class OCI::Identity::Models::Policy

A document that specifies the type of access a group has to the resources in a compartment. For information about policies and other IAM Service components, see [Overview of the IAM Service](docs.cloud.oracle.com/Content/Identity/Concepts/overview.htm). If you're new to policies, see [Getting Started with Policies](docs.cloud.oracle.com/Content/Identity/Concepts/policygetstarted.htm).

The word "policy" is used by people in different ways:

* An individual statement written in the policy language
* A collection of statements in a single, named \"policy\" document (which has an Oracle Cloud ID (OCID) assigned to it)
* The overall body of policies your organization uses to control access to resources

To use any of the API operations, you must be authorized in an IAM policy. If you're not authorized, talk to an administrator.

Warning: Oracle recommends that you avoid using any confidential information when you supply string values using the API.

Constants

LIFECYCLE_STATE_ENUM

Attributes

compartment_id[RW]

[Required] The OCID of the compartment containing the policy (either the tenancy or another compartment).

@return [String]

defined_tags[RW]

Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see [Resource Tags](docs.cloud.oracle.com/Content/General/Concepts/resourcetags.htm). Example: `{"Operations": {"CostCenter": "42"}}`

@return [Hash<String, Hash<String, Object>>]

description[RW]

[Required] The description you assign to the policy. Does not have to be unique, and it's changeable. @return [String]

freeform_tags[RW]

Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see [Resource Tags](docs.cloud.oracle.com/Content/General/Concepts/resourcetags.htm). Example: `{"Department": "Finance"}`

@return [Hash<String, String>]

id[RW]

[Required] The OCID of the policy. @return [String]

inactive_status[RW]

The detailed status of INACTIVE lifecycleState. @return [Integer]

lifecycle_state[R]

[Required] The policy's current state. After creating a policy, make sure its `lifecycleState` changes from CREATING to ACTIVE before using it.

@return [String]

name[RW]

[Required] The name you assign to the policy during creation. The name must be unique across all policies in the tenancy and cannot be changed.

@return [String]

statements[RW]

[Required] An array of one or more policy statements written in the policy language. @return [Array<String>]

time_created[RW]

[Required] Date and time the policy was created, in the format defined by RFC3339.

Example: `2016-08-25T21:10:29.600Z`

@return [DateTime]

version_date[RW]

The version of the policy. If null or set to an empty string, when a request comes in for authorization, the policy will be evaluated according to the current behavior of the services at that moment. If set to a particular date (YYYY-MM-DD), the policy will be evaluated according to the behavior of the services on that date.

@return [DateTime]

Public Class Methods

attribute_map() click to toggle source

Attribute mapping from ruby-style variable name to JSON key.

# File lib/oci/identity/models/policy.rb, line 98
def self.attribute_map
  {
    # rubocop:disable Style/SymbolLiteral
    'id': :'id',
    'compartment_id': :'compartmentId',
    'name': :'name',
    'statements': :'statements',
    'description': :'description',
    'time_created': :'timeCreated',
    'lifecycle_state': :'lifecycleState',
    'inactive_status': :'inactiveStatus',
    'version_date': :'versionDate',
    'freeform_tags': :'freeformTags',
    'defined_tags': :'definedTags'
    # rubocop:enable Style/SymbolLiteral
  }
end
new(attributes = {}) click to toggle source

Initializes the object @param [Hash] attributes Model attributes in the form of hash @option attributes [String] :id The value to assign to the {#id} property @option attributes [String] :compartment_id The value to assign to the {#compartment_id} property @option attributes [String] :name The value to assign to the {#name} property @option attributes [Array<String>] :statements The value to assign to the {#statements} property @option attributes [String] :description The value to assign to the {#description} property @option attributes [DateTime] :time_created The value to assign to the {#time_created} property @option attributes [String] :lifecycle_state The value to assign to the {#lifecycle_state} property @option attributes [Integer] :inactive_status The value to assign to the {#inactive_status} property @option attributes [DateTime] :version_date The value to assign to the {#version_date} property @option attributes [Hash<String, String>] :freeform_tags The value to assign to the {#freeform_tags} property @option attributes [Hash<String, Hash<String, Object>>] :defined_tags The value to assign to the {#defined_tags} property

# File lib/oci/identity/models/policy.rb, line 152
def initialize(attributes = {})
  return unless attributes.is_a?(Hash)

  # convert string to symbol for hash key
  attributes = attributes.each_with_object({}) { |(k, v), h| h[k.to_sym] = v }

  self.id = attributes[:'id'] if attributes[:'id']

  self.compartment_id = attributes[:'compartmentId'] if attributes[:'compartmentId']

  raise 'You cannot provide both :compartmentId and :compartment_id' if attributes.key?(:'compartmentId') && attributes.key?(:'compartment_id')

  self.compartment_id = attributes[:'compartment_id'] if attributes[:'compartment_id']

  self.name = attributes[:'name'] if attributes[:'name']

  self.statements = attributes[:'statements'] if attributes[:'statements']

  self.description = attributes[:'description'] if attributes[:'description']

  self.time_created = attributes[:'timeCreated'] if attributes[:'timeCreated']

  raise 'You cannot provide both :timeCreated and :time_created' if attributes.key?(:'timeCreated') && attributes.key?(:'time_created')

  self.time_created = attributes[:'time_created'] if attributes[:'time_created']

  self.lifecycle_state = attributes[:'lifecycleState'] if attributes[:'lifecycleState']

  raise 'You cannot provide both :lifecycleState and :lifecycle_state' if attributes.key?(:'lifecycleState') && attributes.key?(:'lifecycle_state')

  self.lifecycle_state = attributes[:'lifecycle_state'] if attributes[:'lifecycle_state']

  self.inactive_status = attributes[:'inactiveStatus'] if attributes[:'inactiveStatus']

  raise 'You cannot provide both :inactiveStatus and :inactive_status' if attributes.key?(:'inactiveStatus') && attributes.key?(:'inactive_status')

  self.inactive_status = attributes[:'inactive_status'] if attributes[:'inactive_status']

  self.version_date = attributes[:'versionDate'] if attributes[:'versionDate']

  raise 'You cannot provide both :versionDate and :version_date' if attributes.key?(:'versionDate') && attributes.key?(:'version_date')

  self.version_date = attributes[:'version_date'] if attributes[:'version_date']

  self.freeform_tags = attributes[:'freeformTags'] if attributes[:'freeformTags']

  raise 'You cannot provide both :freeformTags and :freeform_tags' if attributes.key?(:'freeformTags') && attributes.key?(:'freeform_tags')

  self.freeform_tags = attributes[:'freeform_tags'] if attributes[:'freeform_tags']

  self.defined_tags = attributes[:'definedTags'] if attributes[:'definedTags']

  raise 'You cannot provide both :definedTags and :defined_tags' if attributes.key?(:'definedTags') && attributes.key?(:'defined_tags')

  self.defined_tags = attributes[:'defined_tags'] if attributes[:'defined_tags']
end
swagger_types() click to toggle source

Attribute type mapping.

# File lib/oci/identity/models/policy.rb, line 117
def self.swagger_types
  {
    # rubocop:disable Style/SymbolLiteral
    'id': :'String',
    'compartment_id': :'String',
    'name': :'String',
    'statements': :'Array<String>',
    'description': :'String',
    'time_created': :'DateTime',
    'lifecycle_state': :'String',
    'inactive_status': :'Integer',
    'version_date': :'DateTime',
    'freeform_tags': :'Hash<String, String>',
    'defined_tags': :'Hash<String, Hash<String, Object>>'
    # rubocop:enable Style/SymbolLiteral
  }
end

Public Instance Methods

==(other) click to toggle source

Checks equality by comparing each attribute. @param [Object] other the other object to be compared

# File lib/oci/identity/models/policy.rb, line 229
def ==(other)
  return true if equal?(other)

  self.class == other.class &&
    id == other.id &&
    compartment_id == other.compartment_id &&
    name == other.name &&
    statements == other.statements &&
    description == other.description &&
    time_created == other.time_created &&
    lifecycle_state == other.lifecycle_state &&
    inactive_status == other.inactive_status &&
    version_date == other.version_date &&
    freeform_tags == other.freeform_tags &&
    defined_tags == other.defined_tags
end
build_from_hash(attributes) click to toggle source

Builds the object from hash @param [Hash] attributes Model attributes in the form of hash @return [Object] Returns the model itself

# File lib/oci/identity/models/policy.rb, line 269
def build_from_hash(attributes)
  return nil unless attributes.is_a?(Hash)

  self.class.swagger_types.each_pair do |key, type|
    if type =~ /^Array<(.*)>/i
      # check to ensure the input is an array given that the the attribute
      # is documented as an array but the input is not
      if attributes[self.class.attribute_map[key]].is_a?(Array)
        public_method("#{key}=").call(
          attributes[self.class.attribute_map[key]]
            .map { |v| OCI::Internal::Util.convert_to_type(Regexp.last_match(1), v) }
        )
      end
    elsif !attributes[self.class.attribute_map[key]].nil?
      public_method("#{key}=").call(
        OCI::Internal::Util.convert_to_type(type, attributes[self.class.attribute_map[key]])
      )
    end
    # or else data not found in attributes(hash), not an issue as the data can be optional
  end

  self
end
eql?(other) click to toggle source

@see the `==` method @param [Object] other the other object to be compared

# File lib/oci/identity/models/policy.rb, line 249
def eql?(other)
  self == other
end
hash() click to toggle source

Calculates hash code according to all attributes. @return [Fixnum] Hash code

# File lib/oci/identity/models/policy.rb, line 258
def hash
  [id, compartment_id, name, statements, description, time_created, lifecycle_state, inactive_status, version_date, freeform_tags, defined_tags].hash
end
lifecycle_state=(lifecycle_state) click to toggle source

Custom attribute writer method checking allowed values (enum). @param [Object] lifecycle_state Object to be assigned

# File lib/oci/identity/models/policy.rb, line 213
def lifecycle_state=(lifecycle_state)
  # rubocop:disable Style/ConditionalAssignment
  if lifecycle_state && !LIFECYCLE_STATE_ENUM.include?(lifecycle_state)
    OCI.logger.debug("Unknown value for 'lifecycle_state' [" + lifecycle_state + "]. Mapping to 'LIFECYCLE_STATE_UNKNOWN_ENUM_VALUE'") if OCI.logger
    @lifecycle_state = LIFECYCLE_STATE_UNKNOWN_ENUM_VALUE
  else
    @lifecycle_state = lifecycle_state
  end
  # rubocop:enable Style/ConditionalAssignment
end
to_hash() click to toggle source

Returns the object in the form of hash @return [Hash] Returns the object in the form of hash

# File lib/oci/identity/models/policy.rb, line 302
def to_hash
  hash = {}
  self.class.attribute_map.each_pair do |attr, param|
    value = public_method(attr).call
    next if value.nil? && !instance_variable_defined?("@#{attr}")

    hash[param] = _to_hash(value)
  end
  hash
end
to_s() click to toggle source

Returns the string representation of the object @return [String] String presentation of the object

# File lib/oci/identity/models/policy.rb, line 296
def to_s
  to_hash.to_s
end

Private Instance Methods

_to_hash(value) click to toggle source

Outputs non-array value in the form of hash For object, use to_hash. Otherwise, just return the value @param [Object] value Any valid value @return [Hash] Returns the value in the form of hash

# File lib/oci/identity/models/policy.rb, line 319
def _to_hash(value)
  if value.is_a?(Array)
    value.compact.map { |v| _to_hash(v) }
  elsif value.is_a?(Hash)
    {}.tap do |hash|
      value.each { |k, v| hash[k] = _to_hash(v) }
    end
  elsif value.respond_to? :to_hash
    value.to_hash
  else
    value
  end
end