generated: '2026-07-15' method: generated source: openapi/datadog-api-openapi.yml, openapi/datadog-events-openapi.yml, openapi/datadog-incidents-openapi.yml, openapi/datadog-logs-openapi.yml, openapi/datadog-metrics-openapi.yml, openapi/datadog-monitors-openapi.yml description: Recommended x-agentic-access execution contracts, classified heuristically from the OpenAPI. A governance starting point for exposing this API to AI agents — review and bind audience per deployment. See research/curity/agentic-governance/. summary: operations: 558 by_action_class: acting: 324 connected: 234 by_consequence: write: 298 read: 234 physical: 22 safety-critical: 4 human_in_the_loop_required: 4 operations: - path: /api/v2/actions/connections method: post operationId: CreateActionConnection x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/actions/connections/{connection_id} method: delete operationId: DeleteActionConnection x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/actions/connections/{connection_id} method: get operationId: GetActionConnection x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/actions/connections/{connection_id} method: patch operationId: UpdateActionConnection x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/agentless_scanning/accounts/aws method: get operationId: ListAwsScanOptions x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/agentless_scanning/accounts/aws method: post operationId: CreateAwsScanOptions x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/agentless_scanning/accounts/aws/{account_id} method: delete operationId: DeleteAwsScanOptions x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/agentless_scanning/accounts/aws/{account_id} method: patch operationId: UpdateAwsScanOptions x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/agentless_scanning/ondemand/aws method: get operationId: ListAwsOnDemandTasks x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/agentless_scanning/ondemand/aws method: post operationId: CreateAwsOnDemandTask x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/agentless_scanning/ondemand/aws/{task_id} method: get operationId: GetAwsOnDemandTask x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/api_keys method: get operationId: ListAPIKeys x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/api_keys method: post operationId: CreateAPIKey x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/api_keys/{api_key_id} method: delete operationId: DeleteAPIKey x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/api_keys/{api_key_id} method: get operationId: GetAPIKey x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/api_keys/{api_key_id} method: patch operationId: UpdateAPIKey x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/apicatalog/api method: get operationId: ListAPIs x-agentic-access: action-class: connected consequence: read subject: optional scope: - apm_api_catalog_read token: max-ttl: 3600 audit: none - path: /api/v2/apicatalog/api/{id} method: delete operationId: DeleteOpenAPI x-agentic-access: action-class: acting consequence: write subject: required scope: - apm_api_catalog_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/apicatalog/api/{id}/openapi method: get operationId: GetOpenAPI x-agentic-access: action-class: connected consequence: read subject: optional scope: - apm_api_catalog_read token: max-ttl: 3600 audit: none - path: /api/v2/apicatalog/api/{id}/openapi method: put operationId: UpdateOpenAPI x-agentic-access: action-class: acting consequence: write subject: required scope: - apm_api_catalog_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/apicatalog/openapi method: post operationId: CreateOpenAPI x-agentic-access: action-class: acting consequence: write subject: required scope: - apm_api_catalog_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/apm/config/metrics method: get operationId: ListSpansMetrics x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/apm/config/metrics method: post operationId: CreateSpansMetric x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/apm/config/metrics/{metric_id} method: delete operationId: DeleteSpansMetric x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/apm/config/metrics/{metric_id} method: get operationId: GetSpansMetric x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/apm/config/metrics/{metric_id} method: patch operationId: UpdateSpansMetric x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/apm/config/retention-filters method: get operationId: ListApmRetentionFilters x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/apm/config/retention-filters method: post operationId: CreateApmRetentionFilter x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/apm/config/retention-filters-execution-order method: put operationId: ReorderApmRetentionFilters x-agentic-access: action-class: acting consequence: physical subject: required audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/apm/config/retention-filters/{filter_id} method: delete operationId: DeleteApmRetentionFilter x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/apm/config/retention-filters/{filter_id} method: get operationId: GetApmRetentionFilter x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/apm/config/retention-filters/{filter_id} method: put operationId: UpdateApmRetentionFilter x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/app-builder/apps method: delete operationId: DeleteApps x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/app-builder/apps method: get operationId: ListApps x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/app-builder/apps method: post operationId: CreateApp x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/app-builder/apps/{app_id} method: delete operationId: DeleteApp x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/app-builder/apps/{app_id} method: get operationId: GetApp x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/app-builder/apps/{app_id} method: patch operationId: UpdateApp x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/app-builder/apps/{app_id}/deployment method: delete operationId: UnpublishApp x-agentic-access: action-class: acting consequence: physical subject: required audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/app-builder/apps/{app_id}/deployment method: post operationId: PublishApp x-agentic-access: action-class: acting consequence: physical subject: required audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/application_keys method: get operationId: ListApplicationKeys x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/application_keys/{app_key_id} method: delete operationId: DeleteApplicationKey x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/application_keys/{app_key_id} method: get operationId: GetApplicationKey x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/application_keys/{app_key_id} method: patch operationId: UpdateApplicationKey x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/audit/events method: get operationId: ListAuditLogs x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/audit/events/search method: post operationId: SearchAuditLogs x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/authn_mappings method: get operationId: ListAuthNMappings x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/authn_mappings method: post operationId: CreateAuthNMapping x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/authn_mappings/{authn_mapping_id} method: delete operationId: DeleteAuthNMapping x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/authn_mappings/{authn_mapping_id} method: get operationId: GetAuthNMapping x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/authn_mappings/{authn_mapping_id} method: patch operationId: UpdateAuthNMapping x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/cases method: get operationId: SearchCases x-agentic-access: action-class: connected consequence: read subject: optional scope: - cases_read token: max-ttl: 3600 audit: none - path: /api/v2/cases method: post operationId: CreateCase x-agentic-access: action-class: acting consequence: write subject: required scope: - cases_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/cases/projects method: get operationId: GetProjects x-agentic-access: action-class: connected consequence: read subject: optional scope: - cases_read token: max-ttl: 3600 audit: none - path: /api/v2/cases/projects method: post operationId: CreateProject x-agentic-access: action-class: acting consequence: write subject: required scope: - cases_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/cases/projects/{project_id} method: delete operationId: DeleteProject x-agentic-access: action-class: acting consequence: write subject: required scope: - cases_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/cases/projects/{project_id} method: get operationId: GetProject x-agentic-access: action-class: connected consequence: read subject: optional scope: - cases_read token: max-ttl: 3600 audit: none - path: /api/v2/cases/{case_id} method: get operationId: GetCase x-agentic-access: action-class: connected consequence: read subject: optional scope: - cases_read token: max-ttl: 3600 audit: none - path: /api/v2/cases/{case_id}/archive method: post operationId: ArchiveCase x-agentic-access: action-class: acting consequence: write subject: required scope: - cases_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/cases/{case_id}/assign method: post operationId: AssignCase x-agentic-access: action-class: acting consequence: write subject: required scope: - cases_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/cases/{case_id}/priority method: post operationId: UpdatePriority x-agentic-access: action-class: acting consequence: write subject: required scope: - cases_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/cases/{case_id}/status method: post operationId: UpdateStatus x-agentic-access: action-class: acting consequence: write subject: required scope: - cases_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/cases/{case_id}/unarchive method: post operationId: UnarchiveCase x-agentic-access: action-class: acting consequence: write subject: required scope: - cases_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/cases/{case_id}/unassign method: post operationId: UnassignCase x-agentic-access: action-class: acting consequence: write subject: required scope: - cases_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/catalog/entity method: get operationId: ListCatalogEntity x-agentic-access: action-class: connected consequence: read subject: optional scope: - apm_service_catalog_read token: max-ttl: 3600 audit: none - path: /api/v2/catalog/entity method: post operationId: UpsertCatalogEntity x-agentic-access: action-class: acting consequence: write subject: required scope: - apm_service_catalog_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/catalog/entity/{entity_id} method: delete operationId: DeleteCatalogEntity x-agentic-access: action-class: acting consequence: write subject: required scope: - apm_service_catalog_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/catalog/relation method: get operationId: ListCatalogRelation x-agentic-access: action-class: connected consequence: read subject: optional scope: - apm_service_catalog_read token: max-ttl: 3600 audit: none - path: /api/v2/ci/pipeline method: post operationId: CreateCIAppPipelineEvent x-agentic-access: action-class: acting consequence: physical subject: required audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/ci/pipelines/analytics/aggregate method: post operationId: AggregateCIAppPipelineEvents x-agentic-access: action-class: acting consequence: write subject: required scope: - ci_visibility_read audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/ci/pipelines/events method: get operationId: ListCIAppPipelineEvents x-agentic-access: action-class: connected consequence: read subject: optional scope: - ci_visibility_read token: max-ttl: 3600 audit: none - path: /api/v2/ci/pipelines/events/search method: post operationId: SearchCIAppPipelineEvents x-agentic-access: action-class: acting consequence: write subject: required scope: - ci_visibility_read audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/ci/tests/analytics/aggregate method: post operationId: AggregateCIAppTestEvents x-agentic-access: action-class: acting consequence: write subject: required scope: - ci_visibility_read audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/ci/tests/events method: get operationId: ListCIAppTestEvents x-agentic-access: action-class: connected consequence: read subject: optional scope: - ci_visibility_read token: max-ttl: 3600 audit: none - path: /api/v2/ci/tests/events/search method: post operationId: SearchCIAppTestEvents x-agentic-access: action-class: acting consequence: write subject: required scope: - ci_visibility_read audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/cloud_security_management/custom_frameworks method: post operationId: CreateCustomFramework x-agentic-access: action-class: acting consequence: write subject: required scope: - security_monitoring_rules_read - security_monitoring_rules_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/cloud_security_management/custom_frameworks/{handle}/{version} method: delete operationId: DeleteCustomFramework x-agentic-access: action-class: acting consequence: write subject: required scope: - security_monitoring_rules_read - security_monitoring_rules_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/cloud_security_management/custom_frameworks/{handle}/{version} method: get operationId: GetCustomFramework x-agentic-access: action-class: connected consequence: read subject: optional scope: - security_monitoring_rules_read token: max-ttl: 3600 audit: none - path: /api/v2/cloud_security_management/custom_frameworks/{handle}/{version} method: put operationId: UpdateCustomFramework x-agentic-access: action-class: acting consequence: write subject: required scope: - security_monitoring_rules_read - security_monitoring_rules_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/cloud_security_management/resource_filters method: get operationId: GetResourceEvaluationFilters x-agentic-access: action-class: connected consequence: read subject: optional scope: - security_monitoring_filters_read token: max-ttl: 3600 audit: none - path: /api/v2/cloud_security_management/resource_filters method: put operationId: UpdateResourceEvaluationFilters x-agentic-access: action-class: acting consequence: write subject: required scope: - security_monitoring_filters_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/container_images method: get operationId: ListContainerImages x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/containers method: get operationId: ListContainers x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/cost/aws_cur_config method: get operationId: ListCostAWSCURConfigs x-agentic-access: action-class: connected consequence: read subject: optional scope: - cloud_cost_management_read token: max-ttl: 3600 audit: none - path: /api/v2/cost/aws_cur_config method: post operationId: CreateCostAWSCURConfig x-agentic-access: action-class: acting consequence: write subject: required scope: - cloud_cost_management_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/cost/aws_cur_config/{cloud_account_id} method: delete operationId: DeleteCostAWSCURConfig x-agentic-access: action-class: acting consequence: write subject: required scope: - cloud_cost_management_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/cost/aws_cur_config/{cloud_account_id} method: patch operationId: UpdateCostAWSCURConfig x-agentic-access: action-class: acting consequence: write subject: required scope: - cloud_cost_management_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/cost/azure_uc_config method: get operationId: ListCostAzureUCConfigs x-agentic-access: action-class: connected consequence: read subject: optional scope: - cloud_cost_management_read token: max-ttl: 3600 audit: none - path: /api/v2/cost/azure_uc_config method: post operationId: CreateCostAzureUCConfigs x-agentic-access: action-class: acting consequence: write subject: required scope: - cloud_cost_management_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/cost/azure_uc_config/{cloud_account_id} method: delete operationId: DeleteCostAzureUCConfig x-agentic-access: action-class: acting consequence: write subject: required scope: - cloud_cost_management_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/cost/azure_uc_config/{cloud_account_id} method: patch operationId: UpdateCostAzureUCConfigs x-agentic-access: action-class: acting consequence: write subject: required scope: - cloud_cost_management_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/cost/budget method: put operationId: UpsertBudget x-agentic-access: action-class: acting consequence: write subject: required scope: - cloud_cost_management_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/cost/budget/{budget_id} method: delete operationId: DeleteBudget x-agentic-access: action-class: acting consequence: write subject: required scope: - cloud_cost_management_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/cost/budget/{budget_id} method: get operationId: GetBudget x-agentic-access: action-class: connected consequence: read subject: optional scope: - cloud_cost_management_read token: max-ttl: 3600 audit: none - path: /api/v2/cost/budgets method: get operationId: ListBudgets x-agentic-access: action-class: connected consequence: read subject: optional scope: - cloud_cost_management_read token: max-ttl: 3600 audit: none - path: /api/v2/cost/custom_costs method: get operationId: ListCustomCostsFiles x-agentic-access: action-class: connected consequence: read subject: optional scope: - cloud_cost_management_read token: max-ttl: 3600 audit: none - path: /api/v2/cost/custom_costs method: put operationId: UploadCustomCostsFile x-agentic-access: action-class: acting consequence: write subject: required scope: - cloud_cost_management_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/cost/custom_costs/{file_id} method: delete operationId: DeleteCustomCostsFile x-agentic-access: action-class: acting consequence: write subject: required scope: - cloud_cost_management_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/cost/custom_costs/{file_id} method: get operationId: GetCustomCostsFile x-agentic-access: action-class: connected consequence: read subject: optional scope: - cloud_cost_management_read token: max-ttl: 3600 audit: none - path: /api/v2/cost_by_tag/active_billing_dimensions method: get operationId: GetActiveBillingDimensions x-agentic-access: action-class: connected consequence: read subject: optional scope: - usage_read token: max-ttl: 3600 audit: none - path: /api/v2/cost_by_tag/monthly_cost_attribution method: get operationId: GetMonthlyCostAttribution x-agentic-access: action-class: connected consequence: read subject: optional scope: - usage_read token: max-ttl: 3600 audit: none - path: /api/v2/csm/onboarding/agents method: get operationId: ListAllCSMAgents x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/csm/onboarding/coverage_analysis/cloud_accounts method: get operationId: GetCSMCloudAccountsCoverageAnalysis x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/csm/onboarding/coverage_analysis/hosts_and_containers method: get operationId: GetCSMHostsAndContainersCoverageAnalysis x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/csm/onboarding/coverage_analysis/serverless method: get operationId: GetCSMServerlessCoverageAnalysis x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/csm/onboarding/serverless/agents method: get operationId: ListAllCSMServerlessAgents x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/current_user/application_keys method: get operationId: ListCurrentUserApplicationKeys x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/current_user/application_keys method: post operationId: CreateCurrentUserApplicationKey x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/current_user/application_keys/{app_key_id} method: delete operationId: DeleteCurrentUserApplicationKey x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/current_user/application_keys/{app_key_id} method: get operationId: GetCurrentUserApplicationKey x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/current_user/application_keys/{app_key_id} method: patch operationId: UpdateCurrentUserApplicationKey x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/dashboard/lists/manual/{dashboard_list_id}/dashboards method: delete operationId: DeleteDashboardListItems x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/dashboard/lists/manual/{dashboard_list_id}/dashboards method: get operationId: GetDashboardListItems x-agentic-access: action-class: connected consequence: read subject: optional scope: - dashboards_read token: max-ttl: 3600 audit: none - path: /api/v2/dashboard/lists/manual/{dashboard_list_id}/dashboards method: post operationId: CreateDashboardListItems x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/dashboard/lists/manual/{dashboard_list_id}/dashboards method: put operationId: UpdateDashboardListItems x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/domain_allowlist method: get operationId: GetDomainAllowlist x-agentic-access: action-class: connected consequence: read subject: optional scope: - org_management token: max-ttl: 3600 audit: none - path: /api/v2/domain_allowlist method: patch operationId: PatchDomainAllowlist x-agentic-access: action-class: acting consequence: write subject: required scope: - org_management audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/dora/deployment method: post operationId: CreateDORADeployment x-agentic-access: action-class: acting consequence: physical subject: required audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/dora/deployments method: post operationId: ListDORADeployments x-agentic-access: action-class: acting consequence: physical subject: required audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/dora/deployments/{deployment_id} method: get operationId: GetDORADeployment x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/dora/failures method: post operationId: ListDORAFailures x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/dora/failures/{failure_id} method: get operationId: GetDORAFailure x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/dora/incident method: post operationId: CreateDORAIncident x-agentic-access: action-class: acting consequence: physical subject: required audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/downtime method: get operationId: ListDowntimes x-agentic-access: action-class: connected consequence: read subject: optional scope: - monitors_downtime token: max-ttl: 3600 audit: none - path: /api/v2/downtime method: post operationId: CreateDowntime x-agentic-access: action-class: acting consequence: write subject: required scope: - monitors_downtime audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/downtime/{downtime_id} method: delete operationId: CancelDowntime x-agentic-access: action-class: acting consequence: write subject: required scope: - monitors_downtime audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/downtime/{downtime_id} method: get operationId: GetDowntime x-agentic-access: action-class: connected consequence: read subject: optional scope: - monitors_downtime token: max-ttl: 3600 audit: none - path: /api/v2/downtime/{downtime_id} method: patch operationId: UpdateDowntime x-agentic-access: action-class: acting consequence: write subject: required scope: - monitors_downtime audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/events method: get operationId: ListEvents x-agentic-access: action-class: connected consequence: read subject: optional scope: - events_read token: max-ttl: 3600 audit: none - path: /api/v2/events method: post operationId: CreateEvent x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/events/search method: post operationId: SearchEvents x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/incidents method: get operationId: ListIncidents x-agentic-access: action-class: connected consequence: read subject: optional scope: - incident_read token: max-ttl: 3600 audit: none - path: /api/v2/incidents method: post operationId: CreateIncident x-agentic-access: action-class: acting consequence: write subject: required scope: - incident_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/incidents/config/types method: get operationId: ListIncidentTypes x-agentic-access: action-class: connected consequence: read subject: optional scope: - incident_read token: max-ttl: 3600 audit: none - path: /api/v2/incidents/config/types method: post operationId: CreateIncidentType x-agentic-access: action-class: acting consequence: write subject: required scope: - incident_settings_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/incidents/config/types/{incident_type_id} method: delete operationId: DeleteIncidentType x-agentic-access: action-class: acting consequence: write subject: required scope: - incident_settings_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/incidents/config/types/{incident_type_id} method: get operationId: GetIncidentType x-agentic-access: action-class: connected consequence: read subject: optional scope: - incident_read token: max-ttl: 3600 audit: none - path: /api/v2/incidents/config/types/{incident_type_id} method: patch operationId: UpdateIncidentType x-agentic-access: action-class: acting consequence: write subject: required scope: - incident_settings_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/incidents/search method: get operationId: SearchIncidents x-agentic-access: action-class: connected consequence: read subject: optional scope: - incident_read token: max-ttl: 3600 audit: none - path: /api/v2/incidents/{incident_id} method: delete operationId: DeleteIncident x-agentic-access: action-class: acting consequence: write subject: required scope: - incident_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/incidents/{incident_id} method: get operationId: GetIncident x-agentic-access: action-class: connected consequence: read subject: optional scope: - incident_read token: max-ttl: 3600 audit: none - path: /api/v2/incidents/{incident_id} method: patch operationId: UpdateIncident x-agentic-access: action-class: acting consequence: write subject: required scope: - incident_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/incidents/{incident_id}/attachments method: get operationId: ListIncidentAttachments x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/incidents/{incident_id}/attachments method: patch operationId: UpdateIncidentAttachments x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/incidents/{incident_id}/relationships/integrations method: get operationId: ListIncidentIntegrations x-agentic-access: action-class: connected consequence: read subject: optional scope: - incident_read token: max-ttl: 3600 audit: none - path: /api/v2/incidents/{incident_id}/relationships/integrations method: post operationId: CreateIncidentIntegration x-agentic-access: action-class: acting consequence: physical subject: required scope: - incident_write audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/incidents/{incident_id}/relationships/integrations/{integration_metadata_id} method: delete operationId: DeleteIncidentIntegration x-agentic-access: action-class: acting consequence: physical subject: required scope: - incident_write audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/incidents/{incident_id}/relationships/integrations/{integration_metadata_id} method: get operationId: GetIncidentIntegration x-agentic-access: action-class: connected consequence: read subject: optional scope: - incident_read token: max-ttl: 3600 audit: none - path: /api/v2/incidents/{incident_id}/relationships/integrations/{integration_metadata_id} method: patch operationId: UpdateIncidentIntegration x-agentic-access: action-class: acting consequence: physical subject: required scope: - incident_write audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/incidents/{incident_id}/relationships/todos method: get operationId: ListIncidentTodos x-agentic-access: action-class: connected consequence: read subject: optional scope: - incident_read token: max-ttl: 3600 audit: none - path: /api/v2/incidents/{incident_id}/relationships/todos method: post operationId: CreateIncidentTodo x-agentic-access: action-class: acting consequence: physical subject: required scope: - incident_write audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/incidents/{incident_id}/relationships/todos/{todo_id} method: delete operationId: DeleteIncidentTodo x-agentic-access: action-class: acting consequence: physical subject: required scope: - incident_write audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/incidents/{incident_id}/relationships/todos/{todo_id} method: get operationId: GetIncidentTodo x-agentic-access: action-class: connected consequence: read subject: optional scope: - incident_read token: max-ttl: 3600 audit: none - path: /api/v2/incidents/{incident_id}/relationships/todos/{todo_id} method: patch operationId: UpdateIncidentTodo x-agentic-access: action-class: acting consequence: physical subject: required scope: - incident_write audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/integration/aws/accounts method: get operationId: ListAWSAccounts x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/integration/aws/accounts method: post operationId: CreateAWSAccount x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/integration/aws/accounts/{aws_account_config_id} method: delete operationId: DeleteAWSAccount x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/integration/aws/accounts/{aws_account_config_id} method: get operationId: GetAWSAccount x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/integration/aws/accounts/{aws_account_config_id} method: patch operationId: UpdateAWSAccount x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/integration/aws/available_namespaces method: get operationId: ListAWSNamespaces x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/integration/aws/generate_new_external_id method: post operationId: CreateNewAWSExternalID x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/integration/aws/logs/services method: get operationId: ListAWSLogsServices x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/integration/gcp/accounts method: get operationId: ListGCPSTSAccounts x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/integration/gcp/accounts method: post operationId: CreateGCPSTSAccount x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/integration/gcp/accounts/{account_id} method: delete operationId: DeleteGCPSTSAccount x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/integration/gcp/accounts/{account_id} method: patch operationId: UpdateGCPSTSAccount x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/integration/gcp/sts_delegate method: get operationId: GetGCPSTSDelegate x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/integration/gcp/sts_delegate method: post operationId: MakeGCPSTSDelegate x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/integration/ms-teams/configuration/channel/{tenant_name}/{team_name}/{channel_name} method: get operationId: GetChannelByName x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/integration/ms-teams/configuration/tenant-based-handles method: get operationId: ListTenantBasedHandles x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/integration/ms-teams/configuration/tenant-based-handles method: post operationId: CreateTenantBasedHandle x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/integration/ms-teams/configuration/tenant-based-handles/{handle_id} method: delete operationId: DeleteTenantBasedHandle x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/integration/ms-teams/configuration/tenant-based-handles/{handle_id} method: get operationId: GetTenantBasedHandle x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/integration/ms-teams/configuration/tenant-based-handles/{handle_id} method: patch operationId: UpdateTenantBasedHandle x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/integration/ms-teams/configuration/workflows-webhook-handles method: get operationId: ListWorkflowsWebhookHandles x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/integration/ms-teams/configuration/workflows-webhook-handles method: post operationId: CreateWorkflowsWebhookHandle x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/integration/ms-teams/configuration/workflows-webhook-handles/{handle_id} method: delete operationId: DeleteWorkflowsWebhookHandle x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/integration/ms-teams/configuration/workflows-webhook-handles/{handle_id} method: get operationId: GetWorkflowsWebhookHandle x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/integration/ms-teams/configuration/workflows-webhook-handles/{handle_id} method: patch operationId: UpdateWorkflowsWebhookHandle x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/integration/opsgenie/services method: get operationId: ListOpsgenieServices x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/integration/opsgenie/services method: post operationId: CreateOpsgenieService x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/integration/opsgenie/services/{integration_service_id} method: delete operationId: DeleteOpsgenieService x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/integration/opsgenie/services/{integration_service_id} method: get operationId: GetOpsgenieService x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/integration/opsgenie/services/{integration_service_id} method: patch operationId: UpdateOpsgenieService x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/integrations/cloudflare/accounts method: get operationId: ListCloudflareAccounts x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/integrations/cloudflare/accounts method: post operationId: CreateCloudflareAccount x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/integrations/cloudflare/accounts/{account_id} method: delete operationId: DeleteCloudflareAccount x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/integrations/cloudflare/accounts/{account_id} method: get operationId: GetCloudflareAccount x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/integrations/cloudflare/accounts/{account_id} method: patch operationId: UpdateCloudflareAccount x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/integrations/confluent-cloud/accounts method: get operationId: ListConfluentAccount x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/integrations/confluent-cloud/accounts method: post operationId: CreateConfluentAccount x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/integrations/confluent-cloud/accounts/{account_id} method: delete operationId: DeleteConfluentAccount x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/integrations/confluent-cloud/accounts/{account_id} method: get operationId: GetConfluentAccount x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/integrations/confluent-cloud/accounts/{account_id} method: patch operationId: UpdateConfluentAccount x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/integrations/confluent-cloud/accounts/{account_id}/resources method: get operationId: ListConfluentResource x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/integrations/confluent-cloud/accounts/{account_id}/resources method: post operationId: CreateConfluentResource x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/integrations/confluent-cloud/accounts/{account_id}/resources/{resource_id} method: delete operationId: DeleteConfluentResource x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/integrations/confluent-cloud/accounts/{account_id}/resources/{resource_id} method: get operationId: GetConfluentResource x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/integrations/confluent-cloud/accounts/{account_id}/resources/{resource_id} method: patch operationId: UpdateConfluentResource x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/integrations/fastly/accounts method: get operationId: ListFastlyAccounts x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/integrations/fastly/accounts method: post operationId: CreateFastlyAccount x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/integrations/fastly/accounts/{account_id} method: delete operationId: DeleteFastlyAccount x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/integrations/fastly/accounts/{account_id} method: get operationId: GetFastlyAccount x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/integrations/fastly/accounts/{account_id} method: patch operationId: UpdateFastlyAccount x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/integrations/fastly/accounts/{account_id}/services method: get operationId: ListFastlyServices x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/integrations/fastly/accounts/{account_id}/services method: post operationId: CreateFastlyService x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/integrations/fastly/accounts/{account_id}/services/{service_id} method: delete operationId: DeleteFastlyService x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/integrations/fastly/accounts/{account_id}/services/{service_id} method: get operationId: GetFastlyService x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/integrations/fastly/accounts/{account_id}/services/{service_id} method: patch operationId: UpdateFastlyService x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/integrations/okta/accounts method: get operationId: ListOktaAccounts x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/integrations/okta/accounts method: post operationId: CreateOktaAccount x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/integrations/okta/accounts/{account_id} method: delete operationId: DeleteOktaAccount x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/integrations/okta/accounts/{account_id} method: get operationId: GetOktaAccount x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/integrations/okta/accounts/{account_id} method: patch operationId: UpdateOktaAccount x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/ip_allowlist method: get operationId: GetIPAllowlist x-agentic-access: action-class: connected consequence: read subject: optional scope: - org_management token: max-ttl: 3600 audit: none - path: /api/v2/ip_allowlist method: patch operationId: UpdateIPAllowlist x-agentic-access: action-class: acting consequence: write subject: required scope: - org_management audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/logs method: post operationId: SubmitLog x-agentic-access: action-class: acting consequence: physical subject: required audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/logs/analytics/aggregate method: post operationId: AggregateLogs x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/logs/config/archive-order method: get operationId: GetLogsArchiveOrder x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/logs/config/archive-order method: put operationId: UpdateLogsArchiveOrder x-agentic-access: action-class: acting consequence: physical subject: required audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/logs/config/archives method: get operationId: ListLogsArchives x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/logs/config/archives method: post operationId: CreateLogsArchive x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/logs/config/archives/{archive_id} method: delete operationId: DeleteLogsArchive x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/logs/config/archives/{archive_id} method: get operationId: GetLogsArchive x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/logs/config/archives/{archive_id} method: put operationId: UpdateLogsArchive x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/logs/config/archives/{archive_id}/readers method: delete operationId: RemoveRoleFromArchive x-agentic-access: action-class: acting consequence: safety-critical subject: required audience: null token: max-ttl: 120 exchange: true purpose-required: true proof-of-possession: true escalation: human-in-the-loop: required audit: required - path: /api/v2/logs/config/archives/{archive_id}/readers method: get operationId: ListArchiveReadRoles x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/logs/config/archives/{archive_id}/readers method: post operationId: AddReadRoleToArchive x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/logs/config/custom-destinations method: get operationId: ListLogsCustomDestinations x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/logs/config/custom-destinations method: post operationId: CreateLogsCustomDestination x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/logs/config/custom-destinations/{custom_destination_id} method: delete operationId: DeleteLogsCustomDestination x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/logs/config/custom-destinations/{custom_destination_id} method: get operationId: GetLogsCustomDestination x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/logs/config/custom-destinations/{custom_destination_id} method: patch operationId: UpdateLogsCustomDestination x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/logs/config/metrics method: get operationId: ListLogsMetrics x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/logs/config/metrics method: post operationId: CreateLogsMetric x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/logs/config/metrics/{metric_id} method: delete operationId: DeleteLogsMetric x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/logs/config/metrics/{metric_id} method: get operationId: GetLogsMetric x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/logs/config/metrics/{metric_id} method: patch operationId: UpdateLogsMetric x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/logs/config/restriction_queries method: get operationId: ListRestrictionQueries x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/logs/config/restriction_queries method: post operationId: CreateRestrictionQuery x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/logs/config/restriction_queries/role/{role_id} method: get operationId: GetRoleRestrictionQuery x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/logs/config/restriction_queries/user/{user_id} method: get operationId: ListUserRestrictionQueries x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/logs/config/restriction_queries/{restriction_query_id} method: delete operationId: DeleteRestrictionQuery x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/logs/config/restriction_queries/{restriction_query_id} method: get operationId: GetRestrictionQuery x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/logs/config/restriction_queries/{restriction_query_id} method: patch operationId: UpdateRestrictionQuery x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/logs/config/restriction_queries/{restriction_query_id}/roles method: delete operationId: RemoveRoleFromRestrictionQuery x-agentic-access: action-class: acting consequence: safety-critical subject: required audience: null token: max-ttl: 120 exchange: true purpose-required: true proof-of-possession: true escalation: human-in-the-loop: required audit: required - path: /api/v2/logs/config/restriction_queries/{restriction_query_id}/roles method: get operationId: ListRestrictionQueryRoles x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/logs/config/restriction_queries/{restriction_query_id}/roles method: post operationId: AddRoleToRestrictionQuery x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/logs/events method: get operationId: ListLogsGet x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/logs/events/search method: post operationId: ListLogs x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/metrics method: get operationId: ListTagConfigurations x-agentic-access: action-class: connected consequence: read subject: optional scope: - metrics_read token: max-ttl: 3600 audit: none - path: /api/v2/metrics/config/bulk-tags method: delete operationId: DeleteBulkTagsMetricsConfiguration x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/metrics/config/bulk-tags method: post operationId: CreateBulkTagsMetricsConfiguration x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/metrics/{metric_name}/active-configurations method: get operationId: ListActiveMetricConfigurations x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/metrics/{metric_name}/all-tags method: get operationId: ListTagsByMetricName x-agentic-access: action-class: connected consequence: read subject: optional scope: - metrics_read token: max-ttl: 3600 audit: none - path: /api/v2/metrics/{metric_name}/assets method: get operationId: ListMetricAssets x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/metrics/{metric_name}/estimate method: get operationId: EstimateMetricsOutputSeries x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/metrics/{metric_name}/tags method: delete operationId: DeleteTagConfiguration x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/metrics/{metric_name}/tags method: get operationId: ListTagConfigurationByName x-agentic-access: action-class: connected consequence: read subject: optional scope: - metrics_read token: max-ttl: 3600 audit: none - path: /api/v2/metrics/{metric_name}/tags method: patch operationId: UpdateTagConfiguration x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/metrics/{metric_name}/tags method: post operationId: CreateTagConfiguration x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/metrics/{metric_name}/volumes method: get operationId: ListVolumesByMetricName x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/monitor/notification_rule method: get operationId: GetMonitorNotificationRules x-agentic-access: action-class: connected consequence: read subject: optional scope: - monitors_read token: max-ttl: 3600 audit: none - path: /api/v2/monitor/notification_rule method: post operationId: CreateMonitorNotificationRule x-agentic-access: action-class: acting consequence: write subject: required scope: - monitor_config_policy_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/monitor/notification_rule/{rule_id} method: delete operationId: DeleteMonitorNotificationRule x-agentic-access: action-class: acting consequence: write subject: required scope: - monitor_config_policy_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/monitor/notification_rule/{rule_id} method: get operationId: GetMonitorNotificationRule x-agentic-access: action-class: connected consequence: read subject: optional scope: - monitors_read token: max-ttl: 3600 audit: none - path: /api/v2/monitor/notification_rule/{rule_id} method: patch operationId: UpdateMonitorNotificationRule x-agentic-access: action-class: acting consequence: write subject: required scope: - monitor_config_policy_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/monitor/policy method: get operationId: ListMonitorConfigPolicies x-agentic-access: action-class: connected consequence: read subject: optional scope: - monitors_read token: max-ttl: 3600 audit: none - path: /api/v2/monitor/policy method: post operationId: CreateMonitorConfigPolicy x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/monitor/policy/{policy_id} method: delete operationId: DeleteMonitorConfigPolicy x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/monitor/policy/{policy_id} method: get operationId: GetMonitorConfigPolicy x-agentic-access: action-class: connected consequence: read subject: optional scope: - monitors_read token: max-ttl: 3600 audit: none - path: /api/v2/monitor/policy/{policy_id} method: patch operationId: UpdateMonitorConfigPolicy x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/monitor/{monitor_id}/downtime_matches method: get operationId: ListMonitorDowntimes x-agentic-access: action-class: connected consequence: read subject: optional scope: - monitors_downtime token: max-ttl: 3600 audit: none - path: /api/v2/ndm/devices method: get operationId: ListDevices x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/ndm/devices/{device_id} method: get operationId: GetDevice x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/ndm/interfaces method: get operationId: GetInterfaces x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/ndm/tags/devices/{device_id} method: get operationId: ListDeviceUserTags x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/ndm/tags/devices/{device_id} method: patch operationId: UpdateDeviceUserTags x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/network/connections/aggregate method: get operationId: GetAggregatedConnections x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/on-call/escalation-policies method: post operationId: CreateOnCallEscalationPolicy x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/on-call/escalation-policies/{policy_id} method: delete operationId: DeleteOnCallEscalationPolicy x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/on-call/escalation-policies/{policy_id} method: get operationId: GetOnCallEscalationPolicy x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/on-call/escalation-policies/{policy_id} method: put operationId: UpdateOnCallEscalationPolicy x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/on-call/pages method: post operationId: CreateOnCallPage x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/on-call/pages/{page_id}/acknowledge method: post operationId: AcknowledgeOnCallPage x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/on-call/pages/{page_id}/escalate method: post operationId: EscalateOnCallPage x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/on-call/pages/{page_id}/resolve method: post operationId: ResolveOnCallPage x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/on-call/schedules method: post operationId: CreateOnCallSchedule x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/on-call/schedules/{schedule_id} method: delete operationId: DeleteOnCallSchedule x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/on-call/schedules/{schedule_id} method: get operationId: GetOnCallSchedule x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/on-call/schedules/{schedule_id} method: put operationId: UpdateOnCallSchedule x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/on-call/schedules/{schedule_id}/on-call method: get operationId: GetScheduleOnCallUser x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/on-call/teams/{team_id}/on-call method: get operationId: GetTeamOnCallUsers x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/on-call/teams/{team_id}/routing-rules method: get operationId: GetOnCallTeamRoutingRules x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/on-call/teams/{team_id}/routing-rules method: put operationId: SetOnCallTeamRoutingRules x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/org_configs method: get operationId: ListOrgConfigs x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/org_configs/{org_config_name} method: get operationId: GetOrgConfig x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/org_configs/{org_config_name} method: patch operationId: UpdateOrgConfig x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/permissions method: get operationId: ListPermissions x-agentic-access: action-class: connected consequence: read subject: optional scope: - user_access_read token: max-ttl: 3600 audit: none - path: /api/v2/posture_management/findings method: get operationId: ListFindings x-agentic-access: action-class: connected consequence: read subject: optional scope: - security_monitoring_findings_read token: max-ttl: 3600 audit: none - path: /api/v2/posture_management/findings method: patch operationId: MuteFindings x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/posture_management/findings/{finding_id} method: get operationId: GetFinding x-agentic-access: action-class: connected consequence: read subject: optional scope: - security_monitoring_findings_read token: max-ttl: 3600 audit: none - path: /api/v2/powerpacks method: get operationId: ListPowerpacks x-agentic-access: action-class: connected consequence: read subject: optional scope: - dashboards_read token: max-ttl: 3600 audit: none - path: /api/v2/powerpacks method: post operationId: CreatePowerpack x-agentic-access: action-class: acting consequence: write subject: required scope: - dashboards_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/powerpacks/{powerpack_id} method: delete operationId: DeletePowerpack x-agentic-access: action-class: acting consequence: write subject: required scope: - dashboards_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/powerpacks/{powerpack_id} method: get operationId: GetPowerpack x-agentic-access: action-class: connected consequence: read subject: optional scope: - dashboards_read token: max-ttl: 3600 audit: none - path: /api/v2/powerpacks/{powerpack_id} method: patch operationId: UpdatePowerpack x-agentic-access: action-class: acting consequence: write subject: required scope: - dashboards_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/processes method: get operationId: ListProcesses x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/query/scalar method: post operationId: QueryScalarData x-agentic-access: action-class: acting consequence: write subject: required scope: - timeseries_query audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/query/timeseries method: post operationId: QueryTimeseriesData x-agentic-access: action-class: acting consequence: write subject: required scope: - timeseries_query audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/remote_config/products/asm/waf/custom_rules method: get operationId: ListApplicationSecurityWAFCustomRules x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/remote_config/products/asm/waf/custom_rules method: post operationId: CreateApplicationSecurityWafCustomRule x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/remote_config/products/asm/waf/custom_rules/{custom_rule_id} method: delete operationId: DeleteApplicationSecurityWafCustomRule x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/remote_config/products/asm/waf/custom_rules/{custom_rule_id} method: get operationId: GetApplicationSecurityWafCustomRule x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/remote_config/products/asm/waf/custom_rules/{custom_rule_id} method: put operationId: UpdateApplicationSecurityWafCustomRule x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/remote_config/products/asm/waf/exclusion_filters method: get operationId: ListApplicationSecurityWafExclusionFilters x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/remote_config/products/asm/waf/exclusion_filters method: post operationId: CreateApplicationSecurityWafExclusionFilter x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/remote_config/products/asm/waf/exclusion_filters/{exclusion_filter_id} method: delete operationId: DeleteApplicationSecurityWafExclusionFilter x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/remote_config/products/asm/waf/exclusion_filters/{exclusion_filter_id} method: get operationId: GetApplicationSecurityWafExclusionFilter x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/remote_config/products/asm/waf/exclusion_filters/{exclusion_filter_id} method: put operationId: UpdateApplicationSecurityWafExclusionFilter x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/remote_config/products/cws/agent_rules method: get operationId: ListCSMThreatsAgentRules x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/remote_config/products/cws/agent_rules method: post operationId: CreateCSMThreatsAgentRule x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/remote_config/products/cws/agent_rules/{agent_rule_id} method: delete operationId: DeleteCSMThreatsAgentRule x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/remote_config/products/cws/agent_rules/{agent_rule_id} method: get operationId: GetCSMThreatsAgentRule x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/remote_config/products/cws/agent_rules/{agent_rule_id} method: patch operationId: UpdateCSMThreatsAgentRule x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/remote_config/products/cws/policy method: get operationId: ListCSMThreatsAgentPolicies x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/remote_config/products/cws/policy method: post operationId: CreateCSMThreatsAgentPolicy x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/remote_config/products/cws/policy/download method: get operationId: DownloadCSMThreatsPolicy x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/remote_config/products/cws/policy/{policy_id} method: delete operationId: DeleteCSMThreatsAgentPolicy x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/remote_config/products/cws/policy/{policy_id} method: get operationId: GetCSMThreatsAgentPolicy x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/remote_config/products/cws/policy/{policy_id} method: patch operationId: UpdateCSMThreatsAgentPolicy x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/remote_config/products/obs_pipelines/pipelines method: get operationId: ListPipelines x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/remote_config/products/obs_pipelines/pipelines method: post operationId: CreatePipeline x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/remote_config/products/obs_pipelines/pipelines/validate method: post operationId: ValidatePipeline x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/remote_config/products/obs_pipelines/pipelines/{pipeline_id} method: delete operationId: DeletePipeline x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/remote_config/products/obs_pipelines/pipelines/{pipeline_id} method: get operationId: GetPipeline x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/remote_config/products/obs_pipelines/pipelines/{pipeline_id} method: put operationId: UpdatePipeline x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/restriction_policy/{resource_id} method: delete operationId: DeleteRestrictionPolicy x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/restriction_policy/{resource_id} method: get operationId: GetRestrictionPolicy x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/restriction_policy/{resource_id} method: post operationId: UpdateRestrictionPolicy x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/roles method: get operationId: ListRoles x-agentic-access: action-class: connected consequence: read subject: optional scope: - user_access_read token: max-ttl: 3600 audit: none - path: /api/v2/roles method: post operationId: CreateRole x-agentic-access: action-class: acting consequence: write subject: required scope: - user_access_manage audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/roles/{role_id} method: delete operationId: DeleteRole x-agentic-access: action-class: acting consequence: write subject: required scope: - user_access_manage audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/roles/{role_id} method: get operationId: GetRole x-agentic-access: action-class: connected consequence: read subject: optional scope: - user_access_read token: max-ttl: 3600 audit: none - path: /api/v2/roles/{role_id} method: patch operationId: UpdateRole x-agentic-access: action-class: acting consequence: write subject: required scope: - user_access_manage audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/roles/{role_id}/clone method: post operationId: CloneRole x-agentic-access: action-class: acting consequence: write subject: required scope: - user_access_manage audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/roles/{role_id}/permissions method: delete operationId: RemovePermissionFromRole x-agentic-access: action-class: acting consequence: safety-critical subject: required scope: - user_access_manage audience: null token: max-ttl: 120 exchange: true purpose-required: true proof-of-possession: true escalation: human-in-the-loop: required audit: required - path: /api/v2/roles/{role_id}/permissions method: get operationId: ListRolePermissions x-agentic-access: action-class: connected consequence: read subject: optional scope: - user_access_read token: max-ttl: 3600 audit: none - path: /api/v2/roles/{role_id}/permissions method: post operationId: AddPermissionToRole x-agentic-access: action-class: acting consequence: write subject: required scope: - user_access_manage audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/roles/{role_id}/users method: delete operationId: RemoveUserFromRole x-agentic-access: action-class: acting consequence: write subject: required scope: - user_access_manage audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/roles/{role_id}/users method: get operationId: ListRoleUsers x-agentic-access: action-class: connected consequence: read subject: optional scope: - user_access_read token: max-ttl: 3600 audit: none - path: /api/v2/roles/{role_id}/users method: post operationId: AddUserToRole x-agentic-access: action-class: acting consequence: write subject: required scope: - user_access_manage audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/rum/analytics/aggregate method: post operationId: AggregateRUMEvents x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/rum/applications method: get operationId: GetRUMApplications x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/rum/applications method: post operationId: CreateRUMApplication x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/rum/applications/{app_id}/relationships/retention_filters method: patch operationId: OrderRetentionFilters x-agentic-access: action-class: acting consequence: physical subject: required audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/rum/applications/{app_id}/retention_filters method: get operationId: ListRetentionFilters x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/rum/applications/{app_id}/retention_filters method: post operationId: CreateRetentionFilter x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/rum/applications/{app_id}/retention_filters/{rf_id} method: delete operationId: DeleteRetentionFilter x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/rum/applications/{app_id}/retention_filters/{rf_id} method: get operationId: GetRetentionFilter x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/rum/applications/{app_id}/retention_filters/{rf_id} method: patch operationId: UpdateRetentionFilter x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/rum/applications/{id} method: delete operationId: DeleteRUMApplication x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/rum/applications/{id} method: get operationId: GetRUMApplication x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/rum/applications/{id} method: patch operationId: UpdateRUMApplication x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/rum/config/metrics method: get operationId: ListRumMetrics x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/rum/config/metrics method: post operationId: CreateRumMetric x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/rum/config/metrics/{metric_id} method: delete operationId: DeleteRumMetric x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/rum/config/metrics/{metric_id} method: get operationId: GetRumMetric x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/rum/config/metrics/{metric_id} method: patch operationId: UpdateRumMetric x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/rum/events method: get operationId: ListRUMEvents x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/rum/events/search method: post operationId: SearchRUMEvents x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/saml_configurations/idp_metadata method: post operationId: UploadIdPMetadata x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/scim/Groups method: get operationId: ListSCIMGroups x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/scim/Groups method: post operationId: CreateSCIMGroup x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/scim/Groups/{group_id} method: delete operationId: DeleteSCIMGroup x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/scim/Groups/{group_id} method: get operationId: GetSCIMGroup x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/scim/Groups/{group_id} method: patch operationId: PatchSCIMGroup x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/scim/Groups/{group_id} method: put operationId: UpdateSCIMGroup x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/scim/Users method: get operationId: ListSCIMUsers x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/scim/Users method: post operationId: CreateSCIMUser x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/scim/Users/{user_uuid} method: delete operationId: DeleteSCIMUser x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/scim/Users/{user_uuid} method: get operationId: GetSCIMUser x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/scim/Users/{user_uuid} method: patch operationId: PatchSCIMUser x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/scim/Users/{user_uuid} method: put operationId: UpdateSCIMUser x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/scorecard/outcomes method: get operationId: ListScorecardOutcomes x-agentic-access: action-class: connected consequence: read subject: optional scope: - apm_service_catalog_read token: max-ttl: 3600 audit: none - path: /api/v2/scorecard/outcomes/batch method: post operationId: CreateScorecardOutcomesBatch x-agentic-access: action-class: acting consequence: write subject: required scope: - apm_service_catalog_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/scorecard/rules method: get operationId: ListScorecardRules x-agentic-access: action-class: connected consequence: read subject: optional scope: - apm_service_catalog_read token: max-ttl: 3600 audit: none - path: /api/v2/scorecard/rules method: post operationId: CreateScorecardRule x-agentic-access: action-class: acting consequence: write subject: required scope: - apm_service_catalog_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/scorecard/rules/{rule_id} method: delete operationId: DeleteScorecardRule x-agentic-access: action-class: acting consequence: write subject: required scope: - apm_service_catalog_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/scorecard/rules/{rule_id} method: put operationId: UpdateScorecardRule x-agentic-access: action-class: acting consequence: write subject: required scope: - apm_service_catalog_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/security/assets method: get operationId: ListVulnerableAssets x-agentic-access: action-class: connected consequence: read subject: optional scope: - appsec_vm_read token: max-ttl: 3600 audit: none - path: /api/v2/security/cloud_workload/policy/download method: get operationId: DownloadCloudWorkloadPolicyFile x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/security/sboms/{asset_type} method: get operationId: GetSBOM x-agentic-access: action-class: connected consequence: read subject: optional scope: - appsec_vm_read token: max-ttl: 3600 audit: none - path: /api/v2/security/signals/notification_rules method: get operationId: GetSignalNotificationRules x-agentic-access: action-class: connected consequence: read subject: optional scope: - security_monitoring_notification_profiles_read token: max-ttl: 3600 audit: none - path: /api/v2/security/signals/notification_rules method: post operationId: CreateSignalNotificationRule x-agentic-access: action-class: acting consequence: write subject: required scope: - security_monitoring_notification_profiles_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/security/signals/notification_rules/{id} method: delete operationId: DeleteSignalNotificationRule x-agentic-access: action-class: acting consequence: write subject: required scope: - security_monitoring_notification_profiles_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/security/signals/notification_rules/{id} method: get operationId: GetSignalNotificationRule x-agentic-access: action-class: connected consequence: read subject: optional scope: - security_monitoring_notification_profiles_read token: max-ttl: 3600 audit: none - path: /api/v2/security/signals/notification_rules/{id} method: patch operationId: PatchSignalNotificationRule x-agentic-access: action-class: acting consequence: write subject: required scope: - security_monitoring_notification_profiles_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/security/vulnerabilities method: get operationId: ListVulnerabilities x-agentic-access: action-class: connected consequence: read subject: optional scope: - appsec_vm_read token: max-ttl: 3600 audit: none - path: /api/v2/security/vulnerabilities/notification_rules method: get operationId: GetVulnerabilityNotificationRules x-agentic-access: action-class: connected consequence: read subject: optional scope: - security_monitoring_notification_profiles_read token: max-ttl: 3600 audit: none - path: /api/v2/security/vulnerabilities/notification_rules method: post operationId: CreateVulnerabilityNotificationRule x-agentic-access: action-class: acting consequence: write subject: required scope: - security_monitoring_notification_profiles_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/security/vulnerabilities/notification_rules/{id} method: delete operationId: DeleteVulnerabilityNotificationRule x-agentic-access: action-class: acting consequence: write subject: required scope: - security_monitoring_notification_profiles_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/security/vulnerabilities/notification_rules/{id} method: get operationId: GetVulnerabilityNotificationRule x-agentic-access: action-class: connected consequence: read subject: optional scope: - security_monitoring_notification_profiles_read token: max-ttl: 3600 audit: none - path: /api/v2/security/vulnerabilities/notification_rules/{id} method: patch operationId: PatchVulnerabilityNotificationRule x-agentic-access: action-class: acting consequence: write subject: required scope: - security_monitoring_notification_profiles_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/security_monitoring/cloud_workload_security/agent_rules method: get operationId: ListCloudWorkloadSecurityAgentRules x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/security_monitoring/cloud_workload_security/agent_rules method: post operationId: CreateCloudWorkloadSecurityAgentRule x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/security_monitoring/cloud_workload_security/agent_rules/{agent_rule_id} method: delete operationId: DeleteCloudWorkloadSecurityAgentRule x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/security_monitoring/cloud_workload_security/agent_rules/{agent_rule_id} method: get operationId: GetCloudWorkloadSecurityAgentRule x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/security_monitoring/cloud_workload_security/agent_rules/{agent_rule_id} method: patch operationId: UpdateCloudWorkloadSecurityAgentRule x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/security_monitoring/configuration/security_filters method: get operationId: ListSecurityFilters x-agentic-access: action-class: connected consequence: read subject: optional scope: - security_monitoring_filters_read token: max-ttl: 3600 audit: none - path: /api/v2/security_monitoring/configuration/security_filters method: post operationId: CreateSecurityFilter x-agentic-access: action-class: acting consequence: write subject: required scope: - security_monitoring_filters_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/security_monitoring/configuration/security_filters/{security_filter_id} method: delete operationId: DeleteSecurityFilter x-agentic-access: action-class: acting consequence: write subject: required scope: - security_monitoring_filters_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/security_monitoring/configuration/security_filters/{security_filter_id} method: get operationId: GetSecurityFilter x-agentic-access: action-class: connected consequence: read subject: optional scope: - security_monitoring_filters_read token: max-ttl: 3600 audit: none - path: /api/v2/security_monitoring/configuration/security_filters/{security_filter_id} method: patch operationId: UpdateSecurityFilter x-agentic-access: action-class: acting consequence: write subject: required scope: - security_monitoring_filters_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/security_monitoring/configuration/suppressions method: get operationId: ListSecurityMonitoringSuppressions x-agentic-access: action-class: connected consequence: read subject: optional scope: - security_monitoring_suppressions_read token: max-ttl: 3600 audit: none - path: /api/v2/security_monitoring/configuration/suppressions method: post operationId: CreateSecurityMonitoringSuppression x-agentic-access: action-class: acting consequence: write subject: required scope: - security_monitoring_suppressions_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/security_monitoring/configuration/suppressions/{suppression_id} method: delete operationId: DeleteSecurityMonitoringSuppression x-agentic-access: action-class: acting consequence: write subject: required scope: - security_monitoring_suppressions_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/security_monitoring/configuration/suppressions/{suppression_id} method: get operationId: GetSecurityMonitoringSuppression x-agentic-access: action-class: connected consequence: read subject: optional scope: - security_monitoring_suppressions_read token: max-ttl: 3600 audit: none - path: /api/v2/security_monitoring/configuration/suppressions/{suppression_id} method: patch operationId: UpdateSecurityMonitoringSuppression x-agentic-access: action-class: acting consequence: write subject: required scope: - security_monitoring_suppressions_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/security_monitoring/rules method: get operationId: ListSecurityMonitoringRules x-agentic-access: action-class: connected consequence: read subject: optional scope: - security_monitoring_rules_read token: max-ttl: 3600 audit: none - path: /api/v2/security_monitoring/rules method: post operationId: CreateSecurityMonitoringRule x-agentic-access: action-class: acting consequence: write subject: required scope: - security_monitoring_rules_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/security_monitoring/rules/convert method: post operationId: ConvertSecurityMonitoringRuleFromJSONToTerraform x-agentic-access: action-class: acting consequence: write subject: required scope: - security_monitoring_rules_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/security_monitoring/rules/test method: post operationId: TestSecurityMonitoringRule x-agentic-access: action-class: acting consequence: write subject: required scope: - security_monitoring_rules_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/security_monitoring/rules/validation method: post operationId: ValidateSecurityMonitoringRule x-agentic-access: action-class: acting consequence: write subject: required scope: - security_monitoring_rules_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/security_monitoring/rules/{rule_id} method: delete operationId: DeleteSecurityMonitoringRule x-agentic-access: action-class: acting consequence: write subject: required scope: - security_monitoring_rules_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/security_monitoring/rules/{rule_id} method: get operationId: GetSecurityMonitoringRule x-agentic-access: action-class: connected consequence: read subject: optional scope: - security_monitoring_rules_read token: max-ttl: 3600 audit: none - path: /api/v2/security_monitoring/rules/{rule_id} method: put operationId: UpdateSecurityMonitoringRule x-agentic-access: action-class: acting consequence: write subject: required scope: - security_monitoring_rules_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/security_monitoring/rules/{rule_id}/convert method: get operationId: ConvertExistingSecurityMonitoringRule x-agentic-access: action-class: connected consequence: read subject: optional scope: - security_monitoring_rules_read token: max-ttl: 3600 audit: none - path: /api/v2/security_monitoring/rules/{rule_id}/test method: post operationId: TestExistingSecurityMonitoringRule x-agentic-access: action-class: acting consequence: write subject: required scope: - security_monitoring_rules_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/security_monitoring/rules/{rule_id}/version_history method: get operationId: GetRuleVersionHistory x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/security_monitoring/signals method: get operationId: ListSecurityMonitoringSignals x-agentic-access: action-class: connected consequence: read subject: optional scope: - security_monitoring_signals_read token: max-ttl: 3600 audit: none - path: /api/v2/security_monitoring/signals/search method: post operationId: SearchSecurityMonitoringSignals x-agentic-access: action-class: acting consequence: write subject: required scope: - security_monitoring_signals_read audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/security_monitoring/signals/{signal_id} method: get operationId: GetSecurityMonitoringSignal x-agentic-access: action-class: connected consequence: read subject: optional scope: - security_monitoring_signals_read token: max-ttl: 3600 audit: none - path: /api/v2/security_monitoring/signals/{signal_id}/assignee method: patch operationId: EditSecurityMonitoringSignalAssignee x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/security_monitoring/signals/{signal_id}/incidents method: patch operationId: EditSecurityMonitoringSignalIncidents x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/security_monitoring/signals/{signal_id}/state method: patch operationId: EditSecurityMonitoringSignalState x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/sensitive-data-scanner/config method: get operationId: ListScanningGroups x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/sensitive-data-scanner/config method: patch operationId: ReorderScanningGroups x-agentic-access: action-class: acting consequence: physical subject: required audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/sensitive-data-scanner/config/groups method: post operationId: CreateScanningGroup x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/sensitive-data-scanner/config/groups/{group_id} method: delete operationId: DeleteScanningGroup x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/sensitive-data-scanner/config/groups/{group_id} method: patch operationId: UpdateScanningGroup x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/sensitive-data-scanner/config/rules method: post operationId: CreateScanningRule x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/sensitive-data-scanner/config/rules/{rule_id} method: delete operationId: DeleteScanningRule x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/sensitive-data-scanner/config/rules/{rule_id} method: patch operationId: UpdateScanningRule x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/sensitive-data-scanner/config/standard-patterns method: get operationId: ListStandardPatterns x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/series method: post operationId: SubmitMetrics x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/service_accounts method: post operationId: CreateServiceAccount x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/service_accounts/{service_account_id}/application_keys method: get operationId: ListServiceAccountApplicationKeys x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/service_accounts/{service_account_id}/application_keys method: post operationId: CreateServiceAccountApplicationKey x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/service_accounts/{service_account_id}/application_keys/{app_key_id} method: delete operationId: DeleteServiceAccountApplicationKey x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/service_accounts/{service_account_id}/application_keys/{app_key_id} method: get operationId: GetServiceAccountApplicationKey x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/service_accounts/{service_account_id}/application_keys/{app_key_id} method: patch operationId: UpdateServiceAccountApplicationKey x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/services method: get operationId: ListIncidentServices x-agentic-access: action-class: connected consequence: read subject: optional scope: - incident_read token: max-ttl: 3600 audit: none - path: /api/v2/services method: post operationId: CreateIncidentService x-agentic-access: action-class: acting consequence: write subject: required scope: - incident_settings_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/services/definitions method: get operationId: ListServiceDefinitions x-agentic-access: action-class: connected consequence: read subject: optional scope: - apm_service_catalog_read token: max-ttl: 3600 audit: none - path: /api/v2/services/definitions method: post operationId: CreateOrUpdateServiceDefinitions x-agentic-access: action-class: acting consequence: write subject: required scope: - apm_service_catalog_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/services/definitions/{service_name} method: delete operationId: DeleteServiceDefinition x-agentic-access: action-class: acting consequence: write subject: required scope: - apm_service_catalog_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/services/definitions/{service_name} method: get operationId: GetServiceDefinition x-agentic-access: action-class: connected consequence: read subject: optional scope: - apm_service_catalog_read token: max-ttl: 3600 audit: none - path: /api/v2/services/{service_id} method: delete operationId: DeleteIncidentService x-agentic-access: action-class: acting consequence: write subject: required scope: - incident_settings_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/services/{service_id} method: get operationId: GetIncidentService x-agentic-access: action-class: connected consequence: read subject: optional scope: - incident_read token: max-ttl: 3600 audit: none - path: /api/v2/services/{service_id} method: patch operationId: UpdateIncidentService x-agentic-access: action-class: acting consequence: write subject: required scope: - incident_settings_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/siem-historical-detections/jobs method: get operationId: ListHistoricalJobs x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/siem-historical-detections/jobs method: post operationId: RunHistoricalJob x-agentic-access: action-class: acting consequence: write subject: required scope: - security_monitoring_rules_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/siem-historical-detections/jobs/signal_convert method: post operationId: ConvertJobResultToSignal x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/siem-historical-detections/jobs/{job_id} method: delete operationId: DeleteHistoricalJob x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/siem-historical-detections/jobs/{job_id} method: get operationId: GetHistoricalJob x-agentic-access: action-class: connected consequence: read subject: optional scope: - security_monitoring_rules_read token: max-ttl: 3600 audit: none - path: /api/v2/siem-historical-detections/jobs/{job_id}/cancel method: patch operationId: CancelHistoricalJob x-agentic-access: action-class: acting consequence: write subject: required scope: - security_monitoring_rules_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/slo/report method: post operationId: CreateSLOReportJob x-agentic-access: action-class: acting consequence: write subject: required scope: - slos_read audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/slo/report/{report_id}/download method: get operationId: GetSLOReport x-agentic-access: action-class: connected consequence: read subject: optional scope: - slos_read token: max-ttl: 3600 audit: none - path: /api/v2/slo/report/{report_id}/status method: get operationId: GetSLOReportJobStatus x-agentic-access: action-class: connected consequence: read subject: optional scope: - slos_read token: max-ttl: 3600 audit: none - path: /api/v2/spans/analytics/aggregate method: post operationId: AggregateSpans x-agentic-access: action-class: acting consequence: write subject: required scope: - apm_read audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/spans/events method: get operationId: ListSpansGet x-agentic-access: action-class: connected consequence: read subject: optional scope: - apm_read token: max-ttl: 3600 audit: none - path: /api/v2/spans/events/search method: post operationId: ListSpans x-agentic-access: action-class: acting consequence: write subject: required scope: - apm_read audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/synthetics/settings/on_demand_concurrency_cap method: get operationId: GetOnDemandConcurrencyCap x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/synthetics/settings/on_demand_concurrency_cap method: post operationId: SetOnDemandConcurrencyCap x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/team method: get operationId: ListTeams x-agentic-access: action-class: connected consequence: read subject: optional scope: - teams_read token: max-ttl: 3600 audit: none - path: /api/v2/team method: post operationId: CreateTeam x-agentic-access: action-class: acting consequence: write subject: required scope: - teams_manage - teams_read audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/team/{team_id} method: delete operationId: DeleteTeam x-agentic-access: action-class: acting consequence: write subject: required scope: - teams_manage - teams_read audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/team/{team_id} method: get operationId: GetTeam x-agentic-access: action-class: connected consequence: read subject: optional scope: - teams_read token: max-ttl: 3600 audit: none - path: /api/v2/team/{team_id} method: patch operationId: UpdateTeam x-agentic-access: action-class: acting consequence: write subject: required scope: - teams_read audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/team/{team_id}/links method: get operationId: GetTeamLinks x-agentic-access: action-class: connected consequence: read subject: optional scope: - teams_read token: max-ttl: 3600 audit: none - path: /api/v2/team/{team_id}/links method: post operationId: CreateTeamLink x-agentic-access: action-class: acting consequence: write subject: required scope: - teams_read audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/team/{team_id}/links/{link_id} method: delete operationId: DeleteTeamLink x-agentic-access: action-class: acting consequence: write subject: required scope: - teams_read audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/team/{team_id}/links/{link_id} method: get operationId: GetTeamLink x-agentic-access: action-class: connected consequence: read subject: optional scope: - teams_read token: max-ttl: 3600 audit: none - path: /api/v2/team/{team_id}/links/{link_id} method: patch operationId: UpdateTeamLink x-agentic-access: action-class: acting consequence: write subject: required scope: - teams_read audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/team/{team_id}/memberships method: get operationId: GetTeamMemberships x-agentic-access: action-class: connected consequence: read subject: optional scope: - teams_read token: max-ttl: 3600 audit: none - path: /api/v2/team/{team_id}/memberships method: post operationId: CreateTeamMembership x-agentic-access: action-class: acting consequence: physical subject: required scope: - teams_read audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/team/{team_id}/memberships/{user_id} method: delete operationId: DeleteTeamMembership x-agentic-access: action-class: acting consequence: physical subject: required scope: - teams_read audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/team/{team_id}/memberships/{user_id} method: patch operationId: UpdateTeamMembership x-agentic-access: action-class: acting consequence: physical subject: required scope: - teams_read audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/team/{team_id}/permission-settings method: get operationId: GetTeamPermissionSettings x-agentic-access: action-class: connected consequence: read subject: optional scope: - teams_read token: max-ttl: 3600 audit: none - path: /api/v2/team/{team_id}/permission-settings/{action} method: put operationId: UpdateTeamPermissionSetting x-agentic-access: action-class: acting consequence: write subject: required scope: - teams_read audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/teams method: get operationId: ListIncidentTeams x-agentic-access: action-class: connected consequence: read subject: optional scope: - incident_read token: max-ttl: 3600 audit: none - path: /api/v2/teams method: post operationId: CreateIncidentTeam x-agentic-access: action-class: acting consequence: write subject: required scope: - incident_settings_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/teams/{team_id} method: delete operationId: DeleteIncidentTeam x-agentic-access: action-class: acting consequence: write subject: required scope: - incident_settings_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/teams/{team_id} method: get operationId: GetIncidentTeam x-agentic-access: action-class: connected consequence: read subject: optional scope: - incident_read token: max-ttl: 3600 audit: none - path: /api/v2/teams/{team_id} method: patch operationId: UpdateIncidentTeam x-agentic-access: action-class: acting consequence: write subject: required scope: - incident_settings_write audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/usage/application_security method: get operationId: GetUsageApplicationSecurityMonitoring x-agentic-access: action-class: connected consequence: read subject: optional scope: - usage_read token: max-ttl: 3600 audit: none - path: /api/v2/usage/billing_dimension_mapping method: get operationId: GetBillingDimensionMapping x-agentic-access: action-class: connected consequence: read subject: optional scope: - usage_read token: max-ttl: 3600 audit: none - path: /api/v2/usage/cost_by_org method: get operationId: GetCostByOrg x-agentic-access: action-class: connected consequence: read subject: optional scope: - usage_read token: max-ttl: 3600 audit: none - path: /api/v2/usage/estimated_cost method: get operationId: GetEstimatedCostByOrg x-agentic-access: action-class: connected consequence: read subject: optional scope: - usage_read token: max-ttl: 3600 audit: none - path: /api/v2/usage/historical_cost method: get operationId: GetHistoricalCostByOrg x-agentic-access: action-class: connected consequence: read subject: optional scope: - usage_read token: max-ttl: 3600 audit: none - path: /api/v2/usage/hourly_usage method: get operationId: GetHourlyUsage x-agentic-access: action-class: connected consequence: read subject: optional scope: - usage_read token: max-ttl: 3600 audit: none - path: /api/v2/usage/lambda_traced_invocations method: get operationId: GetUsageLambdaTracedInvocations x-agentic-access: action-class: connected consequence: read subject: optional scope: - usage_read token: max-ttl: 3600 audit: none - path: /api/v2/usage/observability_pipelines method: get operationId: GetUsageObservabilityPipelines x-agentic-access: action-class: connected consequence: read subject: optional scope: - usage_read token: max-ttl: 3600 audit: none - path: /api/v2/usage/projected_cost method: get operationId: GetProjectedCost x-agentic-access: action-class: connected consequence: read subject: optional scope: - usage_read token: max-ttl: 3600 audit: none - path: /api/v2/user_invitations method: post operationId: SendInvitations x-agentic-access: action-class: acting consequence: physical subject: required scope: - user_access_invite audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/user_invitations/{user_invitation_uuid} method: get operationId: GetInvitation x-agentic-access: action-class: connected consequence: read subject: optional scope: - user_access_invite token: max-ttl: 3600 audit: none - path: /api/v2/users method: get operationId: ListUsers x-agentic-access: action-class: connected consequence: read subject: optional scope: - user_access_read token: max-ttl: 3600 audit: none - path: /api/v2/users method: post operationId: CreateUser x-agentic-access: action-class: acting consequence: write subject: required scope: - user_access_invite audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/users/{user_id} method: delete operationId: DisableUser x-agentic-access: action-class: acting consequence: safety-critical subject: required scope: - user_access_manage audience: null token: max-ttl: 120 exchange: true purpose-required: true proof-of-possession: true escalation: human-in-the-loop: required audit: required - path: /api/v2/users/{user_id} method: get operationId: GetUser x-agentic-access: action-class: connected consequence: read subject: optional scope: - user_access_read token: max-ttl: 3600 audit: none - path: /api/v2/users/{user_id} method: patch operationId: UpdateUser x-agentic-access: action-class: acting consequence: write subject: required scope: - user_access_manage audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/users/{user_id}/orgs method: get operationId: ListUserOrganizations x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/users/{user_id}/permissions method: get operationId: ListUserPermissions x-agentic-access: action-class: connected consequence: read subject: optional scope: - user_access_read token: max-ttl: 3600 audit: none - path: /api/v2/users/{user_uuid}/memberships method: get operationId: GetUserMemberships x-agentic-access: action-class: connected consequence: read subject: optional scope: - teams_read token: max-ttl: 3600 audit: none - path: /api/v2/workflows method: post operationId: CreateWorkflow x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/workflows/{workflow_id} method: delete operationId: DeleteWorkflow x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/workflows/{workflow_id} method: get operationId: GetWorkflow x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/workflows/{workflow_id} method: patch operationId: UpdateWorkflow x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/workflows/{workflow_id}/instances method: get operationId: ListWorkflowInstances x-agentic-access: action-class: connected consequence: read subject: optional scope: - workflows_read token: max-ttl: 3600 audit: none - path: /api/v2/workflows/{workflow_id}/instances method: post operationId: CreateWorkflowInstance x-agentic-access: action-class: acting consequence: write subject: required scope: - workflows_run audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/workflows/{workflow_id}/instances/{instance_id} method: get operationId: GetWorkflowInstance x-agentic-access: action-class: connected consequence: read subject: optional scope: - workflows_read token: max-ttl: 3600 audit: none - path: /api/v2/workflows/{workflow_id}/instances/{instance_id}/cancel method: put operationId: CancelWorkflowInstance x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/events method: post operationId: createEvent x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/events method: get operationId: listEvents x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/events/{event_id} method: get operationId: getEvent x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/events/search method: post operationId: searchEvents x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/incidents method: post operationId: createIncident x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/incidents method: get operationId: listIncidents x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/incidents/{incident_id} method: get operationId: getIncident x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/incidents/{incident_id} method: patch operationId: updateIncident x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/incidents/{incident_id} method: delete operationId: deleteIncident x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/teams method: post operationId: createIncidentTeam x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/teams method: get operationId: listIncidentTeams x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/teams/{team_id} method: get operationId: getIncidentTeam x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/teams/{team_id} method: patch operationId: updateIncidentTeam x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/teams/{team_id} method: delete operationId: deleteIncidentTeam x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/logs method: post operationId: submitLogs x-agentic-access: action-class: acting consequence: physical subject: required audience: null token: max-ttl: 300 exchange: true purpose-required: true escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/logs/events/search method: post operationId: searchLogs x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/logs/analytics/aggregate method: post operationId: aggregateLogs x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v1/logs/config/indexes method: get operationId: listLogIndexes x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v1/logs/config/indexes/{name} method: get operationId: getLogIndex x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/series method: post operationId: submitMetrics x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/query/timeseries method: post operationId: queryMetricsTimeseries x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/query/scalar method: post operationId: queryMetricsScalar x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v1/metrics method: get operationId: listActiveMetrics x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/metrics/{metric_name}/tags method: get operationId: getMetricTagConfiguration x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v2/metrics/{metric_name}/tags method: post operationId: createMetricTagConfiguration x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/metrics/{metric_name}/tags method: patch operationId: updateMetricTagConfiguration x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v2/metrics/{metric_name}/tags method: delete operationId: deleteMetricTagConfiguration x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v1/monitor method: post operationId: createMonitor x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v1/monitor method: get operationId: listMonitors x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v1/monitor/{monitor_id} method: get operationId: getMonitor x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /api/v1/monitor/{monitor_id} method: put operationId: updateMonitor x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v1/monitor/{monitor_id} method: delete operationId: deleteMonitor x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v1/monitor/{monitor_id}/mute method: post operationId: muteMonitor x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v1/monitor/{monitor_id}/unmute method: post operationId: unmuteMonitor x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /api/v1/monitor/validate method: post operationId: validateMonitor x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required