@pulumi/datadog 4.54.0-alpha.1755712070 → 4.54.0

package/types/output.d.ts

@@ -8867,6 +8867,16 @@ export interface DashboardWidgetWidgetLayout {
      */
     y: number;
 }
+export interface DatasetProductFilter {
+    /**
+     * A list of tag-based filters used to restrict access to the product type. Each filter is formatted as `@tag.key:value`.
+     */
+    filters: string[];
+    /**
+     * The product type of the dataset. Supported types: `apm`, `rum`, `synthetics`, `metrics`, `logs`, `sdRepoinfo`, `errorTracking`, `cloudCost`, and `mlObs`.
+     */
+    product: string;
+}
 export interface DowntimeRecurrence {
     /**
      * How often to repeat as an integer. For example to repeat every 3 days, select a `type` of `days` and a `period` of `3`.
@@ -11307,10 +11317,22 @@ export interface ObservabilityPipelineConfigDestinations {
      * The `amazonOpensearch` destination writes logs to Amazon OpenSearch.
      */
     amazonOpensearches?: outputs.ObservabilityPipelineConfigDestinationsAmazonOpensearch[];
+    /**
+     * The `amazonS3` destination sends your logs in Datadog-rehydratable format to an Amazon S3 bucket for archiving.
+     */
+    amazonS3s?: outputs.ObservabilityPipelineConfigDestinationsAmazonS3[];
+    /**
+     * The `amazonSecurityLake` destination sends your logs to Amazon Security Lake.
+     */
+    amazonSecurityLakes?: outputs.ObservabilityPipelineConfigDestinationsAmazonSecurityLake[];
     /**
      * The `azureStorage` destination forwards logs to an Azure Blob Storage container.
      */
     azureStorages?: outputs.ObservabilityPipelineConfigDestinationsAzureStorage[];
+    /**
+     * The `crowdstrikeNextGenSiem` destination forwards logs to CrowdStrike Next Gen SIEM.
+     */
+    crowdstrikeNextGenSiems?: outputs.ObservabilityPipelineConfigDestinationsCrowdstrikeNextGenSiem[];
     /**
      * The `datadogLogs` destination forwards logs to Datadog Log Management.
      */
@@ -11347,6 +11369,10 @@ export interface ObservabilityPipelineConfigDestinations {
      * The `sentinelOne` destination sends logs to SentinelOne.
      */
     sentinelOnes?: outputs.ObservabilityPipelineConfigDestinationsSentinelOne[];
+    /**
+     * The `socket` destination sends logs over TCP or UDP to a remote server.
+     */
+    sockets?: outputs.ObservabilityPipelineConfigDestinationsSocket[];
     /**
      * The `splunkHec` destination forwards logs to Splunk using the HTTP Event Collector (HEC).
      */
@@ -11397,6 +11423,108 @@ export interface ObservabilityPipelineConfigDestinationsAmazonOpensearchAuth {
      */
     strategy: string;
 }
+export interface ObservabilityPipelineConfigDestinationsAmazonS3 {
+    /**
+     * AWS authentication credentials used for accessing AWS services. If omitted, the system's default credentials are used (for example, the IAM role and environment variables).
+     */
+    auth?: outputs.ObservabilityPipelineConfigDestinationsAmazonS3Auth;
+    /**
+     * S3 bucket name.
+     */
+    bucket: string;
+    /**
+     * Unique identifier for the destination component.
+     */
+    id: string;
+    /**
+     * A list of component IDs whose output is used as the `input` for this component.
+     */
+    inputs: string[];
+    /**
+     * Prefix for object keys.
+     */
+    keyPrefix: string;
+    /**
+     * AWS region of the S3 bucket.
+     */
+    region: string;
+    /**
+     * S3 storage class. Valid values are `STANDARD`, `REDUCED_REDUNDANCY`, `INTELLIGENT_TIERING`, `STANDARD_IA`, `EXPRESS_ONEZONE`, `ONEZONE_IA`, `GLACIER`, `GLACIER_IR`, `DEEP_ARCHIVE`.
+     */
+    storageClass: string;
+}
+export interface ObservabilityPipelineConfigDestinationsAmazonS3Auth {
+    /**
+     * The Amazon Resource Name (ARN) of the role to assume.
+     */
+    assumeRole?: string;
+    /**
+     * A unique identifier for cross-account role assumption.
+     */
+    externalId?: string;
+    /**
+     * A session identifier used for logging and tracing the assumed role session.
+     */
+    sessionName?: string;
+}
+export interface ObservabilityPipelineConfigDestinationsAmazonSecurityLake {
+    /**
+     * AWS authentication credentials used for accessing AWS services. If omitted, the system's default credentials are used (for example, the IAM role and environment variables).
+     */
+    auth?: outputs.ObservabilityPipelineConfigDestinationsAmazonSecurityLakeAuth;
+    /**
+     * Name of the Amazon S3 bucket in Security Lake (3-63 characters).
+     */
+    bucket: string;
+    /**
+     * Custom source name for the logs in Security Lake.
+     */
+    customSourceName: string;
+    /**
+     * Unique identifier for the destination component.
+     */
+    id: string;
+    /**
+     * A list of component IDs whose output is used as the `input` for this component.
+     */
+    inputs: string[];
+    /**
+     * AWS region of the Security Lake bucket.
+     */
+    region: string;
+    /**
+     * Configuration for enabling TLS encryption between the pipeline component and external services.
+     */
+    tls?: outputs.ObservabilityPipelineConfigDestinationsAmazonSecurityLakeTls;
+}
+export interface ObservabilityPipelineConfigDestinationsAmazonSecurityLakeAuth {
+    /**
+     * The Amazon Resource Name (ARN) of the role to assume.
+     */
+    assumeRole?: string;
+    /**
+     * A unique identifier for cross-account role assumption.
+     */
+    externalId?: string;
+    /**
+     * A session identifier used for logging and tracing the assumed role session.
+     */
+    sessionName?: string;
+}
+export interface ObservabilityPipelineConfigDestinationsAmazonSecurityLakeTls {
+    /**
+     * Path to the Certificate Authority (CA) file used to validate the server's TLS certificate.
+     */
+    caFile?: string;
+    /**
+     * Path to the TLS client certificate file used to authenticate the pipeline component with upstream or downstream services.
+     */
+    crtFile?: string;
+    /**
+     * Path to the private key file associated with the TLS client certificate. Used for mutual TLS authentication.
+     */
+    keyFile?: string;
+}
 export interface ObservabilityPipelineConfigDestinationsAzureStorage {
     /**
      * Optional prefix for blobs written to the container.
@@ -11415,6 +11543,52 @@ export interface ObservabilityPipelineConfigDestinationsAzureStorage {
      */
     inputs: string[];
 }
+export interface ObservabilityPipelineConfigDestinationsCrowdstrikeNextGenSiem {
+    /**
+     * Compression configuration for log events.
+     */
+    compression?: outputs.ObservabilityPipelineConfigDestinationsCrowdstrikeNextGenSiemCompression;
+    /**
+     * Encoding format for log events. Valid values are `json`, `rawMessage`.
+     */
+    encoding: string;
+    /**
+     * Unique identifier for the destination component.
+     */
+    id: string;
+    /**
+     * A list of component IDs whose output is used as the `input` for this component.
+     */
+    inputs: string[];
+    /**
+     * Configuration for enabling TLS encryption between the pipeline component and external services.
+     */
+    tls?: outputs.ObservabilityPipelineConfigDestinationsCrowdstrikeNextGenSiemTls;
+}
+export interface ObservabilityPipelineConfigDestinationsCrowdstrikeNextGenSiemCompression {
+    /**
+     * Compression algorithm for log events.
+     */
+    algorithm?: string;
+    /**
+     * Compression level.
+     */
+    level?: number;
+}
+export interface ObservabilityPipelineConfigDestinationsCrowdstrikeNextGenSiemTls {
+    /**
+     * Path to the Certificate Authority (CA) file used to validate the server's TLS certificate.
+     */
+    caFile?: string;
+    /**
+     * Path to the TLS client certificate file used to authenticate the pipeline component with upstream or downstream services.
+     */
+    crtFile?: string;
+    /**
+     * Path to the private key file associated with the TLS client certificate. Used for mutual TLS authentication.
+     */
+    keyFile?: string;
+}
 export interface ObservabilityPipelineConfigDestinationsDatadogLog {
     /**
      * The unique ID of the destination.
@@ -11599,7 +11773,7 @@ export interface ObservabilityPipelineConfigDestinationsRsyslog {
 }
 export interface ObservabilityPipelineConfigDestinationsRsyslogTls {
     /**
-     * Path to the Certificate Authority (CA) file used to validate the server’s TLS certificate.
+     * Path to the Certificate Authority (CA) file used to validate the server's TLS certificate.
      */
     caFile?: string;
     /**
@@ -11625,6 +11799,62 @@ export interface ObservabilityPipelineConfigDestinationsSentinelOne {
      */
     region: string;
 }
+export interface ObservabilityPipelineConfigDestinationsSocket {
+    /**
+     * Encoding format for log events. Valid values are `json`, `rawMessage`.
+     */
+    encoding: string;
+    /**
+     * Defines the framing method for outgoing messages.
+     */
+    framing?: outputs.ObservabilityPipelineConfigDestinationsSocketFraming;
+    /**
+     * The unique identifier for this destination.
+     */
+    id: string;
+    /**
+     * A list of component IDs whose output is used as the `input` for this destination.
+     */
+    inputs: string[];
+    /**
+     * The protocol used to send logs. Valid values are `tcp`, `udp`.
+     */
+    mode: string;
+    /**
+     * Configuration for enabling TLS encryption between the pipeline component and external services.
+     */
+    tls?: outputs.ObservabilityPipelineConfigDestinationsSocketTls;
+}
+export interface ObservabilityPipelineConfigDestinationsSocketFraming {
+    /**
+     * Used when `method` is `characterDelimited`. Specifies the delimiter character.
+     */
+    characterDelimited?: outputs.ObservabilityPipelineConfigDestinationsSocketFramingCharacterDelimited;
+    /**
+     * The framing method. Valid values are `newlineDelimited`, `bytes`, `characterDelimited`.
+     */
+    method: string;
+}
+export interface ObservabilityPipelineConfigDestinationsSocketFramingCharacterDelimited {
+    /**
+     * A single ASCII character used as a delimiter.
+     */
+    delimiter?: string;
+}
+export interface ObservabilityPipelineConfigDestinationsSocketTls {
+    /**
+     * Path to the Certificate Authority (CA) file used to validate the server's TLS certificate.
+     */
+    caFile?: string;
+    /**
+     * Path to the TLS client certificate file used to authenticate the pipeline component with upstream or downstream services.
+     */
+    crtFile?: string;
+    /**
+     * Path to the private key file associated with the TLS client certificate. Used for mutual TLS authentication.
+     */
+    keyFile?: string;
+}
 export interface ObservabilityPipelineConfigDestinationsSplunkHec {
     /**
      * If `true`, Splunk tries to extract timestamps from incoming log events.
@@ -11711,7 +11941,7 @@ export interface ObservabilityPipelineConfigDestinationsSyslogNg {
 }
 export interface ObservabilityPipelineConfigDestinationsSyslogNgTls {
     /**
-     * Path to the Certificate Authority (CA) file used to validate the server’s TLS certificate.
+     * Path to the Certificate Authority (CA) file used to validate the server's TLS certificate.
      */
     caFile?: string;
     /**
@@ -11732,6 +11962,11 @@ export interface ObservabilityPipelineConfigProcessors {
      * The `addFields` processor adds static key-value fields to logs.
      */
     addFields?: outputs.ObservabilityPipelineConfigProcessorsAddField[];
+    /**
+     * The `customProcessor` processor transforms events using Vector Remap Language (VRL) scripts with advanced filtering capabilities.
+     */
+    customProcessors?: outputs.ObservabilityPipelineConfigProcessorsCustomProcessor[];
+    datadogTags?: outputs.ObservabilityPipelineConfigProcessorsDatadogTag[];
     /**
      * The `dedupe` processor removes duplicate fields in log events.
      */
@@ -11845,6 +12080,56 @@ export interface ObservabilityPipelineConfigProcessorsAddFieldField {
      */
     value: string;
 }
+export interface ObservabilityPipelineConfigProcessorsCustomProcessor {
+    /**
+     * The unique identifier for this processor.
+     */
+    id: string;
+    /**
+     * A list of component IDs whose output is used as the input for this processor.
+     */
+    inputs: string[];
+    /**
+     * Array of VRL remap configurations. Each remap defines a transformation rule with its own filter and VRL script.
+     */
+    remaps?: outputs.ObservabilityPipelineConfigProcessorsCustomProcessorRemap[];
+}
+export interface ObservabilityPipelineConfigProcessorsCustomProcessorRemap {
+    /**
+     * Whether to drop events that cause errors during transformation.
+     */
+    dropOnError: boolean;
+    /**
+     * Whether this remap rule is enabled.
+     */
+    enabled: boolean;
+    /**
+     * A Datadog search query used to filter events for this specific remap rule.
+     */
+    include: string;
+    /**
+     * A descriptive name for this remap rule.
+     */
+    name: string;
+    /**
+     * The VRL script source code that defines the transformation logic.
+     */
+    source: string;
+}
+export interface ObservabilityPipelineConfigProcessorsDatadogTag {
+    /**
+     * Valid values are `include`, `exclude`.
+     */
+    action: string;
+    id: string;
+    include: string;
+    inputs: string[];
+    keys: string[];
+    /**
+     * Valid values are `filter`.
+     */
+    mode: string;
+}
 export interface ObservabilityPipelineConfigProcessorsDedupe {
     /**
      * A list of log field paths to check for duplicates.
@@ -12515,6 +12800,10 @@ export interface ObservabilityPipelineConfigSources {
      * The `rsyslog` source listens for logs over TCP or UDP from an `rsyslog` server using the syslog protocol.
      */
     rsyslogs?: outputs.ObservabilityPipelineConfigSourcesRsyslog[];
+    /**
+     * The `socket` source ingests logs over TCP or UDP.
+     */
+    sockets?: outputs.ObservabilityPipelineConfigSourcesSocket[];
     /**
      * The `splunkHec` source implements the Splunk HTTP Event Collector (HEC) API.
      */
@@ -12534,7 +12823,7 @@ export interface ObservabilityPipelineConfigSources {
 }
 export interface ObservabilityPipelineConfigSourcesAmazonDataFirehose {
     /**
-     * AWS authentication credentials used for accessing AWS services such as S3. If omitted, the system’s default credentials are used (for example, the IAM role and environment variables).
+     * AWS authentication credentials used for accessing AWS services such as S3. If omitted, the system's default credentials are used (for example, the IAM role and environment variables).
      */
     auth?: outputs.ObservabilityPipelineConfigSourcesAmazonDataFirehoseAuth;
     /**
@@ -12562,7 +12851,7 @@ export interface ObservabilityPipelineConfigSourcesAmazonDataFirehoseAuth {
 }
 export interface ObservabilityPipelineConfigSourcesAmazonDataFirehoseTls {
     /**
-     * Path to the Certificate Authority (CA) file used to validate the server’s TLS certificate.
+     * Path to the Certificate Authority (CA) file used to validate the server's TLS certificate.
      */
     caFile?: string;
     /**
@@ -12576,7 +12865,7 @@ export interface ObservabilityPipelineConfigSourcesAmazonDataFirehoseTls {
 }
 export interface ObservabilityPipelineConfigSourcesAmazonS3 {
     /**
-     * AWS authentication credentials used for accessing AWS services such as S3. If omitted, the system’s default credentials are used (for example, the IAM role and environment variables).
+     * AWS authentication credentials used for accessing AWS services such as S3. If omitted, the system's default credentials are used (for example, the IAM role and environment variables).
      */
     auth?: outputs.ObservabilityPipelineConfigSourcesAmazonS3Auth;
     /**
@@ -12608,7 +12897,7 @@ export interface ObservabilityPipelineConfigSourcesAmazonS3Auth {
 }
 export interface ObservabilityPipelineConfigSourcesAmazonS3Tls {
     /**
-     * Path to the Certificate Authority (CA) file used to validate the server’s TLS certificate.
+     * Path to the Certificate Authority (CA) file used to validate the server's TLS certificate.
      */
     caFile?: string;
     /**
@@ -12632,7 +12921,7 @@ export interface ObservabilityPipelineConfigSourcesDatadogAgent {
 }
 export interface ObservabilityPipelineConfigSourcesDatadogAgentTls {
     /**
-     * Path to the Certificate Authority (CA) file used to validate the server’s TLS certificate.
+     * Path to the Certificate Authority (CA) file used to validate the server's TLS certificate.
      */
     caFile?: string;
     /**
@@ -12656,7 +12945,7 @@ export interface ObservabilityPipelineConfigSourcesFluentBit {
 }
 export interface ObservabilityPipelineConfigSourcesFluentBitTls {
     /**
-     * Path to the Certificate Authority (CA) file used to validate the server’s TLS certificate.
+     * Path to the Certificate Authority (CA) file used to validate the server's TLS certificate.
      */
     caFile?: string;
     /**
@@ -12680,7 +12969,7 @@ export interface ObservabilityPipelineConfigSourcesFluentd {
 }
 export interface ObservabilityPipelineConfigSourcesFluentdTls {
     /**
-     * Path to the Certificate Authority (CA) file used to validate the server’s TLS certificate.
+     * Path to the Certificate Authority (CA) file used to validate the server's TLS certificate.
      */
     caFile?: string;
     /**
@@ -12726,7 +13015,7 @@ export interface ObservabilityPipelineConfigSourcesGooglePubsubAuth {
 }
 export interface ObservabilityPipelineConfigSourcesGooglePubsubTls {
     /**
-     * Path to the Certificate Authority (CA) file used to validate the server’s TLS certificate.
+     * Path to the Certificate Authority (CA) file used to validate the server's TLS certificate.
      */
     caFile?: string;
     /**
@@ -12766,7 +13055,7 @@ export interface ObservabilityPipelineConfigSourcesHttpClient {
 }
 export interface ObservabilityPipelineConfigSourcesHttpClientTls {
     /**
-     * Path to the Certificate Authority (CA) file used to validate the server’s TLS certificate.
+     * Path to the Certificate Authority (CA) file used to validate the server's TLS certificate.
      */
     caFile?: string;
     /**
@@ -12798,7 +13087,7 @@ export interface ObservabilityPipelineConfigSourcesHttpServer {
 }
 export interface ObservabilityPipelineConfigSourcesHttpServerTls {
     /**
-     * Path to the Certificate Authority (CA) file used to validate the server’s TLS certificate.
+     * Path to the Certificate Authority (CA) file used to validate the server's TLS certificate.
      */
     caFile?: string;
     /**
@@ -12854,7 +13143,7 @@ export interface ObservabilityPipelineConfigSourcesKafkaSasl {
 }
 export interface ObservabilityPipelineConfigSourcesKafkaTls {
     /**
-     * Path to the Certificate Authority (CA) file used to validate the server’s TLS certificate.
+     * Path to the Certificate Authority (CA) file used to validate the server's TLS certificate.
      */
     caFile?: string;
     /**
@@ -12878,7 +13167,7 @@ export interface ObservabilityPipelineConfigSourcesLogstash {
 }
 export interface ObservabilityPipelineConfigSourcesLogstashTls {
     /**
-     * Path to the Certificate Authority (CA) file used to validate the server’s TLS certificate.
+     * Path to the Certificate Authority (CA) file used to validate the server's TLS certificate.
      */
     caFile?: string;
     /**
@@ -12906,7 +13195,55 @@ export interface ObservabilityPipelineConfigSourcesRsyslog {
 }
 export interface ObservabilityPipelineConfigSourcesRsyslogTls {
     /**
-     * Path to the Certificate Authority (CA) file used to validate the server’s TLS certificate.
+     * Path to the Certificate Authority (CA) file used to validate the server's TLS certificate.
+     */
+    caFile?: string;
+    /**
+     * Path to the TLS client certificate file used to authenticate the pipeline component with upstream or downstream services.
+     */
+    crtFile?: string;
+    /**
+     * Path to the private key file associated with the TLS client certificate. Used for mutual TLS authentication.
+     */
+    keyFile?: string;
+}
+export interface ObservabilityPipelineConfigSourcesSocket {
+    /**
+     * Defines the framing method for incoming messages.
+     */
+    framing?: outputs.ObservabilityPipelineConfigSourcesSocketFraming;
+    /**
+     * The unique identifier for this component.
+     */
+    id: string;
+    /**
+     * The protocol used to receive logs. Valid values are `tcp`, `udp`.
+     */
+    mode: string;
+    /**
+     * Configuration for enabling TLS encryption between the pipeline component and external services.
+     */
+    tls?: outputs.ObservabilityPipelineConfigSourcesSocketTls;
+}
+export interface ObservabilityPipelineConfigSourcesSocketFraming {
+    /**
+     * Used when `method` is `characterDelimited`. Specifies the delimiter character.
+     */
+    characterDelimited?: outputs.ObservabilityPipelineConfigSourcesSocketFramingCharacterDelimited;
+    /**
+     * The framing method. Valid values are `newlineDelimited`, `bytes`, `characterDelimited`, `octetCounting`, `chunkedGelf`.
+     */
+    method?: string;
+}
+export interface ObservabilityPipelineConfigSourcesSocketFramingCharacterDelimited {
+    /**
+     * A single ASCII character used as a delimiter.
+     */
+    delimiter?: string;
+}
+export interface ObservabilityPipelineConfigSourcesSocketTls {
+    /**
+     * Path to the Certificate Authority (CA) file used to validate the server's TLS certificate.
      */
     caFile?: string;
     /**
@@ -12930,7 +13267,7 @@ export interface ObservabilityPipelineConfigSourcesSplunkHec {
 }
 export interface ObservabilityPipelineConfigSourcesSplunkHecTls {
     /**
-     * Path to the Certificate Authority (CA) file used to validate the server’s TLS certificate.
+     * Path to the Certificate Authority (CA) file used to validate the server's TLS certificate.
      */
     caFile?: string;
     /**
@@ -12954,7 +13291,7 @@ export interface ObservabilityPipelineConfigSourcesSplunkTcp {
 }
 export interface ObservabilityPipelineConfigSourcesSplunkTcpTls {
     /**
-     * Path to the Certificate Authority (CA) file used to validate the server’s TLS certificate.
+     * Path to the Certificate Authority (CA) file used to validate the server's TLS certificate.
      */
     caFile?: string;
     /**
@@ -12988,7 +13325,7 @@ export interface ObservabilityPipelineConfigSourcesSyslogNg {
 }
 export interface ObservabilityPipelineConfigSourcesSyslogNgTls {
     /**
-     * Path to the Certificate Authority (CA) file used to validate the server’s TLS certificate.
+     * Path to the Certificate Authority (CA) file used to validate the server's TLS certificate.
      */
     caFile?: string;
     /**