Operator Access Control Operator Control Functions

Package: DBMS_CLOUD_OCI_OAC_OPERATOR_CONTROL

CHANGE_OPERATOR_CONTROL_COMPARTMENT Function

Moves the Operator Control resource into a different compartment. When provided, 'If-Match' is checked against 'ETag' values of the resource.

Syntax

FUNCTION change_operator_control_compartment (
  operator_control_id varchar2,
  change_operator_control_compartment_details dbms_cloud_oci_operator_access_control_change_operator_control_compartment_details_t,
  opc_retry_token varchar2 DEFAULT NULL,
  if_match varchar2 DEFAULT NULL,
  opc_request_id varchar2 DEFAULT NULL,
  region varchar2 DEFAULT NULL, 
  endpoint varchar2 DEFAULT NULL,
  credential_name varchar2 DEFAULT NULL
) RETURN dbms_cloud_oci_oac_operator_control_change_operator_control_compartment_response_t;

Parameters

Parameter Description

operator_control_id

(required) unique OperatorControl identifier

change_operator_control_compartment_details

(required) Moves the Operator Control resource into a different compartment.

opc_retry_token

(optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations. For example, if a resource has been deleted and purged from the system, then a retry of the original creation request might be rejected.

if_match

(optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the `if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource's current etag value.

opc_request_id

(optional) The client request ID for tracing.

region

(optional) OCI region id. e.g us-phoenix-1 for US West (Phoenix).

endpoint

(optional) The endpoint of the service to call using this function. e.g https://operator-access-control.{region}.oci.{secondLevelDomain}.If both endpoint and region are given, then endpoint takes precedence.

credential_name

(optional) The name of the credential for authenticating with the corresponding cloud native API.

CREATE_OPERATOR_CONTROL Function

Creates an Operator Control.

Syntax

FUNCTION create_operator_control (
  create_operator_control_details dbms_cloud_oci_operator_access_control_create_operator_control_details_t,
  opc_retry_token varchar2 DEFAULT NULL,
  opc_request_id varchar2 DEFAULT NULL,
  region varchar2 DEFAULT NULL, 
  endpoint varchar2 DEFAULT NULL,
  credential_name varchar2 DEFAULT NULL
) RETURN dbms_cloud_oci_oac_operator_control_create_operator_control_response_t;

Parameters

Parameter Description

create_operator_control_details

(required) Details for the new Operator Control.

opc_retry_token

(optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations. For example, if a resource has been deleted and purged from the system, then a retry of the original creation request might be rejected.

opc_request_id

(optional) The client request ID for tracing.

region

(optional) OCI region id. e.g us-phoenix-1 for US West (Phoenix).

endpoint

(optional) The endpoint of the service to call using this function. e.g https://operator-access-control.{region}.oci.{secondLevelDomain}.If both endpoint and region are given, then endpoint takes precedence.

credential_name

(optional) The name of the credential for authenticating with the corresponding cloud native API.

DELETE_OPERATOR_CONTROL Function

Deletes an Operator Control. You cannot delete an Operator Control if it is assigned to govern any target resource currently or in the future. In that case, first, delete all of the current and future assignments before deleting the Operator Control. An Operator Control that was previously assigned to a target resource is marked as DELETED following a successful deletion. However, it is not completely deleted from the system. This is to ensure auditing information for the accesses done under the Operator Control is preserved for future needs. The system purges the deleted Operator Control only when all of the audit data associated with the Operator Control are also deleted. Therefore, you cannot reuse the name of the deleted Operator Control until the system purges the Operator Control.

Syntax

FUNCTION delete_operator_control (
  operator_control_id varchar2,
  description varchar2 DEFAULT NULL,
  if_match varchar2 DEFAULT NULL,
  opc_request_id varchar2 DEFAULT NULL,
  region varchar2 DEFAULT NULL, 
  endpoint varchar2 DEFAULT NULL,
  credential_name varchar2 DEFAULT NULL
) RETURN dbms_cloud_oci_oac_operator_control_delete_operator_control_response_t;

Parameters

Parameter Description

operator_control_id

(required) unique OperatorControl identifier

description

(optional) reason for deletion of OperatorControl.

if_match

(optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the `if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource's current etag value.

opc_request_id

(optional) The client request ID for tracing.

region

(optional) OCI region id. e.g us-phoenix-1 for US West (Phoenix).

endpoint

(optional) The endpoint of the service to call using this function. e.g https://operator-access-control.{region}.oci.{secondLevelDomain}.If both endpoint and region are given, then endpoint takes precedence.

credential_name

(optional) The name of the credential for authenticating with the corresponding cloud native API.

GET_OPERATOR_CONTROL Function

Gets the Operator Control associated with the specified Operator Control ID.

Syntax

FUNCTION get_operator_control (
  operator_control_id varchar2,
  opc_request_id varchar2 DEFAULT NULL,
  region varchar2 DEFAULT NULL, 
  endpoint varchar2 DEFAULT NULL,
  credential_name varchar2 DEFAULT NULL
) RETURN dbms_cloud_oci_oac_operator_control_get_operator_control_response_t;

Parameters

Parameter Description

operator_control_id

(required) unique OperatorControl identifier

opc_request_id

(optional) The client request ID for tracing.

region

(optional) OCI region id. e.g us-phoenix-1 for US West (Phoenix).

endpoint

(optional) The endpoint of the service to call using this function. e.g https://operator-access-control.{region}.oci.{secondLevelDomain}.If both endpoint and region are given, then endpoint takes precedence.

credential_name

(optional) The name of the credential for authenticating with the corresponding cloud native API.

LIST_OPERATOR_CONTROLS Function

Lists the operator controls in the compartment.

Syntax

FUNCTION list_operator_controls (
  compartment_id varchar2,
  lifecycle_state varchar2 DEFAULT NULL,
  display_name varchar2 DEFAULT NULL,
  resource_type varchar2 DEFAULT NULL,
  limit number DEFAULT NULL,
  page varchar2 DEFAULT NULL,
  sort_order varchar2 DEFAULT NULL,
  sort_by varchar2 DEFAULT NULL,
  opc_request_id varchar2 DEFAULT NULL,
  region varchar2 DEFAULT NULL, 
  endpoint varchar2 DEFAULT NULL,
  credential_name varchar2 DEFAULT NULL
) RETURN dbms_cloud_oci_oac_operator_control_list_operator_controls_response_t;

Parameters

Parameter Description

compartment_id

(required) The ID of the compartment in which to list resources.

lifecycle_state

(optional) A filter to return only resources whose lifecycleState matches the given OperatorControl lifecycleState.

Allowed values are: 'CREATED', 'ASSIGNED', 'UNASSIGNED', 'DELETED'

display_name

(optional) A filter to return OperatorControl that match the entire display name given.

resource_type

(optional) A filter to return only lists of resources that match the entire given service type.

limit

(optional) The maximum number of items to return.

page

(optional) The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

sort_order

(optional) The sort order to use, either 'asc' or 'desc'.

Allowed values are: 'ASC', 'DESC'

sort_by

(optional) The field to sort by. Only one sort order may be provided. Default order for timeCreated is descending. Default order for displayName is ascending. If no value is specified timeCreated is default.

Allowed values are: 'timeCreated', 'displayName'

opc_request_id

(optional) The client request ID for tracing.

region

(optional) OCI region id. e.g us-phoenix-1 for US West (Phoenix).

endpoint

(optional) The endpoint of the service to call using this function. e.g https://operator-access-control.{region}.oci.{secondLevelDomain}.If both endpoint and region are given, then endpoint takes precedence.

credential_name

(optional) The name of the credential for authenticating with the corresponding cloud native API.

UPDATE_OPERATOR_CONTROL Function

Modifies the existing OperatorControl for a given operator control id except the operator control id.

Syntax

FUNCTION update_operator_control (
  operator_control_id varchar2,
  update_operator_control_details dbms_cloud_oci_operator_access_control_update_operator_control_details_t,
  if_match varchar2 DEFAULT NULL,
  opc_request_id varchar2 DEFAULT NULL,
  region varchar2 DEFAULT NULL, 
  endpoint varchar2 DEFAULT NULL,
  credential_name varchar2 DEFAULT NULL
) RETURN dbms_cloud_oci_oac_operator_control_update_operator_control_response_t;

Parameters

Parameter Description

operator_control_id

(required) unique OperatorControl identifier

update_operator_control_details

(required) Details for the new OperatorControl.

if_match

(optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the `if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource's current etag value.

opc_request_id

(optional) The client request ID for tracing.

region

(optional) OCI region id. e.g us-phoenix-1 for US West (Phoenix).

endpoint

(optional) The endpoint of the service to call using this function. e.g https://operator-access-control.{region}.oci.{secondLevelDomain}.If both endpoint and region are given, then endpoint takes precedence.

credential_name

(optional) The name of the credential for authenticating with the corresponding cloud native API.