Class: OCI::Apiaccesscontrol::Models::CreatePrivilegedApiRequestDetails

Inherits:
Object
  • Object
show all
Defined in:
lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb

Overview

An Oracle operator raises privilegedApi request when they need access to any infrastructure resource governed by PrivilegedApi Access Control. The privilegedApi request identifies the target resource and the set of operator actions. Access request handling depends upon the Operator Control that governs the target resource, and the set of operator actions listed for approval in the access request. If all of the operator actions listed in the privilegedApi request are in the pre-approved list in the PrivilegedApi Control that governs the target resource, then the privilegedApi request is automatically approved. If not, then the privilegedApi request requires explicit approval from the approver group specified by the PrivilegedApi Control governing the target resource.

You can approve or reject an privilegedApi request. You can also revoke the approval of an already approved privilegedApi request. While creating an access request, the operator specifies the duration of access. You have the option to approve the entire duration or reduce or even increase the time duration. An operator can also request for an extension. The approval for such an extension is processed the same way the original privilegedApi request was processed.

Constant Summary collapse

SEVERITY_ENUM =
[
  SEVERITY_SEV_1 = 'SEV_1'.freeze,
  SEVERITY_SEV_2 = 'SEV_2'.freeze,
  SEVERITY_SEV_3 = 'SEV_3'.freeze,
  SEVERITY_SEV_4 = 'SEV_4'.freeze
].freeze

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(attributes = {}) ⇒ CreatePrivilegedApiRequestDetails

Initializes the object

Parameters:

  • attributes (Hash) (defaults to: {})

    Model attributes in the form of hash

Options Hash (attributes):



152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 152

def initialize(attributes = {})
  return unless attributes.is_a?(Hash)

  # convert string to symbol for hash key
  attributes = attributes.each_with_object({}) { |(k, v), h| h[k.to_sym] = v }

  self.reason_summary = attributes[:'reasonSummary'] if attributes[:'reasonSummary']

  raise 'You cannot provide both :reasonSummary and :reason_summary' if attributes.key?(:'reasonSummary') && attributes.key?(:'reason_summary')

  self.reason_summary = attributes[:'reason_summary'] if attributes[:'reason_summary']

  self.compartment_id = attributes[:'compartmentId'] if attributes[:'compartmentId']

  raise 'You cannot provide both :compartmentId and :compartment_id' if attributes.key?(:'compartmentId') && attributes.key?(:'compartment_id')

  self.compartment_id = attributes[:'compartment_id'] if attributes[:'compartment_id']

  self.resource_id = attributes[:'resourceId'] if attributes[:'resourceId']

  raise 'You cannot provide both :resourceId and :resource_id' if attributes.key?(:'resourceId') && attributes.key?(:'resource_id')

  self.resource_id = attributes[:'resource_id'] if attributes[:'resource_id']

  self.sub_resource_name_list = attributes[:'subResourceNameList'] if attributes[:'subResourceNameList']

  raise 'You cannot provide both :subResourceNameList and :sub_resource_name_list' if attributes.key?(:'subResourceNameList') && attributes.key?(:'sub_resource_name_list')

  self.sub_resource_name_list = attributes[:'sub_resource_name_list'] if attributes[:'sub_resource_name_list']

  self.privileged_operation_list = attributes[:'privilegedOperationList'] if attributes[:'privilegedOperationList']

  raise 'You cannot provide both :privilegedOperationList and :privileged_operation_list' if attributes.key?(:'privilegedOperationList') && attributes.key?(:'privileged_operation_list')

  self.privileged_operation_list = attributes[:'privileged_operation_list'] if attributes[:'privileged_operation_list']

  self.notification_topic_id = attributes[:'notificationTopicId'] if attributes[:'notificationTopicId']

  raise 'You cannot provide both :notificationTopicId and :notification_topic_id' if attributes.key?(:'notificationTopicId') && attributes.key?(:'notification_topic_id')

  self.notification_topic_id = attributes[:'notification_topic_id'] if attributes[:'notification_topic_id']

  self.reason_detail = attributes[:'reasonDetail'] if attributes[:'reasonDetail']

  raise 'You cannot provide both :reasonDetail and :reason_detail' if attributes.key?(:'reasonDetail') && attributes.key?(:'reason_detail')

  self.reason_detail = attributes[:'reason_detail'] if attributes[:'reason_detail']

  self.severity = attributes[:'severity'] if attributes[:'severity']

  self.duration_in_hrs = attributes[:'durationInHrs'] if attributes[:'durationInHrs']

  raise 'You cannot provide both :durationInHrs and :duration_in_hrs' if attributes.key?(:'durationInHrs') && attributes.key?(:'duration_in_hrs')

  self.duration_in_hrs = attributes[:'duration_in_hrs'] if attributes[:'duration_in_hrs']

  self.ticket_numbers = attributes[:'ticketNumbers'] if attributes[:'ticketNumbers']

  raise 'You cannot provide both :ticketNumbers and :ticket_numbers' if attributes.key?(:'ticketNumbers') && attributes.key?(:'ticket_numbers')

  self.ticket_numbers = attributes[:'ticket_numbers'] if attributes[:'ticket_numbers']

  self.time_requested_for_future_access = attributes[:'timeRequestedForFutureAccess'] if attributes[:'timeRequestedForFutureAccess']

  raise 'You cannot provide both :timeRequestedForFutureAccess and :time_requested_for_future_access' if attributes.key?(:'timeRequestedForFutureAccess') && attributes.key?(:'time_requested_for_future_access')

  self.time_requested_for_future_access = attributes[:'time_requested_for_future_access'] if attributes[:'time_requested_for_future_access']

  self.freeform_tags = attributes[:'freeformTags'] if attributes[:'freeformTags']

  raise 'You cannot provide both :freeformTags and :freeform_tags' if attributes.key?(:'freeformTags') && attributes.key?(:'freeform_tags')

  self.freeform_tags = attributes[:'freeform_tags'] if attributes[:'freeform_tags']

  self.defined_tags = attributes[:'definedTags'] if attributes[:'definedTags']

  raise 'You cannot provide both :definedTags and :defined_tags' if attributes.key?(:'definedTags') && attributes.key?(:'defined_tags')

  self.defined_tags = attributes[:'defined_tags'] if attributes[:'defined_tags']
end

Instance Attribute Details

#compartment_idString

The OCID of the compartment.

Returns:

  • (String)


33
34
35
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 33

def compartment_id
  @compartment_id
end

#defined_tagsHash<String, Hash<String, Object>>

Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags.

Example: {\"Operations\": {\"CostCenter\": \"42\"}}

Returns:

  • (Hash<String, Hash<String, Object>>)


89
90
91
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 89

def defined_tags
  @defined_tags
end

#duration_in_hrsInteger

Duration in hours for which access is sought on the target resource.

Returns:

  • (Integer)


63
64
65
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 63

def duration_in_hrs
  @duration_in_hrs
end

#freeform_tagsHash<String, String>

Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags.

Example: {\"Department\": \"Finance\"}

Returns:

  • (Hash<String, String>)


81
82
83
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 81

def freeform_tags
  @freeform_tags
end

#notification_topic_idString

The OCID of the OCI Notification topic to publish messages related to this Privileged Api Request.

Returns:

  • (String)


51
52
53
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 51

def notification_topic_id
  @notification_topic_id
end

#privileged_operation_listArray<OCI::Apiaccesscontrol::Models::PrivilegedApiRequestOperationDetails>

[Required] List of api names, attributes for which approval is sought by the user.



47
48
49
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 47

def privileged_operation_list
  @privileged_operation_list
end

#reason_detailString

Reason in detail for which the operator is requesting access on the target resource.

Returns:

  • (String)


55
56
57
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 55

def reason_detail
  @reason_detail
end

#reason_summaryString

[Required] Summary comment by the operator creating the access request.

Returns:

  • (String)


29
30
31
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 29

def reason_summary
  @reason_summary
end

#resource_idString

[Required] The OCID of the target resource associated with the access request. The operator raises an access request to get approval to access the target resource.

Returns:

  • (String)


38
39
40
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 38

def resource_id
  @resource_id
end

#severityString

Priority assigned to the access request by the operator

Returns:

  • (String)


59
60
61
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 59

def severity
  @severity
end

#sub_resource_name_listArray<String>

The subresource names requested for approval.

Returns:

  • (Array<String>)


42
43
44
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 42

def sub_resource_name_list
  @sub_resource_name_list
end

#ticket_numbersArray<String>

A list of ticket numbers related to this Privileged Api Access Request, e.g. Service Request (SR) number and JIRA ticket number.

Returns:

  • (Array<String>)


68
69
70
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 68

def ticket_numbers
  @ticket_numbers
end

#time_requested_for_future_accessDateTime

Time in future when the user for the privilegedApi request needs to be created in 3339[https://tools.ietf.org/html/rfc3339]timestamp format. Example: '2020-05-22T21:10:29.600Z'

Returns:

  • (DateTime)


73
74
75
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 73

def time_requested_for_future_access
  @time_requested_for_future_access
end

Class Method Details

.attribute_mapObject

Attribute mapping from ruby-style variable name to JSON key.



92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 92

def self.attribute_map
  {
    # rubocop:disable Style/SymbolLiteral
    'reason_summary': :'reasonSummary',
    'compartment_id': :'compartmentId',
    'resource_id': :'resourceId',
    'sub_resource_name_list': :'subResourceNameList',
    'privileged_operation_list': :'privilegedOperationList',
    'notification_topic_id': :'notificationTopicId',
    'reason_detail': :'reasonDetail',
    'severity': :'severity',
    'duration_in_hrs': :'durationInHrs',
    'ticket_numbers': :'ticketNumbers',
    'time_requested_for_future_access': :'timeRequestedForFutureAccess',
    'freeform_tags': :'freeformTags',
    'defined_tags': :'definedTags'
    # rubocop:enable Style/SymbolLiteral
  }
end

.swagger_typesObject

Attribute type mapping.



113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 113

def self.swagger_types
  {
    # rubocop:disable Style/SymbolLiteral
    'reason_summary': :'String',
    'compartment_id': :'String',
    'resource_id': :'String',
    'sub_resource_name_list': :'Array<String>',
    'privileged_operation_list': :'Array<OCI::Apiaccesscontrol::Models::PrivilegedApiRequestOperationDetails>',
    'notification_topic_id': :'String',
    'reason_detail': :'String',
    'severity': :'String',
    'duration_in_hrs': :'Integer',
    'ticket_numbers': :'Array<String>',
    'time_requested_for_future_access': :'DateTime',
    'freeform_tags': :'Hash<String, String>',
    'defined_tags': :'Hash<String, Hash<String, Object>>'
    # rubocop:enable Style/SymbolLiteral
  }
end

Instance Method Details

#==(other) ⇒ Object

Checks equality by comparing each attribute.

Parameters:

  • other (Object)

    the other object to be compared



248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 248

def ==(other)
  return true if equal?(other)

  self.class == other.class &&
    reason_summary == other.reason_summary &&
    compartment_id == other.compartment_id &&
    resource_id == other.resource_id &&
    sub_resource_name_list == other.sub_resource_name_list &&
    privileged_operation_list == other.privileged_operation_list &&
    notification_topic_id == other.notification_topic_id &&
    reason_detail == other.reason_detail &&
    severity == other.severity &&
    duration_in_hrs == other.duration_in_hrs &&
    ticket_numbers == other.ticket_numbers &&
    time_requested_for_future_access == other.time_requested_for_future_access &&
    freeform_tags == other.freeform_tags &&
    defined_tags == other.defined_tags
end

#build_from_hash(attributes) ⇒ Object

Builds the object from hash

Parameters:

  • attributes (Hash)

    Model attributes in the form of hash

Returns:

  • (Object)

    Returns the model itself



290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 290

def build_from_hash(attributes)
  return nil unless attributes.is_a?(Hash)

  self.class.swagger_types.each_pair do |key, type|
    if type =~ /^Array<(.*)>/i
      # check to ensure the input is an array given that the the attribute
      # is documented as an array but the input is not
      if attributes[self.class.attribute_map[key]].is_a?(Array)
        public_method("#{key}=").call(
          attributes[self.class.attribute_map[key]]
            .map { |v| OCI::Internal::Util.convert_to_type(Regexp.last_match(1), v) }
        )
      end
    elsif !attributes[self.class.attribute_map[key]].nil?
      public_method("#{key}=").call(
        OCI::Internal::Util.convert_to_type(type, attributes[self.class.attribute_map[key]])
      )
    end
    # or else data not found in attributes(hash), not an issue as the data can be optional
  end

  self
end

#eql?(other) ⇒ Boolean

Parameters:

  • other (Object)

    the other object to be compared

Returns:

  • (Boolean)

See Also:

  • `==` method


270
271
272
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 270

def eql?(other)
  self == other
end

#hashFixnum

Calculates hash code according to all attributes.

Returns:

  • (Fixnum)

    Hash code



279
280
281
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 279

def hash
  [reason_summary, compartment_id, resource_id, sub_resource_name_list, privileged_operation_list, notification_topic_id, reason_detail, severity, duration_in_hrs, ticket_numbers, time_requested_for_future_access, freeform_tags, defined_tags].hash
end

#to_hashHash

Returns the object in the form of hash

Returns:

  • (Hash)

    Returns the object in the form of hash



323
324
325
326
327
328
329
330
331
332
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 323

def to_hash
  hash = {}
  self.class.attribute_map.each_pair do |attr, param|
    value = public_method(attr).call
    next if value.nil? && !instance_variable_defined?("@#{attr}")

    hash[param] = _to_hash(value)
  end
  hash
end

#to_sString

Returns the string representation of the object

Returns:

  • (String)

    String presentation of the object



317
318
319
# File 'lib/oci/apiaccesscontrol/models/create_privileged_api_request_details.rb', line 317

def to_s
  to_hash.to_s
end