1. REST API for Oracle Private Cloud Appliance Compute Enclave
  2. Tasks
  3. Identity
  4. Policies

CreatePolicy

post

/20160918/policies

Create a new policy in the specified compartment, either in the tenancy or in a different compartment. For information about policies, see "Managing Policies" (https://docs.oracle.com/en/engineered-systems/private-cloud-appliance/3.0-latest/user/user-usr-manage-policies.html).

You must specify a name for the policy, which must be unique across all policies in the tenancy and cannot be changed.

You must specify a description for the policy, although it can be an empty string.

You must specify one or more policy statements in the statements array.

After you send your request, the new object's lifecycleState will temporarily be CREATING. Before using the object, first make sure its lifecycleState has changed to ACTIVE.

New policies typically take effect within 10 seconds.

Request

Supported Media Types
Header Parameters
  • Minimum Length: 1
    Maximum Length: 64
    A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (for example, if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected).
Body ()
Request object for creating a new policy.
Root Schema : CreatePolicyDetails
Type: object
Show Source
  • The OCID of the compartment containing the policy (either the tenancy or another compartment).
  • definedTags
    Additional Properties Allowed: additionalProperties
    Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"Operations": {"CostCenter": "42"}}
  • Minimum Length: 1
    Maximum Length: 400
    The description you assign to the policy during creation. Does not need to be unique, and it is changeable.
  • freeformTags
    Additional Properties Allowed: additionalProperties
    Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. Example: {"Department": "Finance"}
  • Minimum Length: 1
    Maximum Length: 100
    The name you assign to the policy during creation. The name must be unique across all policies in the tenancy and cannot be changed.
  • statements
    An array of policy statements written in the policy language.
  • The version of the policy. If null or set to an empty string, when a request comes in for authorization, the policy will be evaluated according to the current behavior of the services at that moment. If set to a particular date (YYYY-MM-DD), the policy will be evaluated according to the behavior of the services on that date.
Nested Schema : definedTags
Type: object
Additional Properties Allowed
Show Source
Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"Operations": {"CostCenter": "42"}}
Nested Schema : freeformTags
Type: object
Additional Properties Allowed
Show Source
Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. Example: {"Department": "Finance"}
Nested Schema : statements
Type: array
An array of policy statements written in the policy language.
Show Source
Nested Schema : additionalProperties
Type: object
Additional Properties Allowed
Show Source
Key-value pair representing a defined tag key and value, scoped to a namespace. Example: {"CostCenter": "42"}
Nested Schema : additionalProperties
Type: object
The value of the tag. Only the String type is supported.
Back to Top

Response

Supported Media Types

200 Response

The policy is being created.
Headers
  • For optimistic concurrency control. See if-match.
  • Unique Oracle-assigned identifier for the request. Provide this request OCID if you need to contact Oracle about this request.
Body ()
Root Schema : Policy
Type: object
A document that specifies the type of access a group has to the resources in a compartment. For information about policies, see "Managing Policies" (https://docs.oracle.com/en/engineered-systems/private-cloud-appliance/3.0-latest/user/user-usr-manage-policies.html). The word "policy" is used by people in different ways:
  • An individual statement written in the policy language.
  • A collection of statements in a single, named policy document (which has an OCID assigned to it).
  • The overall body of policies your organization uses to control access to resources.

    Avoid entering confidential information when you supply string values using the API.

    • Show Source
    • The OCID of the compartment containing the policy (either the tenancy or another compartment).
    • definedTags
      Additional Properties Allowed: additionalProperties
      Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"Operations": {"CostCenter": "42"}}
    • Minimum Length: 1
      Maximum Length: 400
      The description you assign to the policy. Does not need to be unique, and it is changeable.
    • freeformTags
      Additional Properties Allowed: additionalProperties
      Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. Example: {"Department": "Finance"}
    • The OCID of the policy.
    • The detailed status of INACTIVE lifecycleState.
    • Minimum Length: 1
      Maximum Length: 64
      Allowed Values: [ "CREATING", "ACTIVE", "INACTIVE", "DELETING", "DELETED" ]
      The policy's current state. After creating a policy, make sure its lifecycleState changes from CREATING to ACTIVE before using it.
    • Minimum Length: 1
      Maximum Length: 100
      The name you assign to the policy during creation. The name must be unique across all policies in the tenancy and cannot be changed.
    • statements
      An array of one or more policy statements written in the policy language.
    • Date and time the policy was created, in the format defined by RFC3339. Example: 2016-08-25T21:10:29.600Z
    • The version of the policy. If null or set to an empty string, when a request comes in for authorization, the policy will be evaluated according to the current behavior of the services at that moment. If set to a particular date (YYYY-MM-DD), the policy will be evaluated according to the behavior of the services on that date.
    Nested Schema : definedTags
    Type: object
    Additional Properties Allowed
    Show Source
    Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"Operations": {"CostCenter": "42"}}
    Nested Schema : freeformTags
    Type: object
    Additional Properties Allowed
    Show Source
    Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. Example: {"Department": "Finance"}
    Nested Schema : statements
    Type: array
    An array of one or more policy statements written in the policy language.
    Show Source
    Nested Schema : additionalProperties
    Type: object
    Additional Properties Allowed
    Show Source
    Key-value pair representing a defined tag key and value, scoped to a namespace. Example: {"CostCenter": "42"}
    Nested Schema : additionalProperties
    Type: object
    The value of the tag. Only the String type is supported.
    Example Response (application-json)
    {   "statements":     [       "Allow group InstanceLaunchers to manage instance-family in compartment ABC",       "Allow group InstanceLaunchers to use volume-family in compartment ABC",       "Allow group InstanceLaunchers to use virtual-network-family in compartment XYZ"     ],   "id": "ocid1.policy.aaaaaaaauzkexampleuniqueID",   "compartmentId": "ocid1.tenancy.aaaaaaaabaexampleuniqueID",   "name": "LaunchInstances",   "description": "Policy for users who need to launch instances, attach volumes, manage images",   "lifecycleState": "ACTIVE",   "timeCreated": "2016-12-07T00:49:14.807Z" }

    400 Response

    Bad Request
    Headers
    • Unique Oracle-assigned identifier for the request. Provide this request OCID if you need to contact Oracle about this request.
    Body ()
    Root Schema : Error
    Type: object
    The properties that define an error.
    Show Source

    403 Response

    Forbidden
    Headers
    • Unique Oracle-assigned identifier for the request. Provide this request OCID if you need to contact Oracle about this request.
    Body ()
    Root Schema : Error
    Type: object
    The properties that define an error.
    Show Source

    404 Response

    Not Found
    Headers
    • Unique Oracle-assigned identifier for the request. Provide this request OCID if you need to contact Oracle about this request.
    Body ()
    Root Schema : Error
    Type: object
    The properties that define an error.
    Show Source

    409 Response

    Conflict
    Headers
    • Unique Oracle-assigned identifier for the request. Provide this request OCID if you need to contact Oracle about this request.
    Body ()
    Root Schema : Error
    Type: object
    The properties that define an error.
    Show Source

    429 Response

    Too Many Requests
    Headers
    • Unique Oracle-assigned identifier for the request. Provide this request OCID if you need to contact Oracle about this request.
    Body ()
    Root Schema : Error
    Type: object
    The properties that define an error.
    Show Source

    500 Response

    Internal Server Error
    Headers
    • Unique Oracle-assigned identifier for the request. Provide this request OCID if you need to contact Oracle about this request.
    Body ()
    Root Schema : Error
    Type: object
    The properties that define an error.
    Show Source

    Default Response

    An error has occurred.
    Headers
    • Unique Oracle-assigned identifier for the request. Provide this request OCID if you need to contact Oracle about this request.
    Body ()
    Root Schema : Error
    Type: object
    The properties that define an error.
    Show Source
    Back to Top