Jump to

• Request
• Response

List Policies

get

/20160918/policies

Lists the policies in the specified compartment (either the tenancy or another of your compartments). To determine which policies apply to a particular group or compartment, you must view the individual statements inside all your policies. There isn't a way to automatically obtain that information via the API.

Request

Supported Media Types

• application/json

Query Parameters

• compartmentId(required): string
  Minimum Length: 1

  Maximum Length: 255

  The OCID of the compartment.
• lifecycleState: string
  A filter to only return resources that match the given lifecycle state. The state value is case-insensitive.
• limit: integer
  Minimum Value: 1

  Maximum Value: 1000

  For list pagination. The maximum number of results per page, or items to return in a paginated List call. 1 is the minimum, 1000 is the maximum.

  Default Value: 100
• name: string
  Maximum Length: 255

  A filter to only return resources that match the given name exactly.
• page: string
  Minimum Length: 1

  Maximum Length: 512

  For list pagination. The value of the opc-next-page response header from the previous List call.

  Default Value: 0
• sortBy: string
  The optional field to sort the results by.

  Allowed Values: [ "TIMECREATED", "NAME" ]
• sortOrder: string
  The sort order to use, either ascending (ASC) or descending (DESC).

  Default Value: ASC

  Allowed Values: [ "ASC", "DESC" ]

Back to Top

Response

Supported Media Types

• application/json

200 Response

The list is being retrieved.

Headers

• opc-next-page: string
  For pagination of a list of items. When paging through a list, if this header appears in the response, then a partial list might have been returned. Include this value as the `page` parameter for the subsequent GET request to get the next batch of items.
• opc-request-id: string
  Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Body ()

Root Schema : schema

Type: array

Show Source

• Array of: object Policy
  A document that specifies the type of access a group has to the resources in a compartment. For information about policies, see [Managing Policies](https://docs.oracle.com/en/engineered-systems/private-cloud-appliance/3.0-latest/user/user-usr-manage-policies.html). The word "policy" is used by people in different ways:
• An individual statement written in the policy language.
• A collection of statements in a single, named policy document (which has an OCID assigned to it).
• The overall body of policies your organization uses to control access to resources.

  Avoid entering confidential information when you supply string values using the API.

{
    "type":"array",
    "items":{
        "$ref":"#/definitions/Policy"
    }
}

Nested Schema : Policy

Type: object

A document that specifies the type of access a group has to the resources in a compartment. For information about policies, see [Managing Policies](https://docs.oracle.com/en/engineered-systems/private-cloud-appliance/3.0-latest/user/user-usr-manage-policies.html). The word "policy" is used by people in different ways:

An individual statement written in the policy language.

A collection of statements in a single, named policy document (which has an OCID assigned to it).

The overall body of policies your organization uses to control access to resources.

Avoid entering confidential information when you supply string values using the API.

Show Source

• compartmentId(required): string
  The OCID of the compartment containing the policy (either the tenancy or another compartment).
• definedTags: object definedTags
  Additional Properties Allowed: additionalProperties

  Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"Operations": {"CostCenter": "42"}}
• description(required): string
  Minimum Length: 1

  Maximum Length: 400

  The description you assign to the policy. Does not need to be unique, and it is changeable.
• freeformTags: object freeformTags
  Additional Properties Allowed: additionalProperties

  Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. Example: {"Department": "Finance"}
• id(required): string
  The OCID of the policy.
• inactiveStatus: integer(int64)
  The detailed status of INACTIVE lifecycleState.
• lifecycleState(required): string
  Minimum Length: 1

  Maximum Length: 64

  Allowed Values: [ "CREATING", "ACTIVE", "INACTIVE", "DELETING", "DELETED" ]

  The policy's current state. After creating a policy, make sure its lifecycleState changes from CREATING to ACTIVE before using it.
• locks: array locks
  Locks associated with this resource.
• name(required): string
  Minimum Length: 1

  Maximum Length: 100

  The name you assign to the policy during creation. The name must be unique across all policies in the tenancy and cannot be changed.
• statements(required): array statements
  An array of one or more policy statements written in the policy language.
• timeCreated(required): string(date-time)
  Date and time the policy was created, in the format defined by RFC3339. Example: 2016-08-25T21:10:29.600Z
• versionDate: string(date-time)
  The version of the policy. If null or set to an empty string, when a request comes in for authorization, the policy will be evaluated according to the current behavior of the services at that moment. If set to a particular date (YYYY-MM-DD), the policy will be evaluated according to the behavior of the services on that date.

{
    "description":"A document that specifies the type of access a group has to the resources in a compartment. For information about policies, see [Managing Policies](https://docs.oracle.com/en/engineered-systems/private-cloud-appliance/3.0-latest/user/user-usr-manage-policies.html). The word \"policy\" is used by people in different ways:<li>An individual statement written in the policy language.<li>A collection of statements in a single, named policy document (which has an OCID assigned to it).<li>The overall body of policies your organization uses to control access to resources.<p>Avoid entering confidential information when you supply string values using the API.",
    "required":[
        "id",
        "compartmentId",
        "name",
        "statements",
        "description",
        "timeCreated",
        "lifecycleState"
    ],
    "x-obmcs-splat":{
        "resourceKind":"policy",
        "adLocality":"regional",
        "getOperationId":"GetPolicy",
        "ocidEntityType":"policy",
        "activeLifecycleStates":[
            "active"
        ],
        "deletedLifecycleStates":[
            "deleted"
        ],
        "listResourcesOperationId":"ListPolicies"
    },
    "properties":{
        "id":{
            "type":"string",
            "description":"The OCID of the policy."
        },
        "compartmentId":{
            "type":"string",
            "description":"The OCID of the compartment containing the policy (either the tenancy or another compartment)."
        },
        "name":{
            "type":"string",
            "description":"The name you assign to the policy during creation. The name must be unique across all policies in the tenancy and cannot be changed.",
            "minLength":1,
            "maxLength":100
        },
        "statements":{
            "type":"array",
            "items":{
                "type":"string"
            },
            "description":"An array of one or more policy statements written in the policy language."
        },
        "description":{
            "type":"string",
            "description":"The description you assign to the policy. Does not need to be unique, and it is changeable.",
            "minLength":1,
            "maxLength":400
        },
        "timeCreated":{
            "type":"string",
            "format":"date-time",
            "description":"Date and time the policy was created, in the format defined by RFC3339. Example: 2016-08-25T21:10:29.600Z "
        },
        "lifecycleState":{
            "type":"string",
            "enum":[
                "CREATING",
                "ACTIVE",
                "INACTIVE",
                "DELETING",
                "DELETED"
            ],
            "description":"The policy's current state. After creating a policy, make sure its lifecycleState changes from CREATING to ACTIVE before using it.",
            "minLength":1,
            "maxLength":64
        },
        "inactiveStatus":{
            "type":"integer",
            "format":"int64",
            "description":"The detailed status of INACTIVE lifecycleState."
        },
        "versionDate":{
            "type":"string",
            "format":"date-time",
            "description":"The version of the policy. If null or set to an empty string, when a request comes in for authorization, the policy will be evaluated according to the current behavior of the services at that moment. If set to a particular date (YYYY-MM-DD), the policy will be evaluated according to the behavior of the services on that date."
        },
        "freeformTags":{
            "description":"Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. Example: {\"Department\": \"Finance\"} ",
            "type":"object",
            "additionalProperties":{
                "type":"string"
            }
        },
        "definedTags":{
            "type":"object",
            "description":"Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {\"Operations\": {\"CostCenter\": \"42\"}} ",
            "additionalProperties":{
                "type":"object",
                "description":"Key-value pair representing a defined tag key and value, scoped to a namespace. Example: `{\"CostCenter\": \"42\"}` ",
                "additionalProperties":{
                    "type":"object",
                    "description":"The value of the tag. Only the String type is supported. "
                }
            }
        },
        "locks":{
            "description":"Locks associated with this resource.",
            "type":"array",
            "items":{
                "$ref":"#/definitions/ResourceLockPolicy"
            }
        }
    },
    "type":"object"
}

Nested Schema : definedTags

Type: object

Additional Properties Allowed

Show Source

• object additionalProperties
  Additional Properties Allowed: additionalProperties

  Key-value pair representing a defined tag key and value, scoped to a namespace. Example: `{"CostCenter": "42"}`

{
    "type":"object",
    "description":"Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {\"Operations\": {\"CostCenter\": \"42\"}} ",
    "additionalProperties":{
        "type":"object",
        "description":"Key-value pair representing a defined tag key and value, scoped to a namespace. Example: `{\"CostCenter\": \"42\"}` ",
        "additionalProperties":{
            "type":"object",
            "description":"The value of the tag. Only the String type is supported. "
        }
    }
}

Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"Operations": {"CostCenter": "42"}}

Nested Schema : freeformTags

Type: object

Additional Properties Allowed

Show Source

• string

{
    "description":"Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. Example: {\"Department\": \"Finance\"} ",
    "type":"object",
    "additionalProperties":{
        "type":"string"
    }
}

Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. Example: {"Department": "Finance"}

Nested Schema : locks

Type: array

Locks associated with this resource.

Show Source

• Array of: object ResourceLockPolicy
  Resource locks are used to prevent certain APIs from being called for the resource. A full lock prevents both updating the resource and deleting the resource. A delete lock prevents deleting the resource.

{
    "description":"Locks associated with this resource.",
    "type":"array",
    "items":{
        "$ref":"#/definitions/ResourceLockPolicy"
    }
}

Nested Schema : statements

Type: array

An array of one or more policy statements written in the policy language.

Show Source

• Array of: string

{
    "type":"array",
    "items":{
        "type":"string"
    },
    "description":"An array of one or more policy statements written in the policy language."
}

Nested Schema : additionalProperties

Type: object

Additional Properties Allowed

Show Source

• object additionalProperties
  The value of the tag. Only the String type is supported.

{
    "type":"object",
    "description":"Key-value pair representing a defined tag key and value, scoped to a namespace. Example: `{\"CostCenter\": \"42\"}` ",
    "additionalProperties":{
        "type":"object",
        "description":"The value of the tag. Only the String type is supported. "
    }
}

Key-value pair representing a defined tag key and value, scoped to a namespace. Example: `{"CostCenter": "42"}`

Nested Schema : additionalProperties

Type: object

The value of the tag. Only the String type is supported.

Nested Schema : ResourceLockPolicy

Type: object

Resource locks are used to prevent certain APIs from being called for the resource. A full lock prevents both updating the resource and deleting the resource. A delete lock prevents deleting the resource.

Show Source

• compartmentId: string
  The compartment ID of the lock.
• isActive: boolean
  Indicates if the lock is active or not. For example, if there are mutliple FULL locks, the first-created FULL lock wi`ll be effective.
• message: string
  A message added by the creator of the lock. This is typically used to give an indication of why the resource is locked.
• relatedResourceId: string
  The ID of the resource that is locking this resource. Indicates that deleting this resource will remove the lock.
• timeCreated: string(date-time)
  When the lock was created.
• type(required): string
  Allowed Values: [ "FULL", "DELETE" ]

  Type of the lock.

{
    "description":"Resource locks are used to prevent certain APIs from being called for the resource. A full lock prevents both updating the resource and deleting the resource. A delete lock prevents deleting the resource. ",
    "type":"object",
    "x-obmcs-splat":{
        "resourceKind":"lock"
    },
    "required":[
        "type"
    ],
    "properties":{
        "type":{
            "description":"Type of the lock.",
            "type":"string",
            "enum":[
                "FULL",
                "DELETE"
            ]
        },
        "compartmentId":{
            "description":"The compartment ID of the lock.",
            "type":"string"
        },
        "relatedResourceId":{
            "description":"The ID of the resource that is locking this resource. Indicates that deleting this resource will remove the lock. ",
            "type":"string"
        },
        "message":{
            "description":"A message added by the creator of the lock. This is typically used to give an indication of why the resource is locked. ",
            "type":"string"
        },
        "timeCreated":{
            "description":"When the lock was created.",
            "type":"string",
            "format":"date-time"
        },
        "isActive":{
            "type":"boolean",
            "description":"Indicates if the lock is active or not. For example, if there are mutliple FULL locks, the first-created FULL lock wi`ll be effective."
        }
    }
}

400 Response

Bad Request

Headers

• opc-request-id: string
  Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Body ()

Root Schema : Error

Type: object

The properties that define an error.

Show Source

• code(required): string
  A short error code that defines the error, meant for programmatic parsing. See [API Errors](https://docs.us-phoenix-1.oraclecloud.com/Content/API/References/apierrors.htm).
• message(required): string
  A human-readable error string.

{
    "description":"The properties that define an error.",
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing. See [API Errors](https://docs.us-phoenix-1.oraclecloud.com/Content/API/References/apierrors.htm)."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "type":"object"
}

401 Response

Unauthorized

Headers

• opc-request-id: string
  Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Body ()

Root Schema : Error

Type: object

The properties that define an error.

Show Source

• code(required): string
  A short error code that defines the error, meant for programmatic parsing. See [API Errors](https://docs.us-phoenix-1.oraclecloud.com/Content/API/References/apierrors.htm).
• message(required): string
  A human-readable error string.

{
    "description":"The properties that define an error.",
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing. See [API Errors](https://docs.us-phoenix-1.oraclecloud.com/Content/API/References/apierrors.htm)."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "type":"object"
}

403 Response

Forbidden

Headers

• opc-request-id: string
  Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Body ()

Root Schema : Error

Type: object

The properties that define an error.

Show Source

• code(required): string
  A short error code that defines the error, meant for programmatic parsing. See [API Errors](https://docs.us-phoenix-1.oraclecloud.com/Content/API/References/apierrors.htm).
• message(required): string
  A human-readable error string.

{
    "description":"The properties that define an error.",
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing. See [API Errors](https://docs.us-phoenix-1.oraclecloud.com/Content/API/References/apierrors.htm)."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "type":"object"
}

404 Response

Not Found

Headers

• opc-request-id: string
  Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Body ()

Root Schema : Error

Type: object

The properties that define an error.

Show Source

• code(required): string
  A short error code that defines the error, meant for programmatic parsing. See [API Errors](https://docs.us-phoenix-1.oraclecloud.com/Content/API/References/apierrors.htm).
• message(required): string
  A human-readable error string.

{
    "description":"The properties that define an error.",
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing. See [API Errors](https://docs.us-phoenix-1.oraclecloud.com/Content/API/References/apierrors.htm)."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "type":"object"
}

429 Response

Too Many Requests

Headers

• opc-request-id: string
  Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Body ()

Root Schema : Error

Type: object

The properties that define an error.

Show Source

• code(required): string
  A short error code that defines the error, meant for programmatic parsing. See [API Errors](https://docs.us-phoenix-1.oraclecloud.com/Content/API/References/apierrors.htm).
• message(required): string
  A human-readable error string.

{
    "description":"The properties that define an error.",
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing. See [API Errors](https://docs.us-phoenix-1.oraclecloud.com/Content/API/References/apierrors.htm)."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "type":"object"
}

500 Response

Internal Server Error

Headers

• opc-request-id: string
  Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Body ()

Root Schema : Error

Type: object

The properties that define an error.

Show Source

• code(required): string
  A short error code that defines the error, meant for programmatic parsing. See [API Errors](https://docs.us-phoenix-1.oraclecloud.com/Content/API/References/apierrors.htm).
• message(required): string
  A human-readable error string.

{
    "description":"The properties that define an error.",
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing. See [API Errors](https://docs.us-phoenix-1.oraclecloud.com/Content/API/References/apierrors.htm)."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "type":"object"
}

Default Response

An error has occurred.

Headers

• opc-request-id: string
  Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Body ()

Root Schema : Error

Type: object

The properties that define an error.

Show Source

• code(required): string
  A short error code that defines the error, meant for programmatic parsing. See [API Errors](https://docs.us-phoenix-1.oraclecloud.com/Content/API/References/apierrors.htm).
• message(required): string
  A human-readable error string.

{
    "description":"The properties that define an error.",
    "required":[
        "code",
        "message"
    ],
    "properties":{
        "code":{
            "type":"string",
            "description":"A short error code that defines the error, meant for programmatic parsing. See [API Errors](https://docs.us-phoenix-1.oraclecloud.com/Content/API/References/apierrors.htm)."
        },
        "message":{
            "type":"string",
            "description":"A human-readable error string."
        }
    },
    "type":"object"
}

Back to Top