Class: OCI::Apiaccesscontrol::Models::CreatePrivilegedApiRequestDetails
- Inherits:
-
Object
- Object
- OCI::Apiaccesscontrol::Models::CreatePrivilegedApiRequestDetails
- Defined in:
- lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb
Overview
An Oracle operator raises privilegedApi request when they need access to any infrastructure resource governed by PrivilegedApi Access Control. The privilegedApi request identifies the target resource and the set of operator actions. Access request handling depends upon the Operator Control that governs the target resource, and the set of operator actions listed for approval in the access request. If all of the operator actions listed in the privilegedApi request are in the pre-approved list in the PrivilegedApi Control that governs the target resource, then the privilegedApi request is automatically approved. If not, then the privilegedApi request requires explicit approval from the approver group specified by the PrivilegedApi Control governing the target resource.
You can approve or reject an privilegedApi request. You can also revoke the approval of an already approved privilegedApi request. While creating an access request, the operator specifies the duration of access. You have the option to approve the entire duration or reduce or even increase the time duration. An operator can also request for an extension. The approval for such an extension is processed the same way the original privilegedApi request was processed.
Constant Summary collapse
- SEVERITY_ENUM =
[ SEVERITY_SEV_1 = 'SEV_1'.freeze, SEVERITY_SEV_2 = 'SEV_2'.freeze, SEVERITY_SEV_3 = 'SEV_3'.freeze, SEVERITY_SEV_4 = 'SEV_4'.freeze ].freeze
Instance Attribute Summary collapse
-
#compartment_id ⇒ String
The OCID of the compartment.
-
#defined_tags ⇒ Hash<String, Hash<String, Object>>
Defined tags for this resource.
-
#duration_in_hrs ⇒ Integer
Duration in hours for which access is sought on the target resource.
-
#freeform_tags ⇒ Hash<String, String>
Free-form tags for this resource.
-
#notification_topic_id ⇒ String
The OCID of the OCI Notification topic to publish messages related to this Privileged Api Request.
-
#privileged_operation_list ⇒ Array<OCI::Apiaccesscontrol::Models::PrivilegedApiRequestOperationDetails>
[Required] List of api names, attributes for which approval is sought by the user.
-
#reason_detail ⇒ String
Reason in detail for which the operator is requesting access on the target resource.
-
#reason_summary ⇒ String
[Required] Summary comment by the operator creating the access request.
-
#resource_id ⇒ String
[Required] The OCID of the target resource associated with the access request.
-
#severity ⇒ String
Priority assigned to the access request by the operator.
-
#sub_resource_name_list ⇒ Array<String>
The subresource names requested for approval.
-
#ticket_numbers ⇒ Array<String>
A list of ticket numbers related to this Privileged Api Access Request, e.g.
-
#time_requested_for_future_access ⇒ DateTime
Time in future when the user for the privilegedApi request needs to be created in 3339[https://tools.ietf.org/html/rfc3339]timestamp format.
Class Method Summary collapse
-
.attribute_map ⇒ Object
Attribute mapping from ruby-style variable name to JSON key.
-
.swagger_types ⇒ Object
Attribute type mapping.
Instance Method Summary collapse
-
#==(other) ⇒ Object
Checks equality by comparing each attribute.
-
#build_from_hash(attributes) ⇒ Object
Builds the object from hash.
- #eql?(other) ⇒ Boolean
-
#hash ⇒ Fixnum
Calculates hash code according to all attributes.
-
#initialize(attributes = {}) ⇒ CreatePrivilegedApiRequestDetails
constructor
Initializes the object.
-
#to_hash ⇒ Hash
Returns the object in the form of hash.
-
#to_s ⇒ String
Returns the string representation of the object.
Constructor Details
#initialize(attributes = {}) ⇒ CreatePrivilegedApiRequestDetails
Initializes the object
152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 |
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 152 def initialize(attributes = {}) return unless attributes.is_a?(Hash) # convert string to symbol for hash key attributes = attributes.each_with_object({}) { |(k, v), h| h[k.to_sym] = v } self.reason_summary = attributes[:'reasonSummary'] if attributes[:'reasonSummary'] raise 'You cannot provide both :reasonSummary and :reason_summary' if attributes.key?(:'reasonSummary') && attributes.key?(:'reason_summary') self.reason_summary = attributes[:'reason_summary'] if attributes[:'reason_summary'] self.compartment_id = attributes[:'compartmentId'] if attributes[:'compartmentId'] raise 'You cannot provide both :compartmentId and :compartment_id' if attributes.key?(:'compartmentId') && attributes.key?(:'compartment_id') self.compartment_id = attributes[:'compartment_id'] if attributes[:'compartment_id'] self.resource_id = attributes[:'resourceId'] if attributes[:'resourceId'] raise 'You cannot provide both :resourceId and :resource_id' if attributes.key?(:'resourceId') && attributes.key?(:'resource_id') self.resource_id = attributes[:'resource_id'] if attributes[:'resource_id'] self.sub_resource_name_list = attributes[:'subResourceNameList'] if attributes[:'subResourceNameList'] raise 'You cannot provide both :subResourceNameList and :sub_resource_name_list' if attributes.key?(:'subResourceNameList') && attributes.key?(:'sub_resource_name_list') self.sub_resource_name_list = attributes[:'sub_resource_name_list'] if attributes[:'sub_resource_name_list'] self.privileged_operation_list = attributes[:'privilegedOperationList'] if attributes[:'privilegedOperationList'] raise 'You cannot provide both :privilegedOperationList and :privileged_operation_list' if attributes.key?(:'privilegedOperationList') && attributes.key?(:'privileged_operation_list') self.privileged_operation_list = attributes[:'privileged_operation_list'] if attributes[:'privileged_operation_list'] self.notification_topic_id = attributes[:'notificationTopicId'] if attributes[:'notificationTopicId'] raise 'You cannot provide both :notificationTopicId and :notification_topic_id' if attributes.key?(:'notificationTopicId') && attributes.key?(:'notification_topic_id') self.notification_topic_id = attributes[:'notification_topic_id'] if attributes[:'notification_topic_id'] self.reason_detail = attributes[:'reasonDetail'] if attributes[:'reasonDetail'] raise 'You cannot provide both :reasonDetail and :reason_detail' if attributes.key?(:'reasonDetail') && attributes.key?(:'reason_detail') self.reason_detail = attributes[:'reason_detail'] if attributes[:'reason_detail'] self.severity = attributes[:'severity'] if attributes[:'severity'] self.duration_in_hrs = attributes[:'durationInHrs'] if attributes[:'durationInHrs'] raise 'You cannot provide both :durationInHrs and :duration_in_hrs' if attributes.key?(:'durationInHrs') && attributes.key?(:'duration_in_hrs') self.duration_in_hrs = attributes[:'duration_in_hrs'] if attributes[:'duration_in_hrs'] self.ticket_numbers = attributes[:'ticketNumbers'] if attributes[:'ticketNumbers'] raise 'You cannot provide both :ticketNumbers and :ticket_numbers' if attributes.key?(:'ticketNumbers') && attributes.key?(:'ticket_numbers') self.ticket_numbers = attributes[:'ticket_numbers'] if attributes[:'ticket_numbers'] self.time_requested_for_future_access = attributes[:'timeRequestedForFutureAccess'] if attributes[:'timeRequestedForFutureAccess'] raise 'You cannot provide both :timeRequestedForFutureAccess and :time_requested_for_future_access' if attributes.key?(:'timeRequestedForFutureAccess') && attributes.key?(:'time_requested_for_future_access') self.time_requested_for_future_access = attributes[:'time_requested_for_future_access'] if attributes[:'time_requested_for_future_access'] self. = attributes[:'freeformTags'] if attributes[:'freeformTags'] raise 'You cannot provide both :freeformTags and :freeform_tags' if attributes.key?(:'freeformTags') && attributes.key?(:'freeform_tags') self. = attributes[:'freeform_tags'] if attributes[:'freeform_tags'] self. = attributes[:'definedTags'] if attributes[:'definedTags'] raise 'You cannot provide both :definedTags and :defined_tags' if attributes.key?(:'definedTags') && attributes.key?(:'defined_tags') self. = attributes[:'defined_tags'] if attributes[:'defined_tags'] end |
Instance Attribute Details
#compartment_id ⇒ String
The OCID of the compartment.
33 34 35 |
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 33 def compartment_id @compartment_id end |
#defined_tags ⇒ Hash<String, Hash<String, Object>>
Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags.
Example: {\"Operations\": {\"CostCenter\": \"42\"}}
89 90 91 |
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 89 def @defined_tags end |
#duration_in_hrs ⇒ Integer
Duration in hours for which access is sought on the target resource.
63 64 65 |
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 63 def duration_in_hrs @duration_in_hrs end |
#freeform_tags ⇒ Hash<String, String>
Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags.
Example: {\"Department\": \"Finance\"}
81 82 83 |
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 81 def @freeform_tags end |
#notification_topic_id ⇒ String
The OCID of the OCI Notification topic to publish messages related to this Privileged Api Request.
51 52 53 |
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 51 def notification_topic_id @notification_topic_id end |
#privileged_operation_list ⇒ Array<OCI::Apiaccesscontrol::Models::PrivilegedApiRequestOperationDetails>
[Required] List of api names, attributes for which approval is sought by the user.
47 48 49 |
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 47 def privileged_operation_list @privileged_operation_list end |
#reason_detail ⇒ String
Reason in detail for which the operator is requesting access on the target resource.
55 56 57 |
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 55 def reason_detail @reason_detail end |
#reason_summary ⇒ String
[Required] Summary comment by the operator creating the access request.
29 30 31 |
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 29 def reason_summary @reason_summary end |
#resource_id ⇒ String
[Required] The OCID of the target resource associated with the access request. The operator raises an access request to get approval to access the target resource.
38 39 40 |
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 38 def resource_id @resource_id end |
#severity ⇒ String
Priority assigned to the access request by the operator
59 60 61 |
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 59 def severity @severity end |
#sub_resource_name_list ⇒ Array<String>
The subresource names requested for approval.
42 43 44 |
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 42 def sub_resource_name_list @sub_resource_name_list end |
#ticket_numbers ⇒ Array<String>
A list of ticket numbers related to this Privileged Api Access Request, e.g. Service Request (SR) number and JIRA ticket number.
68 69 70 |
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 68 def ticket_numbers @ticket_numbers end |
#time_requested_for_future_access ⇒ DateTime
Time in future when the user for the privilegedApi request needs to be created in 3339[https://tools.ietf.org/html/rfc3339]timestamp format. Example: '2020-05-22T21:10:29.600Z'
73 74 75 |
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 73 def time_requested_for_future_access @time_requested_for_future_access end |
Class Method Details
.attribute_map ⇒ Object
Attribute mapping from ruby-style variable name to JSON key.
92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 |
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 92 def self.attribute_map { # rubocop:disable Style/SymbolLiteral 'reason_summary': :'reasonSummary', 'compartment_id': :'compartmentId', 'resource_id': :'resourceId', 'sub_resource_name_list': :'subResourceNameList', 'privileged_operation_list': :'privilegedOperationList', 'notification_topic_id': :'notificationTopicId', 'reason_detail': :'reasonDetail', 'severity': :'severity', 'duration_in_hrs': :'durationInHrs', 'ticket_numbers': :'ticketNumbers', 'time_requested_for_future_access': :'timeRequestedForFutureAccess', 'freeform_tags': :'freeformTags', 'defined_tags': :'definedTags' # rubocop:enable Style/SymbolLiteral } end |
.swagger_types ⇒ Object
Attribute type mapping.
113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 |
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 113 def self.swagger_types { # rubocop:disable Style/SymbolLiteral 'reason_summary': :'String', 'compartment_id': :'String', 'resource_id': :'String', 'sub_resource_name_list': :'Array<String>', 'privileged_operation_list': :'Array<OCI::Apiaccesscontrol::Models::PrivilegedApiRequestOperationDetails>', 'notification_topic_id': :'String', 'reason_detail': :'String', 'severity': :'String', 'duration_in_hrs': :'Integer', 'ticket_numbers': :'Array<String>', 'time_requested_for_future_access': :'DateTime', 'freeform_tags': :'Hash<String, String>', 'defined_tags': :'Hash<String, Hash<String, Object>>' # rubocop:enable Style/SymbolLiteral } end |
Instance Method Details
#==(other) ⇒ Object
Checks equality by comparing each attribute.
248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 |
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 248 def ==(other) return true if equal?(other) self.class == other.class && reason_summary == other.reason_summary && compartment_id == other.compartment_id && resource_id == other.resource_id && sub_resource_name_list == other.sub_resource_name_list && privileged_operation_list == other.privileged_operation_list && notification_topic_id == other.notification_topic_id && reason_detail == other.reason_detail && severity == other.severity && duration_in_hrs == other.duration_in_hrs && ticket_numbers == other.ticket_numbers && time_requested_for_future_access == other.time_requested_for_future_access && == other. && == other. end |
#build_from_hash(attributes) ⇒ Object
Builds the object from hash
290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 |
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 290 def build_from_hash(attributes) return nil unless attributes.is_a?(Hash) self.class.swagger_types.each_pair do |key, type| if type =~ /^Array<(.*)>/i # check to ensure the input is an array given that the the attribute # is documented as an array but the input is not if attributes[self.class.attribute_map[key]].is_a?(Array) public_method("#{key}=").call( attributes[self.class.attribute_map[key]] .map { |v| OCI::Internal::Util.convert_to_type(Regexp.last_match(1), v) } ) end elsif !attributes[self.class.attribute_map[key]].nil? public_method("#{key}=").call( OCI::Internal::Util.convert_to_type(type, attributes[self.class.attribute_map[key]]) ) end # or else data not found in attributes(hash), not an issue as the data can be optional end self end |
#eql?(other) ⇒ Boolean
270 271 272 |
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 270 def eql?(other) self == other end |
#hash ⇒ Fixnum
Calculates hash code according to all attributes.
279 280 281 |
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 279 def hash [reason_summary, compartment_id, resource_id, sub_resource_name_list, privileged_operation_list, notification_topic_id, reason_detail, severity, duration_in_hrs, ticket_numbers, time_requested_for_future_access, , ].hash end |
#to_hash ⇒ Hash
Returns the object in the form of hash
323 324 325 326 327 328 329 330 331 332 |
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 323 def to_hash hash = {} self.class.attribute_map.each_pair do |attr, param| value = public_method(attr).call next if value.nil? && !instance_variable_defined?("@#{attr}") hash[param] = _to_hash(value) end hash end |
#to_s ⇒ String
Returns the string representation of the object
317 318 319 |
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 317 def to_s to_hash.to_s end |