Class: OCI::Apiaccesscontrol::Models::PrivilegedApiControl

Inherits:
Object
  • Object
show all
Defined in:
lib/oci/apiaccesscontrol/models/privileged_api_control.rb

Overview

A PrivilegedApiControl is a kind of Policy definition which provides details about which operations needs to be secure; who can approve a privilegedApiRequest requesting for a particular operation, whether the operations needs to be approved by customer or is it preApproved.

To use any of the API operations, you must be authorized in an IAM policy. If you're not authorized, talk to an administrator. If you're an administrator who needs to write policies to give users access, see Getting Started with Policies.

Constant Summary collapse

LIFECYCLE_STATE_ENUM =
[
  LIFECYCLE_STATE_CREATING = 'CREATING'.freeze,
  LIFECYCLE_STATE_UPDATING = 'UPDATING'.freeze,
  LIFECYCLE_STATE_ACTIVE = 'ACTIVE'.freeze,
  LIFECYCLE_STATE_DELETING = 'DELETING'.freeze,
  LIFECYCLE_STATE_DELETED = 'DELETED'.freeze,
  LIFECYCLE_STATE_FAILED = 'FAILED'.freeze,
  LIFECYCLE_STATE_NEEDS_ATTENTION = 'NEEDS_ATTENTION'.freeze,
  LIFECYCLE_STATE_UNKNOWN_ENUM_VALUE = 'UNKNOWN_ENUM_VALUE'.freeze
].freeze

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(attributes = {}) ⇒ PrivilegedApiControl

Initializes the object

Parameters:

  • attributes (Hash) (defaults to: {})

    Model attributes in the form of hash

Options Hash (attributes):

  • :id (String)

    The value to assign to the #id property

  • :display_name (String)

    The value to assign to the #display_name property

  • :compartment_id (String)

    The value to assign to the #compartment_id property

  • :description (String)

    The value to assign to the #description property

  • :notification_topic_id (String)

    The value to assign to the #notification_topic_id property

  • :approver_group_id_list (Array<String>)

    The value to assign to the #approver_group_id_list property

  • :resource_type (String)

    The value to assign to the #resource_type property

  • :resources (Array<String>)

    The value to assign to the #resources property

  • :privileged_operation_list (Array<OCI::Apiaccesscontrol::Models::PrivilegedApiDetails>)

    The value to assign to the #privileged_operation_list property

  • :number_of_approvers (Integer)

    The value to assign to the #number_of_approvers property

  • :time_created (DateTime)

    The value to assign to the #time_created property

  • :time_updated (DateTime)

    The value to assign to the #time_updated property

  • :time_deleted (DateTime)

    The value to assign to the #time_deleted property

  • :state (String)

    The value to assign to the #state property

  • :state_details (String)

    The value to assign to the #state_details property

  • :lifecycle_state (String)

    The value to assign to the #lifecycle_state property

  • :lifecycle_details (String)

    The value to assign to the #lifecycle_details property

  • :freeform_tags (Hash<String, String>)

    The value to assign to the #freeform_tags property

  • :defined_tags (Hash<String, Hash<String, Object>>)

    The value to assign to the #defined_tags property

  • :system_tags (Hash<String, Hash<String, Object>>)

    The value to assign to the #system_tags property



215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
# File 'lib/oci/apiaccesscontrol/models/privileged_api_control.rb', line 215

def initialize(attributes = {})
  return unless attributes.is_a?(Hash)

  # convert string to symbol for hash key
  attributes = attributes.each_with_object({}) { |(k, v), h| h[k.to_sym] = v }

  self.id = attributes[:'id'] if attributes[:'id']

  self.display_name = attributes[:'displayName'] if attributes[:'displayName']

  raise 'You cannot provide both :displayName and :display_name' if attributes.key?(:'displayName') && attributes.key?(:'display_name')

  self.display_name = attributes[:'display_name'] if attributes[:'display_name']

  self.compartment_id = attributes[:'compartmentId'] if attributes[:'compartmentId']

  raise 'You cannot provide both :compartmentId and :compartment_id' if attributes.key?(:'compartmentId') && attributes.key?(:'compartment_id')

  self.compartment_id = attributes[:'compartment_id'] if attributes[:'compartment_id']

  self.description = attributes[:'description'] if attributes[:'description']

  self.notification_topic_id = attributes[:'notificationTopicId'] if attributes[:'notificationTopicId']

  raise 'You cannot provide both :notificationTopicId and :notification_topic_id' if attributes.key?(:'notificationTopicId') && attributes.key?(:'notification_topic_id')

  self.notification_topic_id = attributes[:'notification_topic_id'] if attributes[:'notification_topic_id']

  self.approver_group_id_list = attributes[:'approverGroupIdList'] if attributes[:'approverGroupIdList']

  raise 'You cannot provide both :approverGroupIdList and :approver_group_id_list' if attributes.key?(:'approverGroupIdList') && attributes.key?(:'approver_group_id_list')

  self.approver_group_id_list = attributes[:'approver_group_id_list'] if attributes[:'approver_group_id_list']

  self.resource_type = attributes[:'resourceType'] if attributes[:'resourceType']

  raise 'You cannot provide both :resourceType and :resource_type' if attributes.key?(:'resourceType') && attributes.key?(:'resource_type')

  self.resource_type = attributes[:'resource_type'] if attributes[:'resource_type']

  self.resources = attributes[:'resources'] if attributes[:'resources']

  self.privileged_operation_list = attributes[:'privilegedOperationList'] if attributes[:'privilegedOperationList']

  raise 'You cannot provide both :privilegedOperationList and :privileged_operation_list' if attributes.key?(:'privilegedOperationList') && attributes.key?(:'privileged_operation_list')

  self.privileged_operation_list = attributes[:'privileged_operation_list'] if attributes[:'privileged_operation_list']

  self.number_of_approvers = attributes[:'numberOfApprovers'] if attributes[:'numberOfApprovers']

  raise 'You cannot provide both :numberOfApprovers and :number_of_approvers' if attributes.key?(:'numberOfApprovers') && attributes.key?(:'number_of_approvers')

  self.number_of_approvers = attributes[:'number_of_approvers'] if attributes[:'number_of_approvers']

  self.time_created = attributes[:'timeCreated'] if attributes[:'timeCreated']

  raise 'You cannot provide both :timeCreated and :time_created' if attributes.key?(:'timeCreated') && attributes.key?(:'time_created')

  self.time_created = attributes[:'time_created'] if attributes[:'time_created']

  self.time_updated = attributes[:'timeUpdated'] if attributes[:'timeUpdated']

  raise 'You cannot provide both :timeUpdated and :time_updated' if attributes.key?(:'timeUpdated') && attributes.key?(:'time_updated')

  self.time_updated = attributes[:'time_updated'] if attributes[:'time_updated']

  self.time_deleted = attributes[:'timeDeleted'] if attributes[:'timeDeleted']

  raise 'You cannot provide both :timeDeleted and :time_deleted' if attributes.key?(:'timeDeleted') && attributes.key?(:'time_deleted')

  self.time_deleted = attributes[:'time_deleted'] if attributes[:'time_deleted']

  self.state = attributes[:'state'] if attributes[:'state']

  self.state_details = attributes[:'stateDetails'] if attributes[:'stateDetails']

  raise 'You cannot provide both :stateDetails and :state_details' if attributes.key?(:'stateDetails') && attributes.key?(:'state_details')

  self.state_details = attributes[:'state_details'] if attributes[:'state_details']

  self.lifecycle_state = attributes[:'lifecycleState'] if attributes[:'lifecycleState']

  raise 'You cannot provide both :lifecycleState and :lifecycle_state' if attributes.key?(:'lifecycleState') && attributes.key?(:'lifecycle_state')

  self.lifecycle_state = attributes[:'lifecycle_state'] if attributes[:'lifecycle_state']

  self.lifecycle_details = attributes[:'lifecycleDetails'] if attributes[:'lifecycleDetails']

  raise 'You cannot provide both :lifecycleDetails and :lifecycle_details' if attributes.key?(:'lifecycleDetails') && attributes.key?(:'lifecycle_details')

  self.lifecycle_details = attributes[:'lifecycle_details'] if attributes[:'lifecycle_details']

  self.freeform_tags = attributes[:'freeformTags'] if attributes[:'freeformTags']

  raise 'You cannot provide both :freeformTags and :freeform_tags' if attributes.key?(:'freeformTags') && attributes.key?(:'freeform_tags')

  self.freeform_tags = attributes[:'freeform_tags'] if attributes[:'freeform_tags']

  self.defined_tags = attributes[:'definedTags'] if attributes[:'definedTags']

  raise 'You cannot provide both :definedTags and :defined_tags' if attributes.key?(:'definedTags') && attributes.key?(:'defined_tags')

  self.defined_tags = attributes[:'defined_tags'] if attributes[:'defined_tags']

  self.system_tags = attributes[:'systemTags'] if attributes[:'systemTags']

  raise 'You cannot provide both :systemTags and :system_tags' if attributes.key?(:'systemTags') && attributes.key?(:'system_tags')

  self.system_tags = attributes[:'system_tags'] if attributes[:'system_tags']
end

Instance Attribute Details

#approver_group_id_listArray<String>

List of IAM user group ids who can approve an privilegedApi request associated with a target resource under the governance of this operator control.

Returns:

  • (Array<String>)


50
51
52
# File 'lib/oci/apiaccesscontrol/models/privileged_api_control.rb', line 50

def approver_group_id_list
  @approver_group_id_list
end

#compartment_idString

[Required] The OCID of the compartment.

Returns:

  • (String)


38
39
40
# File 'lib/oci/apiaccesscontrol/models/privileged_api_control.rb', line 38

def compartment_id
  @compartment_id
end

#defined_tagsHash<String, Hash<String, Object>>

[Required] Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags.

Example: {\"Operations\": {\"CostCenter\": \"42\"}}

Returns:

  • (Hash<String, Hash<String, Object>>)


124
125
126
# File 'lib/oci/apiaccesscontrol/models/privileged_api_control.rb', line 124

def defined_tags
  @defined_tags
end

#descriptionString

Description of privilegedApi control.

Returns:

  • (String)


42
43
44
# File 'lib/oci/apiaccesscontrol/models/privileged_api_control.rb', line 42

def description
  @description
end

#display_nameString

[Required] Name of the privilegedApi control. The name must be unique.

Returns:

  • (String)


34
35
36
# File 'lib/oci/apiaccesscontrol/models/privileged_api_control.rb', line 34

def display_name
  @display_name
end

#freeform_tagsHash<String, String>

[Required] Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags.

Example: {\"Department\": \"Finance\"}

Returns:

  • (Hash<String, String>)


116
117
118
# File 'lib/oci/apiaccesscontrol/models/privileged_api_control.rb', line 116

def freeform_tags
  @freeform_tags
end

#idString

[Required] The OCID of the PrivilegedApiControl.

Returns:

  • (String)


30
31
32
# File 'lib/oci/apiaccesscontrol/models/privileged_api_control.rb', line 30

def id
  @id
end

#lifecycle_detailsString

A message that describes the current state of the PrivilegedApiControl in more detail. For example, can be used to provide actionable information for a resource in the Failed state.

Returns:

  • (String)


108
109
110
# File 'lib/oci/apiaccesscontrol/models/privileged_api_control.rb', line 108

def lifecycle_details
  @lifecycle_details
end

#lifecycle_stateString

[Required] The current state of the PrivilegedApiControl.

Returns:

  • (String)


102
103
104
# File 'lib/oci/apiaccesscontrol/models/privileged_api_control.rb', line 102

def lifecycle_state
  @lifecycle_state
end

#notification_topic_idString

The OCID of the OCI Notification topic to publish messages related to this Privileged Api Control.

Returns:

  • (String)


46
47
48
# File 'lib/oci/apiaccesscontrol/models/privileged_api_control.rb', line 46

def notification_topic_id
  @notification_topic_id
end

#number_of_approversInteger

Number of approvers required to approve an privilegedApi request.

Returns:

  • (Integer)


67
68
69
# File 'lib/oci/apiaccesscontrol/models/privileged_api_control.rb', line 67

def number_of_approvers
  @number_of_approvers
end

#privileged_operation_listArray<OCI::Apiaccesscontrol::Models::PrivilegedApiDetails>

List of privileged operations/apis. These operations/apis will be treaated as secured, once enabled by the Privileged API Managment for a resource. Any of these operations, if needs to be executed, needs to be raised as a PrivilegedApi Request which needs to be approved by customers or it can be pre-approved.



63
64
65
# File 'lib/oci/apiaccesscontrol/models/privileged_api_control.rb', line 63

def privileged_operation_list
  @privileged_operation_list
end

#resource_typeString

resourceType for which the PrivilegedApiControl is applicable

Returns:

  • (String)


54
55
56
# File 'lib/oci/apiaccesscontrol/models/privileged_api_control.rb', line 54

def resource_type
  @resource_type
end

#resourcesArray<String>

contains Resource details

Returns:

  • (Array<String>)


58
59
60
# File 'lib/oci/apiaccesscontrol/models/privileged_api_control.rb', line 58

def resources
  @resources
end

#stateString

[Required] The current state of the PrivilegedApiControl.

Returns:

  • (String)


92
93
94
# File 'lib/oci/apiaccesscontrol/models/privileged_api_control.rb', line 92

def state
  @state
end

#state_detailsString

A message that describes the current state of the PrivilegedApiControl in more detail. For example, can be used to provide actionable information for a resource in the Failed state.

Returns:

  • (String)


98
99
100
# File 'lib/oci/apiaccesscontrol/models/privileged_api_control.rb', line 98

def state_details
  @state_details
end

#system_tagsHash<String, Hash<String, Object>>

System tags for this resource. Each key is predefined and scoped to a namespace.

Example: {\"orcl-cloud\": {\"free-tier-retained\": \"true\"}}

Returns:

  • (Hash<String, Hash<String, Object>>)


131
132
133
# File 'lib/oci/apiaccesscontrol/models/privileged_api_control.rb', line 131

def system_tags
  @system_tags
end

#time_createdDateTime

[Required] The date and time the PrivilegedApiControl was created, in the format defined by RFC 3339.

Example: 2016-08-25T21:10:29.600Z

Returns:

  • (DateTime)


74
75
76
# File 'lib/oci/apiaccesscontrol/models/privileged_api_control.rb', line 74

def time_created
  @time_created
end

#time_deletedDateTime

The date and time the PrivilegedApiControl was marked for delete, in the format defined by RFC 3339.

Example: 2016-08-25T21:10:29.600Z

Returns:

  • (DateTime)


88
89
90
# File 'lib/oci/apiaccesscontrol/models/privileged_api_control.rb', line 88

def time_deleted
  @time_deleted
end

#time_updatedDateTime

The date and time the PrivilegedApiControl was updated, in the format defined by RFC 3339.

Example: 2016-08-25T21:10:29.600Z

Returns:

  • (DateTime)


81
82
83
# File 'lib/oci/apiaccesscontrol/models/privileged_api_control.rb', line 81

def time_updated
  @time_updated
end

Class Method Details

.attribute_mapObject

Attribute mapping from ruby-style variable name to JSON key.



134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
# File 'lib/oci/apiaccesscontrol/models/privileged_api_control.rb', line 134

def self.attribute_map
  {
    # rubocop:disable Style/SymbolLiteral
    'id': :'id',
    'display_name': :'displayName',
    'compartment_id': :'compartmentId',
    'description': :'description',
    'notification_topic_id': :'notificationTopicId',
    'approver_group_id_list': :'approverGroupIdList',
    'resource_type': :'resourceType',
    'resources': :'resources',
    'privileged_operation_list': :'privilegedOperationList',
    'number_of_approvers': :'numberOfApprovers',
    'time_created': :'timeCreated',
    'time_updated': :'timeUpdated',
    'time_deleted': :'timeDeleted',
    'state': :'state',
    'state_details': :'stateDetails',
    'lifecycle_state': :'lifecycleState',
    'lifecycle_details': :'lifecycleDetails',
    'freeform_tags': :'freeformTags',
    'defined_tags': :'definedTags',
    'system_tags': :'systemTags'
    # rubocop:enable Style/SymbolLiteral
  }
end

.swagger_typesObject

Attribute type mapping.



162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
# File 'lib/oci/apiaccesscontrol/models/privileged_api_control.rb', line 162

def self.swagger_types
  {
    # rubocop:disable Style/SymbolLiteral
    'id': :'String',
    'display_name': :'String',
    'compartment_id': :'String',
    'description': :'String',
    'notification_topic_id': :'String',
    'approver_group_id_list': :'Array<String>',
    'resource_type': :'String',
    'resources': :'Array<String>',
    'privileged_operation_list': :'Array<OCI::Apiaccesscontrol::Models::PrivilegedApiDetails>',
    'number_of_approvers': :'Integer',
    'time_created': :'DateTime',
    'time_updated': :'DateTime',
    'time_deleted': :'DateTime',
    'state': :'String',
    'state_details': :'String',
    'lifecycle_state': :'String',
    'lifecycle_details': :'String',
    'freeform_tags': :'Hash<String, String>',
    'defined_tags': :'Hash<String, Hash<String, Object>>',
    'system_tags': :'Hash<String, Hash<String, Object>>'
    # rubocop:enable Style/SymbolLiteral
  }
end

Instance Method Details

#==(other) ⇒ Object

Checks equality by comparing each attribute.

Parameters:

  • other (Object)

    the other object to be compared



346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
# File 'lib/oci/apiaccesscontrol/models/privileged_api_control.rb', line 346

def ==(other)
  return true if equal?(other)

  self.class == other.class &&
    id == other.id &&
    display_name == other.display_name &&
    compartment_id == other.compartment_id &&
    description == other.description &&
    notification_topic_id == other.notification_topic_id &&
    approver_group_id_list == other.approver_group_id_list &&
    resource_type == other.resource_type &&
    resources == other.resources &&
    privileged_operation_list == other.privileged_operation_list &&
    number_of_approvers == other.number_of_approvers &&
    time_created == other.time_created &&
    time_updated == other.time_updated &&
    time_deleted == other.time_deleted &&
    state == other.state &&
    state_details == other.state_details &&
    lifecycle_state == other.lifecycle_state &&
    lifecycle_details == other.lifecycle_details &&
    freeform_tags == other.freeform_tags &&
    defined_tags == other.defined_tags &&
    system_tags == other.system_tags
end

#build_from_hash(attributes) ⇒ Object

Builds the object from hash

Parameters:

  • attributes (Hash)

    Model attributes in the form of hash

Returns:

  • (Object)

    Returns the model itself



395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
# File 'lib/oci/apiaccesscontrol/models/privileged_api_control.rb', line 395

def build_from_hash(attributes)
  return nil unless attributes.is_a?(Hash)

  self.class.swagger_types.each_pair do |key, type|
    if type =~ /^Array<(.*)>/i
      # check to ensure the input is an array given that the the attribute
      # is documented as an array but the input is not
      if attributes[self.class.attribute_map[key]].is_a?(Array)
        public_method("#{key}=").call(
          attributes[self.class.attribute_map[key]]
            .map { |v| OCI::Internal::Util.convert_to_type(Regexp.last_match(1), v) }
        )
      end
    elsif !attributes[self.class.attribute_map[key]].nil?
      public_method("#{key}=").call(
        OCI::Internal::Util.convert_to_type(type, attributes[self.class.attribute_map[key]])
      )
    end
    # or else data not found in attributes(hash), not an issue as the data can be optional
  end

  self
end

#eql?(other) ⇒ Boolean

Parameters:

  • other (Object)

    the other object to be compared

Returns:

  • (Boolean)

See Also:

  • `==` method


375
376
377
# File 'lib/oci/apiaccesscontrol/models/privileged_api_control.rb', line 375

def eql?(other)
  self == other
end

#hashFixnum

Calculates hash code according to all attributes.

Returns:

  • (Fixnum)

    Hash code



384
385
386
# File 'lib/oci/apiaccesscontrol/models/privileged_api_control.rb', line 384

def hash
  [id, display_name, compartment_id, description, notification_topic_id, approver_group_id_list, resource_type, resources, privileged_operation_list, number_of_approvers, time_created, time_updated, time_deleted, state, state_details, lifecycle_state, lifecycle_details, freeform_tags, defined_tags, system_tags].hash
end

#to_hashHash

Returns the object in the form of hash

Returns:

  • (Hash)

    Returns the object in the form of hash



428
429
430
431
432
433
434
435
436
437
# File 'lib/oci/apiaccesscontrol/models/privileged_api_control.rb', line 428

def to_hash
  hash = {}
  self.class.attribute_map.each_pair do |attr, param|
    value = public_method(attr).call
    next if value.nil? && !instance_variable_defined?("@#{attr}")

    hash[param] = _to_hash(value)
  end
  hash
end

#to_sString

Returns the string representation of the object

Returns:

  • (String)

    String presentation of the object



422
423
424
# File 'lib/oci/apiaccesscontrol/models/privileged_api_control.rb', line 422

def to_s
  to_hash.to_s
end