Class: OCI::OperatorAccessControl::OperatorControlClient

Inherits:

Object

• Object
• OCI::OperatorAccessControl::OperatorControlClient

Defined in:

lib/oci/operator_access_control/operator_control_client.rb

Overview

Operator Access Control enables you to control the time duration and the actions an Oracle operator can perform on your Exadata Cloud@Customer infrastructure. Using logging service, you can view a near real-time audit report of all actions performed by an Oracle operator.

Use the table of contents and search tool to explore the OperatorAccessControl API.

Instance Attribute Summary

• #api_client ⇒ OCI::ApiClient readonly

  Client used to make HTTP requests.

• #endpoint ⇒ String readonly

  Fully qualified endpoint URL.

• #region ⇒ String

  The region, which will usually correspond to a value in Regions::REGION_ENUM.

• #retry_config ⇒ OCI::Retry::RetryConfig readonly

  The default retry configuration to apply to all operations in this service client.

Instance Method Summary

• #change_operator_control_compartment(operator_control_id, change_operator_control_compartment_details, opts = {}) ⇒ Response

  Moves the Operator Control resource into a different compartment.

• #create_operator_control(create_operator_control_details, opts = {}) ⇒ Response

  Creates an Operator Control.

• #delete_operator_control(operator_control_id, opts = {}) ⇒ Response

  Deletes an Operator Control.

• #get_operator_control(operator_control_id, opts = {}) ⇒ Response

  Gets the Operator Control associated with the specified Operator Control ID.

• #initialize(config: nil, region: nil, endpoint: nil, signer: nil, proxy_settings: nil, retry_config: nil) ⇒ OperatorControlClient constructor

  Creates a new OperatorControlClient.

• #list_operator_controls(compartment_id, opts = {}) ⇒ Response

  Lists the operator controls in the compartment.

• #logger ⇒ Logger

  The logger for this client.

• #update_operator_control(operator_control_id, update_operator_control_details, opts = {}) ⇒ Response

  Modifies the existing OperatorControl for a given operator control id except the operator control id.

Constructor Details

#initialize(config: nil, region: nil, endpoint: nil, signer: nil, proxy_settings: nil, retry_config: nil) ⇒ OperatorControlClient

Creates a new OperatorControlClient. Notes: If a config is not specified, then the global OCI.config will be used.

This client is not thread-safe

Either a region or an endpoint must be specified. If an endpoint is specified, it will be used instead of the region. A region may be specified in the config or via or the region parameter. If specified in both, then the region parameter will be used.

Parameters:

• config (Config) (defaults to: nil) —

  A Config object.

• region (String) (defaults to: nil) —

  A region used to determine the service endpoint. This will usually correspond to a value in Regions::REGION_ENUM, but may be an arbitrary string.

• endpoint (String) (defaults to: nil) —

  The fully qualified endpoint URL

• signer (OCI::BaseSigner) (defaults to: nil) —

  A signer implementation which can be used by this client. If this is not provided then a signer will be constructed via the provided config. One use case of this parameter is instance principals authentication, so that the instance principals signer can be provided to the client

• proxy_settings (OCI::ApiClientProxySettings) (defaults to: nil) —

  If your environment requires you to use a proxy server for outgoing HTTP requests the details for the proxy can be provided in this parameter

• retry_config (OCI::Retry::RetryConfig) (defaults to: nil) —

  The retry configuration for this service client. This represents the default retry configuration to apply across all operations. This can be overridden on a per-operation basis. The default retry configuration value is nil, which means that an operation will not perform any retries

# File 'lib/oci/operator_access_control/operator_control_client.rb', line 58

def initialize(config: nil, region: nil, endpoint: nil, signer: nil, proxy_settings: nil, retry_config: nil)
  # If the signer is an InstancePrincipalsSecurityTokenSigner or SecurityTokenSigner and no config was supplied (they are self-sufficient signers)
  # then create a dummy config to pass to the ApiClient constructor. If customers wish to create a client which uses instance principals
  # and has config (either populated programmatically or loaded from a file), they must construct that config themselves and then
  # pass it to this constructor.
  #
  # If there is no signer (or the signer is not an instance principals signer) and no config was supplied, this is not valid
  # so try and load the config from the default file.
  config = OCI::Config.validate_and_build_config_with_signer(config, signer)

  signer = OCI::Signer.config_file_auth_builder(config) if signer.nil?

  @api_client = OCI::ApiClient.new(config, signer, proxy_settings: proxy_settings)
  @retry_config = retry_config

  if endpoint
    @endpoint = endpoint + '/20200630'
  else
    region ||= config.region
    region ||= signer.region if signer.respond_to?(:region)
    self.region = region
  end
  logger.info "OperatorControlClient endpoint set to '#{@endpoint}'." if logger
end

Instance Attribute Details

#api_client ⇒ OCI::ApiClient (readonly)

Client used to make HTTP requests.

Returns:

• (OCI::ApiClient)

# File 'lib/oci/operator_access_control/operator_control_client.rb', line 18

def api_client
  @api_client
end

#endpoint ⇒ String (readonly)

Fully qualified endpoint URL

Returns:

• (String)

# File 'lib/oci/operator_access_control/operator_control_client.rb', line 22

def endpoint
  @endpoint
end

#region ⇒ String

The region, which will usually correspond to a value in Regions::REGION_ENUM.

Returns:

• (String)

# File 'lib/oci/operator_access_control/operator_control_client.rb', line 32

def region
  @region
end

#retry_config ⇒ OCI::Retry::RetryConfig (readonly)

The default retry configuration to apply to all operations in this service client. This can be overridden on a per-operation basis. The default retry configuration value is nil, which means that an operation will not perform any retries

Returns:

• (OCI::Retry::RetryConfig)

# File 'lib/oci/operator_access_control/operator_control_client.rb', line 28

def retry_config
  @retry_config
end

Instance Method Details

#change_operator_control_compartment(operator_control_id, change_operator_control_compartment_details, opts = {}) ⇒ Response

Note:

Click here to see an example of how to use change_operator_control_compartment API.

Moves the Operator Control resource into a different compartment. When provided, 'If-Match' is checked against 'ETag' values of the resource.

Parameters:

• operator_control_id (String) —

  unique OperatorControl identifier

• change_operator_control_compartment_details (OCI::OperatorAccessControl::Models::ChangeOperatorControlCompartmentDetails) —

  Moves the Operator Control resource into a different compartment.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :retry_config (OCI::Retry::RetryConfig) —

  The retry configuration to apply to this operation. If no key is provided then the service-level retry configuration defined by #retry_config will be used. If an explicit nil value is provided then the operation will not retry

• :opc_retry_token (String) —

  A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations. For example, if a resource has been deleted and purged from the system, then a retry of the original creation request might be rejected.

• :if_match (String) —

  For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource's current etag value.

• :opc_request_id (String) —

  The client request ID for tracing.

Returns:

• (Response) —

  A Response object with data of type nil

# File 'lib/oci/operator_access_control/operator_control_client.rb', line 128

def change_operator_control_compartment(operator_control_id, change_operator_control_compartment_details, opts = {})
  logger.debug 'Calling operation OperatorControlClient#change_operator_control_compartment.' if logger

  raise "Missing the required parameter 'operator_control_id' when calling change_operator_control_compartment." if operator_control_id.nil?
  raise "Missing the required parameter 'change_operator_control_compartment_details' when calling change_operator_control_compartment." if change_operator_control_compartment_details.nil?
  raise "Parameter value for 'operator_control_id' must not be blank" if OCI::Internal::Util.blank_string?(operator_control_id)

  path = '/operatorControls/{operatorControlId}/actions/changeCompartment'.sub('{operatorControlId}', operator_control_id.to_s)
  operation_signing_strategy = :standard

  # rubocop:disable Style/NegatedIf
  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params[:accept] = 'application/json'
  header_params[:'content-type'] = 'application/json'
  header_params[:'opc-retry-token'] = opts[:opc_retry_token] if opts[:opc_retry_token]
  header_params[:'if-match'] = opts[:if_match] if opts[:if_match]
  header_params[:'opc-request-id'] = opts[:opc_request_id] if opts[:opc_request_id]
  # rubocop:enable Style/NegatedIf
  header_params[:'opc-retry-token'] ||= OCI::Retry.generate_opc_retry_token

  post_body = @api_client.object_to_http_body(change_operator_control_compartment_details)

  # rubocop:disable Metrics/BlockLength
  OCI::Retry.make_retrying_call(applicable_retry_config(opts), call_name: 'OperatorControlClient#change_operator_control_compartment') do
    @api_client.call_api(
      :POST,
      path,
      endpoint,
      header_params: header_params,
      query_params: query_params,
      operation_signing_strategy: operation_signing_strategy,
      body: post_body
    )
  end
  # rubocop:enable Metrics/BlockLength
end

#create_operator_control(create_operator_control_details, opts = {}) ⇒ Response

Note:

Click here to see an example of how to use create_operator_control API.

Creates an Operator Control.

Parameters:

• create_operator_control_details (OCI::OperatorAccessControl::Models::CreateOperatorControlDetails) —

  Details for the new Operator Control.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :retry_config (OCI::Retry::RetryConfig) —

  The retry configuration to apply to this operation. If no key is provided then the service-level retry configuration defined by #retry_config will be used. If an explicit nil value is provided then the operation will not retry

• :opc_retry_token (String) —

  A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations. For example, if a resource has been deleted and purged from the system, then a retry of the original creation request might be rejected.

• :opc_request_id (String) —

  The client request ID for tracing.

Returns:

• (Response) —

  A Response object with data of type OperatorControl

# File 'lib/oci/operator_access_control/operator_control_client.rb', line 192

def create_operator_control(create_operator_control_details, opts = {})
  logger.debug 'Calling operation OperatorControlClient#create_operator_control.' if logger

  raise "Missing the required parameter 'create_operator_control_details' when calling create_operator_control." if create_operator_control_details.nil?

  path = '/operatorControls'
  operation_signing_strategy = :standard

  # rubocop:disable Style/NegatedIf
  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params[:accept] = 'application/json'
  header_params[:'content-type'] = 'application/json'
  header_params[:'opc-retry-token'] = opts[:opc_retry_token] if opts[:opc_retry_token]
  header_params[:'opc-request-id'] = opts[:opc_request_id] if opts[:opc_request_id]
  # rubocop:enable Style/NegatedIf
  header_params[:'opc-retry-token'] ||= OCI::Retry.generate_opc_retry_token

  post_body = @api_client.object_to_http_body(create_operator_control_details)

  # rubocop:disable Metrics/BlockLength
  OCI::Retry.make_retrying_call(applicable_retry_config(opts), call_name: 'OperatorControlClient#create_operator_control') do
    @api_client.call_api(
      :POST,
      path,
      endpoint,
      header_params: header_params,
      query_params: query_params,
      operation_signing_strategy: operation_signing_strategy,
      body: post_body,
      return_type: 'OCI::OperatorAccessControl::Models::OperatorControl'
    )
  end
  # rubocop:enable Metrics/BlockLength
end

#delete_operator_control(operator_control_id, opts = {}) ⇒ Response

Note:

Click here to see an example of how to use delete_operator_control API.

Deletes an Operator Control. You cannot delete an Operator Control if it is assigned to govern any target resource currently or in the future. In that case, first, delete all of the current and future assignments before deleting the Operator Control. An Operator Control that was previously assigned to a target resource is marked as DELETED following a successful deletion. However, it is not completely deleted from the system. This is to ensure auditing information for the accesses done under the Operator Control is preserved for future needs. The system purges the deleted Operator Control only when all of the audit data associated with the Operator Control are also deleted. Therefore, you cannot reuse the name of the deleted Operator Control until the system purges the Operator Control.

Parameters:

• operator_control_id (String) —

  unique OperatorControl identifier

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :retry_config (OCI::Retry::RetryConfig) —

  The retry configuration to apply to this operation. If no key is provided then the service-level retry configuration defined by #retry_config will be used. If an explicit nil value is provided then the operation will not retry

• :description (String) —

  reason for deletion of OperatorControl.

• :if_match (String) —

  For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource's current etag value.

• :opc_request_id (String) —

  The client request ID for tracing.

Returns:

• (Response) —

  A Response object with data of type nil

# File 'lib/oci/operator_access_control/operator_control_client.rb', line 259

def delete_operator_control(operator_control_id, opts = {})
  logger.debug 'Calling operation OperatorControlClient#delete_operator_control.' if logger

  raise "Missing the required parameter 'operator_control_id' when calling delete_operator_control." if operator_control_id.nil?
  raise "Parameter value for 'operator_control_id' must not be blank" if OCI::Internal::Util.blank_string?(operator_control_id)

  path = '/operatorControls/{operatorControlId}'.sub('{operatorControlId}', operator_control_id.to_s)
  operation_signing_strategy = :standard

  # rubocop:disable Style/NegatedIf
  # Query Params
  query_params = {}
  query_params[:description] = opts[:description] if opts[:description]

  # Header Params
  header_params = {}
  header_params[:accept] = 'application/json'
  header_params[:'content-type'] = 'application/json'
  header_params[:'if-match'] = opts[:if_match] if opts[:if_match]
  header_params[:'opc-request-id'] = opts[:opc_request_id] if opts[:opc_request_id]
  # rubocop:enable Style/NegatedIf

  post_body = nil

  # rubocop:disable Metrics/BlockLength
  OCI::Retry.make_retrying_call(applicable_retry_config(opts), call_name: 'OperatorControlClient#delete_operator_control') do
    @api_client.call_api(
      :DELETE,
      path,
      endpoint,
      header_params: header_params,
      query_params: query_params,
      operation_signing_strategy: operation_signing_strategy,
      body: post_body
    )
  end
  # rubocop:enable Metrics/BlockLength
end

#get_operator_control(operator_control_id, opts = {}) ⇒ Response

Note:

Click here to see an example of how to use get_operator_control API.

Gets the Operator Control associated with the specified Operator Control ID.

Parameters:

• operator_control_id (String) —

  unique OperatorControl identifier

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :retry_config (OCI::Retry::RetryConfig) —

  The retry configuration to apply to this operation. If no key is provided then the service-level retry configuration defined by #retry_config will be used. If an explicit nil value is provided then the operation will not retry

• :opc_request_id (String) —

  The client request ID for tracing.

Returns:

• (Response) —

  A Response object with data of type OperatorControl

# File 'lib/oci/operator_access_control/operator_control_client.rb', line 314

def get_operator_control(operator_control_id, opts = {})
  logger.debug 'Calling operation OperatorControlClient#get_operator_control.' if logger

  raise "Missing the required parameter 'operator_control_id' when calling get_operator_control." if operator_control_id.nil?
  raise "Parameter value for 'operator_control_id' must not be blank" if OCI::Internal::Util.blank_string?(operator_control_id)

  path = '/operatorControls/{operatorControlId}'.sub('{operatorControlId}', operator_control_id.to_s)
  operation_signing_strategy = :standard

  # rubocop:disable Style/NegatedIf
  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params[:accept] = 'application/json'
  header_params[:'content-type'] = 'application/json'
  header_params[:'opc-request-id'] = opts[:opc_request_id] if opts[:opc_request_id]
  # rubocop:enable Style/NegatedIf

  post_body = nil

  # rubocop:disable Metrics/BlockLength
  OCI::Retry.make_retrying_call(applicable_retry_config(opts), call_name: 'OperatorControlClient#get_operator_control') do
    @api_client.call_api(
      :GET,
      path,
      endpoint,
      header_params: header_params,
      query_params: query_params,
      operation_signing_strategy: operation_signing_strategy,
      body: post_body,
      return_type: 'OCI::OperatorAccessControl::Models::OperatorControl'
    )
  end
  # rubocop:enable Metrics/BlockLength
end

#list_operator_controls(compartment_id, opts = {}) ⇒ Response

Note:

Click here to see an example of how to use list_operator_controls API.

Lists the operator controls in the compartment.

Allowed values are: timeCreated, displayName

Parameters:

• compartment_id (String) —

  The ID of the compartment in which to list resources.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :retry_config (OCI::Retry::RetryConfig) —

  The retry configuration to apply to this operation. If no key is provided then the service-level retry configuration defined by #retry_config will be used. If an explicit nil value is provided then the operation will not retry

• :lifecycle_state (String) —

  A filter to return only resources whose lifecycleState matches the given OperatorControl lifecycleState.

• :display_name (String) —

  A filter to return OperatorControl that match the entire display name given.

• :resource_type (String) —

  A filter to return only lists of resources that match the entire given service type.

• :limit (Integer) —

  The maximum number of items to return. (default to 10)

• :page (String) —

  The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

• :sort_order (String) —

  The sort order to use, either 'asc' or 'desc'. (default to DESC)

• :sort_by (String) —

  The field to sort by. Only one sort order may be provided. Default order for timeCreated is descending. Default order for displayName is ascending. If no value is specified timeCreated is default. (default to timeCreated)

• :opc_request_id (String) —

  The client request ID for tracing.

Returns:

• (Response) —

  A Response object with data of type OperatorControlCollection

# File 'lib/oci/operator_access_control/operator_control_client.rb', line 378

def list_operator_controls(compartment_id, opts = {})
  logger.debug 'Calling operation OperatorControlClient#list_operator_controls.' if logger

  raise "Missing the required parameter 'compartment_id' when calling list_operator_controls." if compartment_id.nil?

  if opts[:lifecycle_state] && !OCI::OperatorAccessControl::Models::OPERATOR_CONTROL_LIFECYCLE_STATES_ENUM.include?(opts[:lifecycle_state])
    raise 'Invalid value for "lifecycle_state", must be one of the values in OCI::OperatorAccessControl::Models::OPERATOR_CONTROL_LIFECYCLE_STATES_ENUM.'
  end

  if opts[:sort_order] && !OCI::OperatorAccessControl::Models::SORT_ORDERS_ENUM.include?(opts[:sort_order])
    raise 'Invalid value for "sort_order", must be one of the values in OCI::OperatorAccessControl::Models::SORT_ORDERS_ENUM.'
  end

  if opts[:sort_by] && !%w[timeCreated displayName].include?(opts[:sort_by])
    raise 'Invalid value for "sort_by", must be one of timeCreated, displayName.'
  end

  path = '/operatorControls'
  operation_signing_strategy = :standard

  # rubocop:disable Style/NegatedIf
  # Query Params
  query_params = {}
  query_params[:compartmentId] = compartment_id
  query_params[:lifecycleState] = opts[:lifecycle_state] if opts[:lifecycle_state]
  query_params[:displayName] = opts[:display_name] if opts[:display_name]
  query_params[:resourceType] = opts[:resource_type] if opts[:resource_type]
  query_params[:limit] = opts[:limit] if opts[:limit]
  query_params[:page] = opts[:page] if opts[:page]
  query_params[:sortOrder] = opts[:sort_order] if opts[:sort_order]
  query_params[:sortBy] = opts[:sort_by] if opts[:sort_by]

  # Header Params
  header_params = {}
  header_params[:accept] = 'application/json'
  header_params[:'content-type'] = 'application/json'
  header_params[:'opc-request-id'] = opts[:opc_request_id] if opts[:opc_request_id]
  # rubocop:enable Style/NegatedIf

  post_body = nil

  # rubocop:disable Metrics/BlockLength
  OCI::Retry.make_retrying_call(applicable_retry_config(opts), call_name: 'OperatorControlClient#list_operator_controls') do
    @api_client.call_api(
      :GET,
      path,
      endpoint,
      header_params: header_params,
      query_params: query_params,
      operation_signing_strategy: operation_signing_strategy,
      body: post_body,
      return_type: 'OCI::OperatorAccessControl::Models::OperatorControlCollection'
    )
  end
  # rubocop:enable Metrics/BlockLength
end

#logger ⇒ Logger

Returns The logger for this client. May be nil.

Returns:

• (Logger) —

  The logger for this client. May be nil.

# File 'lib/oci/operator_access_control/operator_control_client.rb', line 97

def logger
  @api_client.config.logger
end

#update_operator_control(operator_control_id, update_operator_control_details, opts = {}) ⇒ Response

Note:

Click here to see an example of how to use update_operator_control API.

Modifies the existing OperatorControl for a given operator control id except the operator control id.

Parameters:

• operator_control_id (String) —

  unique OperatorControl identifier

• update_operator_control_details (OCI::OperatorAccessControl::Models::UpdateOperatorControlDetails) —

  Details for the new OperatorControl.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :retry_config (OCI::Retry::RetryConfig) —

  The retry configuration to apply to this operation. If no key is provided then the service-level retry configuration defined by #retry_config will be used. If an explicit nil value is provided then the operation will not retry

• :if_match (String) —

  For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource's current etag value.

• :opc_request_id (String) —

  The client request ID for tracing.

Returns:

• (Response) —

  A Response object with data of type OperatorControl

# File 'lib/oci/operator_access_control/operator_control_client.rb', line 459

def update_operator_control(operator_control_id, update_operator_control_details, opts = {})
  logger.debug 'Calling operation OperatorControlClient#update_operator_control.' if logger

  raise "Missing the required parameter 'operator_control_id' when calling update_operator_control." if operator_control_id.nil?
  raise "Missing the required parameter 'update_operator_control_details' when calling update_operator_control." if update_operator_control_details.nil?
  raise "Parameter value for 'operator_control_id' must not be blank" if OCI::Internal::Util.blank_string?(operator_control_id)

  path = '/operatorControls/{operatorControlId}'.sub('{operatorControlId}', operator_control_id.to_s)
  operation_signing_strategy = :standard

  # rubocop:disable Style/NegatedIf
  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params[:accept] = 'application/json'
  header_params[:'content-type'] = 'application/json'
  header_params[:'if-match'] = opts[:if_match] if opts[:if_match]
  header_params[:'opc-request-id'] = opts[:opc_request_id] if opts[:opc_request_id]
  # rubocop:enable Style/NegatedIf

  post_body = @api_client.object_to_http_body(update_operator_control_details)

  # rubocop:disable Metrics/BlockLength
  OCI::Retry.make_retrying_call(applicable_retry_config(opts), call_name: 'OperatorControlClient#update_operator_control') do
    @api_client.call_api(
      :PUT,
      path,
      endpoint,
      header_params: header_params,
      query_params: query_params,
      operation_signing_strategy: operation_signing_strategy,
      body: post_body,
      return_type: 'OCI::OperatorAccessControl::Models::OperatorControl'
    )
  end
  # rubocop:enable Metrics/BlockLength
end