Oracle Cloud Infrastructure v2.33.0, May 1 25

Oracle Cloud Infrastructure v2.33.0 published on Thursday, May 1, 2025 by Pulumi

oci.DataSafe.getSecurityPolicies

Explore with Pulumi AI

Oracle Cloud Infrastructure v2.33.0 published on Thursday, May 1, 2025 by Pulumi

The parameter accessLevel specifies whether to return only those compartments for which the requestor has INSPECT permissions on at least one resource directly or indirectly (ACCESSIBLE) (the resource can be in a subcompartment) or to return Not Authorized if Principal doesn’t have access to even one of the child compartments. This is valid only when compartmentIdInSubtree is set to true.

The parameter compartmentIdInSubtree applies when you perform ListSecurityPolicies on the compartmentId passed and when it is set to true, the entire hierarchy of compartments can be returned. To get a full list of all compartments and subcompartments in the tenancy (root compartment), set the parameter compartmentIdInSubtree to true and accessLevel to ACCESSIBLE.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";

const testSecurityPolicies = oci.DataSafe.getSecurityPolicies({
    compartmentId: compartmentId,
    accessLevel: securityPolicyAccessLevel,
    compartmentIdInSubtree: securityPolicyCompartmentIdInSubtree,
    displayName: securityPolicyDisplayName,
    securityPolicyId: testSecurityPolicy.id,
    state: securityPolicyState,
});

import pulumi
import pulumi_oci as oci

test_security_policies = oci.DataSafe.get_security_policies(compartment_id=compartment_id,
    access_level=security_policy_access_level,
    compartment_id_in_subtree=security_policy_compartment_id_in_subtree,
    display_name=security_policy_display_name,
    security_policy_id=test_security_policy["id"],
    state=security_policy_state)

package main

import (
	"github.com/pulumi/pulumi-oci/sdk/v2/go/oci/datasafe"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := datasafe.GetSecurityPolicies(ctx, &datasafe.GetSecurityPoliciesArgs{
			CompartmentId:          compartmentId,
			AccessLevel:            pulumi.StringRef(securityPolicyAccessLevel),
			CompartmentIdInSubtree: pulumi.BoolRef(securityPolicyCompartmentIdInSubtree),
			DisplayName:            pulumi.StringRef(securityPolicyDisplayName),
			SecurityPolicyId:       pulumi.StringRef(testSecurityPolicy.Id),
			State:                  pulumi.StringRef(securityPolicyState),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Oci = Pulumi.Oci;

return await Deployment.RunAsync(() => 
{
    var testSecurityPolicies = Oci.DataSafe.GetSecurityPolicies.Invoke(new()
    {
        CompartmentId = compartmentId,
        AccessLevel = securityPolicyAccessLevel,
        CompartmentIdInSubtree = securityPolicyCompartmentIdInSubtree,
        DisplayName = securityPolicyDisplayName,
        SecurityPolicyId = testSecurityPolicy.Id,
        State = securityPolicyState,
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.DataSafe.DataSafeFunctions;
import com.pulumi.oci.DataSafe.inputs.GetSecurityPoliciesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var testSecurityPolicies = DataSafeFunctions.getSecurityPolicies(GetSecurityPoliciesArgs.builder()
            .compartmentId(compartmentId)
            .accessLevel(securityPolicyAccessLevel)
            .compartmentIdInSubtree(securityPolicyCompartmentIdInSubtree)
            .displayName(securityPolicyDisplayName)
            .securityPolicyId(testSecurityPolicy.id())
            .state(securityPolicyState)
            .build());

    }
}

variables:
  testSecurityPolicies:
    fn::invoke:
      function: oci:DataSafe:getSecurityPolicies
      arguments:
        compartmentId: ${compartmentId}
        accessLevel: ${securityPolicyAccessLevel}
        compartmentIdInSubtree: ${securityPolicyCompartmentIdInSubtree}
        displayName: ${securityPolicyDisplayName}
        securityPolicyId: ${testSecurityPolicy.id}
        state: ${securityPolicyState}

Using getSecurityPolicies

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getSecurityPolicies(args: GetSecurityPoliciesArgs, opts?: InvokeOptions): Promise<GetSecurityPoliciesResult>
function getSecurityPoliciesOutput(args: GetSecurityPoliciesOutputArgs, opts?: InvokeOptions): Output<GetSecurityPoliciesResult>

def get_security_policies(access_level: Optional[str] = None,
                          compartment_id: Optional[str] = None,
                          compartment_id_in_subtree: Optional[bool] = None,
                          display_name: Optional[str] = None,
                          filters: Optional[Sequence[GetSecurityPoliciesFilter]] = None,
                          security_policy_id: Optional[str] = None,
                          state: Optional[str] = None,
                          opts: Optional[InvokeOptions] = None) -> GetSecurityPoliciesResult
def get_security_policies_output(access_level: Optional[pulumi.Input[str]] = None,
                          compartment_id: Optional[pulumi.Input[str]] = None,
                          compartment_id_in_subtree: Optional[pulumi.Input[bool]] = None,
                          display_name: Optional[pulumi.Input[str]] = None,
                          filters: Optional[pulumi.Input[Sequence[pulumi.Input[GetSecurityPoliciesFilterArgs]]]] = None,
                          security_policy_id: Optional[pulumi.Input[str]] = None,
                          state: Optional[pulumi.Input[str]] = None,
                          opts: Optional[InvokeOptions] = None) -> Output[GetSecurityPoliciesResult]

func GetSecurityPolicies(ctx *Context, args *GetSecurityPoliciesArgs, opts ...InvokeOption) (*GetSecurityPoliciesResult, error)
func GetSecurityPoliciesOutput(ctx *Context, args *GetSecurityPoliciesOutputArgs, opts ...InvokeOption) GetSecurityPoliciesResultOutput

> Note: This function is named GetSecurityPolicies in the Go SDK.

public static class GetSecurityPolicies 
{
    public static Task<GetSecurityPoliciesResult> InvokeAsync(GetSecurityPoliciesArgs args, InvokeOptions? opts = null)
    public static Output<GetSecurityPoliciesResult> Invoke(GetSecurityPoliciesInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetSecurityPoliciesResult> getSecurityPolicies(GetSecurityPoliciesArgs args, InvokeOptions options)
public static Output<GetSecurityPoliciesResult> getSecurityPolicies(GetSecurityPoliciesArgs args, InvokeOptions options)

fn::invoke:
  function: oci:DataSafe/getSecurityPolicies:getSecurityPolicies
  arguments:
    # arguments dictionary

The following arguments are supported:

CompartmentId string: A filter to return only resources that match the specified compartment OCID.
AccessLevel string: Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.
CompartmentIdInSubtree bool: Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned. Depends on the 'accessLevel' setting.
DisplayName string: A filter to return only resources that match the specified display name.
Filters List<GetSecurityPoliciesFilter>
SecurityPolicyId string: An optional filter to return only resources that match the specified OCID of the security policy resource.
State string: The current state of the security policy.

CompartmentId string: A filter to return only resources that match the specified compartment OCID.
AccessLevel string: Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.
CompartmentIdInSubtree bool: Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned. Depends on the 'accessLevel' setting.
DisplayName string: A filter to return only resources that match the specified display name.
Filters []GetSecurityPoliciesFilter
SecurityPolicyId string: An optional filter to return only resources that match the specified OCID of the security policy resource.
State string: The current state of the security policy.

compartmentId String: A filter to return only resources that match the specified compartment OCID.
accessLevel String: Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.
compartmentIdInSubtree Boolean: Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned. Depends on the 'accessLevel' setting.
displayName String: A filter to return only resources that match the specified display name.
filters List<GetSecurityPoliciesFilter>
securityPolicyId String: An optional filter to return only resources that match the specified OCID of the security policy resource.
state String: The current state of the security policy.

compartmentId string: A filter to return only resources that match the specified compartment OCID.
accessLevel string: Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.
compartmentIdInSubtree boolean: Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned. Depends on the 'accessLevel' setting.
displayName string: A filter to return only resources that match the specified display name.
filters GetSecurityPoliciesFilter[]
securityPolicyId string: An optional filter to return only resources that match the specified OCID of the security policy resource.
state string: The current state of the security policy.

compartment_id str: A filter to return only resources that match the specified compartment OCID.
access_level str: Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.
compartment_id_in_subtree bool: Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned. Depends on the 'accessLevel' setting.
display_name str: A filter to return only resources that match the specified display name.
filters Sequence[GetSecurityPoliciesFilter]
security_policy_id str: An optional filter to return only resources that match the specified OCID of the security policy resource.
state str: The current state of the security policy.

compartmentId String: A filter to return only resources that match the specified compartment OCID.
accessLevel String: Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.
compartmentIdInSubtree Boolean: Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned. Depends on the 'accessLevel' setting.
displayName String: A filter to return only resources that match the specified display name.
filters List<Property Map>
securityPolicyId String: An optional filter to return only resources that match the specified OCID of the security policy resource.
state String: The current state of the security policy.

getSecurityPolicies Result

The following output properties are available:

CompartmentId string: The OCID of the compartment containing the security policy.
Id string: The provider-assigned unique ID for this managed resource.
SecurityPolicyCollections List<GetSecurityPoliciesSecurityPolicyCollection>: The list of security_policy_collection.
AccessLevel string
CompartmentIdInSubtree bool
DisplayName string: The display name of the security policy.
Filters List<GetSecurityPoliciesFilter>
SecurityPolicyId string
State string: The current state of the security policy.

CompartmentId string: The OCID of the compartment containing the security policy.
Id string: The provider-assigned unique ID for this managed resource.
SecurityPolicyCollections []GetSecurityPoliciesSecurityPolicyCollection: The list of security_policy_collection.
AccessLevel string
CompartmentIdInSubtree bool
DisplayName string: The display name of the security policy.
Filters []GetSecurityPoliciesFilter
SecurityPolicyId string
State string: The current state of the security policy.

compartmentId String: The OCID of the compartment containing the security policy.
id String: The provider-assigned unique ID for this managed resource.
securityPolicyCollections List<GetSecurityPoliciesSecurityPolicyCollection>: The list of security_policy_collection.
accessLevel String
compartmentIdInSubtree Boolean
displayName String: The display name of the security policy.
filters List<GetSecurityPoliciesFilter>
securityPolicyId String
state String: The current state of the security policy.

compartmentId string: The OCID of the compartment containing the security policy.
id string: The provider-assigned unique ID for this managed resource.
securityPolicyCollections GetSecurityPoliciesSecurityPolicyCollection[]: The list of security_policy_collection.
accessLevel string
compartmentIdInSubtree boolean
displayName string: The display name of the security policy.
filters GetSecurityPoliciesFilter[]
securityPolicyId string
state string: The current state of the security policy.

compartment_id str: The OCID of the compartment containing the security policy.
id str: The provider-assigned unique ID for this managed resource.
security_policy_collections Sequence[GetSecurityPoliciesSecurityPolicyCollection]: The list of security_policy_collection.
access_level str
compartment_id_in_subtree bool
display_name str: The display name of the security policy.
filters Sequence[GetSecurityPoliciesFilter]
security_policy_id str
state str: The current state of the security policy.

compartmentId String: The OCID of the compartment containing the security policy.
id String: The provider-assigned unique ID for this managed resource.
securityPolicyCollections List<Property Map>: The list of security_policy_collection.
accessLevel String
compartmentIdInSubtree Boolean
displayName String: The display name of the security policy.
filters List<Property Map>
securityPolicyId String
state String: The current state of the security policy.

Supporting Types

GetSecurityPoliciesFilter

Name string
Values List<string>
Regex bool

Name string
Values []string
Regex bool

name String
values List<String>
regex Boolean

name string
values string[]
regex boolean

name str
values Sequence[str]
regex bool

name String
values List<String>
regex Boolean

GetSecurityPoliciesSecurityPolicyCollection

Items List<GetSecurityPoliciesSecurityPolicyCollectionItem>

Items []GetSecurityPoliciesSecurityPolicyCollectionItem

items List<GetSecurityPoliciesSecurityPolicyCollectionItem>

items GetSecurityPoliciesSecurityPolicyCollectionItem[]

items Sequence[GetSecurityPoliciesSecurityPolicyCollectionItem]

items List<Property Map>

GetSecurityPoliciesSecurityPolicyCollectionItem

CompartmentId string: A filter to return only resources that match the specified compartment OCID.
DefinedTags Dictionary<string, string>: Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags Example: {"Operations.CostCenter": "42"}
Description string: The description of the security policy.
DisplayName string: A filter to return only resources that match the specified display name.
FreeformTags Dictionary<string, string>: Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags Example: {"Department": "Finance"}
Id string: The OCID of the security policy.
LifecycleDetails string: Details about the current state of the security policy in Data Safe.
SecurityPolicyId string: An optional filter to return only resources that match the specified OCID of the security policy resource.
State string: The current state of the security policy.
SystemTags Dictionary<string, string>: System tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"orcl-cloud.free-tier-retained": "true"}
TimeCreated string: The time that the security policy was created, in the format defined by RFC3339.
TimeUpdated string: The last date and time the security policy was updated, in the format defined by RFC3339.

CompartmentId string: A filter to return only resources that match the specified compartment OCID.
DefinedTags map[string]string: Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags Example: {"Operations.CostCenter": "42"}
Description string: The description of the security policy.
DisplayName string: A filter to return only resources that match the specified display name.
FreeformTags map[string]string: Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags Example: {"Department": "Finance"}
Id string: The OCID of the security policy.
LifecycleDetails string: Details about the current state of the security policy in Data Safe.
SecurityPolicyId string: An optional filter to return only resources that match the specified OCID of the security policy resource.
State string: The current state of the security policy.
SystemTags map[string]string: System tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"orcl-cloud.free-tier-retained": "true"}
TimeCreated string: The time that the security policy was created, in the format defined by RFC3339.
TimeUpdated string: The last date and time the security policy was updated, in the format defined by RFC3339.

compartmentId String: A filter to return only resources that match the specified compartment OCID.
definedTags Map<String,String>: Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags Example: {"Operations.CostCenter": "42"}
description String: The description of the security policy.
displayName String: A filter to return only resources that match the specified display name.
freeformTags Map<String,String>: Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags Example: {"Department": "Finance"}
id String: The OCID of the security policy.
lifecycleDetails String: Details about the current state of the security policy in Data Safe.
securityPolicyId String: An optional filter to return only resources that match the specified OCID of the security policy resource.
state String: The current state of the security policy.
systemTags Map<String,String>: System tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"orcl-cloud.free-tier-retained": "true"}
timeCreated String: The time that the security policy was created, in the format defined by RFC3339.
timeUpdated String: The last date and time the security policy was updated, in the format defined by RFC3339.

compartmentId string: A filter to return only resources that match the specified compartment OCID.
definedTags {[key: string]: string}: Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags Example: {"Operations.CostCenter": "42"}
description string: The description of the security policy.
displayName string: A filter to return only resources that match the specified display name.
freeformTags {[key: string]: string}: Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags Example: {"Department": "Finance"}
id string: The OCID of the security policy.
lifecycleDetails string: Details about the current state of the security policy in Data Safe.
securityPolicyId string: An optional filter to return only resources that match the specified OCID of the security policy resource.
state string: The current state of the security policy.
systemTags {[key: string]: string}: System tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"orcl-cloud.free-tier-retained": "true"}
timeCreated string: The time that the security policy was created, in the format defined by RFC3339.
timeUpdated string: The last date and time the security policy was updated, in the format defined by RFC3339.

compartment_id str: A filter to return only resources that match the specified compartment OCID.
defined_tags Mapping[str, str]: Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags Example: {"Operations.CostCenter": "42"}
description str: The description of the security policy.
display_name str: A filter to return only resources that match the specified display name.
freeform_tags Mapping[str, str]: Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags Example: {"Department": "Finance"}
id str: The OCID of the security policy.
lifecycle_details str: Details about the current state of the security policy in Data Safe.
security_policy_id str: An optional filter to return only resources that match the specified OCID of the security policy resource.
state str: The current state of the security policy.
system_tags Mapping[str, str]: System tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"orcl-cloud.free-tier-retained": "true"}
time_created str: The time that the security policy was created, in the format defined by RFC3339.
time_updated str: The last date and time the security policy was updated, in the format defined by RFC3339.

compartmentId String: A filter to return only resources that match the specified compartment OCID.
definedTags Map<String>: Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags Example: {"Operations.CostCenter": "42"}
description String: The description of the security policy.
displayName String: A filter to return only resources that match the specified display name.
freeformTags Map<String>: Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags Example: {"Department": "Finance"}
id String: The OCID of the security policy.
lifecycleDetails String: Details about the current state of the security policy in Data Safe.
securityPolicyId String: An optional filter to return only resources that match the specified OCID of the security policy resource.
state String: The current state of the security policy.
systemTags Map<String>: System tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"orcl-cloud.free-tier-retained": "true"}
timeCreated String: The time that the security policy was created, in the format defined by RFC3339.
timeUpdated String: The last date and time the security policy was updated, in the format defined by RFC3339.

Package Details

Repository: oci pulumi/pulumi-oci
License: Apache-2.0
Notes: This Pulumi package is based on the oci Terraform Provider.

Oracle Cloud Infrastructure v2.33.0 published on Thursday, May 1, 2025 by Pulumi

pulumi/pulumi-oci

oci.DataSafe.getSecurityPolicies

On this page

On this page

Example Usage

Using getSecurityPolicies

getSecurityPolicies Result

Supporting Types

GetSecurityPoliciesFilter

GetSecurityPoliciesSecurityPolicyCollection

GetSecurityPoliciesSecurityPolicyCollectionItem

Package Details

On this page

On this page