Oracle Cloud Infrastructure v2.33.0, May 1 25

Oracle Cloud Infrastructure v2.33.0 published on Thursday, May 1, 2025 by Pulumi

oci.DataSafe.MaskingPolicy

Explore with Pulumi AI

Oracle Cloud Infrastructure v2.33.0 published on Thursday, May 1, 2025 by Pulumi

To use a sensitive data model as the source of masking columns, set the columnSource attribute to SENSITIVE_DATA_MODEL and provide the sensitiveDataModelId attribute. After creating a masking policy, you can use the AddMaskingColumnsFromSdm operation to automatically add all the columns from the associated sensitive data model. In this case, the target database associated with the sensitive data model is used for column and masking format validations.

You can also create a masking policy without using a sensitive data model. In this case, you need to associate your masking policy with a target database by setting the columnSource attribute to TARGET and providing the targetId attribute. The specified target database is used for column and masking format validations.

After creating a masking policy, you can use the CreateMaskingColumn or PatchMaskingColumns operation to manually add columns to the policy. You need to add the parent columns only, and it automatically adds the child columns (in referential relationship with the parent columns) from the associated sensitive data model or target database.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";

const testMaskingPolicy = new oci.datasafe.MaskingPolicy("test_masking_policy", {
    columnSources: [{
        columnSource: maskingPolicyColumnSourceColumnSource,
        sensitiveDataModelId: testSensitiveDataModel.id,
        targetId: testTarget.id,
    }],
    compartmentId: compartmentId,
    definedTags: {
        "Operations.CostCenter": "42",
    },
    description: maskingPolicyDescription,
    displayName: maskingPolicyDisplayName,
    freeformTags: {
        Department: "Finance",
    },
    isDropTempTablesEnabled: maskingPolicyIsDropTempTablesEnabled,
    isRedoLoggingEnabled: maskingPolicyIsRedoLoggingEnabled,
    isRefreshStatsEnabled: maskingPolicyIsRefreshStatsEnabled,
    parallelDegree: maskingPolicyParallelDegree,
    postMaskingScript: maskingPolicyPostMaskingScript,
    preMaskingScript: maskingPolicyPreMaskingScript,
    recompile: maskingPolicyRecompile,
});

import pulumi
import pulumi_oci as oci

test_masking_policy = oci.data_safe.MaskingPolicy("test_masking_policy",
    column_sources=[{
        "column_source": masking_policy_column_source_column_source,
        "sensitive_data_model_id": test_sensitive_data_model["id"],
        "target_id": test_target["id"],
    }],
    compartment_id=compartment_id,
    defined_tags={
        "Operations.CostCenter": "42",
    },
    description=masking_policy_description,
    display_name=masking_policy_display_name,
    freeform_tags={
        "Department": "Finance",
    },
    is_drop_temp_tables_enabled=masking_policy_is_drop_temp_tables_enabled,
    is_redo_logging_enabled=masking_policy_is_redo_logging_enabled,
    is_refresh_stats_enabled=masking_policy_is_refresh_stats_enabled,
    parallel_degree=masking_policy_parallel_degree,
    post_masking_script=masking_policy_post_masking_script,
    pre_masking_script=masking_policy_pre_masking_script,
    recompile=masking_policy_recompile)

package main

import (
	"github.com/pulumi/pulumi-oci/sdk/v2/go/oci/datasafe"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := datasafe.NewMaskingPolicy(ctx, "test_masking_policy", &datasafe.MaskingPolicyArgs{
			ColumnSources: datasafe.MaskingPolicyColumnSourceArray{
				&datasafe.MaskingPolicyColumnSourceArgs{
					ColumnSource:         pulumi.Any(maskingPolicyColumnSourceColumnSource),
					SensitiveDataModelId: pulumi.Any(testSensitiveDataModel.Id),
					TargetId:             pulumi.Any(testTarget.Id),
				},
			},
			CompartmentId: pulumi.Any(compartmentId),
			DefinedTags: pulumi.StringMap{
				"Operations.CostCenter": pulumi.String("42"),
			},
			Description: pulumi.Any(maskingPolicyDescription),
			DisplayName: pulumi.Any(maskingPolicyDisplayName),
			FreeformTags: pulumi.StringMap{
				"Department": pulumi.String("Finance"),
			},
			IsDropTempTablesEnabled: pulumi.Any(maskingPolicyIsDropTempTablesEnabled),
			IsRedoLoggingEnabled:    pulumi.Any(maskingPolicyIsRedoLoggingEnabled),
			IsRefreshStatsEnabled:   pulumi.Any(maskingPolicyIsRefreshStatsEnabled),
			ParallelDegree:          pulumi.Any(maskingPolicyParallelDegree),
			PostMaskingScript:       pulumi.Any(maskingPolicyPostMaskingScript),
			PreMaskingScript:        pulumi.Any(maskingPolicyPreMaskingScript),
			Recompile:               pulumi.Any(maskingPolicyRecompile),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Oci = Pulumi.Oci;

return await Deployment.RunAsync(() => 
{
    var testMaskingPolicy = new Oci.DataSafe.MaskingPolicy("test_masking_policy", new()
    {
        ColumnSources = new[]
        {
            new Oci.DataSafe.Inputs.MaskingPolicyColumnSourceArgs
            {
                ColumnSource = maskingPolicyColumnSourceColumnSource,
                SensitiveDataModelId = testSensitiveDataModel.Id,
                TargetId = testTarget.Id,
            },
        },
        CompartmentId = compartmentId,
        DefinedTags = 
        {
            { "Operations.CostCenter", "42" },
        },
        Description = maskingPolicyDescription,
        DisplayName = maskingPolicyDisplayName,
        FreeformTags = 
        {
            { "Department", "Finance" },
        },
        IsDropTempTablesEnabled = maskingPolicyIsDropTempTablesEnabled,
        IsRedoLoggingEnabled = maskingPolicyIsRedoLoggingEnabled,
        IsRefreshStatsEnabled = maskingPolicyIsRefreshStatsEnabled,
        ParallelDegree = maskingPolicyParallelDegree,
        PostMaskingScript = maskingPolicyPostMaskingScript,
        PreMaskingScript = maskingPolicyPreMaskingScript,
        Recompile = maskingPolicyRecompile,
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.DataSafe.MaskingPolicy;
import com.pulumi.oci.DataSafe.MaskingPolicyArgs;
import com.pulumi.oci.DataSafe.inputs.MaskingPolicyColumnSourceArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var testMaskingPolicy = new MaskingPolicy("testMaskingPolicy", MaskingPolicyArgs.builder()
            .columnSources(MaskingPolicyColumnSourceArgs.builder()
                .columnSource(maskingPolicyColumnSourceColumnSource)
                .sensitiveDataModelId(testSensitiveDataModel.id())
                .targetId(testTarget.id())
                .build())
            .compartmentId(compartmentId)
            .definedTags(Map.of("Operations.CostCenter", "42"))
            .description(maskingPolicyDescription)
            .displayName(maskingPolicyDisplayName)
            .freeformTags(Map.of("Department", "Finance"))
            .isDropTempTablesEnabled(maskingPolicyIsDropTempTablesEnabled)
            .isRedoLoggingEnabled(maskingPolicyIsRedoLoggingEnabled)
            .isRefreshStatsEnabled(maskingPolicyIsRefreshStatsEnabled)
            .parallelDegree(maskingPolicyParallelDegree)
            .postMaskingScript(maskingPolicyPostMaskingScript)
            .preMaskingScript(maskingPolicyPreMaskingScript)
            .recompile(maskingPolicyRecompile)
            .build());

    }
}

resources:
  testMaskingPolicy:
    type: oci:DataSafe:MaskingPolicy
    name: test_masking_policy
    properties:
      columnSources:
        - columnSource: ${maskingPolicyColumnSourceColumnSource}
          sensitiveDataModelId: ${testSensitiveDataModel.id}
          targetId: ${testTarget.id}
      compartmentId: ${compartmentId}
      definedTags:
        Operations.CostCenter: '42'
      description: ${maskingPolicyDescription}
      displayName: ${maskingPolicyDisplayName}
      freeformTags:
        Department: Finance
      isDropTempTablesEnabled: ${maskingPolicyIsDropTempTablesEnabled}
      isRedoLoggingEnabled: ${maskingPolicyIsRedoLoggingEnabled}
      isRefreshStatsEnabled: ${maskingPolicyIsRefreshStatsEnabled}
      parallelDegree: ${maskingPolicyParallelDegree}
      postMaskingScript: ${maskingPolicyPostMaskingScript}
      preMaskingScript: ${maskingPolicyPreMaskingScript}
      recompile: ${maskingPolicyRecompile}

Create MaskingPolicy Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new MaskingPolicy(name: string, args: MaskingPolicyArgs, opts?: CustomResourceOptions);

@overload
def MaskingPolicy(resource_name: str,
                  args: MaskingPolicyArgs,
                  opts: Optional[ResourceOptions] = None)

@overload
def MaskingPolicy(resource_name: str,
                  opts: Optional[ResourceOptions] = None,
                  compartment_id: Optional[str] = None,
                  column_sources: Optional[Sequence[MaskingPolicyColumnSourceArgs]] = None,
                  freeform_tags: Optional[Mapping[str, str]] = None,
                  defined_tags: Optional[Mapping[str, str]] = None,
                  description: Optional[str] = None,
                  display_name: Optional[str] = None,
                  add_masking_columns_from_sdm_trigger: Optional[int] = None,
                  generate_health_report_trigger: Optional[int] = None,
                  is_drop_temp_tables_enabled: Optional[bool] = None,
                  is_redo_logging_enabled: Optional[bool] = None,
                  is_refresh_stats_enabled: Optional[bool] = None,
                  parallel_degree: Optional[str] = None,
                  post_masking_script: Optional[str] = None,
                  pre_masking_script: Optional[str] = None,
                  recompile: Optional[str] = None)

func NewMaskingPolicy(ctx *Context, name string, args MaskingPolicyArgs, opts ...ResourceOption) (*MaskingPolicy, error)

public MaskingPolicy(string name, MaskingPolicyArgs args, CustomResourceOptions? opts = null)

public MaskingPolicy(String name, MaskingPolicyArgs args)
public MaskingPolicy(String name, MaskingPolicyArgs args, CustomResourceOptions options)

type: oci:DataSafe:MaskingPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args MaskingPolicyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args MaskingPolicyArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args MaskingPolicyArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args MaskingPolicyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args MaskingPolicyArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var maskingPolicyResource = new Oci.DataSafe.MaskingPolicy("maskingPolicyResource", new()
{
    CompartmentId = "string",
    ColumnSources = new[]
    {
        new Oci.DataSafe.Inputs.MaskingPolicyColumnSourceArgs
        {
            ColumnSource = "string",
            SensitiveDataModelId = "string",
            TargetId = "string",
        },
    },
    FreeformTags = 
    {
        { "string", "string" },
    },
    DefinedTags = 
    {
        { "string", "string" },
    },
    Description = "string",
    DisplayName = "string",
    AddMaskingColumnsFromSdmTrigger = 0,
    GenerateHealthReportTrigger = 0,
    IsDropTempTablesEnabled = false,
    IsRedoLoggingEnabled = false,
    IsRefreshStatsEnabled = false,
    ParallelDegree = "string",
    PostMaskingScript = "string",
    PreMaskingScript = "string",
    Recompile = "string",
});

example, err := datasafe.NewMaskingPolicy(ctx, "maskingPolicyResource", &datasafe.MaskingPolicyArgs{
	CompartmentId: pulumi.String("string"),
	ColumnSources: datasafe.MaskingPolicyColumnSourceArray{
		&datasafe.MaskingPolicyColumnSourceArgs{
			ColumnSource:         pulumi.String("string"),
			SensitiveDataModelId: pulumi.String("string"),
			TargetId:             pulumi.String("string"),
		},
	},
	FreeformTags: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	DefinedTags: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	Description:                     pulumi.String("string"),
	DisplayName:                     pulumi.String("string"),
	AddMaskingColumnsFromSdmTrigger: pulumi.Int(0),
	GenerateHealthReportTrigger:     pulumi.Int(0),
	IsDropTempTablesEnabled:         pulumi.Bool(false),
	IsRedoLoggingEnabled:            pulumi.Bool(false),
	IsRefreshStatsEnabled:           pulumi.Bool(false),
	ParallelDegree:                  pulumi.String("string"),
	PostMaskingScript:               pulumi.String("string"),
	PreMaskingScript:                pulumi.String("string"),
	Recompile:                       pulumi.String("string"),
})

var maskingPolicyResource = new MaskingPolicy("maskingPolicyResource", MaskingPolicyArgs.builder()
    .compartmentId("string")
    .columnSources(MaskingPolicyColumnSourceArgs.builder()
        .columnSource("string")
        .sensitiveDataModelId("string")
        .targetId("string")
        .build())
    .freeformTags(Map.of("string", "string"))
    .definedTags(Map.of("string", "string"))
    .description("string")
    .displayName("string")
    .addMaskingColumnsFromSdmTrigger(0)
    .generateHealthReportTrigger(0)
    .isDropTempTablesEnabled(false)
    .isRedoLoggingEnabled(false)
    .isRefreshStatsEnabled(false)
    .parallelDegree("string")
    .postMaskingScript("string")
    .preMaskingScript("string")
    .recompile("string")
    .build());

masking_policy_resource = oci.data_safe.MaskingPolicy("maskingPolicyResource",
    compartment_id="string",
    column_sources=[{
        "column_source": "string",
        "sensitive_data_model_id": "string",
        "target_id": "string",
    }],
    freeform_tags={
        "string": "string",
    },
    defined_tags={
        "string": "string",
    },
    description="string",
    display_name="string",
    add_masking_columns_from_sdm_trigger=0,
    generate_health_report_trigger=0,
    is_drop_temp_tables_enabled=False,
    is_redo_logging_enabled=False,
    is_refresh_stats_enabled=False,
    parallel_degree="string",
    post_masking_script="string",
    pre_masking_script="string",
    recompile="string")

const maskingPolicyResource = new oci.datasafe.MaskingPolicy("maskingPolicyResource", {
    compartmentId: "string",
    columnSources: [{
        columnSource: "string",
        sensitiveDataModelId: "string",
        targetId: "string",
    }],
    freeformTags: {
        string: "string",
    },
    definedTags: {
        string: "string",
    },
    description: "string",
    displayName: "string",
    addMaskingColumnsFromSdmTrigger: 0,
    generateHealthReportTrigger: 0,
    isDropTempTablesEnabled: false,
    isRedoLoggingEnabled: false,
    isRefreshStatsEnabled: false,
    parallelDegree: "string",
    postMaskingScript: "string",
    preMaskingScript: "string",
    recompile: "string",
});

type: oci:DataSafe:MaskingPolicy
properties:
    addMaskingColumnsFromSdmTrigger: 0
    columnSources:
        - columnSource: string
          sensitiveDataModelId: string
          targetId: string
    compartmentId: string
    definedTags:
        string: string
    description: string
    displayName: string
    freeformTags:
        string: string
    generateHealthReportTrigger: 0
    isDropTempTablesEnabled: false
    isRedoLoggingEnabled: false
    isRefreshStatsEnabled: false
    parallelDegree: string
    postMaskingScript: string
    preMaskingScript: string
    recompile: string

MaskingPolicy Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The MaskingPolicy resource accepts the following input properties:

ColumnSources List<MaskingPolicyColumnSource>

(Updatable) Details to associate a column source with a masking policy.

CompartmentId string

(Updatable) The OCID of the compartment where the masking policy should be created.

AddMaskingColumnsFromSdmTrigger int

(Updatable) An optional property when incremented triggers Add Masking Columns From Sdm. Could be set to any integer value.

DefinedTags Dictionary<string, string>

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags Example: {"Operations.CostCenter": "42"}

Description string

(Updatable) The description of the masking policy.

DisplayName string

(Updatable) The display name of the masking policy. The name does not have to be unique, and it's changeable.

FreeformTags Dictionary<string, string>

(Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags Example: {"Department": "Finance"}

GenerateHealthReportTrigger int

(Updatable) An optional property when incremented triggers Generate Health Report. Could be set to any integer value.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

IsDropTempTablesEnabled bool

(Updatable) Indicates if the temporary tables created during a masking operation should be dropped after masking. It's enabled by default. Set this attribute to false to preserve the temporary tables. Masking creates temporary tables that map the original sensitive data values to mask values. By default, these temporary tables are dropped after masking. But, in some cases, you may want to preserve this information to track how masking changed your data. Note that doing so compromises security. These tables must be dropped before the database is available for unprivileged users.

IsRedoLoggingEnabled bool

(Updatable) Indicates if redo logging is enabled during a masking operation. It's disabled by default. Set this attribute to true to enable redo logging. By default, masking disables redo logging and flashback logging to purge any original unmasked data from logs. However, in certain circumstances when you only want to test masking, rollback changes, and retry masking, you could enable logging and use a flashback database to retrieve the original unmasked data after it has been masked.

IsRefreshStatsEnabled bool

(Updatable) Indicates if statistics gathering is enabled. It's enabled by default. Set this attribute to false to disable statistics gathering. The masking process gathers statistics on masked database tables after masking completes.

ParallelDegree string

(Updatable) Specifies options to enable parallel execution when running data masking. Allowed values are 'NONE' (no parallelism), 'DEFAULT' (the Oracle Database computes the optimum degree of parallelism) or an integer value to be used as the degree of parallelism. Parallel execution helps effectively use multiple CPUs and improve masking performance. Refer to the Oracle Database parallel execution framework when choosing an explicit degree of parallelism.

PostMaskingScript string

(Updatable) A post-masking script, which can contain SQL and PL/SQL statements. It's executed after the core masking script generated using the masking policy. It's usually used to perform additional transformation or cleanup work after masking.

PreMaskingScript string

(Updatable) A pre-masking script, which can contain SQL and PL/SQL statements. It's executed before the core masking script generated using the masking policy. It's usually used to perform any preparation or prerequisite work before masking data.

Recompile string

(Updatable) Specifies how to recompile invalid objects post data masking. Allowed values are 'SERIAL' (recompile in serial), 'PARALLEL' (recompile in parallel), 'NONE' (do not recompile). If it's set to PARALLEL, the value of parallelDegree attribute is used. Use the built-in UTL_RECOMP package to recompile any remaining invalid objects after masking completes.

ColumnSources []MaskingPolicyColumnSourceArgs

(Updatable) Details to associate a column source with a masking policy.

CompartmentId string

(Updatable) The OCID of the compartment where the masking policy should be created.

AddMaskingColumnsFromSdmTrigger int

(Updatable) An optional property when incremented triggers Add Masking Columns From Sdm. Could be set to any integer value.

DefinedTags map[string]string

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags Example: {"Operations.CostCenter": "42"}

Description string

(Updatable) The description of the masking policy.

DisplayName string

(Updatable) The display name of the masking policy. The name does not have to be unique, and it's changeable.

FreeformTags map[string]string

GenerateHealthReportTrigger int

(Updatable) An optional property when incremented triggers Generate Health Report. Could be set to any integer value.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

IsDropTempTablesEnabled bool

IsRedoLoggingEnabled bool

IsRefreshStatsEnabled bool

ParallelDegree string

PostMaskingScript string

PreMaskingScript string

Recompile string

columnSources List<MaskingPolicyColumnSource>

(Updatable) Details to associate a column source with a masking policy.

compartmentId String

(Updatable) The OCID of the compartment where the masking policy should be created.

addMaskingColumnsFromSdmTrigger Integer

(Updatable) An optional property when incremented triggers Add Masking Columns From Sdm. Could be set to any integer value.

definedTags Map<String,String>

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags Example: {"Operations.CostCenter": "42"}

description String

(Updatable) The description of the masking policy.

displayName String

(Updatable) The display name of the masking policy. The name does not have to be unique, and it's changeable.

freeformTags Map<String,String>

generateHealthReportTrigger Integer

(Updatable) An optional property when incremented triggers Generate Health Report. Could be set to any integer value.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

isDropTempTablesEnabled Boolean

isRedoLoggingEnabled Boolean

isRefreshStatsEnabled Boolean

parallelDegree String

postMaskingScript String

preMaskingScript String

recompile String

columnSources MaskingPolicyColumnSource[]

(Updatable) Details to associate a column source with a masking policy.

compartmentId string

(Updatable) The OCID of the compartment where the masking policy should be created.

addMaskingColumnsFromSdmTrigger number

(Updatable) An optional property when incremented triggers Add Masking Columns From Sdm. Could be set to any integer value.

definedTags {[key: string]: string}

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags Example: {"Operations.CostCenter": "42"}

description string

(Updatable) The description of the masking policy.

displayName string

(Updatable) The display name of the masking policy. The name does not have to be unique, and it's changeable.

freeformTags {[key: string]: string}

generateHealthReportTrigger number

(Updatable) An optional property when incremented triggers Generate Health Report. Could be set to any integer value.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

isDropTempTablesEnabled boolean

isRedoLoggingEnabled boolean

isRefreshStatsEnabled boolean

parallelDegree string

postMaskingScript string

preMaskingScript string

recompile string

column_sources Sequence[MaskingPolicyColumnSourceArgs]

(Updatable) Details to associate a column source with a masking policy.

compartment_id str

(Updatable) The OCID of the compartment where the masking policy should be created.

add_masking_columns_from_sdm_trigger int

(Updatable) An optional property when incremented triggers Add Masking Columns From Sdm. Could be set to any integer value.

defined_tags Mapping[str, str]

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags Example: {"Operations.CostCenter": "42"}

description str

(Updatable) The description of the masking policy.

display_name str

(Updatable) The display name of the masking policy. The name does not have to be unique, and it's changeable.

freeform_tags Mapping[str, str]

generate_health_report_trigger int

(Updatable) An optional property when incremented triggers Generate Health Report. Could be set to any integer value.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

is_drop_temp_tables_enabled bool

is_redo_logging_enabled bool

is_refresh_stats_enabled bool

parallel_degree str

post_masking_script str

pre_masking_script str

recompile str

columnSources List<Property Map>

(Updatable) Details to associate a column source with a masking policy.

compartmentId String

(Updatable) The OCID of the compartment where the masking policy should be created.

addMaskingColumnsFromSdmTrigger Number

(Updatable) An optional property when incremented triggers Add Masking Columns From Sdm. Could be set to any integer value.

definedTags Map<String>

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags Example: {"Operations.CostCenter": "42"}

description String

(Updatable) The description of the masking policy.

displayName String

(Updatable) The display name of the masking policy. The name does not have to be unique, and it's changeable.

freeformTags Map<String>

generateHealthReportTrigger Number

(Updatable) An optional property when incremented triggers Generate Health Report. Could be set to any integer value.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

isDropTempTablesEnabled Boolean

isRedoLoggingEnabled Boolean

isRefreshStatsEnabled Boolean

parallelDegree String

postMaskingScript String

preMaskingScript String

recompile String

Outputs

All input properties are implicitly available as output properties. Additionally, the MaskingPolicy resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.
State string: The current state of the masking policy.
TimeCreated string: The date and time the masking policy was created, in the format defined by RFC3339.
TimeUpdated string: The date and time the masking policy was last updated, in the format defined by RFC3339

Id string: The provider-assigned unique ID for this managed resource.
State string: The current state of the masking policy.
TimeCreated string: The date and time the masking policy was created, in the format defined by RFC3339.
TimeUpdated string: The date and time the masking policy was last updated, in the format defined by RFC3339

id String: The provider-assigned unique ID for this managed resource.
state String: The current state of the masking policy.
timeCreated String: The date and time the masking policy was created, in the format defined by RFC3339.
timeUpdated String: The date and time the masking policy was last updated, in the format defined by RFC3339

id string: The provider-assigned unique ID for this managed resource.
state string: The current state of the masking policy.
timeCreated string: The date and time the masking policy was created, in the format defined by RFC3339.
timeUpdated string: The date and time the masking policy was last updated, in the format defined by RFC3339

id str: The provider-assigned unique ID for this managed resource.
state str: The current state of the masking policy.
time_created str: The date and time the masking policy was created, in the format defined by RFC3339.
time_updated str: The date and time the masking policy was last updated, in the format defined by RFC3339

id String: The provider-assigned unique ID for this managed resource.
state String: The current state of the masking policy.
timeCreated String: The date and time the masking policy was created, in the format defined by RFC3339.
timeUpdated String: The date and time the masking policy was last updated, in the format defined by RFC3339

Look up Existing MaskingPolicy Resource

Get an existing MaskingPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: MaskingPolicyState, opts?: CustomResourceOptions): MaskingPolicy

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        add_masking_columns_from_sdm_trigger: Optional[int] = None,
        column_sources: Optional[Sequence[MaskingPolicyColumnSourceArgs]] = None,
        compartment_id: Optional[str] = None,
        defined_tags: Optional[Mapping[str, str]] = None,
        description: Optional[str] = None,
        display_name: Optional[str] = None,
        freeform_tags: Optional[Mapping[str, str]] = None,
        generate_health_report_trigger: Optional[int] = None,
        is_drop_temp_tables_enabled: Optional[bool] = None,
        is_redo_logging_enabled: Optional[bool] = None,
        is_refresh_stats_enabled: Optional[bool] = None,
        parallel_degree: Optional[str] = None,
        post_masking_script: Optional[str] = None,
        pre_masking_script: Optional[str] = None,
        recompile: Optional[str] = None,
        state: Optional[str] = None,
        time_created: Optional[str] = None,
        time_updated: Optional[str] = None) -> MaskingPolicy

func GetMaskingPolicy(ctx *Context, name string, id IDInput, state *MaskingPolicyState, opts ...ResourceOption) (*MaskingPolicy, error)

public static MaskingPolicy Get(string name, Input<string> id, MaskingPolicyState? state, CustomResourceOptions? opts = null)

public static MaskingPolicy get(String name, Output<String> id, MaskingPolicyState state, CustomResourceOptions options)

resources:  _:    type: oci:DataSafe:MaskingPolicy    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AddMaskingColumnsFromSdmTrigger int

(Updatable) An optional property when incremented triggers Add Masking Columns From Sdm. Could be set to any integer value.

ColumnSources List<MaskingPolicyColumnSource>

(Updatable) Details to associate a column source with a masking policy.

CompartmentId string

(Updatable) The OCID of the compartment where the masking policy should be created.

DefinedTags Dictionary<string, string>

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags Example: {"Operations.CostCenter": "42"}

Description string

(Updatable) The description of the masking policy.

DisplayName string

(Updatable) The display name of the masking policy. The name does not have to be unique, and it's changeable.

FreeformTags Dictionary<string, string>

GenerateHealthReportTrigger int

(Updatable) An optional property when incremented triggers Generate Health Report. Could be set to any integer value.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

IsDropTempTablesEnabled bool

IsRedoLoggingEnabled bool

IsRefreshStatsEnabled bool

ParallelDegree string

PostMaskingScript string

PreMaskingScript string

Recompile string

State string

The current state of the masking policy.

TimeCreated string

The date and time the masking policy was created, in the format defined by RFC3339.

TimeUpdated string

The date and time the masking policy was last updated, in the format defined by RFC3339

AddMaskingColumnsFromSdmTrigger int

(Updatable) An optional property when incremented triggers Add Masking Columns From Sdm. Could be set to any integer value.

ColumnSources []MaskingPolicyColumnSourceArgs

(Updatable) Details to associate a column source with a masking policy.

CompartmentId string

(Updatable) The OCID of the compartment where the masking policy should be created.

DefinedTags map[string]string

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags Example: {"Operations.CostCenter": "42"}

Description string

(Updatable) The description of the masking policy.

DisplayName string

(Updatable) The display name of the masking policy. The name does not have to be unique, and it's changeable.

FreeformTags map[string]string

GenerateHealthReportTrigger int

(Updatable) An optional property when incremented triggers Generate Health Report. Could be set to any integer value.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

IsDropTempTablesEnabled bool

IsRedoLoggingEnabled bool

IsRefreshStatsEnabled bool

ParallelDegree string

PostMaskingScript string

PreMaskingScript string

Recompile string

State string

The current state of the masking policy.

TimeCreated string

The date and time the masking policy was created, in the format defined by RFC3339.

TimeUpdated string

The date and time the masking policy was last updated, in the format defined by RFC3339

addMaskingColumnsFromSdmTrigger Integer

(Updatable) An optional property when incremented triggers Add Masking Columns From Sdm. Could be set to any integer value.

columnSources List<MaskingPolicyColumnSource>

(Updatable) Details to associate a column source with a masking policy.

compartmentId String

(Updatable) The OCID of the compartment where the masking policy should be created.

definedTags Map<String,String>

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags Example: {"Operations.CostCenter": "42"}

description String

(Updatable) The description of the masking policy.

displayName String

(Updatable) The display name of the masking policy. The name does not have to be unique, and it's changeable.

freeformTags Map<String,String>

generateHealthReportTrigger Integer

(Updatable) An optional property when incremented triggers Generate Health Report. Could be set to any integer value.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

isDropTempTablesEnabled Boolean

isRedoLoggingEnabled Boolean

isRefreshStatsEnabled Boolean

parallelDegree String

postMaskingScript String

preMaskingScript String

recompile String

state String

The current state of the masking policy.

timeCreated String

The date and time the masking policy was created, in the format defined by RFC3339.

timeUpdated String

The date and time the masking policy was last updated, in the format defined by RFC3339

addMaskingColumnsFromSdmTrigger number

(Updatable) An optional property when incremented triggers Add Masking Columns From Sdm. Could be set to any integer value.

columnSources MaskingPolicyColumnSource[]

(Updatable) Details to associate a column source with a masking policy.

compartmentId string

(Updatable) The OCID of the compartment where the masking policy should be created.

definedTags {[key: string]: string}

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags Example: {"Operations.CostCenter": "42"}

description string

(Updatable) The description of the masking policy.

displayName string

(Updatable) The display name of the masking policy. The name does not have to be unique, and it's changeable.

freeformTags {[key: string]: string}

generateHealthReportTrigger number

(Updatable) An optional property when incremented triggers Generate Health Report. Could be set to any integer value.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

isDropTempTablesEnabled boolean

isRedoLoggingEnabled boolean

isRefreshStatsEnabled boolean

parallelDegree string

postMaskingScript string

preMaskingScript string

recompile string

state string

The current state of the masking policy.

timeCreated string

The date and time the masking policy was created, in the format defined by RFC3339.

timeUpdated string

The date and time the masking policy was last updated, in the format defined by RFC3339

add_masking_columns_from_sdm_trigger int

(Updatable) An optional property when incremented triggers Add Masking Columns From Sdm. Could be set to any integer value.

column_sources Sequence[MaskingPolicyColumnSourceArgs]

(Updatable) Details to associate a column source with a masking policy.

compartment_id str

(Updatable) The OCID of the compartment where the masking policy should be created.

defined_tags Mapping[str, str]

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags Example: {"Operations.CostCenter": "42"}

description str

(Updatable) The description of the masking policy.

display_name str

(Updatable) The display name of the masking policy. The name does not have to be unique, and it's changeable.

freeform_tags Mapping[str, str]

generate_health_report_trigger int

(Updatable) An optional property when incremented triggers Generate Health Report. Could be set to any integer value.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

is_drop_temp_tables_enabled bool

is_redo_logging_enabled bool

is_refresh_stats_enabled bool

parallel_degree str

post_masking_script str

pre_masking_script str

recompile str

state str

The current state of the masking policy.

time_created str

The date and time the masking policy was created, in the format defined by RFC3339.

time_updated str

The date and time the masking policy was last updated, in the format defined by RFC3339

addMaskingColumnsFromSdmTrigger Number

(Updatable) An optional property when incremented triggers Add Masking Columns From Sdm. Could be set to any integer value.

columnSources List<Property Map>

(Updatable) Details to associate a column source with a masking policy.

compartmentId String

(Updatable) The OCID of the compartment where the masking policy should be created.

definedTags Map<String>

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags Example: {"Operations.CostCenter": "42"}

description String

(Updatable) The description of the masking policy.

displayName String

(Updatable) The display name of the masking policy. The name does not have to be unique, and it's changeable.

freeformTags Map<String>

generateHealthReportTrigger Number

(Updatable) An optional property when incremented triggers Generate Health Report. Could be set to any integer value.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

isDropTempTablesEnabled Boolean

isRedoLoggingEnabled Boolean

isRefreshStatsEnabled Boolean

parallelDegree String

postMaskingScript String

preMaskingScript String

recompile String

state String

The current state of the masking policy.

timeCreated String

The date and time the masking policy was created, in the format defined by RFC3339.

timeUpdated String

The date and time the masking policy was last updated, in the format defined by RFC3339

Supporting Types

MaskingPolicyColumnSource, MaskingPolicyColumnSourceArgs

ColumnSource string: (Updatable) The source of masking columns.
SensitiveDataModelId string: (Updatable) The OCID of the sensitive data model to be associated as the column source with the masking policy.
TargetId string: (Updatable) The OCID of the target database to be associated as the column source with the masking policy.

ColumnSource string: (Updatable) The source of masking columns.
SensitiveDataModelId string: (Updatable) The OCID of the sensitive data model to be associated as the column source with the masking policy.
TargetId string: (Updatable) The OCID of the target database to be associated as the column source with the masking policy.

columnSource String: (Updatable) The source of masking columns.
sensitiveDataModelId String: (Updatable) The OCID of the sensitive data model to be associated as the column source with the masking policy.
targetId String: (Updatable) The OCID of the target database to be associated as the column source with the masking policy.

columnSource string: (Updatable) The source of masking columns.
sensitiveDataModelId string: (Updatable) The OCID of the sensitive data model to be associated as the column source with the masking policy.
targetId string: (Updatable) The OCID of the target database to be associated as the column source with the masking policy.

column_source str: (Updatable) The source of masking columns.
sensitive_data_model_id str: (Updatable) The OCID of the sensitive data model to be associated as the column source with the masking policy.
target_id str: (Updatable) The OCID of the target database to be associated as the column source with the masking policy.

columnSource String: (Updatable) The source of masking columns.
sensitiveDataModelId String: (Updatable) The OCID of the sensitive data model to be associated as the column source with the masking policy.
targetId String: (Updatable) The OCID of the target database to be associated as the column source with the masking policy.

Import

MaskingPolicies can be imported using the id, e.g.

$ pulumi import oci:DataSafe/maskingPolicy:MaskingPolicy test_masking_policy "id"

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: oci pulumi/pulumi-oci
License: Apache-2.0
Notes: This Pulumi package is based on the oci Terraform Provider.

Oracle Cloud Infrastructure v2.33.0 published on Thursday, May 1, 2025 by Pulumi

pulumi/pulumi-oci

oci.DataSafe.MaskingPolicy

On this page

On this page

Example Usage

Create MaskingPolicy Resource

Constructor syntax

Parameters

Constructor example

MaskingPolicy Resource Properties

Inputs

Outputs

Look up Existing MaskingPolicy Resource

Supporting Types

MaskingPolicyColumnSource, MaskingPolicyColumnSourceArgs

Import

Package Details

On this page

On this page