
+                - id: 00000000-9999-0000-0000-000000000000
+                  type: incident_attachments
               commander_user:
                 data:
                   id: 00000000-aaaa-0000-0000-000000000000
@@ -3009,10 +3267,6 @@ components:
                 data:
                   id: 00000000-aaaa-0000-0000-000000000000
                   type: users
-              postmortem:
-                data:
-                  id: 00000000-6006-0000-0000-000000000000
-                  type: incident_postmortems
             type: incidents
           items:
             $ref: '#/components/schemas/IncidentResponseData'
@@ -4158,6 +4412,15 @@ components:
         type:
           $ref: '#/components/schemas/MetricType'
       type: object
+    MetricActiveConfigurationType:
+      default: actively_queried_configurations
+      description: The metric actively queried configuration resource type.
+      enum:
+      - actively_queried_configurations
+      example: actively_queried_configurations
+      type: string
+      x-enum-varnames:
+      - ACTIVELY_QUERIED_CONFIGURATIONS
     MetricAllTags:
       description: Object for a single metric's indexed tags.
       properties:
@@ -4321,9 +4584,14 @@ components:
       description: HTTP header used to compress the media-type.
       enum:
       - deflate
+      - zstd1
+      - gzip
+      example: deflate
       type: string
       x-enum-varnames:
       - DEFLATE
+      - ZSTD1
+      - GZIP
     MetricCustomAggregation:
       description: A time and space aggregation combination for use in query.
       example:
@@ -4678,6 +4946,50 @@ components:
       - metric
       - points
       type: object
+    MetricSuggestedAggregations:
+      description: List of aggregation combinations that have been actively queried.
+      example:
+      - space: sum
+        time: sum
+      - space: sum
+        time: count
+      items:
+        $ref: '#/components/schemas/MetricCustomAggregation'
+      type: array
+    MetricSuggestedTagsAndAggregations:
+      description: Object for a single metric's actively queried tags and aggregations.
+      properties:
+        attributes:
+          $ref: '#/components/schemas/MetricSuggestedTagsAttributes'
+        id:
+          $ref: '#/components/schemas/MetricName'
+        type:
+          $ref: '#/components/schemas/MetricActiveConfigurationType'
+      type: object
+    MetricSuggestedTagsAndAggregationsResponse:
+      description: Response object that includes a single metric's actively queried
+        tags and aggregations.
+      properties:
+        data:
+          $ref: '#/components/schemas/MetricSuggestedTagsAndAggregations'
+      readOnly: true
+      type: object
+    MetricSuggestedTagsAttributes:
+      description: Object containing the definition of a metric's actively queried
+        tags and aggregations.
+      properties:
+        active_aggregations:
+          $ref: '#/components/schemas/MetricSuggestedAggregations'
+        active_tags:
+          description: List of tag keys that have been actively queried.
+          example:
+          - app
+          - datacenter
+          items:
+            description: Actively queried tag keys.
+            type: string
+          type: array
+      type: object
     MetricTagConfiguration:
       description: Object for a single metric tag configuration.
       example:
@@ -5249,7 +5561,6 @@ components:
           minLength: 4
           readOnly: true
           type: string
-          x-secret: true
         modified_at:
           description: Date the API key was last modified.
           example: '2020-11-23T10:00:00.000Z'
@@ -5288,7 +5599,6 @@ components:
           minLength: 4
           readOnly: true
           type: string
-          x-secret: true
         name:
           description: Name of the application key.
           example: Application Key for managing dashboards
@@ -5603,6 +5913,187 @@ components:
         meta:
           $ref: '#/components/schemas/RUMResponseMetadata'
       type: object
+    RUMApplication:
+      description: RUM application.
+      properties:
+        attributes:
+          $ref: '#/components/schemas/RUMApplicationAttributes'
+        id:
+          description: RUM application ID.
+          example: abcd1234-0000-0000-abcd-1234abcd5678
+          type: string
+        type:
+          $ref: '#/components/schemas/RUMApplicationType'
+      required:
+      - attributes
+      - id
+      - type
+      type: object
+    RUMApplicationAttributes:
+      description: RUM application attributes.
+      properties:
+        application_id:
+          description: ID of the RUM application.
+          example: abcd1234-0000-0000-abcd-1234abcd5678
+          type: string
+        created_at:
+          description: Timestamp in ms of the creation date.
+          example: 1659479836169
+          format: int64
+          type: integer
+        created_by_handle:
+          description: Handle of the creator user.
+          example: john.doe
+          type: string
+        hash:
+          description: Client token of the RUM application.
+          example: abcd1234efgh5678ijkl90abcd1234efgh0
+          type: string
+        name:
+          description: Name of the RUM application.
+          example: my_rum_application
+          type: string
+        org_id:
+          description: Org ID of the RUM application.
+          example: 999
+          format: int32
+          type: integer
+        type:
+          description: Type of the RUM application. Supported values are `browser`,
+            `ios`, `android`, `react-native`, `flutter`.
+          example: browser
+          type: string
+        updated_at:
+          description: Timestamp in ms of the last update date.
+          example: 1659479836169
+          format: int64
+          type: integer
+        updated_by_handle:
+          description: Handle of the updater user.
+          example: jane.doe
+          type: string
+      required:
+      - application_id
+      - created_at
+      - created_by_handle
+      - name
+      - org_id
+      - type
+      - updated_at
+      - updated_by_handle
+      type: object
+    RUMApplicationCreate:
+      description: RUM application creation.
+      properties:
+        attributes:
+          $ref: '#/components/schemas/RUMApplicationCreateAttributes'
+        type:
+          $ref: '#/components/schemas/RUMApplicationCreateType'
+      required:
+      - attributes
+      - type
+      type: object
+    RUMApplicationCreateAttributes:
+      description: RUM application creation attributes.
+      properties:
+        name:
+          description: Name of the RUM application.
+          example: my_new_rum_application
+          type: string
+        type:
+          description: Type of the RUM application. Supported values are `browser`,
+            `ios`, `android`, `react-native`, `flutter`.
+          example: browser
+          type: string
+      required:
+      - name
+      type: object
+    RUMApplicationCreateRequest:
+      description: RUM application creation request attributes.
+      properties:
+        data:
+          $ref: '#/components/schemas/RUMApplicationCreate'
+      required:
+      - data
+      type: object
+    RUMApplicationCreateType:
+      default: rum_application_create
+      description: RUM application creation type.
+      enum:
+      - rum_application_create
+      example: rum_application_create
+      type: string
+      x-enum-varnames:
+      - RUM_APPLICATION_CREATE
+    RUMApplicationResponse:
+      description: RUM application response.
+      properties:
+        data:
+          $ref: '#/components/schemas/RUMApplication'
+      type: object
+    RUMApplicationType:
+      default: rum_application
+      description: RUM application response type.
+      enum:
+      - rum_application
+      example: rum_application
+      type: string
+      x-enum-varnames:
+      - RUM_APPLICATION
+    RUMApplicationUpdate:
+      description: RUM application update.
+      properties:
+        attributes:
+          $ref: '#/components/schemas/RUMApplicationUpdateAttributes'
+        id:
+          description: RUM application ID.
+          example: abcd1234-0000-0000-abcd-1234abcd5678
+          type: string
+        type:
+          $ref: '#/components/schemas/RUMApplicationUpdateType'
+      required:
+      - id
+      - type
+      type: object
+    RUMApplicationUpdateAttributes:
+      description: RUM application update attributes.
+      properties:
+        name:
+          description: Name of the RUM application.
+          example: updated_name_for_my_existing_rum_application
+          type: string
+        type:
+          description: Type of the RUM application. Supported values are `browser`,
+            `ios`, `android`, `react-native`, `flutter`.
+          example: browser
+          type: string
+      type: object
+    RUMApplicationUpdateRequest:
+      description: RUM application update request.
+      properties:
+        data:
+          $ref: '#/components/schemas/RUMApplicationUpdate'
+      required:
+      - data
+      type: object
+    RUMApplicationUpdateType:
+      default: rum_application_update
+      description: RUM application update type.
+      enum:
+      - rum_application_update
+      example: rum_application_update
+      type: string
+      x-enum-varnames:
+      - RUM_APPLICATION_UPDATE
+    RUMApplicationsResponse:
+      description: RUM applications response.
+      properties:
+        data:
+          description: RUM applications array response.
+          items:
+            $ref: '#/components/schemas/RUMApplication'
+          type: array
+      type: object
     RUMBucketResponse:
       description: Bucket values.
       properties:
@@ -5962,13 +6453,37 @@ components:
             from the other indexes
           type: string
       type: object
-    RelationshipToIncidentIntegrationMetadataData:
-      description: A relationship reference for an integration metadata object.
-      example:
-        id: 00000000-abcd-0002-0000-000000000000
-        type: incident_integrations
+    RelationshipToIncidentAttachment:
+      description: A relationship reference for attachments.
       properties:
-        id:
+        data:
+          description: An array of incident attachments.
+          items:
+            $ref: '#/components/schemas/RelationshipToIncidentAttachmentData'
+          type: array
+      required:
+      - data
+      type: object
+    RelationshipToIncidentAttachmentData:
+      description: The attachment relationship data.
+      properties:
+        id:
+          description: A unique identifier that represents the attachment.
+          example: 00000000-0000-abcd-1000-000000000000
+          type: string
+        type:
+          $ref: '#/components/schemas/IncidentAttachmentType'
+      required:
+      - id
+      - type
+      type: object
+    RelationshipToIncidentIntegrationMetadataData:
+      description: A relationship reference for an integration metadata object.
+      example:
+        id: 00000000-abcd-0002-0000-000000000000
+        type: incident_integrations
+      properties:
+        id:
           description: A unique identifier that represents the integration metadata.
           example: 00000000-abcd-0001-0000-000000000000
           type: string
@@ -6345,6 +6860,8 @@ components:
           description: The unique identifier of the role.
           example: 00000000-0000-1111-0000-000000000000
           type: string
+        relationships:
+          $ref: '#/components/schemas/RoleRelationships'
         type:
           $ref: '#/components/schemas/RolesType'
       required:
@@ -6757,62 +7274,9 @@ components:
       type: object
     SecurityMonitoringRuleCreatePayload:
       description: Create a new rule.
-      properties:
-        cases:
-          description: Cases for generating signals.
-          example: []
-          items:
-            $ref: '#/components/schemas/SecurityMonitoringRuleCaseCreate'
-          type: array
-        filters:
-          description: Additional queries to filter matched events before they are
-            processed.
-          items:
-            $ref: '#/components/schemas/SecurityMonitoringFilter'
-          type: array
-        hasExtendedTitle:
-          description: Whether the notifications include the triggering group-by values
-            in their title.
-          example: true
-          type: boolean
-        isEnabled:
-          description: Whether the rule is enabled.
-          example: true
-          type: boolean
-        message:
-          description: Message for generated signals.
-          example: ''
-          type: string
-        name:
-          description: The name of the rule.
-          example: My security monitoring rule.
-          type: string
-        options:
-          $ref: '#/components/schemas/SecurityMonitoringRuleOptions'
-        queries:
-          description: Queries for selecting logs which are part of the rule.
-          example: []
-          items:
-            $ref: '#/components/schemas/SecurityMonitoringRuleQueryCreate'
-          type: array
-        tags:
-          description: Tags for generated signals.
-          example:
-          - env:prod
-          - team:security
-          items:
-            description: Tag.
-            type: string
-          type: array
-        type:
-          $ref: '#/components/schemas/SecurityMonitoringRuleTypeCreate'
-      required:
-      - name
-      - isEnabled
-      - queries
-      - options
-      - cases
-      - message
+      oneOf:
+      - $ref: '#/components/schemas/SecurityMonitoringStandardRuleCreatePayload'
+      - $ref: '#/components/schemas/SecurityMonitoringSignalRuleCreatePayload'
       type: object
     SecurityMonitoringRuleDecreaseCriticalityBasedOnEnv:
       description: 'If true, signals in non-production environments have a lower severity
@@ -7037,39 +7501,9 @@ components:
       type: object
     SecurityMonitoringRuleQuery:
       description: Query for matching rule.
-      properties:
-        aggregation:
-          $ref: '#/components/schemas/SecurityMonitoringRuleQueryAggregation'
-        distinctFields:
-          description: Field for which the cardinality is measured. Sent as an array.
-          items:
-            description: Field.
-            type: string
-          type: array
-        groupByFields:
-          description: Fields to group by.
-          items:
-            description: Field.
-            type: string
-          type: array
-        metric:
-          description: 'The target field to aggregate over when using the sum or max
-
-            aggregations.'
-          type: string
-        metrics:
-          description: Group of target fields to aggregate over when using the new
-            value aggregations.
-          items:
-            description: Field.
-            type: string
-          type: array
-        name:
-          description: Name of the query.
-          type: string
-        query:
-          description: Query to run on logs.
-          type: string
+      oneOf:
+      - $ref: '#/components/schemas/SecurityMonitoringStandardRuleQuery'
+      - $ref: '#/components/schemas/SecurityMonitoringSignalRuleQuery'
       type: object
     SecurityMonitoringRuleQueryAggregation:
       description: The aggregation type.
@@ -7080,6 +7514,7 @@ components:
       - max
       - new_value
       - geo_data
+      - event_count
       type: string
       x-enum-varnames:
       - COUNT
@@ -7088,112 +7523,13 @@ components:
       - MAX
       - NEW_VALUE
       - GEO_DATA
-    SecurityMonitoringRuleQueryCreate:
-      description: Query for matching rule.
-      properties:
-        aggregation:
-          $ref: '#/components/schemas/SecurityMonitoringRuleQueryAggregation'
-        distinctFields:
-          description: Field for which the cardinality is measured. Sent as an array.
-          items:
-            description: Field.
-            type: string
-          type: array
-        groupByFields:
-          description: Fields to group by.
-          items:
-            description: Field.
-            type: string
-          type: array
-        metric:
-          description: 'The target field to aggregate over when using the sum or max
-
-            aggregations.'
-          type: string
-        metrics:
-          description: Group of target fields to aggregate over when using the new
-            value aggregations.
-          items:
-            description: Field.
-            type: string
-          type: array
-        name:
-          description: Name of the query.
-          type: string
-        query:
-          description: Query to run on logs.
-          example: a > 3
-          type: string
-      required:
-      - query
-      type: object
+      - EVENT_COUNT
     SecurityMonitoringRuleResponse:
-      description: Rule.
-      properties:
-        cases:
-          description: Cases for generating signals.
-          items:
-            $ref: '#/components/schemas/SecurityMonitoringRuleCase'
-          type: array
-        createdAt:
-          description: When the rule was created, timestamp in milliseconds.
-          format: int64
-          type: integer
-        creationAuthorId:
-          description: User ID of the user who created the rule.
-          format: int64
-          type: integer
-        filters:
-          description: Additional queries to filter matched events before they are
-            processed.
-          items:
-            $ref: '#/components/schemas/SecurityMonitoringFilter'
-          type: array
-        hasExtendedTitle:
-          description: Whether the notifications include the triggering group-by values
-            in their title.
-          type: boolean
-        id:
-          description: The ID of the rule.
-          type: string
-        isDefault:
-          description: Whether the rule is included by default.
-          type: boolean
-        isDeleted:
-          description: Whether the rule has been deleted.
-          type: boolean
-        isEnabled:
-          description: Whether the rule is enabled.
-          type: boolean
-        message:
-          description: Message for generated signals.
-          type: string
-        name:
-          description: The name of the rule.
-          type: string
-        options:
-          $ref: '#/components/schemas/SecurityMonitoringRuleOptions'
-        queries:
-          description: Queries for selecting logs which are part of the rule.
-          items:
-            $ref: '#/components/schemas/SecurityMonitoringRuleQuery'
-          type: array
-        tags:
-          description: Tags for generated signals.
-          items:
-            description: Tag.
-            type: string
-          type: array
-        type:
-          $ref: '#/components/schemas/SecurityMonitoringRuleTypeRead'
-        updateAuthorId:
-          description: User ID of the user who updated the rule.
-          format: int64
-          type: integer
-        version:
-          description: The version of the rule.
-          format: int64
-          type: integer
+      description: Create a new rule.
+      oneOf:
+      - $ref: '#/components/schemas/SecurityMonitoringStandardRuleResponse'
+      - $ref: '#/components/schemas/SecurityMonitoringSignalRuleResponse'
+      type: object
     SecurityMonitoringRuleSeverity:
       description: Severity of the Security Signal.
       enum:
@@ -7453,7 +7789,173 @@ components:
           format: int32
           maximum: 1000
           type: integer
-      type: object
+      type: object
+    SecurityMonitoringSignalRuleCreatePayload:
+      description: Create a new signal correlation rule.
+      properties:
+        cases:
+          description: Cases for generating signals.
+          example: []
+          items:
+            $ref: '#/components/schemas/SecurityMonitoringRuleCaseCreate'
+          type: array
+        filters:
+          description: Additional queries to filter matched events before they are
+            processed.
+          items:
+            $ref: '#/components/schemas/SecurityMonitoringFilter'
+          type: array
+        hasExtendedTitle:
+          description: Whether the notifications include the triggering group-by values
+            in their title.
+          example: true
+          type: boolean
+        isEnabled:
+          description: Whether the rule is enabled.
+          example: true
+          type: boolean
+        message:
+          description: Message for generated signals.
+          example: ''
+          type: string
+        name:
+          description: The name of the rule.
+          example: My security monitoring rule.
+          type: string
+        options:
+          $ref: '#/components/schemas/SecurityMonitoringRuleOptions'
+        queries:
+          description: Queries for selecting signals which are part of the rule.
+          example: []
+          items:
+            $ref: '#/components/schemas/SecurityMonitoringSignalRuleQuery'
+          type: array
+        tags:
+          description: Tags for generated signals.
+          example:
+          - env:prod
+          - team:security
+          items:
+            description: Tag.
+            type: string
+          type: array
+        type:
+          $ref: '#/components/schemas/SecurityMonitoringSignalRuleType'
+      required:
+      - name
+      - isEnabled
+      - queries
+      - options
+      - cases
+      - message
+      type: object
+    SecurityMonitoringSignalRuleQuery:
+      description: Query for matching rule on signals
+      properties:
+        aggregation:
+          $ref: '#/components/schemas/SecurityMonitoringRuleQueryAggregation'
+        correlatedByFields:
+          description: Fields to group by.
+          items:
+            description: Field.
+            type: string
+          type: array
+        correlatedQueryIndex:
+          description: Index of the rule query used to retrieve the correlated field.
+          format: int32
+          maximum: 9
+          type: integer
+        metrics:
+          description: Group of target fields to aggregate over when using the new
+            value aggregations.
+          items:
+            description: Field.
+            type: string
+          type: array
+        name:
+          description: Name of the query.
+          type: string
+        ruleId:
+          description: Rule ID to match on signals.
+          example: d3f-ru1-e1d
+          type: string
+      required:
+      - ruleId
+      type: object
+    SecurityMonitoringSignalRuleResponse:
+      description: Rule.
+      properties:
+        cases:
+          description: Cases for generating signals.
+          items:
+            $ref: '#/components/schemas/SecurityMonitoringRuleCase'
+          type: array
+        createdAt:
+          description: When the rule was created, timestamp in milliseconds.
+          format: int64
+          type: integer
+        creationAuthorId:
+          description: User ID of the user who created the rule.
+          format: int64
+          type: integer
+        filters:
+          description: Additional queries to filter matched events before they are
+            processed.
+          items:
+            $ref: '#/components/schemas/SecurityMonitoringFilter'
+          type: array
+        hasExtendedTitle:
+          description: Whether the notifications include the triggering group-by values
+            in their title.
+          type: boolean
+        id:
+          description: The ID of the rule.
+          type: string
+        isDefault:
+          description: Whether the rule is included by default.
+          type: boolean
+        isDeleted:
+          description: Whether the rule has been deleted.
+          type: boolean
+        isEnabled:
+          description: Whether the rule is enabled.
+          type: boolean
+        message:
+          description: Message for generated signals.
+          type: string
+        name:
+          description: The name of the rule.
+          type: string
+        options:
+          $ref: '#/components/schemas/SecurityMonitoringRuleOptions'
+        queries:
+          description: Queries for selecting logs which are part of the rule.
+          items:
+            $ref: '#/components/schemas/SecurityMonitoringSignalRuleQuery'
+          type: array
+        tags:
+          description: Tags for generated signals.
+          items:
+            description: Tag.
+            type: string
+          type: array
+        type:
+          $ref: '#/components/schemas/SecurityMonitoringSignalRuleType'
+        updateAuthorId:
+          description: User ID of the user who updated the rule.
+          format: int64
+          type: integer
+        version:
+          description: The version of the rule.
+          format: int64
+          type: integer
+    SecurityMonitoringSignalRuleType:
+      description: The rule type.
+      enum:
+      - signal_correlation
+      type: string
+      x-enum-varnames:
+      - SIGNAL_CORRELATION
     SecurityMonitoringSignalState:
       description: The new triage state of the signal.
       enum:
@@ -7610,6 +8112,171 @@ components:
       x-enum-varnames:
       - TIMESTAMP_ASCENDING
       - TIMESTAMP_DESCENDING
+    SecurityMonitoringStandardRuleCreatePayload:
+      description: Create a new rule.
+      properties:
+        cases:
+          description: Cases for generating signals.
+          example: []
+          items:
+            $ref: '#/components/schemas/SecurityMonitoringRuleCaseCreate'
+          type: array
+        filters:
+          description: Additional queries to filter matched events before they are
+            processed.
+          items:
+            $ref: '#/components/schemas/SecurityMonitoringFilter'
+          type: array
+        hasExtendedTitle:
+          description: Whether the notifications include the triggering group-by values
+            in their title.
+          example: true
+          type: boolean
+        isEnabled:
+          description: Whether the rule is enabled.
+          example: true
+          type: boolean
+        message:
+          description: Message for generated signals.
+          example: ''
+          type: string
+        name:
+          description: The name of the rule.
+          example: My security monitoring rule.
+          type: string
+        options:
+          $ref: '#/components/schemas/SecurityMonitoringRuleOptions'
+        queries:
+          description: Queries for selecting logs which are part of the rule.
+          example: []
+          items:
+            $ref: '#/components/schemas/SecurityMonitoringStandardRuleQuery'
+          type: array
+        tags:
+          description: Tags for generated signals.
+          example:
+          - env:prod
+          - team:security
+          items:
+            description: Tag.
+            type: string
+          type: array
+        type:
+          $ref: '#/components/schemas/SecurityMonitoringRuleTypeCreate'
+      required:
+      - name
+      - isEnabled
+      - queries
+      - options
+      - cases
+      - message
+      type: object
+    SecurityMonitoringStandardRuleQuery:
+      description: Query for matching rule.
+      properties:
+        aggregation:
+          $ref: '#/components/schemas/SecurityMonitoringRuleQueryAggregation'
+        distinctFields:
+          description: Field for which the cardinality is measured. Sent as an array.
+          items:
+            description: Field.
+            type: string
+          type: array
+        groupByFields:
+          description: Fields to group by.
+          items:
+            description: Field.
+            type: string
+          type: array
+        metric:
+          description: 'The target field to aggregate over when using the sum or max
+
+            aggregations.'
+          type: string
+        metrics:
+          description: Group of target fields to aggregate over when using the new
+            value aggregations.
+          items:
+            description: Field.
+            type: string
+          type: array
+        name:
+          description: Name of the query.
+          type: string
+        query:
+          description: Query to run on logs.
+          example: a > 3
+          type: string
+      required:
+      - query
+      type: object
+    SecurityMonitoringStandardRuleResponse:
+      description: Rule.
+      properties:
+        cases:
+          description: Cases for generating signals.
+          items:
+            $ref: '#/components/schemas/SecurityMonitoringRuleCase'
+          type: array
+        createdAt:
+          description: When the rule was created, timestamp in milliseconds.
+          format: int64
+          type: integer
+        creationAuthorId:
+          description: User ID of the user who created the rule.
+          format: int64
+          type: integer
+        filters:
+          description: Additional queries to filter matched events before they are
+            processed.
+          items:
+            $ref: '#/components/schemas/SecurityMonitoringFilter'
+          type: array
+        hasExtendedTitle:
+          description: Whether the notifications include the triggering group-by values
+            in their title.
+          type: boolean
+        id:
+          description: The ID of the rule.
+          type: string
+        isDefault:
+          description: Whether the rule is included by default.
+          type: boolean
+        isDeleted:
+          description: Whether the rule has been deleted.
+          type: boolean
+        isEnabled:
+          description: Whether the rule is enabled.
+          type: boolean
+        message:
+          description: Message for generated signals.
+          type: string
+        name:
+          description: The name of the rule.
+          type: string
+        options:
+          $ref: '#/components/schemas/SecurityMonitoringRuleOptions'
+        queries:
+          description: Queries for selecting logs which are part of the rule.
+          items:
+            $ref: '#/components/schemas/SecurityMonitoringStandardRuleQuery'
+          type: array
+        tags:
+          description: Tags for generated signals.
+          items:
+            description: Tag.
+            type: string
+          type: array
+        type:
+          $ref: '#/components/schemas/SecurityMonitoringRuleTypeRead'
+        updateAuthorId:
+          description: User ID of the user who updated the rule.
+          format: int64
+          type: integer
+        version:
+          description: The version of the rule.
+          format: int64
+          type: integer
     SecurityMonitoringTriageUser:
       description: Object representing a given user entity.
       properties:
@@ -8113,8 +8780,6 @@ paths:
       summary: Get all API keys
       tags:
       - Key Management
-      x-undo:
-        type: safe
     post:
       description: Create an API key.
       operationId: CreateAPIKey
@@ -8149,19 +8814,6 @@ paths:
       tags:
       - Key Management
       x-codegen-request-body-name: body
-      x-given:
-        api_key:
-          parameters:
-          - name: body
-            value: "{\n  \"data\": {\n    \"attributes\": {\n      \"name\": \"{{
-              unique }}\"\n    },\n    \"type\": \"api_keys\"\n  }\n}"
-          step: there is a valid "api_key" in the system
-      x-undo:
-        operationId: DeleteAPIKey
-        parameters:
-        - name: api_key_id
-          source: data.id
-        type: unsafe
   /api/v2/api_keys/{api_key_id}:
     delete:
       description: Delete an API key.
@@ -8188,8 +8840,6 @@ paths:
       summary: Delete an API key
       tags:
       - Key Management
-      x-undo:
-        type: idempotent
     get:
       description: Get an API key.
       operationId: GetAPIKey
@@ -8220,8 +8870,6 @@ paths:
       summary: Get API key
       tags:
       - Key Management
-      x-undo:
-        type: safe
     patch:
       description: Update an API key.
       operationId: UpdateAPIKey
@@ -8264,8 +8912,6 @@ paths:
       tags:
       - Key Management
       x-codegen-request-body-name: body
-      x-undo:
-        type: idempotent
   /api/v2/application_keys:
     get:
       description: List all application keys available for your org
@@ -8307,8 +8953,6 @@ paths:
       summary: Get all application keys
       tags:
       - Key Management
-      x-undo:
-        type: safe
   /api/v2/application_keys/{app_key_id}:
     delete:
       description: Delete an application key
@@ -8336,8 +8980,6 @@ paths:
       tags:
       - Key Management
       x-codegen-request-body-name: body
-      x-undo:
-        type: idempotent
     get:
       description: Get an application key for your org.
       operationId: GetApplicationKey
@@ -8374,8 +9016,6 @@ paths:
       summary: Get an application key
       tags:
       - Key Management
-      x-undo:
-        type: safe
     patch:
       description: Edit an application key
       operationId: UpdateApplicationKey
@@ -8418,8 +9058,6 @@ paths:
       tags:
       - Key Management
       x-codegen-request-body-name: body
-      x-undo:
-        type: idempotent
   /api/v2/audit/events:
     get:
       description: 'List endpoint returns events that match a Audit Logs search query.
@@ -8496,14 +9134,11 @@ paths:
       summary: Get a list of Audit Logs events
       tags:
       - Audit
-      x-menu-order: 2
       x-pagination:
         cursorParam: page[cursor]
         cursorPath: meta.page.after
         limitParam: page[limit]
         resultsPath: data
-      x-undo:
-        type: safe
   /api/v2/audit/events/search:
     post:
       description: 'List endpoint returns Audit Logs events that match an Audit search
@@ -8540,14 +9175,11 @@ paths:
       tags:
       - Audit
       x-codegen-request-body-name: body
-      x-menu-order: 1
       x-pagination:
         cursorParam: body.page.cursor
         cursorPath: meta.page.after
         limitParam: body.page.limit
         resultsPath: data
-      x-undo:
-        type: safe
   /api/v2/authn_mappings:
     get:
       description: List all AuthN Mappings in the org.
@@ -8589,10 +9221,7 @@ paths:
       summary: List all AuthN Mappings
       tags:
       - AuthN Mappings
-      x-menu-order: 4
       x-permission: OPEN()
-      x-undo:
-        type: safe
     post:
       description: Create an AuthN Mapping.
       operationId: CreateAuthNMapping
@@ -8638,25 +9267,7 @@ paths:
       tags:
       - AuthN Mappings
       x-codegen-request-body-name: body
-      x-given:
-        authn_mapping:
-          parameters:
-          - name: body
-            value: "{\n  \"data\": {\n    \"attributes\": {\n     \"attribute_key\":
-              \"{{ unique_lower_alnum }}\",\n     \"attribute_value\": \"{{ unique
-              }}\"\n    },\n    \"relationships\": {\n       \"role\": {\n         \"data\":
-              {\n           \"id\": \"{{ role.data.id }}\",\n           \"type\":
-              \"{{ role.data.type }}\"\n         }\n      }\n    },\n    \"type\":
-              \"authn_mappings\"\n  }\n}"
-          step: there is a valid "authn_mapping" in the system
-      x-menu-order: 5
       x-permission: OR(USER_ACCESS_MANAGE)
-      x-undo:
-        operationId: DeleteAuthNMapping
-        parameters:
-        - name: authn_mapping_id
-          source: data.id
-        type: unsafe
   /api/v2/authn_mappings/{authn_mapping_id}:
     delete:
       description: Delete an AuthN Mapping specified by AuthN Mapping UUID.
@@ -8688,10 +9299,7 @@ paths:
       summary: Delete an AuthN Mapping
       tags:
       - AuthN Mappings
-      x-menu-order: 3
       x-permission: OR(USER_ACCESS_MANAGE)
-      x-undo:
-        type: idempotent
     get:
       description: Get an AuthN Mapping specified by the AuthN Mapping UUID.
       operationId: GetAuthNMapping
@@ -8725,10 +9333,7 @@ paths:
       summary: Get an AuthN Mapping by UUID
       tags:
       - AuthN Mappings
-      x-menu-order: 1
       x-permission: OPEN()
-      x-undo:
-        type: safe
     patch:
       description: Edit an AuthN Mapping.
       operationId: UpdateAuthNMapping
@@ -8788,10 +9393,7 @@ paths:
       tags:
       - AuthN Mappings
       x-codegen-request-body-name: body
-      x-menu-order: 2
       x-permission: OR(USER_ACCESS_MANAGE)
-      x-undo:
-        type: idempotent
   /api/v2/current_user/application_keys:
     get:
       description: List all application keys available for current user
@@ -8833,8 +9435,6 @@ paths:
       summary: Get all application keys owned by current user
       tags:
       - Key Management
-      x-undo:
-        type: safe
     post:
       description: Create an application key for current user
       operationId: CreateCurrentUserApplicationKey
@@ -8869,19 +9469,6 @@ paths:
       tags:
       - Key Management
       x-codegen-request-body-name: body
-      x-given:
-        application_key:
-          parameters:
-          - name: body
-            value: "{\n  \"data\": {\n    \"attributes\": {\n      \"name\": \"{{
-              unique }}\"\n    },\n    \"type\": \"application_keys\"\n  }\n}"
-          step: there is a valid "application_key" in the system
-      x-undo:
-        operationId: DeleteCurrentUserApplicationKey
-        parameters:
-        - name: app_key_id
-          source: data.id
-        type: unsafe
   /api/v2/current_user/application_keys/{app_key_id}:
     delete:
       description: Delete an application key owned by current user
@@ -8908,8 +9495,6 @@ paths:
       summary: Delete an application key owned by current user
       tags:
       - Key Management
-      x-undo:
-        type: idempotent
     get:
       description: Get an application key owned by current user
       operationId: GetCurrentUserApplicationKey
@@ -8939,8 +9524,6 @@ paths:
       summary: Get one application key owned by current user
       tags:
       - Key Management
-      x-undo:
-        type: safe
     patch:
       description: Edit an application key owned by current user
       operationId: UpdateCurrentUserApplicationKey
@@ -8983,8 +9566,6 @@ paths:
       tags:
       - Key Management
       x-codegen-request-body-name: body
-      x-undo:
-        type: idempotent
   /api/v2/dashboard/lists/manual/{dashboard_list_id}/dashboards:
     delete:
       description: Delete dashboards from an existing dashboard list.
@@ -9035,9 +9616,6 @@ paths:
       tags:
       - Dashboard Lists
       x-codegen-request-body-name: body
-      x-menu-order: 4
-      x-undo:
-        type: idempotent
     get:
       description: "Fetch the dashboard list\u2019s dashboard definitions."
       operationId: GetDashboardListItems
@@ -9078,9 +9656,6 @@ paths:
       summary: Get items of a Dashboard List
       tags:
       - Dashboard Lists
-      x-menu-order: 1
-      x-undo:
-        type: safe
     post:
       description: Add dashboards to an existing dashboard list.
       operationId: CreateDashboardListItems
@@ -9130,26 +9705,6 @@ paths:
       tags:
       - Dashboard Lists
       x-codegen-request-body-name: body
-      x-given:
-        dashboard_list_dashboard:
-          parameters:
-          - name: dashboard_list_id
-            source: dashboard_list.id
-          - name: body
-            value: "{\n  \"dashboards\": [\n    {\n      \"id\": \"{{ dashboard.id
-              }}\",\n      \"type\": \"custom_timeboard\"\n    }\n  ]\n}"
-          step: the "dashboard_list" has the "dashboard"
-        dashboard_list_screenboard_dashboard:
-          parameters:
-          - name: dashboard_list_id
-            source: dashboard_list.id
-          - name: body
-            value: "{\n  \"dashboards\": [\n    {\n      \"id\": \"{{ screenboard_dashboard.id
-              }}\",\n      \"type\": \"custom_screenboard\"\n    }\n  ]\n}"
-          step: the "dashboard_list" has the "screenboard_dashboard"
-      x-menu-order: 2
-      x-undo:
-        type: safe
     put:
       description: Update dashboards of an existing dashboard list.
       operationId: UpdateDashboardListItems
@@ -9199,9 +9754,6 @@ paths:
       tags:
       - Dashboard Lists
       x-codegen-request-body-name: body
-      x-menu-order: 3
-      x-undo:
-        type: safe
   /api/v2/events:
     get:
       description: 'List endpoint returns events that match an events search query.
@@ -9275,14 +9827,11 @@ paths:
       summary: Get a list of events
       tags:
       - Events
-      x-menu-order: 1
       x-pagination:
         cursorParam: page[cursor]
         cursorPath: meta.page.after
         limitParam: page[limit]
         resultsPath: data
-      x-undo:
-        type: safe
       x-unstable: '**Note**: This endpoint is in private beta.
 
         For access, contact [Datadog support](https://docs.datadoghq.com/help/).'
@@ -9314,18 +9863,20 @@ paths:
           $ref: '#/components/responses/NotAuthorizedResponse'
         '429':
           $ref: '#/components/responses/TooManyRequestsResponse'
+      security:
+      - apiKeyAuth: []
+        appKeyAuth: []
+      - AuthZ:
+        - events_read
       summary: Search events
       tags:
       - Events
       x-codegen-request-body-name: body
-      x-menu-order: 2
       x-pagination:
         cursorParam: body.page.cursor
         cursorPath: meta.page.after
         limitParam: body.page.limit
         resultsPath: data
-      x-undo:
-        type: safe
       x-unstable: '**Note**: This endpoint is in private beta.
 
         For access, contact [Datadog support](https://docs.datadoghq.com/help/).'
@@ -9366,8 +9917,6 @@ paths:
         limitParam: page[size]
         pageOffsetParam: page[offset]
         resultsPath: data
-      x-undo:
-        type: safe
       x-unstable: '**Note**: This endpoint is in public beta.
 
         If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).'
@@ -9407,20 +9956,6 @@ paths:
       tags:
       - Incidents
       x-codegen-request-body-name: body
-      x-given:
-        incident:
-          parameters:
-          - name: body
-            value: "{\n  \"data\": {\n    \"attributes\": {\n      \"title\": \"{{
-              unique }}\",\n      \"customer_impacted\": false\n     },\n     \"type\":
-              \"incidents\"\n  }\n}"
-          step: there is a valid "incident" in the system
-      x-undo:
-        operationId: DeleteIncident
-        parameters:
-        - name: incident_id
-          source: data.id
-        type: unsafe
       x-unstable: '**Note**: This endpoint is in public beta.
 
         If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).'
@@ -9451,8 +9986,6 @@ paths:
       summary: Delete an existing incident
       tags:
       - Incidents
-      x-undo:
-        type: idempotent
       x-unstable: '**Note**: This endpoint is in public beta.
 
         If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).'
@@ -9487,8 +10020,6 @@ paths:
       summary: Get the details of an incident
       tags:
       - Incidents
-      x-undo:
-        type: safe
       x-unstable: '**Note**: This endpoint is in public beta.
 
         If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).'
@@ -9511,7 +10042,86 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/IncidentResponse'
+                $ref: '#/components/schemas/IncidentResponse'
+          description: OK
+        '400':
+          $ref: '#/components/responses/BadRequestResponse'
+        '401':
+          $ref: '#/components/responses/UnauthorizedResponse'
+        '403':
+          $ref: '#/components/responses/ForbiddenResponse'
+        '404':
+          $ref: '#/components/responses/NotFoundResponse'
+        '429':
+          $ref: '#/components/responses/TooManyRequestsResponse'
+      security:
+      - apiKeyAuth: []
+        appKeyAuth: []
+      - AuthZ:
+        - incident_write
+      summary: Update an existing incident
+      tags:
+      - Incidents
+      x-codegen-request-body-name: body
+      x-unstable: '**Note**: This endpoint is in public beta.
+
+        If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).'
+  /api/v2/incidents/{incident_id}/attachments:
+    get:
+      description: Get all attachments for a given incident.
+      operationId: ListIncidentAttachments
+      parameters:
+      - $ref: '#/components/parameters/IncidentIDPathParameter'
+      - $ref: '#/components/parameters/IncidentAttachmentIncludeQueryParameter'
+      - $ref: '#/components/parameters/IncidentAttachmentFilterQueryParameter'
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/IncidentAttachmentsResponse'
+          description: OK
+        '400':
+          $ref: '#/components/responses/BadRequestResponse'
+        '401':
+          $ref: '#/components/responses/UnauthorizedResponse'
+        '403':
+          $ref: '#/components/responses/ForbiddenResponse'
+        '404':
+          $ref: '#/components/responses/NotFoundResponse'
+        '429':
+          $ref: '#/components/responses/TooManyRequestsResponse'
+      security:
+      - apiKeyAuth: []
+        appKeyAuth: []
+      - AuthZ:
+        - incident_read
+      summary: Get a list of attachments
+      tags:
+      - Incidents
+      x-unstable: '**Note**: This endpoint is in public beta.
+
+        If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).'
+    patch:
+      description: The bulk update endpoint for creating, updating, and deleting attachments
+        for a given incident.
+      operationId: UpdateIncidentAttachments
+      parameters:
+      - $ref: '#/components/parameters/IncidentIDPathParameter'
+      - $ref: '#/components/parameters/IncidentAttachmentIncludeQueryParameter'
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/IncidentAttachmentUpdateRequest'
+        description: Incident Attachment Payload.
+        required: true
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/IncidentAttachmentUpdateResponse'
           description: OK
         '400':
           $ref: '#/components/responses/BadRequestResponse'
@@ -9523,17 +10133,10 @@ paths:
           $ref: '#/components/responses/NotFoundResponse'
         '429':
           $ref: '#/components/responses/TooManyRequestsResponse'
-      security:
-      - apiKeyAuth: []
-        appKeyAuth: []
-      - AuthZ:
-        - incident_write
-      summary: Update an existing incident
+      summary: Create, update, and delete incident attachments
       tags:
       - Incidents
       x-codegen-request-body-name: body
-      x-undo:
-        type: idempotent
       x-unstable: '**Note**: This endpoint is in public beta.
 
         If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).'
@@ -9555,9 +10158,6 @@ paths:
       summary: Get all service objects
       tags:
       - Opsgenie Integration
-      x-menu-order: 1
-      x-undo:
-        type: safe
     post:
       description: Create a new service object in the Opsgenie integration.
       operationId: CreateOpsgenieService
@@ -9587,22 +10187,6 @@ paths:
       tags:
       - Opsgenie Integration
       x-codegen-request-body-name: body
-      x-given:
-        opsgenie_service:
-          parameters:
-          - name: body
-            value: "{\n  \"data\": {\n    \"attributes\": {\n      \"name\": \"{{
-              unique }}\",\n      \"opsgenie_api_key\": \"00000000-0000-0000-0000-000000000000\",\n
-              \     \"region\": \"us\"\n     },\n     \"type\": \"opsgenie-service\"\n
-              \ }\n}"
-          step: there is a valid "opsgenie_service" in the system
-      x-menu-order: 2
-      x-undo:
-        operationId: DeleteOpsgenieService
-        parameters:
-        - name: integration_service_id
-          source: data.id
-        type: unsafe
   /api/v2/integration/opsgenie/services/{integration_service_id}:
     delete:
       description: Delete a single service object in the Datadog Opsgenie integration.
@@ -9623,9 +10207,6 @@ paths:
       summary: Delete a single service object
       tags:
       - Opsgenie Integration
-      x-menu-order: 5
-      x-undo:
-        type: idempotent
     get:
       description: Get a single service from the Datadog Opsgenie integration.
       operationId: GetOpsgenieService
@@ -9651,9 +10232,6 @@ paths:
       summary: Get a single service object
       tags:
       - Opsgenie Integration
-      x-menu-order: 3
-      x-undo:
-        type: safe
     patch:
       description: Update a single service object in the Datadog Opsgenie integration.
       operationId: UpdateOpsgenieService
@@ -9687,9 +10265,6 @@ paths:
       tags:
       - Opsgenie Integration
       x-codegen-request-body-name: body
-      x-menu-order: 4
-      x-undo:
-        type: idempotent
   /api/v2/logs:
     post:
       description: 'Send your logs to your Datadog platform over HTTP. Limits per
@@ -9764,17 +10339,27 @@ paths:
                 description: Pass multiple log objects at once.
                 summary: Multi JSON Messages
                 value:
-                - message: hello
-                - message: world
+                - ddsource: nginx
+                  ddtags: env:staging,version:5.1
+                  hostname: i-012345678
+                  message: 2019-11-19T14:37:58,995 INFO [process.name][20081] Hello
+                  service: payment
+                - ddsource: nginx
+                  ddtags: env:staging,version:5.1
+                  hostname: i-012345679
+                  message: 2019-11-19T14:37:58,995 INFO [process.name][20081] World
+                  service: payment
               simple-json-message:
                 description: Log attributes can be passed as `key:value` pairs in
                   valid JSON messages.
                 summary: Simple JSON Message
                 value:
-                  ddsource: agent
-                  ddtags: env:prod,user:joe.doe
-                  hostname: fa1e1e739d95
-                  message: hello world
+                  ddsource: nginx
+                  ddtags: env:staging,version:5.1
+                  hostname: i-012345678
+                  message: 2019-11-19T14:37:58,995 INFO [process.name][20081] Hello
+                    World
+                  service: payment
             schema:
               $ref: '#/components/schemas/HTTPLog'
           application/logplex-1:
@@ -9782,13 +10367,13 @@ paths:
               multi-raw-message:
                 description: Submit log messages.
                 summary: Multi Logplex Messages
-                value: 'hello
+                value: '2019-11-19T14:37:58,995 INFO [process.name][20081] Hello
 
-                  world'
+                  2019-11-19T14:37:58,995 INFO [process.name][20081] World'
               simple-logplex-message:
                 description: Submit log string.
                 summary: Simple Logplex Message
-                value: hello world
+                value: 2019-11-19T14:37:58,995 INFO [process.name][20081] Hello World
             schema:
               type: string
           text/plain:
@@ -9796,9 +10381,9 @@ paths:
               multi-raw-message:
                 description: Submit log string.
                 summary: Multi Raw Messages
-                value: 'hello
+                value: '2019-11-19T14:37:58,995 INFO [process.name][20081] Hello
 
-                  world
+                  2019-11-19T14:37:58,995 INFO [process.name][20081] World
 
                   '
               simple-raw-message:
@@ -9806,7 +10391,7 @@ paths:
                   parameters in the URL. This enables the addition of tags or the
                   source by using the `ddtags` and `ddsource` parameters: `?host=my-hostname&service=my-service&ddsource=my-source&ddtags=env:prod,user:my-user`.'
                 summary: Simple Raw Message
-                value: hello world
+                value: 2019-11-19T14:37:58,995 INFO [process.name][20081] Hello World
             schema:
               type: string
         description: Log to send (JSON format).
@@ -9903,9 +10488,6 @@ paths:
       tags:
       - Logs
       x-codegen-request-body-name: body
-      x-menu-order: 1
-      x-undo:
-        type: safe
   /api/v2/logs/analytics/aggregate:
     post:
       description: The API endpoint to aggregate events into buckets and compute metrics
@@ -9934,9 +10516,6 @@ paths:
       tags:
       - Logs
       x-codegen-request-body-name: body
-      x-menu-order: 1
-      x-undo:
-        type: safe
   /api/v2/logs/config/archive-order:
     get:
       description: 'Get the current order of your archives.
@@ -9965,9 +10544,6 @@ paths:
       summary: Get archive order
       tags:
       - Logs Archives
-      x-menu-order: 9
-      x-undo:
-        type: safe
     put:
       description: 'Update the order of your archives. Since logs are processed sequentially,
         reordering an archive may change
@@ -10018,9 +10594,6 @@ paths:
       tags:
       - Logs Archives
       x-codegen-request-body-name: body
-      x-menu-order: 10
-      x-undo:
-        type: safe
   /api/v2/logs/config/archives:
     get:
       description: Get the list of configured logs archives with their definitions.
@@ -10047,9 +10620,6 @@ paths:
       summary: Get all archives
       tags:
       - Logs Archives
-      x-menu-order: 1
-      x-undo:
-        type: safe
     post:
       description: Create an archive in your organization.
       operationId: CreateLogsArchive
@@ -10085,13 +10655,6 @@ paths:
       tags:
       - Logs Archives
       x-codegen-request-body-name: body
-      x-menu-order: 2
-      x-undo:
-        operationId: DeleteLogsArchive
-        parameters:
-        - name: archive_id
-          source: data.id
-        type: unsafe
   /api/v2/logs/config/archives/{archive_id}:
     delete:
       description: Delete a given archive from your organization.
@@ -10124,9 +10687,6 @@ paths:
       summary: Delete an archive
       tags:
       - Logs Archives
-      x-menu-order: 5
-      x-undo:
-        type: idempotent
     get:
       description: Get a specific archive from your organization.
       operationId: GetLogsArchive
@@ -10166,9 +10726,6 @@ paths:
       summary: Get an archive
       tags:
       - Logs Archives
-      x-menu-order: 3
-      x-undo:
-        type: safe
     put:
       description: 'Update a given archive configuration.
 
@@ -10217,9 +10774,6 @@ paths:
       tags:
       - Logs Archives
       x-codegen-request-body-name: body
-      x-menu-order: 4
-      x-undo:
-        type: safe
   /api/v2/logs/config/archives/{archive_id}/readers:
     delete:
       description: Removes a role from an archive. ([Roles API](https://docs.datadoghq.com/api/v2/roles/))
@@ -10259,9 +10813,6 @@ paths:
       tags:
       - Logs Archives
       x-codegen-request-body-name: body
-      x-menu-order: 8
-      x-undo:
-        type: idempotent
     get:
       description: Returns all read roles a given archive is restricted to.
       operationId: ListArchiveReadRoles
@@ -10302,9 +10853,6 @@ paths:
       tags:
       - Logs Archives
       x-codegen-request-body-name: body
-      x-menu-order: 6
-      x-undo:
-        type: safe
     post:
       description: Adds a read role to an archive. ([Roles API](https://docs.datadoghq.com/api/v2/roles/))
       operationId: AddReadRoleToArchive
@@ -10343,9 +10891,6 @@ paths:
       tags:
       - Logs Archives
       x-codegen-request-body-name: body
-      x-menu-order: 7
-      x-undo:
-        type: unsafe
   /api/v2/logs/config/metrics:
     get:
       description: Get the list of configured log-based metrics with their definitions.
@@ -10368,9 +10913,6 @@ paths:
       summary: Get all log-based metrics
       tags:
       - Logs Metrics
-      x-menu-order: 1
-      x-undo:
-        type: safe
     post:
       description: 'Create a metric based on your ingested logs in your organization.
 
@@ -10403,22 +10945,6 @@ paths:
       tags:
       - Logs Metrics
       x-codegen-request-body-name: body
-      x-given:
-        logs_metric:
-          parameters:
-          - name: body
-            value: "{\n  \"data\": {\n    \"id\": \"{{ unique }}\",\n    \"attributes\":
-              {\n      \"filter\": {\n        \"query\": \"source:{{ unique }}\"\n
-              \     },\n      \"compute\": {\n        \"aggregation_type\": \"count\"\n
-              \     }\n    },\n    \"type\": \"logs_metrics\"\n  }\n}"
-          step: there is a valid "logs_metric" in the system
-      x-menu-order: 2
-      x-undo:
-        operationId: DeleteLogsMetric
-        parameters:
-        - name: metric_id
-          source: data.id
-        type: unsafe
   /api/v2/logs/config/metrics/{metric_id}:
     delete:
       description: Delete a specific log-based metric from your organization.
@@ -10437,9 +10963,6 @@ paths:
       summary: Delete a log-based metric
       tags:
       - Logs Metrics
-      x-menu-order: 5
-      x-undo:
-        type: idempotent
     get:
       description: Get a specific log-based metric from your organization.
       operationId: GetLogsMetric
@@ -10465,9 +10988,6 @@ paths:
       summary: Get a log-based metric
       tags:
       - Logs Metrics
-      x-menu-order: 3
-      x-undo:
-        type: safe
     patch:
       description: 'Update a specific log-based metric from your organization.
 
@@ -10502,9 +11022,6 @@ paths:
       tags:
       - Logs Metrics
       x-codegen-request-body-name: body
-      x-menu-order: 4
-      x-undo:
-        type: idempotent
   /api/v2/logs/events:
     get:
       description: 'List endpoint returns logs that match a log search query.
@@ -10599,14 +11116,11 @@ paths:
       summary: Get a list of logs
       tags:
       - Logs
-      x-menu-order: 3
       x-pagination:
         cursorParam: page[cursor]
         cursorPath: meta.page.after
         limitParam: page[limit]
         resultsPath: data
-      x-undo:
-        type: safe
   /api/v2/logs/events/search:
     post:
       description: 'List endpoint returns logs that match a log search query.
@@ -10651,22 +11165,17 @@ paths:
       tags:
       - Logs
       x-codegen-request-body-name: body
-      x-menu-order: 2
       x-pagination:
         cursorParam: body.page.cursor
         cursorPath: meta.page.after
         limitParam: body.page.limit
         resultsPath: data
-      x-undo:
-        type: safe
   /api/v2/metrics:
     get:
-      description: 'Returns all configured count/gauge/rate/distribution metric names
-
-        (with additional filters if specified).'
+      description: Returns all metrics (matching additional filters if specified).
       operationId: ListTagConfigurations
       parameters:
-      - description: Filter metrics that have configured tags.
+      - description: Filter custom metrics that have configured tags.
         example: true
         in: query
         name: filter[configured]
@@ -10681,7 +11190,7 @@ paths:
         schema:
           description: Tag keys to filter by.
           type: string
-      - description: Filter tag configurations by metric type.
+      - description: Filter metrics by metric type.
         in: query
         name: filter[metric_type]
         required: false
@@ -10696,10 +11205,21 @@ paths:
         required: false
         schema:
           type: boolean
+      - description: 'Filter custom metrics that have or have not been queried in
+          the specified window[seconds].
+
+          If no window is provided or the window is less than 2 hours, a default of
+          2 hours will be applied.'
+        example: true
+        in: query
+        name: filter[queried]
+        required: false
+        schema:
+          type: boolean
       - description: 'Filter metrics that have been submitted with the given tags.
           Supports boolean and wildcard expressions.
 
-          Cannot be combined with other filters.'
+          Can only be combined with the filter[queried] filter.'
         example: env IN (staging,test) AND service:web
         in: query
         name: filter[tags]
@@ -10707,9 +11227,9 @@ paths:
         schema:
           type: string
       - description: 'The number of seconds of look back (from now) to apply to a
-          filter[tag] query.
+          filter[tag] or filter[queried] query.
 
-          Defaults value is 3600 (1 hour), maximum value is 172,800 (2 days).'
+          Defaults value is 3600 (1 hour), maximum value is 1,209,600 (2 weeks).'
         example: 3600
         in: query
         name: window[seconds]
@@ -10747,12 +11267,9 @@ paths:
         appKeyAuth: []
       - AuthZ:
         - metrics_read
-      summary: List tag configurations
+      summary: Get a list of metrics
       tags:
       - Metrics
-      x-menu-order: 5
-      x-undo:
-        type: safe
   /api/v2/metrics/config/bulk-tags:
     delete:
       description: 'Delete all custom lists of queryable tag keys for a set of existing
@@ -10807,9 +11324,6 @@ paths:
       tags:
       - Metrics
       x-codegen-request-body-name: body
-      x-menu-order: 9
-      x-undo:
-        type: idempotent
     post:
       description: 'Create and define a list of queryable tag keys for a set of existing
         count, gauge, rate, and distribution metrics.
@@ -10869,13 +11383,63 @@ paths:
       tags:
       - Metrics
       x-codegen-request-body-name: body
-      x-menu-order: 8
-      x-undo:
-        operationId: DeleteBulkTagsMetricsConfiguration
-        parameters:
-        - name: body
-          source: ''
-        type: unsafe
+  /api/v2/metrics/{metric_name}/active-configurations:
+    get:
+      description: List tags and aggregations that are actively queried on dashboards
+        and monitors for a given metric name.
+      operationId: ListActiveMetricConfigurations
+      parameters:
+      - $ref: '#/components/parameters/MetricName'
+      - description: 'The number of seconds of look back (from now).
+
+          Default value is 604,800 (1 week), minimum value is 7200 (2 hours), maximum
+          value is 2,630,000 (1 month).'
+        example: 7200
+        in: query
+        name: window[seconds]
+        required: false
+        schema:
+          format: int64
+          type: integer
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/MetricSuggestedTagsAndAggregationsResponse'
+          description: Success
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/APIErrorResponse'
+          description: Bad Request
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/APIErrorResponse'
+          description: Forbidden
+        '404':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/APIErrorResponse'
+          description: Not Found
+        '429':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/APIErrorResponse'
+          description: Too Many Requests
+      security:
+      - apiKeyAuth: []
+        appKeyAuth: []
+      - AuthZ:
+        - metrics_read
+      summary: List active tags and aggregations
+      tags:
+      - Metrics
   /api/v2/metrics/{metric_name}/all-tags:
     get:
       description: View indexed tag key-value pairs for a given metric name.
@@ -10920,9 +11484,6 @@ paths:
       summary: List tags by metric name
       tags:
       - Metrics
-      x-menu-order: 6
-      x-undo:
-        type: safe
   /api/v2/metrics/{metric_name}/estimate:
     get:
       description: Returns the estimated cardinality for a metric with a given tag,
@@ -11018,12 +11579,9 @@ paths:
           staging_low_urgency: '@slack-points-aggr-stg-ops'
         team: points-aggregation
         team_escalation: '[Points Aggregation] Primary'
-      x-menu-order: 10
       x-permission:
         operator: OPEN
         permissions: []
-      x-undo:
-        type: safe
   /api/v2/metrics/{metric_name}/tags:
     delete:
       description: 'Deletes a metric''s tag configuration. Can only be used with application
@@ -11056,9 +11614,6 @@ paths:
       summary: Delete a tag configuration
       tags:
       - Metrics
-      x-menu-order: 4
-      x-undo:
-        type: idempotent
     get:
       description: Returns the tag configuration for the given metric name.
       operationId: ListTagConfigurationByName
@@ -11097,9 +11652,6 @@ paths:
       summary: List tag configuration by name
       tags:
       - Metrics
-      x-menu-order: 2
-      x-undo:
-        type: safe
     patch:
       description: 'Update the tag configuration of a metric or percentile aggregations
         of a distribution metric or custom aggregations
@@ -11152,9 +11704,6 @@ paths:
       tags:
       - Metrics
       x-codegen-request-body-name: body
-      x-menu-order: 3
-      x-undo:
-        type: idempotent
     post:
       description: 'Create and define a list of queryable tag keys for an existing
         count/gauge/rate/distribution metric.
@@ -11210,24 +11759,6 @@ paths:
       tags:
       - Metrics
       x-codegen-request-body-name: body
-      x-given:
-        metric_tag_configuration:
-          parameters:
-          - name: metric_name
-            value: '"{{ unique_alnum }}"'
-          - name: body
-            value: "{\n  \"data\": {\n    \"attributes\": {\n      \"tags\":[\"app\",
-              \"datacenter\", \"{{ unique_alnum }}\"],\n      \"metric_type\":\"gauge\"\n
-              \    },\n     \"type\": \"manage_tags\",\n     \"id\": \"{{ unique_alnum
-              }}\"\n  }\n}"
-          step: there is a valid "metric_tag_configuration" in the system
-      x-menu-order: 1
-      x-undo:
-        operationId: DeleteTagConfiguration
-        parameters:
-        - name: metric_name
-          source: data.id
-        type: unsafe
   /api/v2/metrics/{metric_name}/volumes:
     get:
       description: 'View distinct metrics volumes for the given metric name.
@@ -11276,9 +11807,6 @@ paths:
       summary: List distinct metric volumes by metric name
       tags:
       - Metrics
-      x-menu-order: 7
-      x-undo:
-        type: safe
   /api/v2/permissions:
     get:
       description: Returns a list of all permissions, including name, description,
@@ -11312,13 +11840,6 @@ paths:
       summary: List permissions
       tags:
       - Roles
-      x-given:
-        permission:
-          source: data[0]
-          step: there is a valid "permission" in the system
-      x-menu-order: 1
-      x-undo:
-        type: safe
   /api/v2/processes:
     get:
       description: Get all processes for your organization.
@@ -11409,14 +11930,11 @@ paths:
       summary: Get all processes
       tags:
       - Processes
-      x-menu-order: 1
       x-pagination:
         cursorParam: page[cursor]
         cursorPath: meta.page.after
         limitParam: page[limit]
         resultsPath: data
-      x-undo:
-        type: safe
   /api/v2/roles:
     get:
       description: Returns all roles, including their names and their unique identifiers.
@@ -11464,9 +11982,6 @@ paths:
       summary: List roles
       tags:
       - Roles
-      x-menu-order: 1
-      x-undo:
-        type: safe
     post:
       description: Create a new role for your organization.
       operationId: CreateRole
@@ -11506,20 +12021,6 @@ paths:
       tags:
       - Roles
       x-codegen-request-body-name: body
-      x-given:
-        role:
-          parameters:
-          - name: body
-            value: "{\n  \"data\": {\n    \"attributes\": {\n      \"name\": \"{{
-              unique }}\"\n     },\n     \"type\": \"roles\"\n  }\n}"
-          step: there is a valid "role" in the system
-      x-menu-order: 2
-      x-undo:
-        operationId: DeleteRole
-        parameters:
-        - name: role_id
-          source: data.id
-        type: unsafe
   /api/v2/roles/{role_id}:
     delete:
       description: Disables a role.
@@ -11552,9 +12053,6 @@ paths:
       tags:
       - Roles
       x-codegen-request-body-name: body
-      x-menu-order: 5
-      x-undo:
-        type: idempotent
     get:
       description: "Get a role in the organization specified by the role\u2019s `role_id`."
       operationId: GetRole
@@ -11589,9 +12087,6 @@ paths:
       tags:
       - Roles
       x-codegen-request-body-name: body
-      x-menu-order: 3
-      x-undo:
-        type: safe
     patch:
       description: Edit a role. Can only be used with application keys belonging to
         administrators.
@@ -11646,9 +12141,6 @@ paths:
       tags:
       - Roles
       x-codegen-request-body-name: body
-      x-menu-order: 4
-      x-undo:
-        type: idempotent
   /api/v2/roles/{role_id}/clone:
     post:
       description: Clone an existing role
@@ -11703,14 +12195,7 @@ paths:
       tags:
       - Roles
       x-codegen-request-body-name: body
-      x-menu-order: 12
       x-permission: OR(USER_ACCESS_MANAGE)
-      x-undo:
-        operationId: DeleteRole
-        parameters:
-        - name: role_id
-          source: data.id
-        type: unsafe
   /api/v2/roles/{role_id}/permissions:
     delete:
       description: Removes a permission from a role.
@@ -11759,9 +12244,6 @@ paths:
       tags:
       - Roles
       x-codegen-request-body-name: body
-      x-menu-order: 8
-      x-undo:
-        type: idempotent
     get:
       description: Returns a list of all permissions for a single role.
       operationId: ListRolePermissions
@@ -11796,9 +12278,6 @@ paths:
       tags:
       - Roles
       x-codegen-request-body-name: body
-      x-menu-order: 6
-      x-undo:
-        type: safe
     post:
       description: Adds a permission to a role.
       operationId: AddPermissionToRole
@@ -11846,18 +12325,6 @@ paths:
       tags:
       - Roles
       x-codegen-request-body-name: body
-      x-given:
-        permission_role:
-          parameters:
-          - name: role_id
-            source: role.data.id
-          - name: body
-            value: "{\n  \"data\": {\n    \"id\": \"{{ permission.id }}\",\n    \"type\":
-              \"{{ permission.type }}\"\n  }\n}"
-          step: the "permission" is granted to the "role"
-      x-menu-order: 7
-      x-undo:
-        type: safe
   /api/v2/roles/{role_id}/users:
     delete:
       description: Removes a user from a role.
@@ -11906,9 +12373,6 @@ paths:
       tags:
       - Roles
       x-codegen-request-body-name: body
-      x-menu-order: 11
-      x-undo:
-        type: idempotent
     get:
       description: Gets all users of a role.
       operationId: ListRoleUsers
@@ -11962,9 +12426,6 @@ paths:
       summary: Get all users of a role
       tags:
       - Roles
-      x-menu-order: 9
-      x-undo:
-        type: safe
     post:
       description: Adds a user to a role.
       operationId: AddUserToRole
@@ -12012,18 +12473,6 @@ paths:
       tags:
       - Roles
       x-codegen-request-body-name: body
-      x-given:
-        permission_role:
-          parameters:
-          - name: role_id
-            source: role.data.id
-          - name: body
-            value: "{\n  \"data\": {\n    \"id\": \"{{ user.data.id }}\",\n    \"type\":
-              \"{{ user.data.type }}\"\n  }\n}"
-          step: the "user" has the "role"
-      x-menu-order: 10
-      x-undo:
-        type: safe
   /api/v2/rum/analytics/aggregate:
     post:
       description: The API endpoint to aggregate RUM events into buckets of computed
@@ -12056,9 +12505,132 @@ paths:
       tags:
       - RUM
       x-codegen-request-body-name: body
-      x-menu-order: 3
-      x-undo:
-        type: safe
+  /api/v2/rum/applications:
+    get:
+      description: List all the RUM applications in your organization.
+      operationId: GetRUMApplications
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RUMApplicationsResponse'
+          description: OK
+        '404':
+          $ref: '#/components/responses/NotFoundResponse'
+        '429':
+          $ref: '#/components/responses/TooManyRequestsResponse'
+      summary: List all the RUM applications
+      tags:
+      - RUM
+    post:
+      description: Create a new RUM application in your organization.
+      operationId: CreateRUMApplication
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/RUMApplicationCreateRequest'
+        required: true
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RUMApplicationResponse'
+          description: OK
+        '400':
+          $ref: '#/components/responses/BadRequestResponse'
+        '429':
+          $ref: '#/components/responses/TooManyRequestsResponse'
+      summary: Create a new RUM application
+      tags:
+      - RUM
+      x-codegen-request-body-name: body
+  /api/v2/rum/applications/{id}:
+    delete:
+      description: Delete an existing RUM application in your organization.
+      operationId: DeleteRUMApplication
+      parameters:
+      - description: RUM application ID.
+        in: path
+        name: id
+        required: true
+        schema:
+          type: string
+      responses:
+        '204':
+          description: No Content
+        '404':
+          $ref: '#/components/responses/NotFoundResponse'
+        '429':
+          $ref: '#/components/responses/TooManyRequestsResponse'
+      summary: Delete a RUM application
+      tags:
+      - RUM
+    get:
+      description: Get the RUM application with given ID in your organization.
+      operationId: GetRUMApplication
+      parameters:
+      - description: RUM application ID.
+        in: path
+        name: id
+        required: true
+        schema:
+          type: string
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RUMApplicationResponse'
+          description: OK
+        '404':
+          $ref: '#/components/responses/NotFoundResponse'
+        '429':
+          $ref: '#/components/responses/TooManyRequestsResponse'
+      summary: Get a RUM application
+      tags:
+      - RUM
+    patch:
+      description: Update the RUM application with given ID in your organization.
+      operationId: UpdateRUMApplication
+      parameters:
+      - description: RUM application ID.
+        in: path
+        name: id
+        required: true
+        schema:
+          type: string
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/RUMApplicationUpdateRequest'
+        required: true
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RUMApplicationResponse'
+          description: OK
+        '400':
+          $ref: '#/components/responses/BadRequestResponse'
+        '404':
+          $ref: '#/components/responses/NotFoundResponse'
+        '422':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/APIErrorResponse'
+          description: Unprocessable Entity.
+        '429':
+          $ref: '#/components/responses/TooManyRequestsResponse'
+      summary: Update a RUM application
+      tags:
+      - RUM
+      x-codegen-request-body-name: body
   /api/v2/rum/events:
     get:
       description: 'List endpoint returns events that match a RUM search query.
@@ -12139,14 +12711,11 @@ paths:
       summary: Get a list of RUM events
       tags:
       - RUM
-      x-menu-order: 2
       x-pagination:
         cursorParam: page[cursor]
         cursorPath: meta.page.after
         limitParam: page[limit]
         resultsPath: data
-      x-undo:
-        type: safe
   /api/v2/rum/events/search:
     post:
       description: 'List endpoint returns RUM events that match a RUM search query.
@@ -12186,14 +12755,11 @@ paths:
       tags:
       - RUM
       x-codegen-request-body-name: body
-      x-menu-order: 1
       x-pagination:
         cursorParam: body.page.cursor
         cursorPath: meta.page.after
         limitParam: body.page.limit
         resultsPath: data
-      x-undo:
-        type: safe
   /api/v2/saml_configurations/idp_metadata:
     post:
       description: 'Endpoint for uploading IdP metadata for SAML setup.
@@ -12228,9 +12794,6 @@ paths:
       tags:
       - Organizations
       x-codegen-request-body-name: body
-      x-menu-order: 1
-      x-undo:
-        type: idempotent
   /api/v2/security/cloud_workload/policy/download:
     get:
       description: 'The download endpoint generates a Cloud Workload Security policy
@@ -12256,9 +12819,6 @@ paths:
       summary: Get the latest Cloud Workload Security policy
       tags:
       - Cloud Workload Security
-      x-menu-order: 1
-      x-undo:
-        type: safe
   /api/v2/security_monitoring/cloud_workload_security/agent_rules:
     get:
       description: Get the list of Agent rules.
@@ -12277,9 +12837,6 @@ paths:
       summary: Get all Cloud Workload Security Agent rules
       tags:
       - Cloud Workload Security
-      x-menu-order: 3
-      x-undo:
-        type: safe
     post:
       description: Create a new Agent rule with the given parameters.
       operationId: CreateCloudWorkloadSecurityAgentRule
@@ -12309,22 +12866,6 @@ paths:
       tags:
       - Cloud Workload Security
       x-codegen-request-body-name: body
-      x-given:
-        agent_rule:
-          parameters:
-          - name: body
-            value: "{\n  \"data\": {\n    \"type\": \"agent_rule\",\n    \"attributes\":
-              {\n      \"name\": \"{{ unique_lower_alnum }}\",\n      \"description\":
-              \"My Agent rule\",\n      \"expression\": \"exec.file.name == \\\"sh\\\"\",\n
-              \     \"enabled\": true\n     }\n  }\n}"
-          step: there is a valid "agent_rule" in the system
-      x-menu-order: 4
-      x-undo:
-        operationId: DeleteCloudWorkloadSecurityAgentRule
-        parameters:
-        - name: agent_rule_id
-          source: data.id
-        type: unsafe
   /api/v2/security_monitoring/cloud_workload_security/agent_rules/{agent_rule_id}:
     delete:
       description: Delete a specific Agent rule.
@@ -12343,9 +12884,6 @@ paths:
       summary: Delete a Cloud Workload Security Agent rule
       tags:
       - Cloud Workload Security
-      x-menu-order: 6
-      x-undo:
-        type: idempotent
     get:
       description: Get the details of a specific Agent rule.
       operationId: GetCloudWorkloadSecurityAgentRule
@@ -12367,9 +12905,6 @@ paths:
       summary: Get a Cloud Workload Security Agent rule
       tags:
       - Cloud Workload Security
-      x-menu-order: 2
-      x-undo:
-        type: safe
     patch:
       description: 'Update a specific Agent rule.
 
@@ -12405,9 +12940,6 @@ paths:
       tags:
       - Cloud Workload Security
       x-codegen-request-body-name: body
-      x-menu-order: 5
-      x-undo:
-        type: idempotent
   /api/v2/security_monitoring/configuration/security_filters:
     get:
       description: Get the list of configured security filters with their definitions.
@@ -12431,8 +12963,6 @@ paths:
       summary: Get all security filters
       tags:
       - Security Monitoring
-      x-undo:
-        type: safe
     post:
       description: 'Create a security filter.
 
@@ -12472,23 +13002,6 @@ paths:
       tags:
       - Security Monitoring
       x-codegen-request-body-name: body
-      x-given:
-        security_filter:
-          parameters:
-          - name: body
-            value: "{\n  \"data\": {\n    \"type\": \"security_filters\",\n    \"attributes\":
-              {\n      \"name\": \"{{ unique }}\",\n      \"query\": \"service:{{
-              unique_alnum }}\",\n      \"exclusion_filters\":[\n        {\n          \"name\":
-              \"Exclude logs from staging\",\n          \"query\": \"source:staging\"\n
-              \       }\n     ],\n      \"filtered_data_type\":\"logs\",\n      \"is_enabled\":
-              true\n     }\n  }\n}"
-          step: there is a valid "security_filter" in the system
-      x-undo:
-        operationId: DeleteSecurityFilter
-        parameters:
-        - name: security_filter_id
-          source: data.id
-        type: unsafe
   /api/v2/security_monitoring/configuration/security_filters/{security_filter_id}:
     delete:
       description: Delete a specific security filter.
@@ -12512,8 +13025,6 @@ paths:
       summary: Delete a security filter
       tags:
       - Security Monitoring
-      x-undo:
-        type: idempotent
     get:
       description: 'Get the details of a specific security filter.
 
@@ -12545,8 +13056,6 @@ paths:
       summary: Get a security filter
       tags:
       - Security Monitoring
-      x-undo:
-        type: safe
     patch:
       description: 'Update a specific security filter.
 
@@ -12587,8 +13096,6 @@ paths:
       tags:
       - Security Monitoring
       x-codegen-request-body-name: body
-      x-undo:
-        type: idempotent
   /api/v2/security_monitoring/rules:
     get:
       description: List rules.
@@ -12615,9 +13122,6 @@ paths:
       summary: List rules
       tags:
       - Security Monitoring
-      x-menu-order: 1
-      x-undo:
-        type: safe
     post:
       description: Create a detection rule.
       operationId: CreateSecurityMonitoringRule
@@ -12649,26 +13153,6 @@ paths:
       tags:
       - Security Monitoring
       x-codegen-request-body-name: body
-      x-given:
-        security_rule:
-          parameters:
-          - name: body
-            value: "{\n  \"name\": \"{{ unique }}\",\n  \"queries\": [{\n    \"query\":
-              \"@test:true\",\n    \"aggregation\": \"count\",\n    \"groupByFields\":
-              [],\n    \"distinctFields\": [],\n    \"metric\": \"\"\n  }],\n  \"filters\":
-              [],\n  \"cases\": [{\n    \"name\": \"\",\n    \"status\": \"info\",\n
-              \   \"condition\": \"a > 0\",\n    \"notifications\": []\n  }],\n  \"options\":
-              {\n    \"evaluationWindow\": 900,\n    \"keepAlive\": 3600,\n    \"maxSignalDuration\":
-              86400\n  },\n  \"message\": \"Test rule\",\n  \"tags\": [],\n  \"isEnabled\":
-              true,\n  \"type\": \"log_detection\"\n}"
-          step: there is a valid "security_rule" in the system
-      x-menu-order: 2
-      x-undo:
-        operationId: DeleteSecurityMonitoringRule
-        parameters:
-        - name: rule_id
-          source: id
-        type: unsafe
   /api/v2/security_monitoring/rules/{rule_id}:
     delete:
       description: Delete an existing rule. Default rules cannot be deleted.
@@ -12692,9 +13176,6 @@ paths:
       summary: Delete an existing rule
       tags:
       - Security Monitoring
-      x-menu-order: 5
-      x-undo:
-        type: idempotent
     get:
       description: Get a rule's details.
       operationId: GetSecurityMonitoringRule
@@ -12719,9 +13200,6 @@ paths:
       summary: Get a rule's details
       tags:
       - Security Monitoring
-      x-menu-order: 3
-      x-undo:
-        type: safe
     put:
       description: 'Update an existing rule. When updating `cases`, `queries` or `options`,
         the whole field
@@ -12765,9 +13243,6 @@ paths:
       tags:
       - Security Monitoring
       x-codegen-request-body-name: body
-      x-menu-order: 4
-      x-undo:
-        type: idempotent
   /api/v2/security_monitoring/signals:
     get:
       description: 'The list endpoint returns security signals that match a search
@@ -12846,14 +13321,11 @@ paths:
       summary: Get a quick list of security signals
       tags:
       - Security Monitoring
-      x-menu-order: 7
       x-pagination:
         cursorParam: page[cursor]
         cursorPath: meta.page.after
         limitParam: page[limit]
         resultsPath: data
-      x-undo:
-        type: safe
   /api/v2/security_monitoring/signals/search:
     post:
       description: 'Returns security signals that match a search query.
@@ -12890,14 +13362,36 @@ paths:
       tags:
       - Security Monitoring
       x-codegen-request-body-name: body
-      x-menu-order: 6
       x-pagination:
         cursorParam: body.page.cursor
         cursorPath: meta.page.after
         limitParam: body.page.limit
         resultsPath: data
-      x-undo:
-        type: safe
+  /api/v2/security_monitoring/signals/{signal_id}:
+    get:
+      description: Get a signal's details.
+      operationId: GetSecurityMonitoringSignal
+      parameters:
+      - $ref: '#/components/parameters/SignalID'
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/SecurityMonitoringSignal'
+          description: OK
+        '404':
+          $ref: '#/components/responses/NotFoundResponse'
+        '429':
+          $ref: '#/components/responses/TooManyRequestsResponse'
+      security:
+      - apiKeyAuth: []
+        appKeyAuth: []
+      - AuthZ:
+        - security_monitoring_rules_read
+      summary: Get a signal's details
+      tags:
+      - Security Monitoring
   /api/v2/security_monitoring/signals/{signal_id}/assignee:
     patch:
       description: Modify the triage assignee of a security signal.
@@ -12938,17 +13432,10 @@ paths:
           description: Not Found
         '429':
           $ref: '#/components/responses/TooManyRequestsResponse'
-      security:
-      - apiKeyAuth: []
-        appKeyAuth: []
-      - AuthZ:
-        - security_monitoring_signals_write
       summary: Modify the triage assignee of a security signal
       tags:
       - Security Monitoring
       x-codegen-request-body-name: body
-      x-undo:
-        type: idempotent
   /api/v2/security_monitoring/signals/{signal_id}/incidents:
     patch:
       description: Change the related incidents for a security signal.
@@ -12989,17 +13476,10 @@ paths:
           description: Not Found
         '429':
           $ref: '#/components/responses/TooManyRequestsResponse'
-      security:
-      - apiKeyAuth: []
-        appKeyAuth: []
-      - AuthZ:
-        - security_monitoring_signals_write
       summary: Change the related incidents of a security signal
       tags:
       - Security Monitoring
       x-codegen-request-body-name: body
-      x-undo:
-        type: idempotent
   /api/v2/security_monitoring/signals/{signal_id}/state:
     patch:
       description: Change the triage state of a security signal.
@@ -13040,17 +13520,10 @@ paths:
           description: Not Found
         '429':
           $ref: '#/components/responses/TooManyRequestsResponse'
-      security:
-      - apiKeyAuth: []
-        appKeyAuth: []
-      - AuthZ:
-        - security_monitoring_signals_write
       summary: Change the triage state of a security signal
       tags:
       - Security Monitoring
       x-codegen-request-body-name: body
-      x-undo:
-        type: idempotent
   /api/v2/series:
     post:
       description: "The metrics end-point allows you to post time-series data that
@@ -13122,9 +13595,6 @@ paths:
       tags:
       - Metrics
       x-codegen-request-body-name: body
-      x-menu-order: 1
-      x-undo:
-        type: safe
   /api/v2/service_accounts:
     post:
       description: Create a service account for your organization.
@@ -13160,21 +13630,6 @@ paths:
       tags:
       - Users
       x-codegen-request-body-name: body
-      x-given:
-        service_account_user:
-          parameters:
-          - name: body
-            value: "{\n  \"data\": {\n    \"attributes\": {\n      \"email\": \"{{
-              unique }}@datadoghq.com\",\n      \"title\": \"user title\",\n      \"service_account\":
-              true\n     },\n     \"type\": \"users\"\n  }\n}"
-          step: there is a valid "service_account_user" in the system
-      x-menu-order: 1
-      x-undo:
-        operationId: DisableUser
-        parameters:
-        - name: user_id
-          source: data.id
-        type: unsafe
   /api/v2/service_accounts/{service_account_id}/application_keys:
     get:
       description: List all application keys available for this service account.
@@ -13217,8 +13672,6 @@ paths:
       summary: List application keys for this service account
       tags:
       - Service Accounts
-      x-undo:
-        type: safe
     post:
       description: Create an application key for this service account.
       operationId: CreateServiceAccountApplicationKey
@@ -13255,23 +13708,6 @@ paths:
       tags:
       - Service Accounts
       x-codegen-request-body-name: body
-      x-given:
-        service_account_application_key:
-          parameters:
-          - name: service_account_id
-            value: '"{{ service_account_user.data.id }}"'
-          - name: body
-            value: "{\n  \"data\": {\n    \"attributes\": {\n      \"name\": \"{{
-              unique }}\"\n    },\n    \"type\": \"application_keys\"\n  }\n}"
-          step: there is a valid "service_account_application_key" for "service_account_user"
-      x-undo:
-        operationId: DeleteServiceAccountApplicationKey
-        parameters:
-        - name: app_key_id
-          source: data.id
-        - name: service_account_id
-          source: data.relationships.owned_by.data.id
-        type: unsafe
   /api/v2/service_accounts/{service_account_id}/application_keys/{app_key_id}:
     delete:
       description: Delete an application key owned by this service account.
@@ -13299,9 +13735,6 @@ paths:
       summary: Delete an application key for this service account
       tags:
       - Service Accounts
-      x-menu-order: 3
-      x-undo:
-        type: idempotent
     get:
       description: Get an application key owned by this service account.
       operationId: GetServiceAccountApplicationKey
@@ -13332,9 +13765,6 @@ paths:
       summary: Get one application key for this service account
       tags:
       - Service Accounts
-      x-menu-order: 1
-      x-undo:
-        type: safe
     patch:
       description: Edit an application key owned by this service account.
       operationId: UpdateServiceAccountApplicationKey
@@ -13378,9 +13808,6 @@ paths:
       tags:
       - Service Accounts
       x-codegen-request-body-name: body
-      x-menu-order: 2
-      x-undo:
-        type: idempotent
   /api/v2/services:
     get:
       description: Get all incident services uploaded for the requesting user's organization.
@@ -13417,8 +13844,6 @@ paths:
       summary: Get a list of all incident services
       tags:
       - Incident Services
-      x-undo:
-        type: safe
       x-unstable: '**Note**: This endpoint is in public beta.
 
         If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).'
@@ -13458,19 +13883,6 @@ paths:
       tags:
       - Incident Services
       x-codegen-request-body-name: body
-      x-given:
-        service:
-          parameters:
-          - name: body
-            value: "{\n  \"data\": {\n    \"attributes\": {\n      \"name\": \"{{
-              unique }}\"\n     },\n     \"type\": \"services\"\n  }\n}"
-          step: there is a valid "service" in the system
-      x-undo:
-        operationId: DeleteIncidentService
-        parameters:
-        - name: service_id
-          source: data.id
-        type: unsafe
       x-unstable: '**Note**: This endpoint is in public beta.
 
         If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).'
@@ -13501,8 +13913,6 @@ paths:
       summary: Delete an existing incident service
       tags:
       - Incident Services
-      x-undo:
-        type: idempotent
       x-unstable: '**Note**: This endpoint is in public beta.
 
         If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).'
@@ -13540,8 +13950,6 @@ paths:
       summary: Get details of an incident service
       tags:
       - Incident Services
-      x-undo:
-        type: safe
       x-unstable: '**Note**: This endpoint is in public beta.
 
         If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).'
@@ -13584,8 +13992,6 @@ paths:
       tags:
       - Incident Services
       x-codegen-request-body-name: body
-      x-undo:
-        type: idempotent
       x-unstable: '**Note**: This endpoint is in public beta.
 
         If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).'
@@ -13625,8 +14031,6 @@ paths:
       summary: Get a list of all incident teams
       tags:
       - Incident Teams
-      x-undo:
-        type: safe
       x-unstable: '**Note**: This endpoint is in public beta.
 
         If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).'
@@ -13666,19 +14070,6 @@ paths:
       tags:
       - Incident Teams
       x-codegen-request-body-name: body
-      x-given:
-        team:
-          parameters:
-          - name: body
-            value: "{\n  \"data\": {\n    \"attributes\": {\n      \"name\": \"{{
-              unique }}\"\n     },\n     \"type\": \"teams\"\n  }\n}"
-          step: there is a valid "team" in the system
-      x-undo:
-        operationId: DeleteIncidentTeam
-        parameters:
-        - name: team_id
-          source: data.id
-        type: unsafe
       x-unstable: '**Note**: This endpoint is in public beta.
 
         If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).'
@@ -13709,8 +14100,6 @@ paths:
       summary: Delete an existing incident team
       tags:
       - Incident Teams
-      x-undo:
-        type: idempotent
       x-unstable: '**Note**: This endpoint is in public beta.
 
         If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).'
@@ -13748,8 +14137,6 @@ paths:
       summary: Get details of an incident team
       tags:
       - Incident Teams
-      x-undo:
-        type: safe
       x-unstable: '**Note**: This endpoint is in public beta.
 
         If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).'
@@ -13792,8 +14179,6 @@ paths:
       tags:
       - Incident Teams
       x-codegen-request-body-name: body
-      x-undo:
-        type: idempotent
       x-unstable: '**Note**: This endpoint is in public beta.
 
         If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).'
@@ -13856,13 +14241,19 @@ paths:
       summary: Get hourly usage for application security
       tags:
       - Usage Metering
-      x-menu-order: 37
-      x-undo:
-        type: safe
   /api/v2/usage/cost_by_org:
     get:
-      description: Get cost across multi-org account. Cost by org data for a given
-        month becomes available no later than the 16th of the following month.
+      deprecated: true
+      description: 'Get cost across multi-org account.
+
+        Cost by org data for a given month becomes available no later than the 16th
+        of the following month.
+
+        **Note:** This endpoint has been deprecated. Please use the new endpoint
+
+        [`/historical_cost`](https://docs.datadoghq.com/api/latest/usage-metering/#get-historical-cost-across-your-account)
+
+        instead.'
       operationId: GetCostByOrg
       parameters:
       - description: 'Datetime in ISO-8601 format, UTC, precise to month: `[YYYY-MM]`
@@ -13914,22 +14305,21 @@ paths:
       summary: Get cost across multi-org account
       tags:
       - Usage Metering
-      x-menu-order: 5
-      x-undo:
-        type: safe
   /api/v2/usage/estimated_cost:
     get:
       description: 'Get estimated cost across multi-org and single root-org accounts.
 
         Estimated cost data is only available for the current month and previous month.
-        To access historical costs prior to this, use the /cost_by_org endpoint.'
+
+        To access historical costs prior to this, use the `/historical_cost` endpoint.'
       operationId: GetEstimatedCostByOrg
       parameters:
       - description: String to specify whether cost is broken down at a parent-org
-          level or at the sub-org level. Currently, only the 'sub-org' view is supported.
+          level or at the sub-org level. Available views are `summary` and `sub-org`.
+          Defaults to `summary`.
         in: query
         name: view
-        required: true
+        required: false
         schema:
           type: string
       - description: 'Datetime in ISO-8601 format, UTC, precise to month: `[YYYY-MM]`
@@ -14001,13 +14391,71 @@ paths:
       summary: Get estimated cost across your account
       tags:
       - Usage Metering
-      x-menu-order: 39
-      x-undo:
-        type: safe
-      x-unstable: '**Note**: This endpoint is in public beta.
+  /api/v2/usage/historical_cost:
+    get:
+      description: 'Get historical cost across multi-org and single root-org accounts.
 
-        Only the sub-org view is available currently, the summary view will be released
-        at a later date.'
+        Cost data for a given month becomes available no later than the 16th of the
+        following month.'
+      operationId: GetHistoricalCostByOrg
+      parameters:
+      - description: String to specify whether cost is broken down at a parent-org
+          level or at the sub-org level. Available views are `summary` and `sub-org`.  Defaults
+          to `summary`.
+        in: query
+        name: view
+        required: false
+        schema:
+          type: string
+      - description: 'Datetime in ISO-8601 format, UTC, precise to month: `[YYYY-MM]`
+          for cost beginning this month.'
+        in: query
+        name: start_month
+        required: true
+        schema:
+          format: date-time
+          type: string
+      - description: 'Datetime in ISO-8601 format, UTC, precise to month: `[YYYY-MM]`
+          for cost ending this month.'
+        in: query
+        name: end_month
+        required: false
+        schema:
+          format: date-time
+          type: string
+      responses:
+        '200':
+          content:
+            application/json;datetime-format=rfc3339:
+              schema:
+                $ref: '#/components/schemas/CostByOrgResponse'
+          description: OK
+        '400':
+          content:
+            application/json;datetime-format=rfc3339:
+              schema:
+                $ref: '#/components/schemas/APIErrorResponse'
+          description: Bad Request
+        '403':
+          content:
+            application/json;datetime-format=rfc3339:
+              schema:
+                $ref: '#/components/schemas/APIErrorResponse'
+          description: Forbidden - User is not authorized
+        '429':
+          content:
+            application/json;datetime-format=rfc3339:
+              schema:
+                $ref: '#/components/schemas/APIErrorResponse'
+          description: Too many requests
+      security:
+      - apiKeyAuth: []
+        appKeyAuth: []
+      - AuthZ:
+        - usage_read
+      summary: Get historical cost across your account
+      tags:
+      - Usage Metering
   /api/v2/usage/hourly_usage:
     get:
       description: Get hourly usage by product family
@@ -14119,9 +14567,6 @@ paths:
       summary: Get hourly usage by product family
       tags:
       - Usage Metering
-      x-menu-order: 1
-      x-undo:
-        type: safe
   /api/v2/usage/lambda_traced_invocations:
     get:
       description: 'Get hourly usage for lambda traced invocations.
@@ -14181,9 +14626,6 @@ paths:
       summary: Get hourly usage for lambda traced invocations
       tags:
       - Usage Metering
-      x-menu-order: 36
-      x-undo:
-        type: safe
   /api/v2/usage/observability_pipelines:
     get:
       description: 'Get hourly usage for observability pipelines.
@@ -14243,9 +14685,6 @@ paths:
       summary: Get hourly usage for observability pipelines
       tags:
       - Usage Metering
-      x-menu-order: 38
-      x-undo:
-        type: safe
   /api/v2/user_invitations:
     post:
       description: Sends emails to one or more users inviting them to join the organization.
@@ -14286,18 +14725,6 @@ paths:
       tags:
       - Users
       x-codegen-request-body-name: body
-      x-given:
-        user_invitation:
-          parameters:
-          - name: body
-            value: "{\n  \"data\": [\n    {\n      \"relationships\": {\"user\": {\"data\":
-              {\n        \"id\": \"{{ user.data.id }}\",\n        \"type\": \"{{ user.data.type
-              }}\"\n      }}},\n      \"type\": \"user_invitations\"\n    }\n  ]\n}"
-          source: data[0]
-          step: the "user" has a "user_invitation"
-      x-menu-order: 8
-      x-undo:
-        type: safe
   /api/v2/user_invitations/{user_invitation_uuid}:
     get:
       description: Returns a single user invitation by its UUID.
@@ -14340,9 +14767,6 @@ paths:
       tags:
       - Users
       x-codegen-request-body-name: body
-      x-menu-order: 9
-      x-undo:
-        type: safe
   /api/v2/users:
     get:
       description: 'Get the list of all users in the organization. This list includes
@@ -14419,9 +14843,6 @@ paths:
       tags:
       - Users
       x-codegen-request-body-name: body
-      x-menu-order: 1
-      x-undo:
-        type: safe
     post:
       description: Create a user for your organization.
       operationId: CreateUser
@@ -14461,21 +14882,6 @@ paths:
       tags:
       - Users
       x-codegen-request-body-name: body
-      x-given:
-        user:
-          parameters:
-          - name: body
-            value: "{\n  \"data\": {\n    \"attributes\": {\n      \"email\": \"{{
-              unique }}@datadoghq.com\",\n      \"title\": \"user title\"\n     },\n
-              \    \"type\": \"users\"\n  }\n}"
-          step: there is a valid "user" in the system
-      x-menu-order: 2
-      x-undo:
-        operationId: DisableUser
-        parameters:
-        - name: user_id
-          source: data.id
-        type: unsafe
   /api/v2/users/{user_id}:
     delete:
       description: 'Disable a user. Can only be used with an application key belonging
@@ -14510,9 +14916,6 @@ paths:
       tags:
       - Users
       x-codegen-request-body-name: body
-      x-menu-order: 5
-      x-undo:
-        type: idempotent
     get:
       description: "Get a user in the organization specified by the user\u2019s `user_id`."
       operationId: GetUser
@@ -14547,9 +14950,6 @@ paths:
       tags:
       - Users
       x-codegen-request-body-name: body
-      x-menu-order: 3
-      x-undo:
-        type: safe
     patch:
       description: 'Edit a user. Can only be used with an application key belonging
 
@@ -14605,9 +15005,6 @@ paths:
       tags:
       - Users
       x-codegen-request-body-name: body
-      x-menu-order: 4
-      x-undo:
-        type: idempotent
   /api/v2/users/{user_id}/orgs:
     get:
       description: 'Get a user organization. Returns the user information and all
@@ -14646,9 +15043,6 @@ paths:
       tags:
       - Users
       x-codegen-request-body-name: body
-      x-menu-order: 6
-      x-undo:
-        type: safe
   /api/v2/users/{user_id}/permissions:
     get:
       description: "Get a user permission set. Returns a list of the user\u2019s permissions\ngranted
@@ -14685,9 +15079,6 @@ paths:
       tags:
       - Users
       x-codegen-request-body-name: body
-      x-menu-order: 7
-      x-undo:
-        type: safe
 security:
 - apiKeyAuth: []
   appKeyAuth: []