PrivilegedApiRequest¶

class oci.apiaccesscontrol.models.PrivilegedApiRequest(**kwargs)¶

Bases: object

An Oracle operator raises privilegedApi request when they need access to any infrastructure resource governed by PrivilegedApi Access Control. The privilegedApi request identifies the target resource and the set of operator actions. Access request handling depends upon the Operator Control that governs the target resource, and the set of operator actions listed for approval in the access request. If all of the operator actions listed in the privilegedApi request are in the pre-approved list in the PrivilegedApi Control that governs the target resource, then the privilegedApi request is automatically approved. If not, then the privilegedApi request requires explicit approval from the approver group specified by the PrivilegedApi Control governing the target resource.

You can approve or reject an privilegedApi request. You can also revoke the approval of an already approved privilegedApi request. While creating an access request, the operator specifies the duration of access. You have the option to approve the entire duration or reduce or even increase the time duration. An operator can also request for an extension. The approval for such an extension is processed the same way the original privilegedApi request was processed.

Attributes

`LIFECYCLE_STATE_ACCEPTED`	A constant which can be used with the lifecycle_state property of a PrivilegedApiRequest.
`LIFECYCLE_STATE_CANCELED`	A constant which can be used with the lifecycle_state property of a PrivilegedApiRequest.
`LIFECYCLE_STATE_CANCELING`	A constant which can be used with the lifecycle_state property of a PrivilegedApiRequest.
`LIFECYCLE_STATE_FAILED`	A constant which can be used with the lifecycle_state property of a PrivilegedApiRequest.
`LIFECYCLE_STATE_IN_PROGRESS`	A constant which can be used with the lifecycle_state property of a PrivilegedApiRequest.
`LIFECYCLE_STATE_NEEDS_ATTENTION`	A constant which can be used with the lifecycle_state property of a PrivilegedApiRequest.
`LIFECYCLE_STATE_SUCCEEDED`	A constant which can be used with the lifecycle_state property of a PrivilegedApiRequest.
`LIFECYCLE_STATE_WAITING`	A constant which can be used with the lifecycle_state property of a PrivilegedApiRequest.
`SEVERITY_SEV_1`	A constant which can be used with the severity property of a PrivilegedApiRequest.
`SEVERITY_SEV_2`	A constant which can be used with the severity property of a PrivilegedApiRequest.
`SEVERITY_SEV_3`	A constant which can be used with the severity property of a PrivilegedApiRequest.
`SEVERITY_SEV_4`	A constant which can be used with the severity property of a PrivilegedApiRequest.
`STATE_APPROVAL_WAITING`	A constant which can be used with the state property of a PrivilegedApiRequest.
`STATE_APPROVED`	A constant which can be used with the state property of a PrivilegedApiRequest.
`STATE_APPROVED_FOR_FUTURE`	A constant which can be used with the state property of a PrivilegedApiRequest.
`STATE_CLOSED`	A constant which can be used with the state property of a PrivilegedApiRequest.
`STATE_CLOSE_FAILED`	A constant which can be used with the state property of a PrivilegedApiRequest.
`STATE_CLOSING`	A constant which can be used with the state property of a PrivilegedApiRequest.
`STATE_CREATED`	A constant which can be used with the state property of a PrivilegedApiRequest.
`STATE_DEPLOYED`	A constant which can be used with the state property of a PrivilegedApiRequest.
`STATE_DEPLOY_FAILED`	A constant which can be used with the state property of a PrivilegedApiRequest.
`STATE_EXPIRED`	A constant which can be used with the state property of a PrivilegedApiRequest.
`STATE_EXPIRY_FAILED`	A constant which can be used with the state property of a PrivilegedApiRequest.
`STATE_REJECTED`	A constant which can be used with the state property of a PrivilegedApiRequest.
`STATE_REVOKED`	A constant which can be used with the state property of a PrivilegedApiRequest.
`STATE_REVOKE_FAILED`	A constant which can be used with the state property of a PrivilegedApiRequest.
`STATE_REVOKING`	A constant which can be used with the state property of a PrivilegedApiRequest.
`approver_details`	Gets the approver_details of this PrivilegedApiRequest.
`closure_comment`	Gets the closure_comment of this PrivilegedApiRequest.
`compartment_id`	Gets the compartment_id of this PrivilegedApiRequest.
`defined_tags`	Gets the defined_tags of this PrivilegedApiRequest.
`display_name`	Gets the display_name of this PrivilegedApiRequest.
`duration_in_hrs`	Gets the duration_in_hrs of this PrivilegedApiRequest.
`entity_type`	Gets the entity_type of this PrivilegedApiRequest.
`freeform_tags`	Gets the freeform_tags of this PrivilegedApiRequest.
`id`	[Required] Gets the id of this PrivilegedApiRequest.
`lifecycle_details`	Gets the lifecycle_details of this PrivilegedApiRequest.
`lifecycle_state`	Gets the lifecycle_state of this PrivilegedApiRequest.
`notification_topic_id`	Gets the notification_topic_id of this PrivilegedApiRequest.
`number_of_approvers_required`	Gets the number_of_approvers_required of this PrivilegedApiRequest.
`privileged_api_control_id`	Gets the privileged_api_control_id of this PrivilegedApiRequest.
`privileged_api_control_name`	Gets the privileged_api_control_name of this PrivilegedApiRequest.
`privileged_operation_list`	Gets the privileged_operation_list of this PrivilegedApiRequest.
`reason_detail`	Gets the reason_detail of this PrivilegedApiRequest.
`reason_summary`	[Required] Gets the reason_summary of this PrivilegedApiRequest.
`request_id`	Gets the request_id of this PrivilegedApiRequest.
`requested_by`	Gets the requested_by of this PrivilegedApiRequest.
`resource_id`	[Required] Gets the resource_id of this PrivilegedApiRequest.
`resource_name`	Gets the resource_name of this PrivilegedApiRequest.
`resource_type`	Gets the resource_type of this PrivilegedApiRequest.
`severity`	Gets the severity of this PrivilegedApiRequest.
`state`	[Required] Gets the state of this PrivilegedApiRequest.
`state_details`	Gets the state_details of this PrivilegedApiRequest.
`sub_resource_name_list`	Gets the sub_resource_name_list of this PrivilegedApiRequest.
`system_tags`	Gets the system_tags of this PrivilegedApiRequest.
`ticket_numbers`	Gets the ticket_numbers of this PrivilegedApiRequest.
`time_created`	Gets the time_created of this PrivilegedApiRequest.
`time_requested_for_future_access`	Gets the time_requested_for_future_access of this PrivilegedApiRequest.
`time_updated`	Gets the time_updated of this PrivilegedApiRequest.

Methods

__init__(**kwargs) Initializes a new PrivilegedApiRequest object with values from keyword arguments.

LIFECYCLE_STATE_ACCEPTED = 'ACCEPTED'¶: A constant which can be used with the lifecycle_state property of a PrivilegedApiRequest. This constant has a value of “ACCEPTED”

LIFECYCLE_STATE_CANCELED = 'CANCELED'¶: A constant which can be used with the lifecycle_state property of a PrivilegedApiRequest. This constant has a value of “CANCELED”

LIFECYCLE_STATE_CANCELING = 'CANCELING'¶: A constant which can be used with the lifecycle_state property of a PrivilegedApiRequest. This constant has a value of “CANCELING”

LIFECYCLE_STATE_FAILED = 'FAILED'¶: A constant which can be used with the lifecycle_state property of a PrivilegedApiRequest. This constant has a value of “FAILED”

LIFECYCLE_STATE_IN_PROGRESS = 'IN_PROGRESS'¶: A constant which can be used with the lifecycle_state property of a PrivilegedApiRequest. This constant has a value of “IN_PROGRESS”

LIFECYCLE_STATE_NEEDS_ATTENTION = 'NEEDS_ATTENTION'¶: A constant which can be used with the lifecycle_state property of a PrivilegedApiRequest. This constant has a value of “NEEDS_ATTENTION”

LIFECYCLE_STATE_SUCCEEDED = 'SUCCEEDED'¶: A constant which can be used with the lifecycle_state property of a PrivilegedApiRequest. This constant has a value of “SUCCEEDED”

LIFECYCLE_STATE_WAITING = 'WAITING'¶: A constant which can be used with the lifecycle_state property of a PrivilegedApiRequest. This constant has a value of “WAITING”

SEVERITY_SEV_1 = 'SEV_1'¶: A constant which can be used with the severity property of a PrivilegedApiRequest. This constant has a value of “SEV_1”

SEVERITY_SEV_2 = 'SEV_2'¶: A constant which can be used with the severity property of a PrivilegedApiRequest. This constant has a value of “SEV_2”

SEVERITY_SEV_3 = 'SEV_3'¶: A constant which can be used with the severity property of a PrivilegedApiRequest. This constant has a value of “SEV_3”

SEVERITY_SEV_4 = 'SEV_4'¶: A constant which can be used with the severity property of a PrivilegedApiRequest. This constant has a value of “SEV_4”

STATE_APPROVAL_WAITING = 'APPROVAL_WAITING'¶: A constant which can be used with the state property of a PrivilegedApiRequest. This constant has a value of “APPROVAL_WAITING”

STATE_APPROVED = 'APPROVED'¶: A constant which can be used with the state property of a PrivilegedApiRequest. This constant has a value of “APPROVED”

STATE_APPROVED_FOR_FUTURE = 'APPROVED_FOR_FUTURE'¶: A constant which can be used with the state property of a PrivilegedApiRequest. This constant has a value of “APPROVED_FOR_FUTURE”

STATE_CLOSED = 'CLOSED'¶: A constant which can be used with the state property of a PrivilegedApiRequest. This constant has a value of “CLOSED”

STATE_CLOSE_FAILED = 'CLOSE_FAILED'¶: A constant which can be used with the state property of a PrivilegedApiRequest. This constant has a value of “CLOSE_FAILED”

STATE_CLOSING = 'CLOSING'¶: A constant which can be used with the state property of a PrivilegedApiRequest. This constant has a value of “CLOSING”

STATE_CREATED = 'CREATED'¶: A constant which can be used with the state property of a PrivilegedApiRequest. This constant has a value of “CREATED”

STATE_DEPLOYED = 'DEPLOYED'¶: A constant which can be used with the state property of a PrivilegedApiRequest. This constant has a value of “DEPLOYED”

STATE_DEPLOY_FAILED = 'DEPLOY_FAILED'¶: A constant which can be used with the state property of a PrivilegedApiRequest. This constant has a value of “DEPLOY_FAILED”

STATE_EXPIRED = 'EXPIRED'¶: A constant which can be used with the state property of a PrivilegedApiRequest. This constant has a value of “EXPIRED”

STATE_EXPIRY_FAILED = 'EXPIRY_FAILED'¶: A constant which can be used with the state property of a PrivilegedApiRequest. This constant has a value of “EXPIRY_FAILED”

STATE_REJECTED = 'REJECTED'¶: A constant which can be used with the state property of a PrivilegedApiRequest. This constant has a value of “REJECTED”

STATE_REVOKED = 'REVOKED'¶: A constant which can be used with the state property of a PrivilegedApiRequest. This constant has a value of “REVOKED”

STATE_REVOKE_FAILED = 'REVOKE_FAILED'¶: A constant which can be used with the state property of a PrivilegedApiRequest. This constant has a value of “REVOKE_FAILED”

STATE_REVOKING = 'REVOKING'¶: A constant which can be used with the state property of a PrivilegedApiRequest. This constant has a value of “REVOKING”

__init__(**kwargs)¶

Initializes a new PrivilegedApiRequest object with values from keyword arguments. The following keyword arguments are supported (corresponding to the getters/setters of this class):

Parameters:

id (str) – The value to assign to the id property of this PrivilegedApiRequest.
display_name (str) – The value to assign to the display_name property of this PrivilegedApiRequest.
request_id (str) – The value to assign to the request_id property of this PrivilegedApiRequest.
reason_summary (str) – The value to assign to the reason_summary property of this PrivilegedApiRequest.
notification_topic_id (str) – The value to assign to the notification_topic_id property of this PrivilegedApiRequest.
requested_by (list[str]) – The value to assign to the requested_by property of this PrivilegedApiRequest.
resource_name (str) – The value to assign to the resource_name property of this PrivilegedApiRequest.
resource_id (str) – The value to assign to the resource_id property of this PrivilegedApiRequest.
sub_resource_name_list (list[str]) – The value to assign to the sub_resource_name_list property of this PrivilegedApiRequest.
compartment_id (str) – The value to assign to the compartment_id property of this PrivilegedApiRequest.
resource_type (str) – The value to assign to the resource_type property of this PrivilegedApiRequest.
entity_type (str) – The value to assign to the entity_type property of this PrivilegedApiRequest.
privileged_operation_list (list[oci.apiaccesscontrol.models.PrivilegedApiRequestOperationDetails]) – The value to assign to the privileged_operation_list property of this PrivilegedApiRequest.
reason_detail (str) – The value to assign to the reason_detail property of this PrivilegedApiRequest.
severity (str) – The value to assign to the severity property of this PrivilegedApiRequest. Allowed values for this property are: “SEV_1”, “SEV_2”, “SEV_3”, “SEV_4”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.
duration_in_hrs (int) – The value to assign to the duration_in_hrs property of this PrivilegedApiRequest.
ticket_numbers (list[str]) – The value to assign to the ticket_numbers property of this PrivilegedApiRequest.
state (str) – The value to assign to the state property of this PrivilegedApiRequest. Allowed values for this property are: “CREATED”, “APPROVAL_WAITING”, “APPROVED”, “APPROVED_FOR_FUTURE”, “REJECTED”, “DEPLOYED”, “DEPLOY_FAILED”, “CLOSE_FAILED”, “REVOKE_FAILED”, “EXPIRY_FAILED”, “REVOKING”, “REVOKED”, “CLOSING”, “CLOSED”, “EXPIRED”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.
state_details (str) – The value to assign to the state_details property of this PrivilegedApiRequest.
lifecycle_state (str) – The value to assign to the lifecycle_state property of this PrivilegedApiRequest. Allowed values for this property are: “ACCEPTED”, “IN_PROGRESS”, “WAITING”, “FAILED”, “SUCCEEDED”, “CANCELING”, “CANCELED”, “NEEDS_ATTENTION”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.
lifecycle_details (str) – The value to assign to the lifecycle_details property of this PrivilegedApiRequest.
time_created (datetime) – The value to assign to the time_created property of this PrivilegedApiRequest.
time_updated (datetime) – The value to assign to the time_updated property of this PrivilegedApiRequest.
closure_comment (str) – The value to assign to the closure_comment property of this PrivilegedApiRequest.
privileged_api_control_id (str) – The value to assign to the privileged_api_control_id property of this PrivilegedApiRequest.
privileged_api_control_name (str) – The value to assign to the privileged_api_control_name property of this PrivilegedApiRequest.
number_of_approvers_required (int) – The value to assign to the number_of_approvers_required property of this PrivilegedApiRequest.
approver_details (list[oci.apiaccesscontrol.models.ApproverDetail]) – The value to assign to the approver_details property of this PrivilegedApiRequest.
time_requested_for_future_access (datetime) – The value to assign to the time_requested_for_future_access property of this PrivilegedApiRequest.
freeform_tags (dict(str, str)) – The value to assign to the freeform_tags property of this PrivilegedApiRequest.
defined_tags (dict(str, dict(str, object))) – The value to assign to the defined_tags property of this PrivilegedApiRequest.
system_tags (dict(str, dict(str, object))) – The value to assign to the system_tags property of this PrivilegedApiRequest.

approver_details¶

Gets the approver_details of this PrivilegedApiRequest. Contains the approver details who have approved the privilegedApi Request during the initial request.

Returns:	The approver_details of this PrivilegedApiRequest.
Return type:	list[oci.apiaccesscontrol.models.ApproverDetail]

closure_comment¶

Gets the closure_comment of this PrivilegedApiRequest. The comment entered by the operator while closing the request.

Returns:	The closure_comment of this PrivilegedApiRequest.
Return type:	str

compartment_id¶

Gets the compartment_id of this PrivilegedApiRequest. The OCID of the compartment that contains the access request.

Returns:	The compartment_id of this PrivilegedApiRequest.
Return type:	str

defined_tags¶

Gets the defined_tags of this PrivilegedApiRequest. Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see `Resource Tags`__.

Example: {“Operations”: {“CostCenter”: “42”}}

Returns:	The defined_tags of this PrivilegedApiRequest.
Return type:	dict(str, dict(str, object))

display_name¶

Gets the display_name of this PrivilegedApiRequest. Name of the privilegedApi control. The name must be unique.

Returns:	The display_name of this PrivilegedApiRequest.
Return type:	str

duration_in_hrs¶

Gets the duration_in_hrs of this PrivilegedApiRequest. Duration in hours for which access is sought on the target resource.

Returns:	The duration_in_hrs of this PrivilegedApiRequest.
Return type:	int

entity_type¶

Gets the entity_type of this PrivilegedApiRequest. entityType of resource for which the AccessRequest is applicable

Returns:	The entity_type of this PrivilegedApiRequest.
Return type:	str

freeform_tags¶

Gets the freeform_tags of this PrivilegedApiRequest. Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see `Resource Tags`__.

Example: {“Department”: “Finance”}

Returns:	The freeform_tags of this PrivilegedApiRequest.
Return type:	dict(str, str)

id¶

[Required] Gets the id of this PrivilegedApiRequest. The OCID of the privilegedApi request.

Returns:	The id of this PrivilegedApiRequest.
Return type:	str

lifecycle_details¶

Gets the lifecycle_details of this PrivilegedApiRequest. more in detail about the lifeCycleState.

Returns:	The lifecycle_details of this PrivilegedApiRequest.
Return type:	str

lifecycle_state¶

Gets the lifecycle_state of this PrivilegedApiRequest. The current state of the PrivilegedApiRequest.

Allowed values for this property are: “ACCEPTED”, “IN_PROGRESS”, “WAITING”, “FAILED”, “SUCCEEDED”, “CANCELING”, “CANCELED”, “NEEDS_ATTENTION”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.

Returns:	The lifecycle_state of this PrivilegedApiRequest.
Return type:	str

notification_topic_id¶

Gets the notification_topic_id of this PrivilegedApiRequest. The OCID of the OCI Notification topic to publish messages related to this privileged api request.

Returns:	The notification_topic_id of this PrivilegedApiRequest.
Return type:	str

number_of_approvers_required¶

Gets the number_of_approvers_required of this PrivilegedApiRequest. Number of approvers required to approve an privilegedApi request.

Returns:	The number_of_approvers_required of this PrivilegedApiRequest.
Return type:	int

privileged_api_control_id¶

Gets the privileged_api_control_id of this PrivilegedApiRequest. The OCID of the privilegedApi control governing the target resource.

Returns:	The privileged_api_control_id of this PrivilegedApiRequest.
Return type:	str

privileged_api_control_name¶

Gets the privileged_api_control_name of this PrivilegedApiRequest. Name of the privilegedApi control governing the target resource.

Returns:	The privileged_api_control_name of this PrivilegedApiRequest.
Return type:	str

privileged_operation_list¶

Gets the privileged_operation_list of this PrivilegedApiRequest. List of api names, attributes for which approval is sought by the user.

Returns:	The privileged_operation_list of this PrivilegedApiRequest.
Return type:	list[oci.apiaccesscontrol.models.PrivilegedApiRequestOperationDetails]

reason_detail¶

Gets the reason_detail of this PrivilegedApiRequest. Reason in Detail for which the operator is requesting access on the target resource.

Returns:	The reason_detail of this PrivilegedApiRequest.
Return type:	str

reason_summary¶

[Required] Gets the reason_summary of this PrivilegedApiRequest. Summary comment by the operator creating the access request.

Returns:	The reason_summary of this PrivilegedApiRequest.
Return type:	str

request_id¶

Gets the request_id of this PrivilegedApiRequest. This is an automatic identifier generated by the system which is easier for human comprehension.

Returns:	The request_id of this PrivilegedApiRequest.
Return type:	str

requested_by¶

Gets the requested_by of this PrivilegedApiRequest. List of Users who has created this privilegedApiRequest.

Returns:	The requested_by of this PrivilegedApiRequest.
Return type:	list[str]

resource_id¶

[Required] Gets the resource_id of this PrivilegedApiRequest. The OCID of the target resource associated with the access request. The operator raises an access request to get approval to access the target resource.

Returns:	The resource_id of this PrivilegedApiRequest.
Return type:	str

resource_name¶

Gets the resource_name of this PrivilegedApiRequest. resourceName for which the PrivilegedApiRequest is applicable

Returns:	The resource_name of this PrivilegedApiRequest.
Return type:	str

resource_type¶

Gets the resource_type of this PrivilegedApiRequest. resourceType for which the AccessRequest is applicable

Returns:	The resource_type of this PrivilegedApiRequest.
Return type:	str

severity¶

Gets the severity of this PrivilegedApiRequest. Priority assigned to the access request by the operator

Allowed values for this property are: “SEV_1”, “SEV_2”, “SEV_3”, “SEV_4”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.

Returns:	The severity of this PrivilegedApiRequest.
Return type:	str

state¶

[Required] Gets the state of this PrivilegedApiRequest. The current state of the Access Request.

Allowed values for this property are: “CREATED”, “APPROVAL_WAITING”, “APPROVED”, “APPROVED_FOR_FUTURE”, “REJECTED”, “DEPLOYED”, “DEPLOY_FAILED”, “CLOSE_FAILED”, “REVOKE_FAILED”, “EXPIRY_FAILED”, “REVOKING”, “REVOKED”, “CLOSING”, “CLOSED”, “EXPIRED”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.

Returns:	The state of this PrivilegedApiRequest.
Return type:	str

state_details¶

Gets the state_details of this PrivilegedApiRequest. A message that describes the current state of the PrivilegedApiControl in more detail. For example, can be used to provide actionable information for a resource in the Failed state.

Returns:	The state_details of this PrivilegedApiRequest.
Return type:	str

sub_resource_name_list¶

Gets the sub_resource_name_list of this PrivilegedApiRequest. The subresource names requested for approval.

Returns:	The sub_resource_name_list of this PrivilegedApiRequest.
Return type:	list[str]

system_tags¶

Gets the system_tags of this PrivilegedApiRequest. System tags for this resource. Each key is predefined and scoped to a namespace.

Example: {“orcl-cloud”: {“free-tier-retained”: “true”}}

Returns:	The system_tags of this PrivilegedApiRequest.
Return type:	dict(str, dict(str, object))

ticket_numbers¶

Gets the ticket_numbers of this PrivilegedApiRequest. A list of ticket numbers related to this Privileged Api Access Request, e.g. Service Request (SR) number and JIRA ticket number.

Returns:	The ticket_numbers of this PrivilegedApiRequest.
Return type:	list[str]

time_created¶

Gets the time_created of this PrivilegedApiRequest. Time when the privilegedApi request was created in `RFC 3339`__timestamp format. Example: ‘2020-05-22T21:10:29.600Z’

Returns:	The time_created of this PrivilegedApiRequest.
Return type:	datetime

time_requested_for_future_access¶

Gets the time_requested_for_future_access of this PrivilegedApiRequest. Time in future when the user for the privilegedApi request needs to be created in `RFC 3339`__timestamp format. Example: ‘2020-05-22T21:10:29.600Z’

Returns:	The time_requested_for_future_access of this PrivilegedApiRequest.
Return type:	datetime

time_updated¶

Gets the time_updated of this PrivilegedApiRequest. Time when the privilegedApi request was last modified in `RFC 3339`__timestamp format. Example: ‘2020-05-22T21:10:29.600Z’

Returns:	The time_updated of this PrivilegedApiRequest.
Return type:	datetime