class OCI::OperatorAccessControl::OperatorControlClient
Operator Access Control enables you to control the time duration and the actions an Oracle operator can perform on your Exadata Customer at Cloud
infrastructure. Using logging service, you can view a near real-time audit report of all actions performed by an Oracle operator.
Use the table of contents and search tool to explore the OperatorAccessControl
API.
Attributes
Client used to make HTTP requests. @return [OCI::ApiClient]
Fully qualified endpoint URL @return [String]
The region, which will usually correspond to a value in {OCI::Regions::REGION_ENUM}. @return [String]
The default retry configuration to apply to all operations in this service client. This can be overridden on a per-operation basis. The default retry configuration value is `nil`, which means that an operation will not perform any retries @return [OCI::Retry::RetryConfig]
Public Class Methods
Creates a new OperatorControlClient
. Notes:
If a config is not specified, then the global OCI.config will be used. This client is not thread-safe Either a region or an endpoint must be specified. If an endpoint is specified, it will be used instead of the region. A region may be specified in the config or via or the region parameter. If specified in both, then the region parameter will be used.
@param [Config] config A Config
object. @param [String] region A region used to determine the service endpoint. This will usually
correspond to a value in {OCI::Regions::REGION_ENUM}, but may be an arbitrary string.
@param [String] endpoint The fully qualified endpoint URL @param [OCI::BaseSigner] signer A signer implementation which can be used by this client. If this is not provided then
a signer will be constructed via the provided config. One use case of this parameter is instance principals authentication, so that the instance principals signer can be provided to the client
@param [OCI::ApiClientProxySettings] proxy_settings If your environment requires you to use a proxy server for outgoing HTTP requests
the details for the proxy can be provided in this parameter
@param [OCI::Retry::RetryConfig] retry_config
The retry configuration for this service client. This represents the default retry configuration to
apply across all operations. This can be overridden on a per-operation basis. The default retry configuration value is `nil`, which means that an operation will not perform any retries
# File lib/oci/operator_access_control/operator_control_client.rb, line 56 def initialize(config: nil, region: nil, endpoint: nil, signer: nil, proxy_settings: nil, retry_config: nil) # If the signer is an InstancePrincipalsSecurityTokenSigner or SecurityTokenSigner and no config was supplied (they are self-sufficient signers) # then create a dummy config to pass to the ApiClient constructor. If customers wish to create a client which uses instance principals # and has config (either populated programmatically or loaded from a file), they must construct that config themselves and then # pass it to this constructor. # # If there is no signer (or the signer is not an instance principals signer) and no config was supplied, this is not valid # so try and load the config from the default file. config = OCI::Config.validate_and_build_config_with_signer(config, signer) signer = OCI::Signer.config_file_auth_builder(config) if signer.nil? @api_client = OCI::ApiClient.new(config, signer, proxy_settings: proxy_settings) @retry_config = retry_config if endpoint @endpoint = endpoint + '/20200630' else region ||= config.region region ||= signer.region if signer.respond_to?(:region) self.region = region end logger.info "OperatorControlClient endpoint set to '#{@endpoint}'." if logger end
Public Instance Methods
Moves the Operator Control resource into a different compartment. When provided, 'If-Match' is checked against 'ETag' values of the resource.
@param [String] operator_control_id unique OperatorControl identifier @param [OCI::OperatorAccessControl::Models::ChangeOperatorControlCompartmentDetails] change_operator_control_compartment_details Moves the Operator Control resource into a different compartment. @param [Hash] opts the optional parameters @option opts [OCI::Retry::RetryConfig] :retry_config The retry configuration to apply to this operation. If no key is provided then the service-level
retry configuration defined by {#retry_config} will be used. If an explicit `nil` value is provided then the operation will not retry
@option opts [String] :opc_retry_token A token that uniquely identifies a request so it can be retried in case of a timeout or
server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations. For example, if a resource has been deleted and purged from the system, then a retry of the original creation request might be rejected.
@option opts [String] :if_match For optimistic concurrency control. In the PUT or DELETE call
for a resource, set the `if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource's current etag value.
@option opts [String] :opc_request_id The client request ID for tracing. @return [Response] A Response
object with data of type nil @note Click [here](docs.cloud.oracle.com/en-us/iaas/tools/ruby-sdk-examples/latest/operatoraccesscontrol/change_operator_control_compartment.rb.html) to see an example of how to use change_operator_control_compartment
API.
# File lib/oci/operator_access_control/operator_control_client.rb, line 126 def change_operator_control_compartment(operator_control_id, change_operator_control_compartment_details, opts = {}) logger.debug 'Calling operation OperatorControlClient#change_operator_control_compartment.' if logger raise "Missing the required parameter 'operator_control_id' when calling change_operator_control_compartment." if operator_control_id.nil? raise "Missing the required parameter 'change_operator_control_compartment_details' when calling change_operator_control_compartment." if change_operator_control_compartment_details.nil? raise "Parameter value for 'operator_control_id' must not be blank" if OCI::Internal::Util.blank_string?(operator_control_id) path = '/operatorControls/{operatorControlId}/actions/changeCompartment'.sub('{operatorControlId}', operator_control_id.to_s) operation_signing_strategy = :standard # rubocop:disable Style/NegatedIf # Query Params query_params = {} # Header Params header_params = {} header_params[:accept] = 'application/json' header_params[:'content-type'] = 'application/json' header_params[:'opc-retry-token'] = opts[:opc_retry_token] if opts[:opc_retry_token] header_params[:'if-match'] = opts[:if_match] if opts[:if_match] header_params[:'opc-request-id'] = opts[:opc_request_id] if opts[:opc_request_id] # rubocop:enable Style/NegatedIf header_params[:'opc-retry-token'] ||= OCI::Retry.generate_opc_retry_token post_body = @api_client.object_to_http_body(change_operator_control_compartment_details) # rubocop:disable Metrics/BlockLength OCI::Retry.make_retrying_call(applicable_retry_config(opts), call_name: 'OperatorControlClient#change_operator_control_compartment') do @api_client.call_api( :POST, path, endpoint, header_params: header_params, query_params: query_params, operation_signing_strategy: operation_signing_strategy, body: post_body ) end # rubocop:enable Metrics/BlockLength end
Creates an Operator Control.
@param [OCI::OperatorAccessControl::Models::CreateOperatorControlDetails] create_operator_control_details Details for the new Operator Control. @param [Hash] opts the optional parameters @option opts [OCI::Retry::RetryConfig] :retry_config The retry configuration to apply to this operation. If no key is provided then the service-level
retry configuration defined by {#retry_config} will be used. If an explicit `nil` value is provided then the operation will not retry
@option opts [String] :opc_retry_token A token that uniquely identifies a request so it can be retried in case of a timeout or
server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations. For example, if a resource has been deleted and purged from the system, then a retry of the original creation request might be rejected.
@option opts [String] :opc_request_id The client request ID for tracing. @return [Response] A Response
object with data of type {OCI::OperatorAccessControl::Models::OperatorControl OperatorControl} @note Click [here](docs.cloud.oracle.com/en-us/iaas/tools/ruby-sdk-examples/latest/operatoraccesscontrol/create_operator_control.rb.html) to see an example of how to use create_operator_control
API.
# File lib/oci/operator_access_control/operator_control_client.rb, line 190 def create_operator_control(create_operator_control_details, opts = {}) logger.debug 'Calling operation OperatorControlClient#create_operator_control.' if logger raise "Missing the required parameter 'create_operator_control_details' when calling create_operator_control." if create_operator_control_details.nil? path = '/operatorControls' operation_signing_strategy = :standard # rubocop:disable Style/NegatedIf # Query Params query_params = {} # Header Params header_params = {} header_params[:accept] = 'application/json' header_params[:'content-type'] = 'application/json' header_params[:'opc-retry-token'] = opts[:opc_retry_token] if opts[:opc_retry_token] header_params[:'opc-request-id'] = opts[:opc_request_id] if opts[:opc_request_id] # rubocop:enable Style/NegatedIf header_params[:'opc-retry-token'] ||= OCI::Retry.generate_opc_retry_token post_body = @api_client.object_to_http_body(create_operator_control_details) # rubocop:disable Metrics/BlockLength OCI::Retry.make_retrying_call(applicable_retry_config(opts), call_name: 'OperatorControlClient#create_operator_control') do @api_client.call_api( :POST, path, endpoint, header_params: header_params, query_params: query_params, operation_signing_strategy: operation_signing_strategy, body: post_body, return_type: 'OCI::OperatorAccessControl::Models::OperatorControl' ) end # rubocop:enable Metrics/BlockLength end
Deletes an Operator Control. You cannot delete an Operator Control if it is assigned to govern any target resource currently or in the future. In that case, first, delete all of the current and future assignments before deleting the Operator Control. An Operator Control that was previously assigned to a target resource is marked as DELETED following a successful deletion. However, it is not completely deleted from the system. This is to ensure auditing information for the accesses done under the Operator Control is preserved for future needs. The system purges the deleted Operator Control only when all of the audit data associated with the Operator Control are also deleted. Therefore, you cannot reuse the name of the deleted Operator Control until the system purges the Operator Control.
@param [String] operator_control_id unique OperatorControl identifier @param [Hash] opts the optional parameters @option opts [OCI::Retry::RetryConfig] :retry_config The retry configuration to apply to this operation. If no key is provided then the service-level
retry configuration defined by {#retry_config} will be used. If an explicit `nil` value is provided then the operation will not retry
@option opts [String] :description reason for deletion of OperatorControl. @option opts [String] :if_match For optimistic concurrency control. In the PUT or DELETE call
for a resource, set the `if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource's current etag value.
@option opts [String] :opc_request_id The client request ID for tracing. @return [Response] A Response
object with data of type nil @note Click [here](docs.cloud.oracle.com/en-us/iaas/tools/ruby-sdk-examples/latest/operatoraccesscontrol/delete_operator_control.rb.html) to see an example of how to use delete_operator_control
API.
# File lib/oci/operator_access_control/operator_control_client.rb, line 257 def delete_operator_control(operator_control_id, opts = {}) logger.debug 'Calling operation OperatorControlClient#delete_operator_control.' if logger raise "Missing the required parameter 'operator_control_id' when calling delete_operator_control." if operator_control_id.nil? raise "Parameter value for 'operator_control_id' must not be blank" if OCI::Internal::Util.blank_string?(operator_control_id) path = '/operatorControls/{operatorControlId}'.sub('{operatorControlId}', operator_control_id.to_s) operation_signing_strategy = :standard # rubocop:disable Style/NegatedIf # Query Params query_params = {} query_params[:description] = opts[:description] if opts[:description] # Header Params header_params = {} header_params[:accept] = 'application/json' header_params[:'content-type'] = 'application/json' header_params[:'if-match'] = opts[:if_match] if opts[:if_match] header_params[:'opc-request-id'] = opts[:opc_request_id] if opts[:opc_request_id] # rubocop:enable Style/NegatedIf post_body = nil # rubocop:disable Metrics/BlockLength OCI::Retry.make_retrying_call(applicable_retry_config(opts), call_name: 'OperatorControlClient#delete_operator_control') do @api_client.call_api( :DELETE, path, endpoint, header_params: header_params, query_params: query_params, operation_signing_strategy: operation_signing_strategy, body: post_body ) end # rubocop:enable Metrics/BlockLength end
Gets the Operator Control associated with the specified Operator Control ID. @param [String] operator_control_id unique OperatorControl identifier @param [Hash] opts the optional parameters @option opts [OCI::Retry::RetryConfig] :retry_config The retry configuration to apply to this operation. If no key is provided then the service-level
retry configuration defined by {#retry_config} will be used. If an explicit `nil` value is provided then the operation will not retry
@option opts [String] :opc_request_id The client request ID for tracing. @return [Response] A Response
object with data of type {OCI::OperatorAccessControl::Models::OperatorControl OperatorControl} @note Click [here](docs.cloud.oracle.com/en-us/iaas/tools/ruby-sdk-examples/latest/operatoraccesscontrol/get_operator_control.rb.html) to see an example of how to use get_operator_control
API.
# File lib/oci/operator_access_control/operator_control_client.rb, line 312 def get_operator_control(operator_control_id, opts = {}) logger.debug 'Calling operation OperatorControlClient#get_operator_control.' if logger raise "Missing the required parameter 'operator_control_id' when calling get_operator_control." if operator_control_id.nil? raise "Parameter value for 'operator_control_id' must not be blank" if OCI::Internal::Util.blank_string?(operator_control_id) path = '/operatorControls/{operatorControlId}'.sub('{operatorControlId}', operator_control_id.to_s) operation_signing_strategy = :standard # rubocop:disable Style/NegatedIf # Query Params query_params = {} # Header Params header_params = {} header_params[:accept] = 'application/json' header_params[:'content-type'] = 'application/json' header_params[:'opc-request-id'] = opts[:opc_request_id] if opts[:opc_request_id] # rubocop:enable Style/NegatedIf post_body = nil # rubocop:disable Metrics/BlockLength OCI::Retry.make_retrying_call(applicable_retry_config(opts), call_name: 'OperatorControlClient#get_operator_control') do @api_client.call_api( :GET, path, endpoint, header_params: header_params, query_params: query_params, operation_signing_strategy: operation_signing_strategy, body: post_body, return_type: 'OCI::OperatorAccessControl::Models::OperatorControl' ) end # rubocop:enable Metrics/BlockLength end
Lists the operator controls in the compartment.
@param [String] compartment_id The ID of the compartment in which to list resources. @param [Hash] opts the optional parameters @option opts [OCI::Retry::RetryConfig] :retry_config The retry configuration to apply to this operation. If no key is provided then the service-level
retry configuration defined by {#retry_config} will be used. If an explicit `nil` value is provided then the operation will not retry
@option opts [String] :lifecycle_state A filter to return only resources whose lifecycleState matches the given OperatorControl lifecycleState. @option opts [String] :display_name A filter to return OperatorControl that match the entire display name given. @option opts [Integer] :limit The maximum number of items to return. (default to 10) @option opts [String] :page The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call. @option opts [String] :sort_order The sort order to use, either 'asc' or 'desc'. (default to DESC) @option opts [String] :sort_by The field to sort by. Only one sort order may be provided. Default order for timeCreated is descending. Default order for displayName is ascending. If no value is specified timeCreated is default.
(default to timeCreated) Allowed values are: timeCreated, displayName
@option opts [String] :opc_request_id The client request ID for tracing. @return [Response] A Response
object with data of type {OCI::OperatorAccessControl::Models::OperatorControlCollection OperatorControlCollection} @note Click [here](docs.cloud.oracle.com/en-us/iaas/tools/ruby-sdk-examples/latest/operatoraccesscontrol/list_operator_controls.rb.html) to see an example of how to use list_operator_controls
API.
# File lib/oci/operator_access_control/operator_control_client.rb, line 375 def list_operator_controls(compartment_id, opts = {}) logger.debug 'Calling operation OperatorControlClient#list_operator_controls.' if logger raise "Missing the required parameter 'compartment_id' when calling list_operator_controls." if compartment_id.nil? if opts[:lifecycle_state] && !OCI::OperatorAccessControl::Models::OPERATOR_CONTROL_LIFECYCLE_STATES_ENUM.include?(opts[:lifecycle_state]) raise 'Invalid value for "lifecycle_state", must be one of the values in OCI::OperatorAccessControl::Models::OPERATOR_CONTROL_LIFECYCLE_STATES_ENUM.' end if opts[:sort_order] && !OCI::OperatorAccessControl::Models::SORT_ORDERS_ENUM.include?(opts[:sort_order]) raise 'Invalid value for "sort_order", must be one of the values in OCI::OperatorAccessControl::Models::SORT_ORDERS_ENUM.' end if opts[:sort_by] && !%w[timeCreated displayName].include?(opts[:sort_by]) raise 'Invalid value for "sort_by", must be one of timeCreated, displayName.' end path = '/operatorControls' operation_signing_strategy = :standard # rubocop:disable Style/NegatedIf # Query Params query_params = {} query_params[:compartmentId] = compartment_id query_params[:lifecycleState] = opts[:lifecycle_state] if opts[:lifecycle_state] query_params[:displayName] = opts[:display_name] if opts[:display_name] query_params[:limit] = opts[:limit] if opts[:limit] query_params[:page] = opts[:page] if opts[:page] query_params[:sortOrder] = opts[:sort_order] if opts[:sort_order] query_params[:sortBy] = opts[:sort_by] if opts[:sort_by] # Header Params header_params = {} header_params[:accept] = 'application/json' header_params[:'content-type'] = 'application/json' header_params[:'opc-request-id'] = opts[:opc_request_id] if opts[:opc_request_id] # rubocop:enable Style/NegatedIf post_body = nil # rubocop:disable Metrics/BlockLength OCI::Retry.make_retrying_call(applicable_retry_config(opts), call_name: 'OperatorControlClient#list_operator_controls') do @api_client.call_api( :GET, path, endpoint, header_params: header_params, query_params: query_params, operation_signing_strategy: operation_signing_strategy, body: post_body, return_type: 'OCI::OperatorAccessControl::Models::OperatorControlCollection' ) end # rubocop:enable Metrics/BlockLength end
@return [Logger] The logger for this client. May be nil.
# File lib/oci/operator_access_control/operator_control_client.rb, line 95 def logger @api_client.config.logger end
Set the region that will be used to determine the service endpoint. This will usually correspond to a value in {OCI::Regions::REGION_ENUM}, but may be an arbitrary string.
# File lib/oci/operator_access_control/operator_control_client.rb, line 85 def region=(new_region) @region = new_region raise 'A region must be specified.' unless @region @endpoint = OCI::Regions.get_service_endpoint_for_template(@region, 'https://operator-access-control.{region}.oci.{secondLevelDomain}') + '/20200630' logger.info "OperatorControlClient endpoint set to '#{@endpoint} from region #{@region}'." if logger end
Modifies the existing OperatorControl for a given operator control id except the operator control id.
@param [String] operator_control_id unique OperatorControl identifier @param [OCI::OperatorAccessControl::Models::UpdateOperatorControlDetails] update_operator_control_details Details for the new OperatorControl. @param [Hash] opts the optional parameters @option opts [OCI::Retry::RetryConfig] :retry_config The retry configuration to apply to this operation. If no key is provided then the service-level
retry configuration defined by {#retry_config} will be used. If an explicit `nil` value is provided then the operation will not retry
@option opts [String] :if_match For optimistic concurrency control. In the PUT or DELETE call
for a resource, set the `if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource's current etag value.
@option opts [String] :opc_request_id The client request ID for tracing. @return [Response] A Response
object with data of type {OCI::OperatorAccessControl::Models::OperatorControl OperatorControl} @note Click [here](docs.cloud.oracle.com/en-us/iaas/tools/ruby-sdk-examples/latest/operatoraccesscontrol/update_operator_control.rb.html) to see an example of how to use update_operator_control
API.
# File lib/oci/operator_access_control/operator_control_client.rb, line 455 def update_operator_control(operator_control_id, update_operator_control_details, opts = {}) logger.debug 'Calling operation OperatorControlClient#update_operator_control.' if logger raise "Missing the required parameter 'operator_control_id' when calling update_operator_control." if operator_control_id.nil? raise "Missing the required parameter 'update_operator_control_details' when calling update_operator_control." if update_operator_control_details.nil? raise "Parameter value for 'operator_control_id' must not be blank" if OCI::Internal::Util.blank_string?(operator_control_id) path = '/operatorControls/{operatorControlId}'.sub('{operatorControlId}', operator_control_id.to_s) operation_signing_strategy = :standard # rubocop:disable Style/NegatedIf # Query Params query_params = {} # Header Params header_params = {} header_params[:accept] = 'application/json' header_params[:'content-type'] = 'application/json' header_params[:'if-match'] = opts[:if_match] if opts[:if_match] header_params[:'opc-request-id'] = opts[:opc_request_id] if opts[:opc_request_id] # rubocop:enable Style/NegatedIf post_body = @api_client.object_to_http_body(update_operator_control_details) # rubocop:disable Metrics/BlockLength OCI::Retry.make_retrying_call(applicable_retry_config(opts), call_name: 'OperatorControlClient#update_operator_control') do @api_client.call_api( :PUT, path, endpoint, header_params: header_params, query_params: query_params, operation_signing_strategy: operation_signing_strategy, body: post_body, return_type: 'OCI::OperatorAccessControl::Models::OperatorControl' ) end # rubocop:enable Metrics/BlockLength end
Private Instance Methods
rubocop:enable Metrics/CyclomaticComplexity, Metrics/AbcSize, Metrics/PerceivedComplexity rubocop:enable Style/IfUnlessModifier, Metrics/ParameterLists rubocop:enable Metrics/MethodLength, Layout/EmptyLines
# File lib/oci/operator_access_control/operator_control_client.rb, line 500 def applicable_retry_config(opts = {}) return @retry_config unless opts.key?(:retry_config) opts[:retry_config] end