class OCI::OperatorAccessControl::AccessRequestsClient

Operator Access Control enables you to control the time duration and the actions an Oracle operator can perform on your Exadata Customer at Cloud infrastructure. Using logging service, you can view a near real-time audit report of all actions performed by an Oracle operator.

Use the table of contents and search tool to explore the OperatorAccessControl API.

Attributes

api_client[R]

Client used to make HTTP requests. @return [OCI::ApiClient]

endpoint[R]

Fully qualified endpoint URL @return [String]

region[R]

The region, which will usually correspond to a value in {OCI::Regions::REGION_ENUM}. @return [String]

retry_config[R]

The default retry configuration to apply to all operations in this service client. This can be overridden on a per-operation basis. The default retry configuration value is `nil`, which means that an operation will not perform any retries @return [OCI::Retry::RetryConfig]

Public Class Methods

new(config: nil, region: nil, endpoint: nil, signer: nil, proxy_settings: nil, retry_config: nil) click to toggle source

Creates a new AccessRequestsClient. Notes:

If a config is not specified, then the global OCI.config will be used.

This client is not thread-safe

Either a region or an endpoint must be specified.  If an endpoint is specified, it will be used instead of the
  region. A region may be specified in the config or via or the region parameter. If specified in both, then the
  region parameter will be used.

@param [Config] config A Config object. @param [String] region A region used to determine the service endpoint. This will usually

correspond to a value in {OCI::Regions::REGION_ENUM}, but may be an arbitrary string.

@param [String] endpoint The fully qualified endpoint URL @param [OCI::BaseSigner] signer A signer implementation which can be used by this client. If this is not provided then

a signer will be constructed via the provided config. One use case of this parameter is instance principals authentication,
so that the instance principals signer can be provided to the client

@param [OCI::ApiClientProxySettings] proxy_settings If your environment requires you to use a proxy server for outgoing HTTP requests

the details for the proxy can be provided in this parameter

@param [OCI::Retry::RetryConfig] retry_config The retry configuration for this service client. This represents the default retry configuration to

apply across all operations. This can be overridden on a per-operation basis. The default retry configuration value is `nil`, which means that an operation
will not perform any retries
# File lib/oci/operator_access_control/access_requests_client.rb, line 56
def initialize(config: nil, region: nil, endpoint: nil, signer: nil, proxy_settings: nil, retry_config: nil)
  # If the signer is an InstancePrincipalsSecurityTokenSigner or SecurityTokenSigner and no config was supplied (they are self-sufficient signers)
  # then create a dummy config to pass to the ApiClient constructor. If customers wish to create a client which uses instance principals
  # and has config (either populated programmatically or loaded from a file), they must construct that config themselves and then
  # pass it to this constructor.
  #
  # If there is no signer (or the signer is not an instance principals signer) and no config was supplied, this is not valid
  # so try and load the config from the default file.
  config = OCI::Config.validate_and_build_config_with_signer(config, signer)

  signer = OCI::Signer.config_file_auth_builder(config) if signer.nil?

  @api_client = OCI::ApiClient.new(config, signer, proxy_settings: proxy_settings)
  @retry_config = retry_config

  if endpoint
    @endpoint = endpoint + '/20200630'
  else
    region ||= config.region
    region ||= signer.region if signer.respond_to?(:region)
    self.region = region
  end
  logger.info "AccessRequestsClient endpoint set to '#{@endpoint}'." if logger
end

Public Instance Methods

approve_access_request(access_request_id, approve_access_request_details, opts = {}) click to toggle source

Approves an access request.

@param [String] access_request_id unique AccessRequest identifier @param [OCI::OperatorAccessControl::Models::ApproveAccessRequestDetails] approve_access_request_details Details regarding the approval of an access request created by the operator. @param [Hash] opts the optional parameters @option opts [OCI::Retry::RetryConfig] :retry_config The retry configuration to apply to this operation. If no key is provided then the service-level

retry configuration defined by {#retry_config} will be used. If an explicit `nil` value is provided then the operation will not retry

@option opts [String] :opc_retry_token A token that uniquely identifies a request so it can be retried in case of a timeout or

server error without risk of executing that same action again. Retry tokens expire after 24
hours, but can be invalidated before then due to conflicting operations. For example, if a resource
has been deleted and purged from the system, then a retry of the original creation request
might be rejected.

@option opts [String] :if_match For optimistic concurrency control. In the PUT or DELETE call

for a resource, set the `if-match` parameter to the value of the
etag from a previous GET or POST response for that resource.
The resource will be updated or deleted only if the etag you
provide matches the resource's current etag value.

@option opts [String] :opc_request_id The client request ID for tracing. @return [Response] A Response object with data of type nil @note Click [here](docs.cloud.oracle.com/en-us/iaas/tools/ruby-sdk-examples/latest/operatoraccesscontrol/approve_access_request.rb.html) to see an example of how to use approve_access_request API.

# File lib/oci/operator_access_control/access_requests_client.rb, line 126
def approve_access_request(access_request_id, approve_access_request_details, opts = {})
  logger.debug 'Calling operation AccessRequestsClient#approve_access_request.' if logger

  raise "Missing the required parameter 'access_request_id' when calling approve_access_request." if access_request_id.nil?
  raise "Missing the required parameter 'approve_access_request_details' when calling approve_access_request." if approve_access_request_details.nil?
  raise "Parameter value for 'access_request_id' must not be blank" if OCI::Internal::Util.blank_string?(access_request_id)

  path = '/accessRequests/{accessRequestId}/action/approve'.sub('{accessRequestId}', access_request_id.to_s)
  operation_signing_strategy = :standard

  # rubocop:disable Style/NegatedIf
  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params[:accept] = 'application/json'
  header_params[:'content-type'] = 'application/json'
  header_params[:'opc-retry-token'] = opts[:opc_retry_token] if opts[:opc_retry_token]
  header_params[:'if-match'] = opts[:if_match] if opts[:if_match]
  header_params[:'opc-request-id'] = opts[:opc_request_id] if opts[:opc_request_id]
  # rubocop:enable Style/NegatedIf
  header_params[:'opc-retry-token'] ||= OCI::Retry.generate_opc_retry_token

  post_body = @api_client.object_to_http_body(approve_access_request_details)

  # rubocop:disable Metrics/BlockLength
  OCI::Retry.make_retrying_call(applicable_retry_config(opts), call_name: 'AccessRequestsClient#approve_access_request') do
    @api_client.call_api(
      :POST,
      path,
      endpoint,
      header_params: header_params,
      query_params: query_params,
      operation_signing_strategy: operation_signing_strategy,
      body: post_body
    )
  end
  # rubocop:enable Metrics/BlockLength
end
get_access_request(access_request_id, opts = {}) click to toggle source

Gets details of an access request. @param [String] access_request_id unique AccessRequest identifier @param [Hash] opts the optional parameters @option opts [OCI::Retry::RetryConfig] :retry_config The retry configuration to apply to this operation. If no key is provided then the service-level

retry configuration defined by {#retry_config} will be used. If an explicit `nil` value is provided then the operation will not retry

@option opts [String] :opc_request_id The client request ID for tracing. @return [Response] A Response object with data of type {OCI::OperatorAccessControl::Models::AccessRequest AccessRequest} @note Click [here](docs.cloud.oracle.com/en-us/iaas/tools/ruby-sdk-examples/latest/operatoraccesscontrol/get_access_request.rb.html) to see an example of how to use get_access_request API.

# File lib/oci/operator_access_control/access_requests_client.rb, line 183
def get_access_request(access_request_id, opts = {})
  logger.debug 'Calling operation AccessRequestsClient#get_access_request.' if logger

  raise "Missing the required parameter 'access_request_id' when calling get_access_request." if access_request_id.nil?
  raise "Parameter value for 'access_request_id' must not be blank" if OCI::Internal::Util.blank_string?(access_request_id)

  path = '/accessRequests/{accessRequestId}'.sub('{accessRequestId}', access_request_id.to_s)
  operation_signing_strategy = :standard

  # rubocop:disable Style/NegatedIf
  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params[:accept] = 'application/json'
  header_params[:'content-type'] = 'application/json'
  header_params[:'opc-request-id'] = opts[:opc_request_id] if opts[:opc_request_id]
  # rubocop:enable Style/NegatedIf

  post_body = nil

  # rubocop:disable Metrics/BlockLength
  OCI::Retry.make_retrying_call(applicable_retry_config(opts), call_name: 'AccessRequestsClient#get_access_request') do
    @api_client.call_api(
      :GET,
      path,
      endpoint,
      header_params: header_params,
      query_params: query_params,
      operation_signing_strategy: operation_signing_strategy,
      body: post_body,
      return_type: 'OCI::OperatorAccessControl::Models::AccessRequest'
    )
  end
  # rubocop:enable Metrics/BlockLength
end
list_access_request_histories(access_request_id, opts = {}) click to toggle source

Returns a history of all status associated with the accessRequestId.

@param [String] access_request_id unique AccessRequest identifier @param [Hash] opts the optional parameters @option opts [OCI::Retry::RetryConfig] :retry_config The retry configuration to apply to this operation. If no key is provided then the service-level

retry configuration defined by {#retry_config} will be used. If an explicit `nil` value is provided then the operation will not retry

@option opts [Integer] :limit The maximum number of items to return. (default to 10) @option opts [String] :page The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call. @option opts [String] :opc_request_id The client request ID for tracing. @return [Response] A Response object with data of type {OCI::OperatorAccessControl::Models::AccessRequestHistoryCollection AccessRequestHistoryCollection} @note Click [here](docs.cloud.oracle.com/en-us/iaas/tools/ruby-sdk-examples/latest/operatoraccesscontrol/list_access_request_histories.rb.html) to see an example of how to use list_access_request_histories API.

# File lib/oci/operator_access_control/access_requests_client.rb, line 240
def list_access_request_histories(access_request_id, opts = {})
  logger.debug 'Calling operation AccessRequestsClient#list_access_request_histories.' if logger

  raise "Missing the required parameter 'access_request_id' when calling list_access_request_histories." if access_request_id.nil?
  raise "Parameter value for 'access_request_id' must not be blank" if OCI::Internal::Util.blank_string?(access_request_id)

  path = '/accessRequests/{accessRequestId}/history'.sub('{accessRequestId}', access_request_id.to_s)
  operation_signing_strategy = :standard

  # rubocop:disable Style/NegatedIf
  # Query Params
  query_params = {}
  query_params[:limit] = opts[:limit] if opts[:limit]
  query_params[:page] = opts[:page] if opts[:page]

  # Header Params
  header_params = {}
  header_params[:accept] = 'application/json'
  header_params[:'content-type'] = 'application/json'
  header_params[:'opc-request-id'] = opts[:opc_request_id] if opts[:opc_request_id]
  # rubocop:enable Style/NegatedIf

  post_body = nil

  # rubocop:disable Metrics/BlockLength
  OCI::Retry.make_retrying_call(applicable_retry_config(opts), call_name: 'AccessRequestsClient#list_access_request_histories') do
    @api_client.call_api(
      :GET,
      path,
      endpoint,
      header_params: header_params,
      query_params: query_params,
      operation_signing_strategy: operation_signing_strategy,
      body: post_body,
      return_type: 'OCI::OperatorAccessControl::Models::AccessRequestHistoryCollection'
    )
  end
  # rubocop:enable Metrics/BlockLength
end
list_access_requests(compartment_id, opts = {}) click to toggle source

Lists all access requests in the compartment.

@param [String] compartment_id The ID of the compartment in which to list resources. @param [Hash] opts the optional parameters @option opts [OCI::Retry::RetryConfig] :retry_config The retry configuration to apply to this operation. If no key is provided then the service-level

retry configuration defined by {#retry_config} will be used. If an explicit `nil` value is provided then the operation will not retry

@option opts [String] :resource_name A filter to return only resources that match the given ResourceName. @option opts [String] :lifecycle_state A filter to return only resources whose lifecycleState matches the given AccessRequest lifecycleState. @option opts [Integer] :limit The maximum number of items to return. (default to 10) @option opts [String] :page The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call. @option opts [String] :sort_order The sort order to use, either 'asc' or 'desc'. (default to DESC) @option opts [String] :sort_by The field to sort by. Only one sort order may be provided. Default order for timeCreated is descending. Default order for displayName is ascending. If no value is specified timeCreated is default.

 (default to timeCreated)
Allowed values are: timeCreated, displayName

@option opts [String] :opc_request_id The client request ID for tracing. @return [Response] A Response object with data of type {OCI::OperatorAccessControl::Models::AccessRequestCollection AccessRequestCollection} @note Click [here](docs.cloud.oracle.com/en-us/iaas/tools/ruby-sdk-examples/latest/operatoraccesscontrol/list_access_requests.rb.html) to see an example of how to use list_access_requests API.

# File lib/oci/operator_access_control/access_requests_client.rb, line 305
def list_access_requests(compartment_id, opts = {})
  logger.debug 'Calling operation AccessRequestsClient#list_access_requests.' if logger

  raise "Missing the required parameter 'compartment_id' when calling list_access_requests." if compartment_id.nil?

  if opts[:lifecycle_state] && !OCI::OperatorAccessControl::Models::ACCESS_REQUEST_LIFECYCLE_STATES_ENUM.include?(opts[:lifecycle_state])
    raise 'Invalid value for "lifecycle_state", must be one of the values in OCI::OperatorAccessControl::Models::ACCESS_REQUEST_LIFECYCLE_STATES_ENUM.'
  end

  if opts[:sort_order] && !OCI::OperatorAccessControl::Models::SORT_ORDERS_ENUM.include?(opts[:sort_order])
    raise 'Invalid value for "sort_order", must be one of the values in OCI::OperatorAccessControl::Models::SORT_ORDERS_ENUM.'
  end

  if opts[:sort_by] && !%w[timeCreated displayName].include?(opts[:sort_by])
    raise 'Invalid value for "sort_by", must be one of timeCreated, displayName.'
  end

  path = '/accessRequests'
  operation_signing_strategy = :standard

  # rubocop:disable Style/NegatedIf
  # Query Params
  query_params = {}
  query_params[:compartmentId] = compartment_id
  query_params[:resourceName] = opts[:resource_name] if opts[:resource_name]
  query_params[:lifecycleState] = opts[:lifecycle_state] if opts[:lifecycle_state]
  query_params[:limit] = opts[:limit] if opts[:limit]
  query_params[:page] = opts[:page] if opts[:page]
  query_params[:sortOrder] = opts[:sort_order] if opts[:sort_order]
  query_params[:sortBy] = opts[:sort_by] if opts[:sort_by]

  # Header Params
  header_params = {}
  header_params[:accept] = 'application/json'
  header_params[:'content-type'] = 'application/json'
  header_params[:'opc-request-id'] = opts[:opc_request_id] if opts[:opc_request_id]
  # rubocop:enable Style/NegatedIf

  post_body = nil

  # rubocop:disable Metrics/BlockLength
  OCI::Retry.make_retrying_call(applicable_retry_config(opts), call_name: 'AccessRequestsClient#list_access_requests') do
    @api_client.call_api(
      :GET,
      path,
      endpoint,
      header_params: header_params,
      query_params: query_params,
      operation_signing_strategy: operation_signing_strategy,
      body: post_body,
      return_type: 'OCI::OperatorAccessControl::Models::AccessRequestCollection'
    )
  end
  # rubocop:enable Metrics/BlockLength
end
logger() click to toggle source

@return [Logger] The logger for this client. May be nil.

# File lib/oci/operator_access_control/access_requests_client.rb, line 95
def logger
  @api_client.config.logger
end
region=(new_region) click to toggle source

Set the region that will be used to determine the service endpoint. This will usually correspond to a value in {OCI::Regions::REGION_ENUM}, but may be an arbitrary string.

# File lib/oci/operator_access_control/access_requests_client.rb, line 85
def region=(new_region)
  @region = new_region

  raise 'A region must be specified.' unless @region

  @endpoint = OCI::Regions.get_service_endpoint_for_template(@region, 'https://operator-access-control.{region}.oci.{secondLevelDomain}') + '/20200630'
  logger.info "AccessRequestsClient endpoint set to '#{@endpoint} from region #{@region}'." if logger
end
reject_access_request(access_request_id, reject_access_request_details, opts = {}) click to toggle source

Rejects an access request.

@param [String] access_request_id unique AccessRequest identifier @param [OCI::OperatorAccessControl::Models::RejectAccessRequestDetails] reject_access_request_details Details regarding the rejection of an access request created by the operator. @param [Hash] opts the optional parameters @option opts [OCI::Retry::RetryConfig] :retry_config The retry configuration to apply to this operation. If no key is provided then the service-level

retry configuration defined by {#retry_config} will be used. If an explicit `nil` value is provided then the operation will not retry

@option opts [String] :opc_retry_token A token that uniquely identifies a request so it can be retried in case of a timeout or

server error without risk of executing that same action again. Retry tokens expire after 24
hours, but can be invalidated before then due to conflicting operations. For example, if a resource
has been deleted and purged from the system, then a retry of the original creation request
might be rejected.

@option opts [String] :if_match For optimistic concurrency control. In the PUT or DELETE call

for a resource, set the `if-match` parameter to the value of the
etag from a previous GET or POST response for that resource.
The resource will be updated or deleted only if the etag you
provide matches the resource's current etag value.

@option opts [String] :opc_request_id The client request ID for tracing. @return [Response] A Response object with data of type nil @note Click [here](docs.cloud.oracle.com/en-us/iaas/tools/ruby-sdk-examples/latest/operatoraccesscontrol/reject_access_request.rb.html) to see an example of how to use reject_access_request API.

# File lib/oci/operator_access_control/access_requests_client.rb, line 391
def reject_access_request(access_request_id, reject_access_request_details, opts = {})
  logger.debug 'Calling operation AccessRequestsClient#reject_access_request.' if logger

  raise "Missing the required parameter 'access_request_id' when calling reject_access_request." if access_request_id.nil?
  raise "Missing the required parameter 'reject_access_request_details' when calling reject_access_request." if reject_access_request_details.nil?
  raise "Parameter value for 'access_request_id' must not be blank" if OCI::Internal::Util.blank_string?(access_request_id)

  path = '/accessRequests/{accessRequestId}/action/reject'.sub('{accessRequestId}', access_request_id.to_s)
  operation_signing_strategy = :standard

  # rubocop:disable Style/NegatedIf
  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params[:accept] = 'application/json'
  header_params[:'content-type'] = 'application/json'
  header_params[:'opc-retry-token'] = opts[:opc_retry_token] if opts[:opc_retry_token]
  header_params[:'if-match'] = opts[:if_match] if opts[:if_match]
  header_params[:'opc-request-id'] = opts[:opc_request_id] if opts[:opc_request_id]
  # rubocop:enable Style/NegatedIf
  header_params[:'opc-retry-token'] ||= OCI::Retry.generate_opc_retry_token

  post_body = @api_client.object_to_http_body(reject_access_request_details)

  # rubocop:disable Metrics/BlockLength
  OCI::Retry.make_retrying_call(applicable_retry_config(opts), call_name: 'AccessRequestsClient#reject_access_request') do
    @api_client.call_api(
      :POST,
      path,
      endpoint,
      header_params: header_params,
      query_params: query_params,
      operation_signing_strategy: operation_signing_strategy,
      body: post_body
    )
  end
  # rubocop:enable Metrics/BlockLength
end
revoke_access_request(access_request_id, revoke_access_request_details, opts = {}) click to toggle source

Revokes an already approved access request.

@param [String] access_request_id unique AccessRequest identifier @param [OCI::OperatorAccessControl::Models::RevokeAccessRequestDetails] revoke_access_request_details Details regarding the revocation of an access request created by the operator. @param [Hash] opts the optional parameters @option opts [OCI::Retry::RetryConfig] :retry_config The retry configuration to apply to this operation. If no key is provided then the service-level

retry configuration defined by {#retry_config} will be used. If an explicit `nil` value is provided then the operation will not retry

@option opts [String] :opc_retry_token A token that uniquely identifies a request so it can be retried in case of a timeout or

server error without risk of executing that same action again. Retry tokens expire after 24
hours, but can be invalidated before then due to conflicting operations. For example, if a resource
has been deleted and purged from the system, then a retry of the original creation request
might be rejected.

@option opts [String] :if_match For optimistic concurrency control. In the PUT or DELETE call

for a resource, set the `if-match` parameter to the value of the
etag from a previous GET or POST response for that resource.
The resource will be updated or deleted only if the etag you
provide matches the resource's current etag value.

@option opts [String] :opc_request_id The client request ID for tracing. @return [Response] A Response object with data of type nil @note Click [here](docs.cloud.oracle.com/en-us/iaas/tools/ruby-sdk-examples/latest/operatoraccesscontrol/revoke_access_request.rb.html) to see an example of how to use revoke_access_request API.

# File lib/oci/operator_access_control/access_requests_client.rb, line 462
def revoke_access_request(access_request_id, revoke_access_request_details, opts = {})
  logger.debug 'Calling operation AccessRequestsClient#revoke_access_request.' if logger

  raise "Missing the required parameter 'access_request_id' when calling revoke_access_request." if access_request_id.nil?
  raise "Missing the required parameter 'revoke_access_request_details' when calling revoke_access_request." if revoke_access_request_details.nil?
  raise "Parameter value for 'access_request_id' must not be blank" if OCI::Internal::Util.blank_string?(access_request_id)

  path = '/accessRequests/{accessRequestId}/action/revoke'.sub('{accessRequestId}', access_request_id.to_s)
  operation_signing_strategy = :standard

  # rubocop:disable Style/NegatedIf
  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params[:accept] = 'application/json'
  header_params[:'content-type'] = 'application/json'
  header_params[:'opc-retry-token'] = opts[:opc_retry_token] if opts[:opc_retry_token]
  header_params[:'if-match'] = opts[:if_match] if opts[:if_match]
  header_params[:'opc-request-id'] = opts[:opc_request_id] if opts[:opc_request_id]
  # rubocop:enable Style/NegatedIf
  header_params[:'opc-retry-token'] ||= OCI::Retry.generate_opc_retry_token

  post_body = @api_client.object_to_http_body(revoke_access_request_details)

  # rubocop:disable Metrics/BlockLength
  OCI::Retry.make_retrying_call(applicable_retry_config(opts), call_name: 'AccessRequestsClient#revoke_access_request') do
    @api_client.call_api(
      :POST,
      path,
      endpoint,
      header_params: header_params,
      query_params: query_params,
      operation_signing_strategy: operation_signing_strategy,
      body: post_body
    )
  end
  # rubocop:enable Metrics/BlockLength
end

Private Instance Methods

applicable_retry_config(opts = {}) click to toggle source

rubocop:enable Metrics/CyclomaticComplexity, Metrics/AbcSize, Metrics/PerceivedComplexity rubocop:enable Style/IfUnlessModifier, Metrics/ParameterLists rubocop:enable Metrics/MethodLength, Layout/EmptyLines

# File lib/oci/operator_access_control/access_requests_client.rb, line 508
def applicable_retry_config(opts = {})
  return @retry_config unless opts.key?(:retry_config)

  opts[:retry_config]
end