DelegationControl¶

class oci.delegate_access_control.models.DelegationControl(**kwargs)¶

Bases: object

Delegation Control enables you to grant, audit, or revoke the access Oracle has to your Exadata Cloud infrastructure, and obtain audit reports of all actions taken by a human operator, in a near real-time manner.

Attributes

`LIFECYCLE_STATE_ACTIVE`	A constant which can be used with the lifecycle_state property of a DelegationControl.
`LIFECYCLE_STATE_CREATING`	A constant which can be used with the lifecycle_state property of a DelegationControl.
`LIFECYCLE_STATE_DELETED`	A constant which can be used with the lifecycle_state property of a DelegationControl.
`LIFECYCLE_STATE_DELETING`	A constant which can be used with the lifecycle_state property of a DelegationControl.
`LIFECYCLE_STATE_FAILED`	A constant which can be used with the lifecycle_state property of a DelegationControl.
`LIFECYCLE_STATE_NEEDS_ATTENTION`	A constant which can be used with the lifecycle_state property of a DelegationControl.
`LIFECYCLE_STATE_UPDATING`	A constant which can be used with the lifecycle_state property of a DelegationControl.
`NOTIFICATION_MESSAGE_FORMAT_HTML`	A constant which can be used with the notification_message_format property of a DelegationControl.
`NOTIFICATION_MESSAGE_FORMAT_JSON`	A constant which can be used with the notification_message_format property of a DelegationControl.
`RESOURCE_TYPE_CLOUDVMCLUSTER`	A constant which can be used with the resource_type property of a DelegationControl.
`RESOURCE_TYPE_VMCLUSTER`	A constant which can be used with the resource_type property of a DelegationControl.
`compartment_id`	[Required] Gets the compartment_id of this DelegationControl.
`defined_tags`	Gets the defined_tags of this DelegationControl.
`delegation_subscription_ids`	Gets the delegation_subscription_ids of this DelegationControl.
`description`	Gets the description of this DelegationControl.
`display_name`	[Required] Gets the display_name of this DelegationControl.
`freeform_tags`	Gets the freeform_tags of this DelegationControl.
`id`	[Required] Gets the id of this DelegationControl.
`is_auto_approve_during_maintenance`	Gets the is_auto_approve_during_maintenance of this DelegationControl.
`lifecycle_state`	Gets the lifecycle_state of this DelegationControl.
`lifecycle_state_details`	Gets the lifecycle_state_details of this DelegationControl.
`notification_message_format`	Gets the notification_message_format of this DelegationControl.
`notification_topic_id`	Gets the notification_topic_id of this DelegationControl.
`num_approvals_required`	Gets the num_approvals_required of this DelegationControl.
`pre_approved_service_provider_action_names`	Gets the pre_approved_service_provider_action_names of this DelegationControl.
`resource_ids`	Gets the resource_ids of this DelegationControl.
`resource_type`	[Required] Gets the resource_type of this DelegationControl.
`system_tags`	Gets the system_tags of this DelegationControl.
`time_created`	Gets the time_created of this DelegationControl.
`time_deleted`	Gets the time_deleted of this DelegationControl.
`time_updated`	Gets the time_updated of this DelegationControl.
`vault_id`	Gets the vault_id of this DelegationControl.
`vault_key_id`	Gets the vault_key_id of this DelegationControl.

Methods

__init__(**kwargs) Initializes a new DelegationControl object with values from keyword arguments.

LIFECYCLE_STATE_ACTIVE = 'ACTIVE'¶: A constant which can be used with the lifecycle_state property of a DelegationControl. This constant has a value of “ACTIVE”

LIFECYCLE_STATE_CREATING = 'CREATING'¶: A constant which can be used with the lifecycle_state property of a DelegationControl. This constant has a value of “CREATING”

LIFECYCLE_STATE_DELETED = 'DELETED'¶: A constant which can be used with the lifecycle_state property of a DelegationControl. This constant has a value of “DELETED”

LIFECYCLE_STATE_DELETING = 'DELETING'¶: A constant which can be used with the lifecycle_state property of a DelegationControl. This constant has a value of “DELETING”

LIFECYCLE_STATE_FAILED = 'FAILED'¶: A constant which can be used with the lifecycle_state property of a DelegationControl. This constant has a value of “FAILED”

LIFECYCLE_STATE_NEEDS_ATTENTION = 'NEEDS_ATTENTION'¶: A constant which can be used with the lifecycle_state property of a DelegationControl. This constant has a value of “NEEDS_ATTENTION”

LIFECYCLE_STATE_UPDATING = 'UPDATING'¶: A constant which can be used with the lifecycle_state property of a DelegationControl. This constant has a value of “UPDATING”

NOTIFICATION_MESSAGE_FORMAT_HTML = 'HTML'¶: A constant which can be used with the notification_message_format property of a DelegationControl. This constant has a value of “HTML”

NOTIFICATION_MESSAGE_FORMAT_JSON = 'JSON'¶: A constant which can be used with the notification_message_format property of a DelegationControl. This constant has a value of “JSON”

RESOURCE_TYPE_CLOUDVMCLUSTER = 'CLOUDVMCLUSTER'¶: A constant which can be used with the resource_type property of a DelegationControl. This constant has a value of “CLOUDVMCLUSTER”

RESOURCE_TYPE_VMCLUSTER = 'VMCLUSTER'¶: A constant which can be used with the resource_type property of a DelegationControl. This constant has a value of “VMCLUSTER”

__init__(**kwargs)¶

Initializes a new DelegationControl object with values from keyword arguments. The following keyword arguments are supported (corresponding to the getters/setters of this class):

Parameters:

id (str) – The value to assign to the id property of this DelegationControl.
compartment_id (str) – The value to assign to the compartment_id property of this DelegationControl.
display_name (str) – The value to assign to the display_name property of this DelegationControl.
description (str) – The value to assign to the description property of this DelegationControl.
num_approvals_required (int) – The value to assign to the num_approvals_required property of this DelegationControl.
pre_approved_service_provider_action_names (list[str]) – The value to assign to the pre_approved_service_provider_action_names property of this DelegationControl.
delegation_subscription_ids (list[str]) – The value to assign to the delegation_subscription_ids property of this DelegationControl.
is_auto_approve_during_maintenance (bool) – The value to assign to the is_auto_approve_during_maintenance property of this DelegationControl.
resource_ids (list[str]) – The value to assign to the resource_ids property of this DelegationControl.
resource_type (str) – The value to assign to the resource_type property of this DelegationControl. Allowed values for this property are: “VMCLUSTER”, “CLOUDVMCLUSTER”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.
notification_topic_id (str) – The value to assign to the notification_topic_id property of this DelegationControl.
notification_message_format (str) – The value to assign to the notification_message_format property of this DelegationControl. Allowed values for this property are: “JSON”, “HTML”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.
vault_id (str) – The value to assign to the vault_id property of this DelegationControl.
vault_key_id (str) – The value to assign to the vault_key_id property of this DelegationControl.
lifecycle_state (str) – The value to assign to the lifecycle_state property of this DelegationControl. Allowed values for this property are: “CREATING”, “ACTIVE”, “UPDATING”, “DELETING”, “DELETED”, “FAILED”, “NEEDS_ATTENTION”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.
lifecycle_state_details (str) – The value to assign to the lifecycle_state_details property of this DelegationControl.
time_created (datetime) – The value to assign to the time_created property of this DelegationControl.
time_updated (datetime) – The value to assign to the time_updated property of this DelegationControl.
time_deleted (datetime) – The value to assign to the time_deleted property of this DelegationControl.
freeform_tags (dict(str, str)) – The value to assign to the freeform_tags property of this DelegationControl.
defined_tags (dict(str, dict(str, object))) – The value to assign to the defined_tags property of this DelegationControl.
system_tags (dict(str, dict(str, object))) – The value to assign to the system_tags property of this DelegationControl.

compartment_id¶

[Required] Gets the compartment_id of this DelegationControl. The OCID of the compartment that contains the Delegation Control.

Returns:	The compartment_id of this DelegationControl.
Return type:	str

defined_tags¶

Gets the defined_tags of this DelegationControl. Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see `Resource Tags`__.

Example: {“Operations”: {“CostCenter”: “42”}}

Returns:	The defined_tags of this DelegationControl.
Return type:	dict(str, dict(str, object))

delegation_subscription_ids¶

Gets the delegation_subscription_ids of this DelegationControl. List of Delegation Subscription OCID that are allowed for this Delegation Control. The allowed subscriptions will determine the available Service Provider Actions. Only support operators for the allowed subscriptions are allowed to create Delegated Resource Access Request.

Returns:	The delegation_subscription_ids of this DelegationControl.
Return type:	list[str]

description¶

Gets the description of this DelegationControl. Description of the Delegation Control.

Returns:	The description of this DelegationControl.
Return type:	str

display_name¶

[Required] Gets the display_name of this DelegationControl. Name of the Delegation Control. The name does not need to be unique.

Returns:	The display_name of this DelegationControl.
Return type:	str

freeform_tags¶

Gets the freeform_tags of this DelegationControl. Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see `Resource Tags`__.

Example: {“Department”: “Finance”}

Returns:	The freeform_tags of this DelegationControl.
Return type:	dict(str, str)

id¶

[Required] Gets the id of this DelegationControl. The OCID of the Delegation Control.

Returns:	The id of this DelegationControl.
Return type:	str

is_auto_approve_during_maintenance¶

Gets the is_auto_approve_during_maintenance of this DelegationControl. Set to true to allow all Delegated Resource Access Request to be approved automatically during maintenance.

Returns:	The is_auto_approve_during_maintenance of this DelegationControl.
Return type:	bool

lifecycle_state¶

Gets the lifecycle_state of this DelegationControl. The current lifecycle state of the Delegation Control.

Allowed values for this property are: “CREATING”, “ACTIVE”, “UPDATING”, “DELETING”, “DELETED”, “FAILED”, “NEEDS_ATTENTION”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.

Returns:	The lifecycle_state of this DelegationControl.
Return type:	str

lifecycle_state_details¶

Gets the lifecycle_state_details of this DelegationControl. Description of the current lifecycle state in more detail.

Returns:	The lifecycle_state_details of this DelegationControl.
Return type:	str

notification_message_format¶

Gets the notification_message_format of this DelegationControl. The format of the OCI Notification messages for this Delegation Control.

Allowed values for this property are: “JSON”, “HTML”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.

Returns:	The notification_message_format of this DelegationControl.
Return type:	str

notification_topic_id¶

Gets the notification_topic_id of this DelegationControl. The OCID of the OCI Notification topic to publish messages related to this Delegation Control.

Returns:	The notification_topic_id of this DelegationControl.
Return type:	str

num_approvals_required¶

Gets the num_approvals_required of this DelegationControl. number of approvals required.

Returns:	The num_approvals_required of this DelegationControl.
Return type:	int

pre_approved_service_provider_action_names¶

Gets the pre_approved_service_provider_action_names of this DelegationControl. List of pre-approved Service Provider Action names. The list of pre-defined Service Provider Actions can be obtained from the ListServiceProviderActions API. Delegated Resource Access Requests associated with a resource governed by this Delegation Control will be automatically approved if the Delegated Resource Access Request only contain Service Provider Actions in the pre-approved list.

Returns:	The pre_approved_service_provider_action_names of this DelegationControl.
Return type:	list[str]

resource_ids¶

Gets the resource_ids of this DelegationControl. The OCID of the selected resources that this Delegation Control is applicable to.

Returns:	The resource_ids of this DelegationControl.
Return type:	list[str]

resource_type¶

[Required] Gets the resource_type of this DelegationControl. Resource type for which the Delegation Control is applicable to.

Allowed values for this property are: “VMCLUSTER”, “CLOUDVMCLUSTER”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.

Returns:	The resource_type of this DelegationControl.
Return type:	str

system_tags¶

Gets the system_tags of this DelegationControl. System tags for this resource. Each key is predefined and scoped to a namespace.

Example: {“orcl-cloud”: {“free-tier-retained”: “true”}}

Returns:	The system_tags of this DelegationControl.
Return type:	dict(str, dict(str, object))

time_created¶

Gets the time_created of this DelegationControl. Time when the Delegation Control was created expressed in `RFC 3339`__ timestamp format, e.g. ‘2020-05-22T21:10:29.600Z’

Returns:	The time_created of this DelegationControl.
Return type:	datetime

time_deleted¶

Gets the time_deleted of this DelegationControl. Time when the Delegation Control was deleted expressed in `RFC 3339`__timestamp format, e.g. ‘2020-05-22T21:10:29.600Z’. Note a deleted Delegation Control still stays in the system, so that you can still audit Service Provider Actions associated with Delegated Resource Access Requests raised on target resources governed by the deleted Delegation Control.

Returns:	The time_deleted of this DelegationControl.
Return type:	datetime

time_updated¶

Gets the time_updated of this DelegationControl. Time when the Delegation Control was last modified expressed in `RFC 3339`__ timestamp format, e.g. ‘2020-05-22T21:10:29.600Z’

Returns:	The time_updated of this DelegationControl.
Return type:	datetime

vault_id¶

Gets the vault_id of this DelegationControl. The OCID of the OCI Vault that will store the secrets containing the SSH keys to access the resource governed by this Delegation Control by Delegate Access Control Service. This property is required when resourceType is CLOUDVMCLUSTER. Delegate Access Control Service will generate the SSH keys and store them as secrets in the OCI Vault.

Returns:	The vault_id of this DelegationControl.
Return type:	str

vault_key_id¶

Gets the vault_key_id of this DelegationControl. The OCID of the Master Encryption Key in the OCI Vault specified by vaultId. This key will be used to encrypt the SSH keys to access the resource governed by this Delegation Control by Delegate Access Control Service. This property is required when resourceType is CLOUDVMCLUSTER.

Returns:	The vault_key_id of this DelegationControl.
Return type:	str