CreateDelegationControlDetails¶

class oci.delegate_access_control.models.CreateDelegationControlDetails(**kwargs)¶

Bases: object

While creating the Delegation Control, specify how Service Provider Actions are approved and the users who have the privilege of approving the Service Provider Actions associated with the Delegation Control.

You must specify which Service Provider Actions must be pre-approved. The rest of the Service Provider Actions associated with the Delegation Control will require an explicit approval from the users selected either through the approver groups or individually.

You must name your Delegation Control appropriately so it reflects the resources that will be governed by the Delegation Control. Neither the Delegation Controls nor their assignments to resources are visible to the support operators.

Attributes

`RESOURCE_TYPE_CLOUDVMCLUSTER`	A constant which can be used with the resource_type property of a CreateDelegationControlDetails.
`RESOURCE_TYPE_VMCLUSTER`	A constant which can be used with the resource_type property of a CreateDelegationControlDetails.
`compartment_id`	[Required] Gets the compartment_id of this CreateDelegationControlDetails.
`defined_tags`	Gets the defined_tags of this CreateDelegationControlDetails.
`delegation_subscription_ids`	[Required] Gets the delegation_subscription_ids of this CreateDelegationControlDetails.
`description`	Gets the description of this CreateDelegationControlDetails.
`display_name`	[Required] Gets the display_name of this CreateDelegationControlDetails.
`freeform_tags`	Gets the freeform_tags of this CreateDelegationControlDetails.
`is_auto_approve_during_maintenance`	Gets the is_auto_approve_during_maintenance of this CreateDelegationControlDetails.
`notification_message_format`	[Required] Gets the notification_message_format of this CreateDelegationControlDetails.
`notification_topic_id`	[Required] Gets the notification_topic_id of this CreateDelegationControlDetails.
`num_approvals_required`	Gets the num_approvals_required of this CreateDelegationControlDetails.
`pre_approved_service_provider_action_names`	Gets the pre_approved_service_provider_action_names of this CreateDelegationControlDetails.
`resource_ids`	[Required] Gets the resource_ids of this CreateDelegationControlDetails.
`resource_type`	[Required] Gets the resource_type of this CreateDelegationControlDetails.
`vault_id`	Gets the vault_id of this CreateDelegationControlDetails.
`vault_key_id`	Gets the vault_key_id of this CreateDelegationControlDetails.

Methods

__init__(**kwargs) Initializes a new CreateDelegationControlDetails object with values from keyword arguments.

RESOURCE_TYPE_CLOUDVMCLUSTER = 'CLOUDVMCLUSTER'¶: A constant which can be used with the resource_type property of a CreateDelegationControlDetails. This constant has a value of “CLOUDVMCLUSTER”

RESOURCE_TYPE_VMCLUSTER = 'VMCLUSTER'¶: A constant which can be used with the resource_type property of a CreateDelegationControlDetails. This constant has a value of “VMCLUSTER”

__init__(**kwargs)¶

Initializes a new CreateDelegationControlDetails object with values from keyword arguments. The following keyword arguments are supported (corresponding to the getters/setters of this class):

Parameters:

compartment_id (str) – The value to assign to the compartment_id property of this CreateDelegationControlDetails.
display_name (str) – The value to assign to the display_name property of this CreateDelegationControlDetails.
description (str) – The value to assign to the description property of this CreateDelegationControlDetails.
num_approvals_required (int) – The value to assign to the num_approvals_required property of this CreateDelegationControlDetails.
pre_approved_service_provider_action_names (list[str]) – The value to assign to the pre_approved_service_provider_action_names property of this CreateDelegationControlDetails.
delegation_subscription_ids (list[str]) – The value to assign to the delegation_subscription_ids property of this CreateDelegationControlDetails.
is_auto_approve_during_maintenance (bool) – The value to assign to the is_auto_approve_during_maintenance property of this CreateDelegationControlDetails.
resource_ids (list[str]) – The value to assign to the resource_ids property of this CreateDelegationControlDetails.
resource_type (str) – The value to assign to the resource_type property of this CreateDelegationControlDetails. Allowed values for this property are: “VMCLUSTER”, “CLOUDVMCLUSTER”
notification_topic_id (str) – The value to assign to the notification_topic_id property of this CreateDelegationControlDetails.
notification_message_format (str) – The value to assign to the notification_message_format property of this CreateDelegationControlDetails.
vault_id (str) – The value to assign to the vault_id property of this CreateDelegationControlDetails.
vault_key_id (str) – The value to assign to the vault_key_id property of this CreateDelegationControlDetails.
freeform_tags (dict(str, str)) – The value to assign to the freeform_tags property of this CreateDelegationControlDetails.
defined_tags (dict(str, dict(str, object))) – The value to assign to the defined_tags property of this CreateDelegationControlDetails.

compartment_id¶

[Required] Gets the compartment_id of this CreateDelegationControlDetails. The OCID of the compartment that contains this Delegation Control.

Returns:	The compartment_id of this CreateDelegationControlDetails.
Return type:	str

defined_tags¶

Gets the defined_tags of this CreateDelegationControlDetails. Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags.

Example: {“Operations”: {“CostCenter”: “42”}}

Returns:	The defined_tags of this CreateDelegationControlDetails.
Return type:	dict(str, dict(str, object))

delegation_subscription_ids¶

[Required] Gets the delegation_subscription_ids of this CreateDelegationControlDetails. List of Delegation Subscription OCID that are allowed for this Delegation Control. The allowed subscriptions will determine the available Service Provider Actions. Only support operators for the allowed subscriptions are allowed to create Delegated Resource Access Request.

Returns:	The delegation_subscription_ids of this CreateDelegationControlDetails.
Return type:	list[str]

description¶

Gets the description of this CreateDelegationControlDetails. Description of the Delegation Control.

Returns:	The description of this CreateDelegationControlDetails.
Return type:	str

display_name¶

[Required] Gets the display_name of this CreateDelegationControlDetails. Name of the Delegation Control. The name does not need to be unique.

Returns:	The display_name of this CreateDelegationControlDetails.
Return type:	str

freeform_tags¶

Gets the freeform_tags of this CreateDelegationControlDetails. Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags.

Example: {“Department”: “Finance”}

Returns:	The freeform_tags of this CreateDelegationControlDetails.
Return type:	dict(str, str)

is_auto_approve_during_maintenance¶

Gets the is_auto_approve_during_maintenance of this CreateDelegationControlDetails. Set to true to allow all Delegated Resource Access Request to be approved automatically during maintenance.

Returns:	The is_auto_approve_during_maintenance of this CreateDelegationControlDetails.
Return type:	bool

notification_message_format¶

[Required] Gets the notification_message_format of this CreateDelegationControlDetails. The format of the OCI Notification messages for this Delegation Control.

Returns:	The notification_message_format of this CreateDelegationControlDetails.
Return type:	str

notification_topic_id¶

[Required] Gets the notification_topic_id of this CreateDelegationControlDetails. The OCID of the OCI Notification topic to publish messages related to this Delegation Control.

Returns:	The notification_topic_id of this CreateDelegationControlDetails.
Return type:	str

num_approvals_required¶

Gets the num_approvals_required of this CreateDelegationControlDetails. number of approvals required.

Returns:	The num_approvals_required of this CreateDelegationControlDetails.
Return type:	int

pre_approved_service_provider_action_names¶

Gets the pre_approved_service_provider_action_names of this CreateDelegationControlDetails. List of pre-approved Service Provider Action names. The list of pre-defined Service Provider Actions can be obtained from the ListServiceProviderActions API. Delegated Resource Access Requests associated with a resource governed by this Delegation Control will be automatically approved if the Delegated Resource Access Request only contain Service Provider Actions in the pre-approved list.

Returns:	The pre_approved_service_provider_action_names of this CreateDelegationControlDetails.
Return type:	list[str]

resource_ids¶

[Required] Gets the resource_ids of this CreateDelegationControlDetails. The OCID of the selected resources that this Delegation Control is applicable to.

Returns:	The resource_ids of this CreateDelegationControlDetails.
Return type:	list[str]

resource_type¶

[Required] Gets the resource_type of this CreateDelegationControlDetails. Resource type for which the Delegation Control is applicable to.

Allowed values for this property are: “VMCLUSTER”, “CLOUDVMCLUSTER”

Returns:	The resource_type of this CreateDelegationControlDetails.
Return type:	str

vault_id¶

Gets the vault_id of this CreateDelegationControlDetails. The OCID of the OCI Vault that will store the secrets containing the SSH keys to access the resource governed by this Delegation Control by Delegate Access Control Service. This property is required when resourceType is CLOUDVMCLUSTER. Delegate Access Control Service will generate the SSH keys and store them as secrets in the OCI Vault.

Returns:	The vault_id of this CreateDelegationControlDetails.
Return type:	str

vault_key_id¶

Gets the vault_key_id of this CreateDelegationControlDetails. The OCID of the Master Encryption Key in the OCI Vault specified by vaultId. This key will be used to encrypt the SSH keys to access the resource governed by this Delegation Control by Delegate Access Control Service. This property is required when resourceType is CLOUDVMCLUSTER.

Returns:	The vault_key_id of this CreateDelegationControlDetails.
Return type:	str