Class: OCI::DelegateAccessControl::Models::CreateDelegationControlDetails

Inherits:

Object

• Object
• OCI::DelegateAccessControl::Models::CreateDelegationControlDetails

Defined in:

lib/oci/delegate_access_control/models/create_delegation_control_details.rb

Overview

While creating the Delegation Control, specify how Service Provider Actions are approved and the users who have the privilege of approving the Service Provider Actions associated with the Delegation Control.

You must specify which Service Provider Actions must be pre-approved. The rest of the Service Provider Actions associated with the Delegation Control will require an explicit approval from the users selected either through the approver groups or individually.

You must name your Delegation Control appropriately so it reflects the resources that will be governed by the Delegation Control. Neither the Delegation Controls nor their assignments to resources are visible to the support operators.

Constant Summary

RESOURCE_TYPE_ENUM =

[
  RESOURCE_TYPE_VMCLUSTER = 'VMCLUSTER'.freeze,
  RESOURCE_TYPE_CLOUDVMCLUSTER = 'CLOUDVMCLUSTER'.freeze
].freeze

Instance Attribute Summary

• #compartment_id ⇒ String

  [Required] The OCID of the compartment that contains this Delegation Control.

• #defined_tags ⇒ Hash<String, Hash<String, Object>>

  Defined tags for this resource.

• #delegation_subscription_ids ⇒ Array<String>

  [Required] List of Delegation Subscription OCID that are allowed for this Delegation Control.

• #description ⇒ String

  Description of the Delegation Control.

• #display_name ⇒ String

  [Required] Name of the Delegation Control.

• #freeform_tags ⇒ Hash<String, String>

  Free-form tags for this resource.

• #is_auto_approve_during_maintenance ⇒ BOOLEAN

  Set to true to allow all Delegated Resource Access Request to be approved automatically during maintenance.

• #notification_message_format ⇒ String

  [Required] The format of the OCI Notification messages for this Delegation Control.

• #notification_topic_id ⇒ String

  [Required] The OCID of the OCI Notification topic to publish messages related to this Delegation Control.

• #num_approvals_required ⇒ Integer

  number of approvals required.

• #pre_approved_service_provider_action_names ⇒ Array<String>

  List of pre-approved Service Provider Action names.

• #resource_ids ⇒ Array<String>

  [Required] The OCID of the selected resources that this Delegation Control is applicable to.

• #resource_type ⇒ String

  [Required] Resource type for which the Delegation Control is applicable to.

• #vault_id ⇒ String

  The OCID of the OCI Vault that will store the secrets containing the SSH keys to access the resource governed by this Delegation Control by Delegate Access Control Service.

• #vault_key_id ⇒ String

  The OCID of the Master Encryption Key in the OCI Vault specified by vaultId.

Class Method Summary

• .attribute_map ⇒ Object

  Attribute mapping from ruby-style variable name to JSON key.

• .swagger_types ⇒ Object

  Attribute type mapping.

Instance Method Summary

• #==(other) ⇒ Object

  Checks equality by comparing each attribute.

• #build_from_hash(attributes) ⇒ Object

  Builds the object from hash.

• #eql?(other) ⇒ Boolean
• #hash ⇒ Fixnum

  Calculates hash code according to all attributes.

• #initialize(attributes = {}) ⇒ CreateDelegationControlDetails constructor

  Initializes the object.

• #to_hash ⇒ Hash

  Returns the object in the form of hash.

• #to_s ⇒ String

  Returns the string representation of the object.

Constructor Details

#initialize(attributes = {}) ⇒ CreateDelegationControlDetails

Initializes the object

Parameters:

• attributes (Hash) (defaults to: {}) —

  Model attributes in the form of hash

Options Hash (attributes):

• :compartment_id (String) —

  The value to assign to the #compartment_id property

• :display_name (String) —

  The value to assign to the #display_name property

• :description (String) —

  The value to assign to the #description property

• :num_approvals_required (Integer) —

  The value to assign to the #num_approvals_required property

• :pre_approved_service_provider_action_names (Array<String>) —

  The value to assign to the #pre_approved_service_provider_action_names property

• :delegation_subscription_ids (Array<String>) —

  The value to assign to the #delegation_subscription_ids property

• :is_auto_approve_during_maintenance (BOOLEAN) —

  The value to assign to the #is_auto_approve_during_maintenance property

• :resource_ids (Array<String>) —

  The value to assign to the #resource_ids property

• :resource_type (String) —

  The value to assign to the #resource_type property

• :notification_topic_id (String) —

  The value to assign to the #notification_topic_id property

• :notification_message_format (String) —

  The value to assign to the #notification_message_format property

• :vault_id (String) —

  The value to assign to the #vault_id property

• :vault_key_id (String) —

  The value to assign to the #vault_key_id property

• :freeform_tags (Hash<String, String>) —

  The value to assign to the #freeform_tags property

• :defined_tags (Hash<String, Hash<String, Object>>) —

  The value to assign to the #defined_tags property

# File 'lib/oci/delegate_access_control/models/create_delegation_control_details.rb', line 158

def initialize(attributes = {})
  return unless attributes.is_a?(Hash)

  # convert string to symbol for hash key
  attributes = attributes.each_with_object({}) { |(k, v), h| h[k.to_sym] = v }

  self.compartment_id = attributes[:'compartmentId'] if attributes[:'compartmentId']

  raise 'You cannot provide both :compartmentId and :compartment_id' if attributes.key?(:'compartmentId') && attributes.key?(:'compartment_id')

  self.compartment_id = attributes[:'compartment_id'] if attributes[:'compartment_id']

  self.display_name = attributes[:'displayName'] if attributes[:'displayName']

  raise 'You cannot provide both :displayName and :display_name' if attributes.key?(:'displayName') && attributes.key?(:'display_name')

  self.display_name = attributes[:'display_name'] if attributes[:'display_name']

  self.description = attributes[:'description'] if attributes[:'description']

  self.num_approvals_required = attributes[:'numApprovalsRequired'] if attributes[:'numApprovalsRequired']

  raise 'You cannot provide both :numApprovalsRequired and :num_approvals_required' if attributes.key?(:'numApprovalsRequired') && attributes.key?(:'num_approvals_required')

  self.num_approvals_required = attributes[:'num_approvals_required'] if attributes[:'num_approvals_required']

  self.pre_approved_service_provider_action_names = attributes[:'preApprovedServiceProviderActionNames'] if attributes[:'preApprovedServiceProviderActionNames']

  raise 'You cannot provide both :preApprovedServiceProviderActionNames and :pre_approved_service_provider_action_names' if attributes.key?(:'preApprovedServiceProviderActionNames') && attributes.key?(:'pre_approved_service_provider_action_names')

  self.pre_approved_service_provider_action_names = attributes[:'pre_approved_service_provider_action_names'] if attributes[:'pre_approved_service_provider_action_names']

  self.delegation_subscription_ids = attributes[:'delegationSubscriptionIds'] if attributes[:'delegationSubscriptionIds']

  raise 'You cannot provide both :delegationSubscriptionIds and :delegation_subscription_ids' if attributes.key?(:'delegationSubscriptionIds') && attributes.key?(:'delegation_subscription_ids')

  self.delegation_subscription_ids = attributes[:'delegation_subscription_ids'] if attributes[:'delegation_subscription_ids']

  self.is_auto_approve_during_maintenance = attributes[:'isAutoApproveDuringMaintenance'] unless attributes[:'isAutoApproveDuringMaintenance'].nil?

  raise 'You cannot provide both :isAutoApproveDuringMaintenance and :is_auto_approve_during_maintenance' if attributes.key?(:'isAutoApproveDuringMaintenance') && attributes.key?(:'is_auto_approve_during_maintenance')

  self.is_auto_approve_during_maintenance = attributes[:'is_auto_approve_during_maintenance'] unless attributes[:'is_auto_approve_during_maintenance'].nil?

  self.resource_ids = attributes[:'resourceIds'] if attributes[:'resourceIds']

  raise 'You cannot provide both :resourceIds and :resource_ids' if attributes.key?(:'resourceIds') && attributes.key?(:'resource_ids')

  self.resource_ids = attributes[:'resource_ids'] if attributes[:'resource_ids']

  self.resource_type = attributes[:'resourceType'] if attributes[:'resourceType']

  raise 'You cannot provide both :resourceType and :resource_type' if attributes.key?(:'resourceType') && attributes.key?(:'resource_type')

  self.resource_type = attributes[:'resource_type'] if attributes[:'resource_type']

  self.notification_topic_id = attributes[:'notificationTopicId'] if attributes[:'notificationTopicId']

  raise 'You cannot provide both :notificationTopicId and :notification_topic_id' if attributes.key?(:'notificationTopicId') && attributes.key?(:'notification_topic_id')

  self.notification_topic_id = attributes[:'notification_topic_id'] if attributes[:'notification_topic_id']

  self.notification_message_format = attributes[:'notificationMessageFormat'] if attributes[:'notificationMessageFormat']

  raise 'You cannot provide both :notificationMessageFormat and :notification_message_format' if attributes.key?(:'notificationMessageFormat') && attributes.key?(:'notification_message_format')

  self.notification_message_format = attributes[:'notification_message_format'] if attributes[:'notification_message_format']

  self.vault_id = attributes[:'vaultId'] if attributes[:'vaultId']

  raise 'You cannot provide both :vaultId and :vault_id' if attributes.key?(:'vaultId') && attributes.key?(:'vault_id')

  self.vault_id = attributes[:'vault_id'] if attributes[:'vault_id']

  self.vault_key_id = attributes[:'vaultKeyId'] if attributes[:'vaultKeyId']

  raise 'You cannot provide both :vaultKeyId and :vault_key_id' if attributes.key?(:'vaultKeyId') && attributes.key?(:'vault_key_id')

  self.vault_key_id = attributes[:'vault_key_id'] if attributes[:'vault_key_id']

  self.freeform_tags = attributes[:'freeformTags'] if attributes[:'freeformTags']

  raise 'You cannot provide both :freeformTags and :freeform_tags' if attributes.key?(:'freeformTags') && attributes.key?(:'freeform_tags')

  self.freeform_tags = attributes[:'freeform_tags'] if attributes[:'freeform_tags']

  self.defined_tags = attributes[:'definedTags'] if attributes[:'definedTags']

  raise 'You cannot provide both :definedTags and :defined_tags' if attributes.key?(:'definedTags') && attributes.key?(:'defined_tags')

  self.defined_tags = attributes[:'defined_tags'] if attributes[:'defined_tags']
end

Instance Attribute Details

#compartment_id ⇒ String

[Required] The OCID of the compartment that contains this Delegation Control.

Returns:

• (String)

# File 'lib/oci/delegate_access_control/models/create_delegation_control_details.rb', line 23

def compartment_id
  @compartment_id
end

#defined_tags ⇒ Hash<String, Hash<String, Object>>

Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags.

Example: {\"Operations\": {\"CostCenter\": \"42\"}}

Returns:

• (Hash<String, Hash<String, Object>>)

# File 'lib/oci/delegate_access_control/models/create_delegation_control_details.rb', line 89

def defined_tags
  @defined_tags
end

#delegation_subscription_ids ⇒ Array<String>

[Required] List of Delegation Subscription OCID that are allowed for this Delegation Control. The allowed subscriptions will determine the available Service Provider Actions. Only support operators for the allowed subscriptions are allowed to create Delegated Resource Access Request.

Returns:

• (Array<String>)

# File 'lib/oci/delegate_access_control/models/create_delegation_control_details.rb', line 45

def delegation_subscription_ids
  @delegation_subscription_ids
end

#description ⇒ String

Description of the Delegation Control.

Returns:

• (String)

# File 'lib/oci/delegate_access_control/models/create_delegation_control_details.rb', line 31

def description
  @description
end

#display_name ⇒ String

[Required] Name of the Delegation Control. The name does not need to be unique.

Returns:

• (String)

# File 'lib/oci/delegate_access_control/models/create_delegation_control_details.rb', line 27

def display_name
  @display_name
end

#freeform_tags ⇒ Hash<String, String>

Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags.

Example: {\"Department\": \"Finance\"}

Returns:

• (Hash<String, String>)

# File 'lib/oci/delegate_access_control/models/create_delegation_control_details.rb', line 81

def freeform_tags
  @freeform_tags
end

#is_auto_approve_during_maintenance ⇒ BOOLEAN

Set to true to allow all Delegated Resource Access Request to be approved automatically during maintenance.

Returns:

• (BOOLEAN)

# File 'lib/oci/delegate_access_control/models/create_delegation_control_details.rb', line 49

def is_auto_approve_during_maintenance
  @is_auto_approve_during_maintenance
end

#notification_message_format ⇒ String

[Required] The format of the OCI Notification messages for this Delegation Control.

Returns:

• (String)

# File 'lib/oci/delegate_access_control/models/create_delegation_control_details.rb', line 65

def notification_message_format
  @notification_message_format
end

#notification_topic_id ⇒ String

[Required] The OCID of the OCI Notification topic to publish messages related to this Delegation Control.

Returns:

• (String)

# File 'lib/oci/delegate_access_control/models/create_delegation_control_details.rb', line 61

def notification_topic_id
  @notification_topic_id
end

#num_approvals_required ⇒ Integer

number of approvals required.

Returns:

• (Integer)

# File 'lib/oci/delegate_access_control/models/create_delegation_control_details.rb', line 35

def num_approvals_required
  @num_approvals_required
end

#pre_approved_service_provider_action_names ⇒ Array<String>

List of pre-approved Service Provider Action names. The list of pre-defined Service Provider Actions can be obtained from the ListServiceProviderActions API. Delegated Resource Access Requests associated with a resource governed by this Delegation Control will be automatically approved if the Delegated Resource Access Request only contain Service Provider Actions in the pre-approved list.

Returns:

• (Array<String>)

# File 'lib/oci/delegate_access_control/models/create_delegation_control_details.rb', line 41

def pre_approved_service_provider_action_names
  @pre_approved_service_provider_action_names
end

#resource_ids ⇒ Array<String>

[Required] The OCID of the selected resources that this Delegation Control is applicable to.

Returns:

• (Array<String>)

# File 'lib/oci/delegate_access_control/models/create_delegation_control_details.rb', line 53

def resource_ids
  @resource_ids
end

#resource_type ⇒ String

[Required] Resource type for which the Delegation Control is applicable to.

Returns:

• (String)

# File 'lib/oci/delegate_access_control/models/create_delegation_control_details.rb', line 57

def resource_type
  @resource_type
end

#vault_id ⇒ String

The OCID of the OCI Vault that will store the secrets containing the SSH keys to access the resource governed by this Delegation Control by Delegate Access Control Service. This property is required when resourceType is CLOUDVMCLUSTER. Delegate Access Control Service will generate the SSH keys and store them as secrets in the OCI Vault.

Returns:

• (String)

# File 'lib/oci/delegate_access_control/models/create_delegation_control_details.rb', line 69

def vault_id
  @vault_id
end

#vault_key_id ⇒ String

The OCID of the Master Encryption Key in the OCI Vault specified by vaultId. This key will be used to encrypt the SSH keys to access the resource governed by this Delegation Control by Delegate Access Control Service. This property is required when resourceType is CLOUDVMCLUSTER.

Returns:

• (String)

# File 'lib/oci/delegate_access_control/models/create_delegation_control_details.rb', line 73

def vault_key_id
  @vault_key_id
end

Class Method Details

.attribute_map ⇒ Object

Attribute mapping from ruby-style variable name to JSON key.

# File 'lib/oci/delegate_access_control/models/create_delegation_control_details.rb', line 92

def self.attribute_map
  {
    # rubocop:disable Style/SymbolLiteral
    'compartment_id': :'compartmentId',
    'display_name': :'displayName',
    'description': :'description',
    'num_approvals_required': :'numApprovalsRequired',
    'pre_approved_service_provider_action_names': :'preApprovedServiceProviderActionNames',
    'delegation_subscription_ids': :'delegationSubscriptionIds',
    'is_auto_approve_during_maintenance': :'isAutoApproveDuringMaintenance',
    'resource_ids': :'resourceIds',
    'resource_type': :'resourceType',
    'notification_topic_id': :'notificationTopicId',
    'notification_message_format': :'notificationMessageFormat',
    'vault_id': :'vaultId',
    'vault_key_id': :'vaultKeyId',
    'freeform_tags': :'freeformTags',
    'defined_tags': :'definedTags'
    # rubocop:enable Style/SymbolLiteral
  }
end

.swagger_types ⇒ Object

Attribute type mapping.

# File 'lib/oci/delegate_access_control/models/create_delegation_control_details.rb', line 115

def self.swagger_types
  {
    # rubocop:disable Style/SymbolLiteral
    'compartment_id': :'String',
    'display_name': :'String',
    'description': :'String',
    'num_approvals_required': :'Integer',
    'pre_approved_service_provider_action_names': :'Array<String>',
    'delegation_subscription_ids': :'Array<String>',
    'is_auto_approve_during_maintenance': :'BOOLEAN',
    'resource_ids': :'Array<String>',
    'resource_type': :'String',
    'notification_topic_id': :'String',
    'notification_message_format': :'String',
    'vault_id': :'String',
    'vault_key_id': :'String',
    'freeform_tags': :'Hash<String, String>',
    'defined_tags': :'Hash<String, Hash<String, Object>>'
    # rubocop:enable Style/SymbolLiteral
  }
end

Instance Method Details

#==(other) ⇒ Object

Checks equality by comparing each attribute.

Parameters:

• other (Object) —

  the other object to be compared

# File 'lib/oci/delegate_access_control/models/create_delegation_control_details.rb', line 266

def ==(other)
  return true if equal?(other)

  self.class == other.class &&
    compartment_id == other.compartment_id &&
    display_name == other.display_name &&
    description == other.description &&
    num_approvals_required == other.num_approvals_required &&
    pre_approved_service_provider_action_names == other.pre_approved_service_provider_action_names &&
    delegation_subscription_ids == other.delegation_subscription_ids &&
    is_auto_approve_during_maintenance == other.is_auto_approve_during_maintenance &&
    resource_ids == other.resource_ids &&
    resource_type == other.resource_type &&
    notification_topic_id == other.notification_topic_id &&
    notification_message_format == other.notification_message_format &&
    vault_id == other.vault_id &&
    vault_key_id == other.vault_key_id &&
    freeform_tags == other.freeform_tags &&
    defined_tags == other.defined_tags
end

#build_from_hash(attributes) ⇒ Object

Builds the object from hash

Parameters:

• attributes (Hash) —

  Model attributes in the form of hash

Returns:

• (Object) —

  Returns the model itself

# File 'lib/oci/delegate_access_control/models/create_delegation_control_details.rb', line 310

def build_from_hash(attributes)
  return nil unless attributes.is_a?(Hash)

  self.class.swagger_types.each_pair do |key, type|
    if type =~ /^Array<(.*)>/i
      # check to ensure the input is an array given that the the attribute
      # is documented as an array but the input is not
      if attributes[self.class.attribute_map[key]].is_a?(Array)
        public_method("#{key}=").call(
          attributes[self.class.attribute_map[key]]
            .map { |v| OCI::Internal::Util.convert_to_type(Regexp.last_match(1), v) }
        )
      end
    elsif !attributes[self.class.attribute_map[key]].nil?
      public_method("#{key}=").call(
        OCI::Internal::Util.convert_to_type(type, attributes[self.class.attribute_map[key]])
      )
    end
    # or else data not found in attributes(hash), not an issue as the data can be optional
  end

  self
end

#eql?(other) ⇒ Boolean

Parameters:

• other (Object) —

  the other object to be compared

Returns:

• (Boolean)

See Also:

• `==` method

# File 'lib/oci/delegate_access_control/models/create_delegation_control_details.rb', line 290

def eql?(other)
  self == other
end

#hash ⇒ Fixnum

Calculates hash code according to all attributes.

Returns:

• (Fixnum) —

  Hash code

# File 'lib/oci/delegate_access_control/models/create_delegation_control_details.rb', line 299

def hash
  [compartment_id, display_name, description, num_approvals_required, pre_approved_service_provider_action_names, delegation_subscription_ids, is_auto_approve_during_maintenance, resource_ids, resource_type, notification_topic_id, notification_message_format, vault_id, vault_key_id, freeform_tags, defined_tags].hash
end

#to_hash ⇒ Hash

Returns the object in the form of hash

Returns:

• (Hash) —

  Returns the object in the form of hash

# File 'lib/oci/delegate_access_control/models/create_delegation_control_details.rb', line 343

def to_hash
  hash = {}
  self.class.attribute_map.each_pair do |attr, param|
    value = public_method(attr).call
    next if value.nil? && !instance_variable_defined?("@#{attr}")

    hash[param] = _to_hash(value)
  end
  hash
end

#to_s ⇒ String

Returns the string representation of the object

Returns:

• (String) —

  String presentation of the object

# File 'lib/oci/delegate_access_control/models/create_delegation_control_details.rb', line 337

def to_s
  to_hash.to_s
end