Grant

class oci.identity_domains.models.Grant(**kwargs)

Bases: object

Schema for Grant Resource

Attributes

GRANT_MECHANISM_ACCESS_REQUEST A constant which can be used with the grant_mechanism property of a Grant.
GRANT_MECHANISM_ADMINISTRATOR_TO_APP A constant which can be used with the grant_mechanism property of a Grant.
GRANT_MECHANISM_ADMINISTRATOR_TO_DELEGATED_USER A constant which can be used with the grant_mechanism property of a Grant.
GRANT_MECHANISM_ADMINISTRATOR_TO_DYNAMIC_RESOURCE_GROUP A constant which can be used with the grant_mechanism property of a Grant.
GRANT_MECHANISM_ADMINISTRATOR_TO_GROUP A constant which can be used with the grant_mechanism property of a Grant.
GRANT_MECHANISM_ADMINISTRATOR_TO_USER A constant which can be used with the grant_mechanism property of a Grant.
GRANT_MECHANISM_APP_ENTITLEMENT_COLLECTION A constant which can be used with the grant_mechanism property of a Grant.
GRANT_MECHANISM_GROUP_MEMBERSHIP A constant which can be used with the grant_mechanism property of a Grant.
GRANT_MECHANISM_IMPORT_APPROLE_MEMBERS A constant which can be used with the grant_mechanism property of a Grant.
GRANT_MECHANISM_IMPORT_GRANTS A constant which can be used with the grant_mechanism property of a Grant.
GRANT_MECHANISM_OPC_INFRA_TO_APP A constant which can be used with the grant_mechanism property of a Grant.
GRANT_MECHANISM_SERVICE_MANAGER_TO_APP A constant which can be used with the grant_mechanism property of a Grant.
GRANT_MECHANISM_SERVICE_MANAGER_TO_USER A constant which can be used with the grant_mechanism property of a Grant.
GRANT_MECHANISM_SYNC_TO_USER A constant which can be used with the grant_mechanism property of a Grant.
IDCS_PREVENTED_OPERATIONS_DELETE A constant which can be used with the idcs_prevented_operations property of a Grant.
IDCS_PREVENTED_OPERATIONS_REPLACE A constant which can be used with the idcs_prevented_operations property of a Grant.
IDCS_PREVENTED_OPERATIONS_UPDATE A constant which can be used with the idcs_prevented_operations property of a Grant.
app Gets the app of this Grant.
app_entitlement_collection Gets the app_entitlement_collection of this Grant.
compartment_ocid Gets the compartment_ocid of this Grant.
composite_key Gets the composite_key of this Grant.
delete_in_progress Gets the delete_in_progress of this Grant.
domain_ocid Gets the domain_ocid of this Grant.
entitlement Gets the entitlement of this Grant.
grant_mechanism [Required] Gets the grant_mechanism of this Grant.
granted_attribute_values_json Gets the granted_attribute_values_json of this Grant.
grantee [Required] Gets the grantee of this Grant.
grantor Gets the grantor of this Grant.
id Gets the id of this Grant.
idcs_created_by Gets the idcs_created_by of this Grant.
idcs_last_modified_by Gets the idcs_last_modified_by of this Grant.
idcs_last_upgraded_in_release Gets the idcs_last_upgraded_in_release of this Grant.
idcs_prevented_operations Gets the idcs_prevented_operations of this Grant.
is_fulfilled Gets the is_fulfilled of this Grant.
meta Gets the meta of this Grant.
ocid Gets the ocid of this Grant.
schemas [Required] Gets the schemas of this Grant.
tags Gets the tags of this Grant.
tenancy_ocid Gets the tenancy_ocid of this Grant.

Methods

__init__(**kwargs) Initializes a new Grant object with values from keyword arguments.
GRANT_MECHANISM_ACCESS_REQUEST = 'ACCESS_REQUEST'

A constant which can be used with the grant_mechanism property of a Grant. This constant has a value of “ACCESS_REQUEST”

GRANT_MECHANISM_ADMINISTRATOR_TO_APP = 'ADMINISTRATOR_TO_APP'

A constant which can be used with the grant_mechanism property of a Grant. This constant has a value of “ADMINISTRATOR_TO_APP”

GRANT_MECHANISM_ADMINISTRATOR_TO_DELEGATED_USER = 'ADMINISTRATOR_TO_DELEGATED_USER'

A constant which can be used with the grant_mechanism property of a Grant. This constant has a value of “ADMINISTRATOR_TO_DELEGATED_USER”

GRANT_MECHANISM_ADMINISTRATOR_TO_DYNAMIC_RESOURCE_GROUP = 'ADMINISTRATOR_TO_DYNAMIC_RESOURCE_GROUP'

A constant which can be used with the grant_mechanism property of a Grant. This constant has a value of “ADMINISTRATOR_TO_DYNAMIC_RESOURCE_GROUP”

GRANT_MECHANISM_ADMINISTRATOR_TO_GROUP = 'ADMINISTRATOR_TO_GROUP'

A constant which can be used with the grant_mechanism property of a Grant. This constant has a value of “ADMINISTRATOR_TO_GROUP”

GRANT_MECHANISM_ADMINISTRATOR_TO_USER = 'ADMINISTRATOR_TO_USER'

A constant which can be used with the grant_mechanism property of a Grant. This constant has a value of “ADMINISTRATOR_TO_USER”

GRANT_MECHANISM_APP_ENTITLEMENT_COLLECTION = 'APP_ENTITLEMENT_COLLECTION'

A constant which can be used with the grant_mechanism property of a Grant. This constant has a value of “APP_ENTITLEMENT_COLLECTION”

GRANT_MECHANISM_GROUP_MEMBERSHIP = 'GROUP_MEMBERSHIP'

A constant which can be used with the grant_mechanism property of a Grant. This constant has a value of “GROUP_MEMBERSHIP”

GRANT_MECHANISM_IMPORT_APPROLE_MEMBERS = 'IMPORT_APPROLE_MEMBERS'

A constant which can be used with the grant_mechanism property of a Grant. This constant has a value of “IMPORT_APPROLE_MEMBERS”

GRANT_MECHANISM_IMPORT_GRANTS = 'IMPORT_GRANTS'

A constant which can be used with the grant_mechanism property of a Grant. This constant has a value of “IMPORT_GRANTS”

GRANT_MECHANISM_OPC_INFRA_TO_APP = 'OPC_INFRA_TO_APP'

A constant which can be used with the grant_mechanism property of a Grant. This constant has a value of “OPC_INFRA_TO_APP”

GRANT_MECHANISM_SERVICE_MANAGER_TO_APP = 'SERVICE_MANAGER_TO_APP'

A constant which can be used with the grant_mechanism property of a Grant. This constant has a value of “SERVICE_MANAGER_TO_APP”

GRANT_MECHANISM_SERVICE_MANAGER_TO_USER = 'SERVICE_MANAGER_TO_USER'

A constant which can be used with the grant_mechanism property of a Grant. This constant has a value of “SERVICE_MANAGER_TO_USER”

GRANT_MECHANISM_SYNC_TO_USER = 'SYNC_TO_USER'

A constant which can be used with the grant_mechanism property of a Grant. This constant has a value of “SYNC_TO_USER”

IDCS_PREVENTED_OPERATIONS_DELETE = 'delete'

A constant which can be used with the idcs_prevented_operations property of a Grant. This constant has a value of “delete”

IDCS_PREVENTED_OPERATIONS_REPLACE = 'replace'

A constant which can be used with the idcs_prevented_operations property of a Grant. This constant has a value of “replace”

IDCS_PREVENTED_OPERATIONS_UPDATE = 'update'

A constant which can be used with the idcs_prevented_operations property of a Grant. This constant has a value of “update”

__init__(**kwargs)

Initializes a new Grant object with values from keyword arguments. The following keyword arguments are supported (corresponding to the getters/setters of this class):

Parameters:
  • id (str) – The value to assign to the id property of this Grant.
  • ocid (str) – The value to assign to the ocid property of this Grant.
  • schemas (list[str]) – The value to assign to the schemas property of this Grant.
  • meta (oci.identity_domains.models.Meta) – The value to assign to the meta property of this Grant.
  • idcs_created_by (oci.identity_domains.models.IdcsCreatedBy) – The value to assign to the idcs_created_by property of this Grant.
  • idcs_last_modified_by (oci.identity_domains.models.IdcsLastModifiedBy) – The value to assign to the idcs_last_modified_by property of this Grant.
  • idcs_prevented_operations (list[str]) – The value to assign to the idcs_prevented_operations property of this Grant. Allowed values for items in this list are: “replace”, “update”, “delete”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.
  • tags (list[oci.identity_domains.models.Tags]) – The value to assign to the tags property of this Grant.
  • delete_in_progress (bool) – The value to assign to the delete_in_progress property of this Grant.
  • idcs_last_upgraded_in_release (str) – The value to assign to the idcs_last_upgraded_in_release property of this Grant.
  • domain_ocid (str) – The value to assign to the domain_ocid property of this Grant.
  • compartment_ocid (str) – The value to assign to the compartment_ocid property of this Grant.
  • tenancy_ocid (str) – The value to assign to the tenancy_ocid property of this Grant.
  • grant_mechanism (str) – The value to assign to the grant_mechanism property of this Grant. Allowed values for this property are: “IMPORT_APPROLE_MEMBERS”, “ADMINISTRATOR_TO_USER”, “ADMINISTRATOR_TO_DELEGATED_USER”, “ADMINISTRATOR_TO_GROUP”, “SERVICE_MANAGER_TO_USER”, “ADMINISTRATOR_TO_APP”, “SERVICE_MANAGER_TO_APP”, “OPC_INFRA_TO_APP”, “GROUP_MEMBERSHIP”, “IMPORT_GRANTS”, “SYNC_TO_USER”, “ACCESS_REQUEST”, “APP_ENTITLEMENT_COLLECTION”, “ADMINISTRATOR_TO_DYNAMIC_RESOURCE_GROUP”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.
  • composite_key (str) – The value to assign to the composite_key property of this Grant.
  • is_fulfilled (bool) – The value to assign to the is_fulfilled property of this Grant.
  • granted_attribute_values_json (str) – The value to assign to the granted_attribute_values_json property of this Grant.
  • app_entitlement_collection (oci.identity_domains.models.GrantAppEntitlementCollection) – The value to assign to the app_entitlement_collection property of this Grant.
  • grantor (oci.identity_domains.models.GrantGrantor) – The value to assign to the grantor property of this Grant.
  • grantee (oci.identity_domains.models.GrantGrantee) – The value to assign to the grantee property of this Grant.
  • app (oci.identity_domains.models.GrantApp) – The value to assign to the app property of this Grant.
  • entitlement (oci.identity_domains.models.GrantEntitlement) – The value to assign to the entitlement property of this Grant.
app

Gets the app of this Grant.

Returns:The app of this Grant.
Return type:oci.identity_domains.models.GrantApp
app_entitlement_collection

Gets the app_entitlement_collection of this Grant.

Returns:The app_entitlement_collection of this Grant.
Return type:oci.identity_domains.models.GrantAppEntitlementCollection
compartment_ocid

Gets the compartment_ocid of this Grant. OCI Compartment Id (ocid) in which the resource lives.

SCIM++ Properties:
  • caseExact: false
  • idcsSearchable: false
  • multiValued: false
  • mutability: readOnly
  • required: false
  • returned: default
  • type: string
  • uniqueness: none
Returns:The compartment_ocid of this Grant.
Return type:str
composite_key

Gets the composite_key of this Grant. Unique key of grant, composed by combining a subset of app, entitlement, grantee, grantor and grantMechanism. Used to prevent duplicate Grants.

Added In: 18.1.2

SCIM++ Properties:
  • caseExact: true
  • idcsSearchable: true
  • multiValued: false
  • mutability: readOnly
  • required: false
  • returned: request
  • type: string
  • uniqueness: server
Returns:The composite_key of this Grant.
Return type:str
delete_in_progress

Gets the delete_in_progress of this Grant. A boolean flag indicating this resource in the process of being deleted. Usually set to true when synchronous deletion of the resource would take too long.

SCIM++ Properties:
  • caseExact: false
  • idcsSearchable: true
  • multiValued: false
  • mutability: readOnly
  • required: false
  • returned: default
  • type: boolean
  • uniqueness: none
Returns:The delete_in_progress of this Grant.
Return type:bool
domain_ocid

Gets the domain_ocid of this Grant. OCI Domain Id (ocid) in which the resource lives.

SCIM++ Properties:
  • caseExact: false
  • idcsSearchable: false
  • multiValued: false
  • mutability: readOnly
  • required: false
  • returned: default
  • type: string
  • uniqueness: none
Returns:The domain_ocid of this Grant.
Return type:str
entitlement

Gets the entitlement of this Grant.

Returns:The entitlement of this Grant.
Return type:oci.identity_domains.models.GrantEntitlement
grant_mechanism

[Required] Gets the grant_mechanism of this Grant. Each value of grantMechanism indicates how (or by what component) some App (or App-Entitlement) was granted. A customer or the UI should use only grantMechanism values that start with ‘ADMINISTRATOR’:

  • ‘ADMINISTRATOR_TO_USER’ is for a direct grant to a specific User.
  • ‘ADMINISTRATOR_TO_GROUP’ is for a grant to a specific Group, which results in indirect grants to Users who are members of that Group.
  • ‘ADMINISTRATOR_TO_APP’ is for a grant to a specific App. The grantee (client) App gains access to the granted (server) App.
SCIM++ Properties:
  • caseExact: true
  • idcsCsvAttributeNameMappings: [[defaultValue:IMPORT_GRANTS]]
  • idcsSearchable: true
  • multiValued: false
  • mutability: immutable
  • required: true
  • returned: default
  • type: string
  • uniqueness: none

Allowed values for this property are: “IMPORT_APPROLE_MEMBERS”, “ADMINISTRATOR_TO_USER”, “ADMINISTRATOR_TO_DELEGATED_USER”, “ADMINISTRATOR_TO_GROUP”, “SERVICE_MANAGER_TO_USER”, “ADMINISTRATOR_TO_APP”, “SERVICE_MANAGER_TO_APP”, “OPC_INFRA_TO_APP”, “GROUP_MEMBERSHIP”, “IMPORT_GRANTS”, “SYNC_TO_USER”, “ACCESS_REQUEST”, “APP_ENTITLEMENT_COLLECTION”, “ADMINISTRATOR_TO_DYNAMIC_RESOURCE_GROUP”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.

Returns:The grant_mechanism of this Grant.
Return type:str
granted_attribute_values_json

Gets the granted_attribute_values_json of this Grant. Store granted attribute-values as a string in Javascript Object Notation (JSON) format.

Added In: 18.3.4

SCIM++ Properties:
  • idcsSearchable: false
  • multiValued: false
  • mutability: readWrite
  • required: false
  • returned: default
  • type: string
  • uniqueness: none
Returns:The granted_attribute_values_json of this Grant.
Return type:str
grantee

[Required] Gets the grantee of this Grant.

Returns:The grantee of this Grant.
Return type:oci.identity_domains.models.GrantGrantee
grantor

Gets the grantor of this Grant.

Returns:The grantor of this Grant.
Return type:oci.identity_domains.models.GrantGrantor
id

Gets the id of this Grant. Unique identifier for the SCIM Resource as defined by the Service Provider. Each representation of the Resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider’s entire set of Resources. It MUST be a stable, non-reassignable identifier that does not change when the same Resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. bulkId: is a reserved keyword and MUST NOT be used in the unique identifier.

SCIM++ Properties:
  • caseExact: false
  • idcsSearchable: true
  • multiValued: false
  • mutability: readOnly
  • required: false
  • returned: always
  • type: string
  • uniqueness: global
Returns:The id of this Grant.
Return type:str
idcs_created_by

Gets the idcs_created_by of this Grant.

Returns:The idcs_created_by of this Grant.
Return type:oci.identity_domains.models.IdcsCreatedBy
idcs_last_modified_by

Gets the idcs_last_modified_by of this Grant.

Returns:The idcs_last_modified_by of this Grant.
Return type:oci.identity_domains.models.IdcsLastModifiedBy
idcs_last_upgraded_in_release

Gets the idcs_last_upgraded_in_release of this Grant. The release number when the resource was upgraded.

SCIM++ Properties:
  • caseExact: false
  • idcsSearchable: false
  • multiValued: false
  • mutability: readOnly
  • required: false
  • returned: request
  • type: string
  • uniqueness: none
Returns:The idcs_last_upgraded_in_release of this Grant.
Return type:str
idcs_prevented_operations

Gets the idcs_prevented_operations of this Grant. Each value of this attribute specifies an operation that only an internal client may perform on this particular resource.

SCIM++ Properties:
  • idcsSearchable: false
  • multiValued: true
  • mutability: readOnly
  • required: false
  • returned: request
  • type: string
  • uniqueness: none

Allowed values for items in this list are: “replace”, “update”, “delete”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.

Returns:The idcs_prevented_operations of this Grant.
Return type:list[str]
is_fulfilled

Gets the is_fulfilled of this Grant. If true, this Grant has been fulfilled successfully.

SCIM++ Properties:
  • idcsSearchable: true
  • multiValued: false
  • mutability: readOnly
  • required: false
  • returned: default
  • type: boolean
  • uniqueness: none
Returns:The is_fulfilled of this Grant.
Return type:bool
meta

Gets the meta of this Grant.

Returns:The meta of this Grant.
Return type:oci.identity_domains.models.Meta
ocid

Gets the ocid of this Grant. Unique OCI identifier for the SCIM Resource.

SCIM++ Properties:
  • caseExact: true
  • idcsSearchable: true
  • multiValued: false
  • mutability: immutable
  • required: false
  • returned: default
  • type: string
  • uniqueness: global
Returns:The ocid of this Grant.
Return type:str
schemas

[Required] Gets the schemas of this Grant. REQUIRED. The schemas attribute is an array of Strings which allows introspection of the supported schema version for a SCIM representation as well any schema extensions supported by that representation. Each String value must be a unique URI. This specification defines URIs for User, Group, and a standard “enterprise” extension. All representations of SCIM schema MUST include a non-zero value array with value(s) of the URIs supported by that representation. Duplicate values MUST NOT be included. Value order is not specified and MUST not impact behavior.

SCIM++ Properties:
  • caseExact: false
  • idcsSearchable: false
  • multiValued: true
  • mutability: readWrite
  • required: true
  • returned: default
  • type: string
  • uniqueness: none
Returns:The schemas of this Grant.
Return type:list[str]
tags

Gets the tags of this Grant. A list of tags on this resource.

SCIM++ Properties:
  • idcsCompositeKey: [key, value]
  • idcsSearchable: true
  • multiValued: true
  • mutability: readWrite
  • required: false
  • returned: request
  • type: complex
  • uniqueness: none
Returns:The tags of this Grant.
Return type:list[oci.identity_domains.models.Tags]
tenancy_ocid

Gets the tenancy_ocid of this Grant. OCI Tenant Id (ocid) in which the resource lives.

SCIM++ Properties:
  • caseExact: false
  • idcsSearchable: false
  • multiValued: false
  • mutability: readOnly
  • required: false
  • returned: default
  • type: string
  • uniqueness: none
Returns:The tenancy_ocid of this Grant.
Return type:str