oci.DelegateAccessControl.DelegationControl
Explore with Pulumi AI
This resource provides the Delegation Control resource in Oracle Cloud Infrastructure Delegate Access Control service.
Creates a Delegation Control.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";
const testDelegationControl = new oci.delegateaccesscontrol.DelegationControl("test_delegation_control", {
compartmentId: compartmentId,
delegationSubscriptionIds: delegationControlDelegationSubscriptionIds,
displayName: delegationControlDisplayName,
notificationMessageFormat: delegationControlNotificationMessageFormat,
notificationTopicId: testNotificationTopic.id,
resourceIds: delegationControlResourceIds,
resourceType: delegationControlResourceType,
definedTags: {
"Operations.CostCenter": "42",
},
description: delegationControlDescription,
freeformTags: {
Department: "Finance",
},
isAutoApproveDuringMaintenance: delegationControlIsAutoApproveDuringMaintenance,
numApprovalsRequired: delegationControlNumApprovalsRequired,
preApprovedServiceProviderActionNames: delegationControlPreApprovedServiceProviderActionNames,
vaultId: testVault.id,
vaultKeyId: testKey.id,
});
import pulumi
import pulumi_oci as oci
test_delegation_control = oci.delegate_access_control.DelegationControl("test_delegation_control",
compartment_id=compartment_id,
delegation_subscription_ids=delegation_control_delegation_subscription_ids,
display_name=delegation_control_display_name,
notification_message_format=delegation_control_notification_message_format,
notification_topic_id=test_notification_topic["id"],
resource_ids=delegation_control_resource_ids,
resource_type=delegation_control_resource_type,
defined_tags={
"Operations.CostCenter": "42",
},
description=delegation_control_description,
freeform_tags={
"Department": "Finance",
},
is_auto_approve_during_maintenance=delegation_control_is_auto_approve_during_maintenance,
num_approvals_required=delegation_control_num_approvals_required,
pre_approved_service_provider_action_names=delegation_control_pre_approved_service_provider_action_names,
vault_id=test_vault["id"],
vault_key_id=test_key["id"])
package main
import (
"github.com/pulumi/pulumi-oci/sdk/v2/go/oci/DelegateAccessControl"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := DelegateAccessControl.NewDelegationControl(ctx, "test_delegation_control", &DelegateAccessControl.DelegationControlArgs{
CompartmentId: pulumi.Any(compartmentId),
DelegationSubscriptionIds: pulumi.Any(delegationControlDelegationSubscriptionIds),
DisplayName: pulumi.Any(delegationControlDisplayName),
NotificationMessageFormat: pulumi.Any(delegationControlNotificationMessageFormat),
NotificationTopicId: pulumi.Any(testNotificationTopic.Id),
ResourceIds: pulumi.Any(delegationControlResourceIds),
ResourceType: pulumi.Any(delegationControlResourceType),
DefinedTags: pulumi.StringMap{
"Operations.CostCenter": pulumi.String("42"),
},
Description: pulumi.Any(delegationControlDescription),
FreeformTags: pulumi.StringMap{
"Department": pulumi.String("Finance"),
},
IsAutoApproveDuringMaintenance: pulumi.Any(delegationControlIsAutoApproveDuringMaintenance),
NumApprovalsRequired: pulumi.Any(delegationControlNumApprovalsRequired),
PreApprovedServiceProviderActionNames: pulumi.Any(delegationControlPreApprovedServiceProviderActionNames),
VaultId: pulumi.Any(testVault.Id),
VaultKeyId: pulumi.Any(testKey.Id),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Oci = Pulumi.Oci;
return await Deployment.RunAsync(() =>
{
var testDelegationControl = new Oci.DelegateAccessControl.DelegationControl("test_delegation_control", new()
{
CompartmentId = compartmentId,
DelegationSubscriptionIds = delegationControlDelegationSubscriptionIds,
DisplayName = delegationControlDisplayName,
NotificationMessageFormat = delegationControlNotificationMessageFormat,
NotificationTopicId = testNotificationTopic.Id,
ResourceIds = delegationControlResourceIds,
ResourceType = delegationControlResourceType,
DefinedTags =
{
{ "Operations.CostCenter", "42" },
},
Description = delegationControlDescription,
FreeformTags =
{
{ "Department", "Finance" },
},
IsAutoApproveDuringMaintenance = delegationControlIsAutoApproveDuringMaintenance,
NumApprovalsRequired = delegationControlNumApprovalsRequired,
PreApprovedServiceProviderActionNames = delegationControlPreApprovedServiceProviderActionNames,
VaultId = testVault.Id,
VaultKeyId = testKey.Id,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.DelegateAccessControl.DelegationControl;
import com.pulumi.oci.DelegateAccessControl.DelegationControlArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var testDelegationControl = new DelegationControl("testDelegationControl", DelegationControlArgs.builder()
.compartmentId(compartmentId)
.delegationSubscriptionIds(delegationControlDelegationSubscriptionIds)
.displayName(delegationControlDisplayName)
.notificationMessageFormat(delegationControlNotificationMessageFormat)
.notificationTopicId(testNotificationTopic.id())
.resourceIds(delegationControlResourceIds)
.resourceType(delegationControlResourceType)
.definedTags(Map.of("Operations.CostCenter", "42"))
.description(delegationControlDescription)
.freeformTags(Map.of("Department", "Finance"))
.isAutoApproveDuringMaintenance(delegationControlIsAutoApproveDuringMaintenance)
.numApprovalsRequired(delegationControlNumApprovalsRequired)
.preApprovedServiceProviderActionNames(delegationControlPreApprovedServiceProviderActionNames)
.vaultId(testVault.id())
.vaultKeyId(testKey.id())
.build());
}
}
resources:
testDelegationControl:
type: oci:DelegateAccessControl:DelegationControl
name: test_delegation_control
properties:
compartmentId: ${compartmentId}
delegationSubscriptionIds: ${delegationControlDelegationSubscriptionIds}
displayName: ${delegationControlDisplayName}
notificationMessageFormat: ${delegationControlNotificationMessageFormat}
notificationTopicId: ${testNotificationTopic.id}
resourceIds: ${delegationControlResourceIds}
resourceType: ${delegationControlResourceType}
definedTags:
Operations.CostCenter: '42'
description: ${delegationControlDescription}
freeformTags:
Department: Finance
isAutoApproveDuringMaintenance: ${delegationControlIsAutoApproveDuringMaintenance}
numApprovalsRequired: ${delegationControlNumApprovalsRequired}
preApprovedServiceProviderActionNames: ${delegationControlPreApprovedServiceProviderActionNames}
vaultId: ${testVault.id}
vaultKeyId: ${testKey.id}
Create DelegationControl Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new DelegationControl(name: string, args: DelegationControlArgs, opts?: CustomResourceOptions);
@overload
def DelegationControl(resource_name: str,
args: DelegationControlArgs,
opts: Optional[ResourceOptions] = None)
@overload
def DelegationControl(resource_name: str,
opts: Optional[ResourceOptions] = None,
notification_message_format: Optional[str] = None,
resource_type: Optional[str] = None,
delegation_subscription_ids: Optional[Sequence[str]] = None,
resource_ids: Optional[Sequence[str]] = None,
display_name: Optional[str] = None,
notification_topic_id: Optional[str] = None,
compartment_id: Optional[str] = None,
is_auto_approve_during_maintenance: Optional[bool] = None,
freeform_tags: Optional[Mapping[str, str]] = None,
num_approvals_required: Optional[int] = None,
pre_approved_service_provider_action_names: Optional[Sequence[str]] = None,
description: Optional[str] = None,
defined_tags: Optional[Mapping[str, str]] = None,
vault_id: Optional[str] = None,
vault_key_id: Optional[str] = None)
func NewDelegationControl(ctx *Context, name string, args DelegationControlArgs, opts ...ResourceOption) (*DelegationControl, error)
public DelegationControl(string name, DelegationControlArgs args, CustomResourceOptions? opts = null)
public DelegationControl(String name, DelegationControlArgs args)
public DelegationControl(String name, DelegationControlArgs args, CustomResourceOptions options)
type: oci:DelegateAccessControl:DelegationControl
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args DelegationControlArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args DelegationControlArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args DelegationControlArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args DelegationControlArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args DelegationControlArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var delegationControlResource = new Oci.DelegateAccessControl.DelegationControl("delegationControlResource", new()
{
NotificationMessageFormat = "string",
ResourceType = "string",
DelegationSubscriptionIds = new[]
{
"string",
},
ResourceIds = new[]
{
"string",
},
DisplayName = "string",
NotificationTopicId = "string",
CompartmentId = "string",
IsAutoApproveDuringMaintenance = false,
FreeformTags =
{
{ "string", "string" },
},
NumApprovalsRequired = 0,
PreApprovedServiceProviderActionNames = new[]
{
"string",
},
Description = "string",
DefinedTags =
{
{ "string", "string" },
},
VaultId = "string",
VaultKeyId = "string",
});
example, err := DelegateAccessControl.NewDelegationControl(ctx, "delegationControlResource", &DelegateAccessControl.DelegationControlArgs{
NotificationMessageFormat: pulumi.String("string"),
ResourceType: pulumi.String("string"),
DelegationSubscriptionIds: pulumi.StringArray{
pulumi.String("string"),
},
ResourceIds: pulumi.StringArray{
pulumi.String("string"),
},
DisplayName: pulumi.String("string"),
NotificationTopicId: pulumi.String("string"),
CompartmentId: pulumi.String("string"),
IsAutoApproveDuringMaintenance: pulumi.Bool(false),
FreeformTags: pulumi.StringMap{
"string": pulumi.String("string"),
},
NumApprovalsRequired: pulumi.Int(0),
PreApprovedServiceProviderActionNames: pulumi.StringArray{
pulumi.String("string"),
},
Description: pulumi.String("string"),
DefinedTags: pulumi.StringMap{
"string": pulumi.String("string"),
},
VaultId: pulumi.String("string"),
VaultKeyId: pulumi.String("string"),
})
var delegationControlResource = new DelegationControl("delegationControlResource", DelegationControlArgs.builder()
.notificationMessageFormat("string")
.resourceType("string")
.delegationSubscriptionIds("string")
.resourceIds("string")
.displayName("string")
.notificationTopicId("string")
.compartmentId("string")
.isAutoApproveDuringMaintenance(false)
.freeformTags(Map.of("string", "string"))
.numApprovalsRequired(0)
.preApprovedServiceProviderActionNames("string")
.description("string")
.definedTags(Map.of("string", "string"))
.vaultId("string")
.vaultKeyId("string")
.build());
delegation_control_resource = oci.delegate_access_control.DelegationControl("delegationControlResource",
notification_message_format="string",
resource_type="string",
delegation_subscription_ids=["string"],
resource_ids=["string"],
display_name="string",
notification_topic_id="string",
compartment_id="string",
is_auto_approve_during_maintenance=False,
freeform_tags={
"string": "string",
},
num_approvals_required=0,
pre_approved_service_provider_action_names=["string"],
description="string",
defined_tags={
"string": "string",
},
vault_id="string",
vault_key_id="string")
const delegationControlResource = new oci.delegateaccesscontrol.DelegationControl("delegationControlResource", {
notificationMessageFormat: "string",
resourceType: "string",
delegationSubscriptionIds: ["string"],
resourceIds: ["string"],
displayName: "string",
notificationTopicId: "string",
compartmentId: "string",
isAutoApproveDuringMaintenance: false,
freeformTags: {
string: "string",
},
numApprovalsRequired: 0,
preApprovedServiceProviderActionNames: ["string"],
description: "string",
definedTags: {
string: "string",
},
vaultId: "string",
vaultKeyId: "string",
});
type: oci:DelegateAccessControl:DelegationControl
properties:
compartmentId: string
definedTags:
string: string
delegationSubscriptionIds:
- string
description: string
displayName: string
freeformTags:
string: string
isAutoApproveDuringMaintenance: false
notificationMessageFormat: string
notificationTopicId: string
numApprovalsRequired: 0
preApprovedServiceProviderActionNames:
- string
resourceIds:
- string
resourceType: string
vaultId: string
vaultKeyId: string
DelegationControl Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The DelegationControl resource accepts the following input properties:
- Compartment
Id string - (Updatable) The OCID of the compartment that contains this Delegation Control.
- Delegation
Subscription List<string>Ids - (Updatable) List of Delegation Subscription OCID that are allowed for this Delegation Control. The allowed subscriptions will determine the available Service Provider Actions. Only support operators for the allowed subscriptions are allowed to create Delegated Resource Access Request.
- Display
Name string - (Updatable) Name of the Delegation Control. The name does not need to be unique.
- Notification
Message stringFormat - (Updatable) The format of the Oracle Cloud Infrastructure Notification messages for this Delegation Control.
- Notification
Topic stringId - (Updatable) The OCID of the Oracle Cloud Infrastructure Notification topic to publish messages related to this Delegation Control.
- Resource
Ids List<string> - (Updatable) The OCID of the selected resources that this Delegation Control is applicable to.
- Resource
Type string - Resource type for which the Delegation Control is applicable to.
- Dictionary<string, string>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- Description string
- (Updatable) Description of the Delegation Control.
- Dictionary<string, string>
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
- Is
Auto boolApprove During Maintenance - (Updatable) Set to true to allow all Delegated Resource Access Request to be approved automatically during maintenance.
- Num
Approvals intRequired - (Updatable) number of approvals required.
- Pre
Approved List<string>Service Provider Action Names - (Updatable) List of pre-approved Service Provider Action names. The list of pre-defined Service Provider Actions can be obtained from the ListServiceProviderActions API. Delegated Resource Access Requests associated with a resource governed by this Delegation Control will be automatically approved if the Delegated Resource Access Request only contain Service Provider Actions in the pre-approved list.
- Vault
Id string - The OCID of the Oracle Cloud Infrastructure Vault that will store the secrets containing the SSH keys to access the resource governed by this Delegation Control by Delegate Access Control Service. This property is required when resourceType is CLOUDVMCLUSTER. Delegate Access Control Service will generate the SSH keys and store them as secrets in the Oracle Cloud Infrastructure Vault.
- Vault
Key stringId The OCID of the Master Encryption Key in the Oracle Cloud Infrastructure Vault specified by vaultId. This key will be used to encrypt the SSH keys to access the resource governed by this Delegation Control by Delegate Access Control Service. This property is required when resourceType is CLOUDVMCLUSTER.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- Compartment
Id string - (Updatable) The OCID of the compartment that contains this Delegation Control.
- Delegation
Subscription []stringIds - (Updatable) List of Delegation Subscription OCID that are allowed for this Delegation Control. The allowed subscriptions will determine the available Service Provider Actions. Only support operators for the allowed subscriptions are allowed to create Delegated Resource Access Request.
- Display
Name string - (Updatable) Name of the Delegation Control. The name does not need to be unique.
- Notification
Message stringFormat - (Updatable) The format of the Oracle Cloud Infrastructure Notification messages for this Delegation Control.
- Notification
Topic stringId - (Updatable) The OCID of the Oracle Cloud Infrastructure Notification topic to publish messages related to this Delegation Control.
- Resource
Ids []string - (Updatable) The OCID of the selected resources that this Delegation Control is applicable to.
- Resource
Type string - Resource type for which the Delegation Control is applicable to.
- map[string]string
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- Description string
- (Updatable) Description of the Delegation Control.
- map[string]string
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
- Is
Auto boolApprove During Maintenance - (Updatable) Set to true to allow all Delegated Resource Access Request to be approved automatically during maintenance.
- Num
Approvals intRequired - (Updatable) number of approvals required.
- Pre
Approved []stringService Provider Action Names - (Updatable) List of pre-approved Service Provider Action names. The list of pre-defined Service Provider Actions can be obtained from the ListServiceProviderActions API. Delegated Resource Access Requests associated with a resource governed by this Delegation Control will be automatically approved if the Delegated Resource Access Request only contain Service Provider Actions in the pre-approved list.
- Vault
Id string - The OCID of the Oracle Cloud Infrastructure Vault that will store the secrets containing the SSH keys to access the resource governed by this Delegation Control by Delegate Access Control Service. This property is required when resourceType is CLOUDVMCLUSTER. Delegate Access Control Service will generate the SSH keys and store them as secrets in the Oracle Cloud Infrastructure Vault.
- Vault
Key stringId The OCID of the Master Encryption Key in the Oracle Cloud Infrastructure Vault specified by vaultId. This key will be used to encrypt the SSH keys to access the resource governed by this Delegation Control by Delegate Access Control Service. This property is required when resourceType is CLOUDVMCLUSTER.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- compartment
Id String - (Updatable) The OCID of the compartment that contains this Delegation Control.
- delegation
Subscription List<String>Ids - (Updatable) List of Delegation Subscription OCID that are allowed for this Delegation Control. The allowed subscriptions will determine the available Service Provider Actions. Only support operators for the allowed subscriptions are allowed to create Delegated Resource Access Request.
- display
Name String - (Updatable) Name of the Delegation Control. The name does not need to be unique.
- notification
Message StringFormat - (Updatable) The format of the Oracle Cloud Infrastructure Notification messages for this Delegation Control.
- notification
Topic StringId - (Updatable) The OCID of the Oracle Cloud Infrastructure Notification topic to publish messages related to this Delegation Control.
- resource
Ids List<String> - (Updatable) The OCID of the selected resources that this Delegation Control is applicable to.
- resource
Type String - Resource type for which the Delegation Control is applicable to.
- Map<String,String>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- description String
- (Updatable) Description of the Delegation Control.
- Map<String,String>
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
- is
Auto BooleanApprove During Maintenance - (Updatable) Set to true to allow all Delegated Resource Access Request to be approved automatically during maintenance.
- num
Approvals IntegerRequired - (Updatable) number of approvals required.
- pre
Approved List<String>Service Provider Action Names - (Updatable) List of pre-approved Service Provider Action names. The list of pre-defined Service Provider Actions can be obtained from the ListServiceProviderActions API. Delegated Resource Access Requests associated with a resource governed by this Delegation Control will be automatically approved if the Delegated Resource Access Request only contain Service Provider Actions in the pre-approved list.
- vault
Id String - The OCID of the Oracle Cloud Infrastructure Vault that will store the secrets containing the SSH keys to access the resource governed by this Delegation Control by Delegate Access Control Service. This property is required when resourceType is CLOUDVMCLUSTER. Delegate Access Control Service will generate the SSH keys and store them as secrets in the Oracle Cloud Infrastructure Vault.
- vault
Key StringId The OCID of the Master Encryption Key in the Oracle Cloud Infrastructure Vault specified by vaultId. This key will be used to encrypt the SSH keys to access the resource governed by this Delegation Control by Delegate Access Control Service. This property is required when resourceType is CLOUDVMCLUSTER.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- compartment
Id string - (Updatable) The OCID of the compartment that contains this Delegation Control.
- delegation
Subscription string[]Ids - (Updatable) List of Delegation Subscription OCID that are allowed for this Delegation Control. The allowed subscriptions will determine the available Service Provider Actions. Only support operators for the allowed subscriptions are allowed to create Delegated Resource Access Request.
- display
Name string - (Updatable) Name of the Delegation Control. The name does not need to be unique.
- notification
Message stringFormat - (Updatable) The format of the Oracle Cloud Infrastructure Notification messages for this Delegation Control.
- notification
Topic stringId - (Updatable) The OCID of the Oracle Cloud Infrastructure Notification topic to publish messages related to this Delegation Control.
- resource
Ids string[] - (Updatable) The OCID of the selected resources that this Delegation Control is applicable to.
- resource
Type string - Resource type for which the Delegation Control is applicable to.
- {[key: string]: string}
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- description string
- (Updatable) Description of the Delegation Control.
- {[key: string]: string}
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
- is
Auto booleanApprove During Maintenance - (Updatable) Set to true to allow all Delegated Resource Access Request to be approved automatically during maintenance.
- num
Approvals numberRequired - (Updatable) number of approvals required.
- pre
Approved string[]Service Provider Action Names - (Updatable) List of pre-approved Service Provider Action names. The list of pre-defined Service Provider Actions can be obtained from the ListServiceProviderActions API. Delegated Resource Access Requests associated with a resource governed by this Delegation Control will be automatically approved if the Delegated Resource Access Request only contain Service Provider Actions in the pre-approved list.
- vault
Id string - The OCID of the Oracle Cloud Infrastructure Vault that will store the secrets containing the SSH keys to access the resource governed by this Delegation Control by Delegate Access Control Service. This property is required when resourceType is CLOUDVMCLUSTER. Delegate Access Control Service will generate the SSH keys and store them as secrets in the Oracle Cloud Infrastructure Vault.
- vault
Key stringId The OCID of the Master Encryption Key in the Oracle Cloud Infrastructure Vault specified by vaultId. This key will be used to encrypt the SSH keys to access the resource governed by this Delegation Control by Delegate Access Control Service. This property is required when resourceType is CLOUDVMCLUSTER.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- compartment_
id str - (Updatable) The OCID of the compartment that contains this Delegation Control.
- delegation_
subscription_ Sequence[str]ids - (Updatable) List of Delegation Subscription OCID that are allowed for this Delegation Control. The allowed subscriptions will determine the available Service Provider Actions. Only support operators for the allowed subscriptions are allowed to create Delegated Resource Access Request.
- display_
name str - (Updatable) Name of the Delegation Control. The name does not need to be unique.
- notification_
message_ strformat - (Updatable) The format of the Oracle Cloud Infrastructure Notification messages for this Delegation Control.
- notification_
topic_ strid - (Updatable) The OCID of the Oracle Cloud Infrastructure Notification topic to publish messages related to this Delegation Control.
- resource_
ids Sequence[str] - (Updatable) The OCID of the selected resources that this Delegation Control is applicable to.
- resource_
type str - Resource type for which the Delegation Control is applicable to.
- Mapping[str, str]
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- description str
- (Updatable) Description of the Delegation Control.
- Mapping[str, str]
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
- is_
auto_ boolapprove_ during_ maintenance - (Updatable) Set to true to allow all Delegated Resource Access Request to be approved automatically during maintenance.
- num_
approvals_ intrequired - (Updatable) number of approvals required.
- pre_
approved_ Sequence[str]service_ provider_ action_ names - (Updatable) List of pre-approved Service Provider Action names. The list of pre-defined Service Provider Actions can be obtained from the ListServiceProviderActions API. Delegated Resource Access Requests associated with a resource governed by this Delegation Control will be automatically approved if the Delegated Resource Access Request only contain Service Provider Actions in the pre-approved list.
- vault_
id str - The OCID of the Oracle Cloud Infrastructure Vault that will store the secrets containing the SSH keys to access the resource governed by this Delegation Control by Delegate Access Control Service. This property is required when resourceType is CLOUDVMCLUSTER. Delegate Access Control Service will generate the SSH keys and store them as secrets in the Oracle Cloud Infrastructure Vault.
- vault_
key_ strid The OCID of the Master Encryption Key in the Oracle Cloud Infrastructure Vault specified by vaultId. This key will be used to encrypt the SSH keys to access the resource governed by this Delegation Control by Delegate Access Control Service. This property is required when resourceType is CLOUDVMCLUSTER.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- compartment
Id String - (Updatable) The OCID of the compartment that contains this Delegation Control.
- delegation
Subscription List<String>Ids - (Updatable) List of Delegation Subscription OCID that are allowed for this Delegation Control. The allowed subscriptions will determine the available Service Provider Actions. Only support operators for the allowed subscriptions are allowed to create Delegated Resource Access Request.
- display
Name String - (Updatable) Name of the Delegation Control. The name does not need to be unique.
- notification
Message StringFormat - (Updatable) The format of the Oracle Cloud Infrastructure Notification messages for this Delegation Control.
- notification
Topic StringId - (Updatable) The OCID of the Oracle Cloud Infrastructure Notification topic to publish messages related to this Delegation Control.
- resource
Ids List<String> - (Updatable) The OCID of the selected resources that this Delegation Control is applicable to.
- resource
Type String - Resource type for which the Delegation Control is applicable to.
- Map<String>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- description String
- (Updatable) Description of the Delegation Control.
- Map<String>
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
- is
Auto BooleanApprove During Maintenance - (Updatable) Set to true to allow all Delegated Resource Access Request to be approved automatically during maintenance.
- num
Approvals NumberRequired - (Updatable) number of approvals required.
- pre
Approved List<String>Service Provider Action Names - (Updatable) List of pre-approved Service Provider Action names. The list of pre-defined Service Provider Actions can be obtained from the ListServiceProviderActions API. Delegated Resource Access Requests associated with a resource governed by this Delegation Control will be automatically approved if the Delegated Resource Access Request only contain Service Provider Actions in the pre-approved list.
- vault
Id String - The OCID of the Oracle Cloud Infrastructure Vault that will store the secrets containing the SSH keys to access the resource governed by this Delegation Control by Delegate Access Control Service. This property is required when resourceType is CLOUDVMCLUSTER. Delegate Access Control Service will generate the SSH keys and store them as secrets in the Oracle Cloud Infrastructure Vault.
- vault
Key StringId The OCID of the Master Encryption Key in the Oracle Cloud Infrastructure Vault specified by vaultId. This key will be used to encrypt the SSH keys to access the resource governed by this Delegation Control by Delegate Access Control Service. This property is required when resourceType is CLOUDVMCLUSTER.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
Outputs
All input properties are implicitly available as output properties. Additionally, the DelegationControl resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Lifecycle
State stringDetails - Description of the current lifecycle state in more detail.
- State string
- The current lifecycle state of the Delegation Control.
- Dictionary<string, string>
- System tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"orcl-cloud.free-tier-retained": "true"}
- Time
Created string - Time when the Delegation Control was created expressed in RFC 3339 timestamp format, e.g. '2020-05-22T21:10:29.600Z'
- Time
Deleted string - Time when the Delegation Control was deleted expressed in RFC 3339timestamp format, e.g. '2020-05-22T21:10:29.600Z'. Note a deleted Delegation Control still stays in the system, so that you can still audit Service Provider Actions associated with Delegated Resource Access Requests raised on target resources governed by the deleted Delegation Control.
- Time
Updated string - Time when the Delegation Control was last modified expressed in RFC 3339 timestamp format, e.g. '2020-05-22T21:10:29.600Z'
- Id string
- The provider-assigned unique ID for this managed resource.
- Lifecycle
State stringDetails - Description of the current lifecycle state in more detail.
- State string
- The current lifecycle state of the Delegation Control.
- map[string]string
- System tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"orcl-cloud.free-tier-retained": "true"}
- Time
Created string - Time when the Delegation Control was created expressed in RFC 3339 timestamp format, e.g. '2020-05-22T21:10:29.600Z'
- Time
Deleted string - Time when the Delegation Control was deleted expressed in RFC 3339timestamp format, e.g. '2020-05-22T21:10:29.600Z'. Note a deleted Delegation Control still stays in the system, so that you can still audit Service Provider Actions associated with Delegated Resource Access Requests raised on target resources governed by the deleted Delegation Control.
- Time
Updated string - Time when the Delegation Control was last modified expressed in RFC 3339 timestamp format, e.g. '2020-05-22T21:10:29.600Z'
- id String
- The provider-assigned unique ID for this managed resource.
- lifecycle
State StringDetails - Description of the current lifecycle state in more detail.
- state String
- The current lifecycle state of the Delegation Control.
- Map<String,String>
- System tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"orcl-cloud.free-tier-retained": "true"}
- time
Created String - Time when the Delegation Control was created expressed in RFC 3339 timestamp format, e.g. '2020-05-22T21:10:29.600Z'
- time
Deleted String - Time when the Delegation Control was deleted expressed in RFC 3339timestamp format, e.g. '2020-05-22T21:10:29.600Z'. Note a deleted Delegation Control still stays in the system, so that you can still audit Service Provider Actions associated with Delegated Resource Access Requests raised on target resources governed by the deleted Delegation Control.
- time
Updated String - Time when the Delegation Control was last modified expressed in RFC 3339 timestamp format, e.g. '2020-05-22T21:10:29.600Z'
- id string
- The provider-assigned unique ID for this managed resource.
- lifecycle
State stringDetails - Description of the current lifecycle state in more detail.
- state string
- The current lifecycle state of the Delegation Control.
- {[key: string]: string}
- System tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"orcl-cloud.free-tier-retained": "true"}
- time
Created string - Time when the Delegation Control was created expressed in RFC 3339 timestamp format, e.g. '2020-05-22T21:10:29.600Z'
- time
Deleted string - Time when the Delegation Control was deleted expressed in RFC 3339timestamp format, e.g. '2020-05-22T21:10:29.600Z'. Note a deleted Delegation Control still stays in the system, so that you can still audit Service Provider Actions associated with Delegated Resource Access Requests raised on target resources governed by the deleted Delegation Control.
- time
Updated string - Time when the Delegation Control was last modified expressed in RFC 3339 timestamp format, e.g. '2020-05-22T21:10:29.600Z'
- id str
- The provider-assigned unique ID for this managed resource.
- lifecycle_
state_ strdetails - Description of the current lifecycle state in more detail.
- state str
- The current lifecycle state of the Delegation Control.
- Mapping[str, str]
- System tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"orcl-cloud.free-tier-retained": "true"}
- time_
created str - Time when the Delegation Control was created expressed in RFC 3339 timestamp format, e.g. '2020-05-22T21:10:29.600Z'
- time_
deleted str - Time when the Delegation Control was deleted expressed in RFC 3339timestamp format, e.g. '2020-05-22T21:10:29.600Z'. Note a deleted Delegation Control still stays in the system, so that you can still audit Service Provider Actions associated with Delegated Resource Access Requests raised on target resources governed by the deleted Delegation Control.
- time_
updated str - Time when the Delegation Control was last modified expressed in RFC 3339 timestamp format, e.g. '2020-05-22T21:10:29.600Z'
- id String
- The provider-assigned unique ID for this managed resource.
- lifecycle
State StringDetails - Description of the current lifecycle state in more detail.
- state String
- The current lifecycle state of the Delegation Control.
- Map<String>
- System tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"orcl-cloud.free-tier-retained": "true"}
- time
Created String - Time when the Delegation Control was created expressed in RFC 3339 timestamp format, e.g. '2020-05-22T21:10:29.600Z'
- time
Deleted String - Time when the Delegation Control was deleted expressed in RFC 3339timestamp format, e.g. '2020-05-22T21:10:29.600Z'. Note a deleted Delegation Control still stays in the system, so that you can still audit Service Provider Actions associated with Delegated Resource Access Requests raised on target resources governed by the deleted Delegation Control.
- time
Updated String - Time when the Delegation Control was last modified expressed in RFC 3339 timestamp format, e.g. '2020-05-22T21:10:29.600Z'
Look up Existing DelegationControl Resource
Get an existing DelegationControl resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: DelegationControlState, opts?: CustomResourceOptions): DelegationControl
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
compartment_id: Optional[str] = None,
defined_tags: Optional[Mapping[str, str]] = None,
delegation_subscription_ids: Optional[Sequence[str]] = None,
description: Optional[str] = None,
display_name: Optional[str] = None,
freeform_tags: Optional[Mapping[str, str]] = None,
is_auto_approve_during_maintenance: Optional[bool] = None,
lifecycle_state_details: Optional[str] = None,
notification_message_format: Optional[str] = None,
notification_topic_id: Optional[str] = None,
num_approvals_required: Optional[int] = None,
pre_approved_service_provider_action_names: Optional[Sequence[str]] = None,
resource_ids: Optional[Sequence[str]] = None,
resource_type: Optional[str] = None,
state: Optional[str] = None,
system_tags: Optional[Mapping[str, str]] = None,
time_created: Optional[str] = None,
time_deleted: Optional[str] = None,
time_updated: Optional[str] = None,
vault_id: Optional[str] = None,
vault_key_id: Optional[str] = None) -> DelegationControl
func GetDelegationControl(ctx *Context, name string, id IDInput, state *DelegationControlState, opts ...ResourceOption) (*DelegationControl, error)
public static DelegationControl Get(string name, Input<string> id, DelegationControlState? state, CustomResourceOptions? opts = null)
public static DelegationControl get(String name, Output<String> id, DelegationControlState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Compartment
Id string - (Updatable) The OCID of the compartment that contains this Delegation Control.
- Dictionary<string, string>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- Delegation
Subscription List<string>Ids - (Updatable) List of Delegation Subscription OCID that are allowed for this Delegation Control. The allowed subscriptions will determine the available Service Provider Actions. Only support operators for the allowed subscriptions are allowed to create Delegated Resource Access Request.
- Description string
- (Updatable) Description of the Delegation Control.
- Display
Name string - (Updatable) Name of the Delegation Control. The name does not need to be unique.
- Dictionary<string, string>
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
- Is
Auto boolApprove During Maintenance - (Updatable) Set to true to allow all Delegated Resource Access Request to be approved automatically during maintenance.
- Lifecycle
State stringDetails - Description of the current lifecycle state in more detail.
- Notification
Message stringFormat - (Updatable) The format of the Oracle Cloud Infrastructure Notification messages for this Delegation Control.
- Notification
Topic stringId - (Updatable) The OCID of the Oracle Cloud Infrastructure Notification topic to publish messages related to this Delegation Control.
- Num
Approvals intRequired - (Updatable) number of approvals required.
- Pre
Approved List<string>Service Provider Action Names - (Updatable) List of pre-approved Service Provider Action names. The list of pre-defined Service Provider Actions can be obtained from the ListServiceProviderActions API. Delegated Resource Access Requests associated with a resource governed by this Delegation Control will be automatically approved if the Delegated Resource Access Request only contain Service Provider Actions in the pre-approved list.
- Resource
Ids List<string> - (Updatable) The OCID of the selected resources that this Delegation Control is applicable to.
- Resource
Type string - Resource type for which the Delegation Control is applicable to.
- State string
- The current lifecycle state of the Delegation Control.
- Dictionary<string, string>
- System tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"orcl-cloud.free-tier-retained": "true"}
- Time
Created string - Time when the Delegation Control was created expressed in RFC 3339 timestamp format, e.g. '2020-05-22T21:10:29.600Z'
- Time
Deleted string - Time when the Delegation Control was deleted expressed in RFC 3339timestamp format, e.g. '2020-05-22T21:10:29.600Z'. Note a deleted Delegation Control still stays in the system, so that you can still audit Service Provider Actions associated with Delegated Resource Access Requests raised on target resources governed by the deleted Delegation Control.
- Time
Updated string - Time when the Delegation Control was last modified expressed in RFC 3339 timestamp format, e.g. '2020-05-22T21:10:29.600Z'
- Vault
Id string - The OCID of the Oracle Cloud Infrastructure Vault that will store the secrets containing the SSH keys to access the resource governed by this Delegation Control by Delegate Access Control Service. This property is required when resourceType is CLOUDVMCLUSTER. Delegate Access Control Service will generate the SSH keys and store them as secrets in the Oracle Cloud Infrastructure Vault.
- Vault
Key stringId The OCID of the Master Encryption Key in the Oracle Cloud Infrastructure Vault specified by vaultId. This key will be used to encrypt the SSH keys to access the resource governed by this Delegation Control by Delegate Access Control Service. This property is required when resourceType is CLOUDVMCLUSTER.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- Compartment
Id string - (Updatable) The OCID of the compartment that contains this Delegation Control.
- map[string]string
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- Delegation
Subscription []stringIds - (Updatable) List of Delegation Subscription OCID that are allowed for this Delegation Control. The allowed subscriptions will determine the available Service Provider Actions. Only support operators for the allowed subscriptions are allowed to create Delegated Resource Access Request.
- Description string
- (Updatable) Description of the Delegation Control.
- Display
Name string - (Updatable) Name of the Delegation Control. The name does not need to be unique.
- map[string]string
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
- Is
Auto boolApprove During Maintenance - (Updatable) Set to true to allow all Delegated Resource Access Request to be approved automatically during maintenance.
- Lifecycle
State stringDetails - Description of the current lifecycle state in more detail.
- Notification
Message stringFormat - (Updatable) The format of the Oracle Cloud Infrastructure Notification messages for this Delegation Control.
- Notification
Topic stringId - (Updatable) The OCID of the Oracle Cloud Infrastructure Notification topic to publish messages related to this Delegation Control.
- Num
Approvals intRequired - (Updatable) number of approvals required.
- Pre
Approved []stringService Provider Action Names - (Updatable) List of pre-approved Service Provider Action names. The list of pre-defined Service Provider Actions can be obtained from the ListServiceProviderActions API. Delegated Resource Access Requests associated with a resource governed by this Delegation Control will be automatically approved if the Delegated Resource Access Request only contain Service Provider Actions in the pre-approved list.
- Resource
Ids []string - (Updatable) The OCID of the selected resources that this Delegation Control is applicable to.
- Resource
Type string - Resource type for which the Delegation Control is applicable to.
- State string
- The current lifecycle state of the Delegation Control.
- map[string]string
- System tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"orcl-cloud.free-tier-retained": "true"}
- Time
Created string - Time when the Delegation Control was created expressed in RFC 3339 timestamp format, e.g. '2020-05-22T21:10:29.600Z'
- Time
Deleted string - Time when the Delegation Control was deleted expressed in RFC 3339timestamp format, e.g. '2020-05-22T21:10:29.600Z'. Note a deleted Delegation Control still stays in the system, so that you can still audit Service Provider Actions associated with Delegated Resource Access Requests raised on target resources governed by the deleted Delegation Control.
- Time
Updated string - Time when the Delegation Control was last modified expressed in RFC 3339 timestamp format, e.g. '2020-05-22T21:10:29.600Z'
- Vault
Id string - The OCID of the Oracle Cloud Infrastructure Vault that will store the secrets containing the SSH keys to access the resource governed by this Delegation Control by Delegate Access Control Service. This property is required when resourceType is CLOUDVMCLUSTER. Delegate Access Control Service will generate the SSH keys and store them as secrets in the Oracle Cloud Infrastructure Vault.
- Vault
Key stringId The OCID of the Master Encryption Key in the Oracle Cloud Infrastructure Vault specified by vaultId. This key will be used to encrypt the SSH keys to access the resource governed by this Delegation Control by Delegate Access Control Service. This property is required when resourceType is CLOUDVMCLUSTER.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- compartment
Id String - (Updatable) The OCID of the compartment that contains this Delegation Control.
- Map<String,String>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- delegation
Subscription List<String>Ids - (Updatable) List of Delegation Subscription OCID that are allowed for this Delegation Control. The allowed subscriptions will determine the available Service Provider Actions. Only support operators for the allowed subscriptions are allowed to create Delegated Resource Access Request.
- description String
- (Updatable) Description of the Delegation Control.
- display
Name String - (Updatable) Name of the Delegation Control. The name does not need to be unique.
- Map<String,String>
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
- is
Auto BooleanApprove During Maintenance - (Updatable) Set to true to allow all Delegated Resource Access Request to be approved automatically during maintenance.
- lifecycle
State StringDetails - Description of the current lifecycle state in more detail.
- notification
Message StringFormat - (Updatable) The format of the Oracle Cloud Infrastructure Notification messages for this Delegation Control.
- notification
Topic StringId - (Updatable) The OCID of the Oracle Cloud Infrastructure Notification topic to publish messages related to this Delegation Control.
- num
Approvals IntegerRequired - (Updatable) number of approvals required.
- pre
Approved List<String>Service Provider Action Names - (Updatable) List of pre-approved Service Provider Action names. The list of pre-defined Service Provider Actions can be obtained from the ListServiceProviderActions API. Delegated Resource Access Requests associated with a resource governed by this Delegation Control will be automatically approved if the Delegated Resource Access Request only contain Service Provider Actions in the pre-approved list.
- resource
Ids List<String> - (Updatable) The OCID of the selected resources that this Delegation Control is applicable to.
- resource
Type String - Resource type for which the Delegation Control is applicable to.
- state String
- The current lifecycle state of the Delegation Control.
- Map<String,String>
- System tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"orcl-cloud.free-tier-retained": "true"}
- time
Created String - Time when the Delegation Control was created expressed in RFC 3339 timestamp format, e.g. '2020-05-22T21:10:29.600Z'
- time
Deleted String - Time when the Delegation Control was deleted expressed in RFC 3339timestamp format, e.g. '2020-05-22T21:10:29.600Z'. Note a deleted Delegation Control still stays in the system, so that you can still audit Service Provider Actions associated with Delegated Resource Access Requests raised on target resources governed by the deleted Delegation Control.
- time
Updated String - Time when the Delegation Control was last modified expressed in RFC 3339 timestamp format, e.g. '2020-05-22T21:10:29.600Z'
- vault
Id String - The OCID of the Oracle Cloud Infrastructure Vault that will store the secrets containing the SSH keys to access the resource governed by this Delegation Control by Delegate Access Control Service. This property is required when resourceType is CLOUDVMCLUSTER. Delegate Access Control Service will generate the SSH keys and store them as secrets in the Oracle Cloud Infrastructure Vault.
- vault
Key StringId The OCID of the Master Encryption Key in the Oracle Cloud Infrastructure Vault specified by vaultId. This key will be used to encrypt the SSH keys to access the resource governed by this Delegation Control by Delegate Access Control Service. This property is required when resourceType is CLOUDVMCLUSTER.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- compartment
Id string - (Updatable) The OCID of the compartment that contains this Delegation Control.
- {[key: string]: string}
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- delegation
Subscription string[]Ids - (Updatable) List of Delegation Subscription OCID that are allowed for this Delegation Control. The allowed subscriptions will determine the available Service Provider Actions. Only support operators for the allowed subscriptions are allowed to create Delegated Resource Access Request.
- description string
- (Updatable) Description of the Delegation Control.
- display
Name string - (Updatable) Name of the Delegation Control. The name does not need to be unique.
- {[key: string]: string}
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
- is
Auto booleanApprove During Maintenance - (Updatable) Set to true to allow all Delegated Resource Access Request to be approved automatically during maintenance.
- lifecycle
State stringDetails - Description of the current lifecycle state in more detail.
- notification
Message stringFormat - (Updatable) The format of the Oracle Cloud Infrastructure Notification messages for this Delegation Control.
- notification
Topic stringId - (Updatable) The OCID of the Oracle Cloud Infrastructure Notification topic to publish messages related to this Delegation Control.
- num
Approvals numberRequired - (Updatable) number of approvals required.
- pre
Approved string[]Service Provider Action Names - (Updatable) List of pre-approved Service Provider Action names. The list of pre-defined Service Provider Actions can be obtained from the ListServiceProviderActions API. Delegated Resource Access Requests associated with a resource governed by this Delegation Control will be automatically approved if the Delegated Resource Access Request only contain Service Provider Actions in the pre-approved list.
- resource
Ids string[] - (Updatable) The OCID of the selected resources that this Delegation Control is applicable to.
- resource
Type string - Resource type for which the Delegation Control is applicable to.
- state string
- The current lifecycle state of the Delegation Control.
- {[key: string]: string}
- System tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"orcl-cloud.free-tier-retained": "true"}
- time
Created string - Time when the Delegation Control was created expressed in RFC 3339 timestamp format, e.g. '2020-05-22T21:10:29.600Z'
- time
Deleted string - Time when the Delegation Control was deleted expressed in RFC 3339timestamp format, e.g. '2020-05-22T21:10:29.600Z'. Note a deleted Delegation Control still stays in the system, so that you can still audit Service Provider Actions associated with Delegated Resource Access Requests raised on target resources governed by the deleted Delegation Control.
- time
Updated string - Time when the Delegation Control was last modified expressed in RFC 3339 timestamp format, e.g. '2020-05-22T21:10:29.600Z'
- vault
Id string - The OCID of the Oracle Cloud Infrastructure Vault that will store the secrets containing the SSH keys to access the resource governed by this Delegation Control by Delegate Access Control Service. This property is required when resourceType is CLOUDVMCLUSTER. Delegate Access Control Service will generate the SSH keys and store them as secrets in the Oracle Cloud Infrastructure Vault.
- vault
Key stringId The OCID of the Master Encryption Key in the Oracle Cloud Infrastructure Vault specified by vaultId. This key will be used to encrypt the SSH keys to access the resource governed by this Delegation Control by Delegate Access Control Service. This property is required when resourceType is CLOUDVMCLUSTER.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- compartment_
id str - (Updatable) The OCID of the compartment that contains this Delegation Control.
- Mapping[str, str]
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- delegation_
subscription_ Sequence[str]ids - (Updatable) List of Delegation Subscription OCID that are allowed for this Delegation Control. The allowed subscriptions will determine the available Service Provider Actions. Only support operators for the allowed subscriptions are allowed to create Delegated Resource Access Request.
- description str
- (Updatable) Description of the Delegation Control.
- display_
name str - (Updatable) Name of the Delegation Control. The name does not need to be unique.
- Mapping[str, str]
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
- is_
auto_ boolapprove_ during_ maintenance - (Updatable) Set to true to allow all Delegated Resource Access Request to be approved automatically during maintenance.
- lifecycle_
state_ strdetails - Description of the current lifecycle state in more detail.
- notification_
message_ strformat - (Updatable) The format of the Oracle Cloud Infrastructure Notification messages for this Delegation Control.
- notification_
topic_ strid - (Updatable) The OCID of the Oracle Cloud Infrastructure Notification topic to publish messages related to this Delegation Control.
- num_
approvals_ intrequired - (Updatable) number of approvals required.
- pre_
approved_ Sequence[str]service_ provider_ action_ names - (Updatable) List of pre-approved Service Provider Action names. The list of pre-defined Service Provider Actions can be obtained from the ListServiceProviderActions API. Delegated Resource Access Requests associated with a resource governed by this Delegation Control will be automatically approved if the Delegated Resource Access Request only contain Service Provider Actions in the pre-approved list.
- resource_
ids Sequence[str] - (Updatable) The OCID of the selected resources that this Delegation Control is applicable to.
- resource_
type str - Resource type for which the Delegation Control is applicable to.
- state str
- The current lifecycle state of the Delegation Control.
- Mapping[str, str]
- System tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"orcl-cloud.free-tier-retained": "true"}
- time_
created str - Time when the Delegation Control was created expressed in RFC 3339 timestamp format, e.g. '2020-05-22T21:10:29.600Z'
- time_
deleted str - Time when the Delegation Control was deleted expressed in RFC 3339timestamp format, e.g. '2020-05-22T21:10:29.600Z'. Note a deleted Delegation Control still stays in the system, so that you can still audit Service Provider Actions associated with Delegated Resource Access Requests raised on target resources governed by the deleted Delegation Control.
- time_
updated str - Time when the Delegation Control was last modified expressed in RFC 3339 timestamp format, e.g. '2020-05-22T21:10:29.600Z'
- vault_
id str - The OCID of the Oracle Cloud Infrastructure Vault that will store the secrets containing the SSH keys to access the resource governed by this Delegation Control by Delegate Access Control Service. This property is required when resourceType is CLOUDVMCLUSTER. Delegate Access Control Service will generate the SSH keys and store them as secrets in the Oracle Cloud Infrastructure Vault.
- vault_
key_ strid The OCID of the Master Encryption Key in the Oracle Cloud Infrastructure Vault specified by vaultId. This key will be used to encrypt the SSH keys to access the resource governed by this Delegation Control by Delegate Access Control Service. This property is required when resourceType is CLOUDVMCLUSTER.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- compartment
Id String - (Updatable) The OCID of the compartment that contains this Delegation Control.
- Map<String>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"}
- delegation
Subscription List<String>Ids - (Updatable) List of Delegation Subscription OCID that are allowed for this Delegation Control. The allowed subscriptions will determine the available Service Provider Actions. Only support operators for the allowed subscriptions are allowed to create Delegated Resource Access Request.
- description String
- (Updatable) Description of the Delegation Control.
- display
Name String - (Updatable) Name of the Delegation Control. The name does not need to be unique.
- Map<String>
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"}
- is
Auto BooleanApprove During Maintenance - (Updatable) Set to true to allow all Delegated Resource Access Request to be approved automatically during maintenance.
- lifecycle
State StringDetails - Description of the current lifecycle state in more detail.
- notification
Message StringFormat - (Updatable) The format of the Oracle Cloud Infrastructure Notification messages for this Delegation Control.
- notification
Topic StringId - (Updatable) The OCID of the Oracle Cloud Infrastructure Notification topic to publish messages related to this Delegation Control.
- num
Approvals NumberRequired - (Updatable) number of approvals required.
- pre
Approved List<String>Service Provider Action Names - (Updatable) List of pre-approved Service Provider Action names. The list of pre-defined Service Provider Actions can be obtained from the ListServiceProviderActions API. Delegated Resource Access Requests associated with a resource governed by this Delegation Control will be automatically approved if the Delegated Resource Access Request only contain Service Provider Actions in the pre-approved list.
- resource
Ids List<String> - (Updatable) The OCID of the selected resources that this Delegation Control is applicable to.
- resource
Type String - Resource type for which the Delegation Control is applicable to.
- state String
- The current lifecycle state of the Delegation Control.
- Map<String>
- System tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"orcl-cloud.free-tier-retained": "true"}
- time
Created String - Time when the Delegation Control was created expressed in RFC 3339 timestamp format, e.g. '2020-05-22T21:10:29.600Z'
- time
Deleted String - Time when the Delegation Control was deleted expressed in RFC 3339timestamp format, e.g. '2020-05-22T21:10:29.600Z'. Note a deleted Delegation Control still stays in the system, so that you can still audit Service Provider Actions associated with Delegated Resource Access Requests raised on target resources governed by the deleted Delegation Control.
- time
Updated String - Time when the Delegation Control was last modified expressed in RFC 3339 timestamp format, e.g. '2020-05-22T21:10:29.600Z'
- vault
Id String - The OCID of the Oracle Cloud Infrastructure Vault that will store the secrets containing the SSH keys to access the resource governed by this Delegation Control by Delegate Access Control Service. This property is required when resourceType is CLOUDVMCLUSTER. Delegate Access Control Service will generate the SSH keys and store them as secrets in the Oracle Cloud Infrastructure Vault.
- vault
Key StringId The OCID of the Master Encryption Key in the Oracle Cloud Infrastructure Vault specified by vaultId. This key will be used to encrypt the SSH keys to access the resource governed by this Delegation Control by Delegate Access Control Service. This property is required when resourceType is CLOUDVMCLUSTER.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
Import
DelegationControls can be imported using the id
, e.g.
$ pulumi import oci:DelegateAccessControl/delegationControl:DelegationControl test_delegation_control "id"
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- oci pulumi/pulumi-oci
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
oci
Terraform Provider.