GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
CLOUD-GUARD(1) OCI CLI Command Reference CLOUD-GUARD(1)

cloud-guard -

Use the Cloud Guard and Security Zones CLI to automate processes that you would otherwise perform through the Cloud Guard Console or the Security Zones Console. For more information on these services, see the Cloud Guard <https://docs.cloud.oracle.com/iaas/cloud-guard/home.htm> and Security Zones <https://docs.cloud.oracle.com/iaas/security-zone/home.htm> documentation.

Note: For Cloud Guard, you can perform Create, Update, and Delete operations only from the reporting region of your Cloud Guard tenancy. You can perform Read operations in Cloud Guard from any region.

activity-problem-aggregation
request-summarized-activity-problems

condition-metadata-type
  • get
  • list

configuration
  • get
  • update

data-mask-rule
  • create
  • create-for-all-targets
  • create-for-services
  • create-for-targets
  • delete
  • get
  • list
  • update
  • update-for-all-targets
  • update-for-services
  • update-for-targets

detector
  • get
  • list

detector-recipe
  • change-compartment
  • create
  • delete
  • get
  • list
  • update

detector-recipe-detector-rule
  • get
  • list
  • update

detector-rule
  • get
  • list

impacted-resource-summary
list-impacted-resources

managed-list
  • change-compartment
  • create
  • delete
  • get
  • list
  • update

managed-list-type-summary
list-managed-list-types

policy-summary
list-policies

problem
  • get
  • list
  • list-problem-histories
  • trigger-responder
  • update-bulk-problem-status
  • update-problem-status

problem-aggregation
request-summarized-problems

problem-endpoint-summary
list-problem-endpoints

problem-trend-aggregation
request-summarized-trend-problems

recommendation-summary
list-recommendations

resource-profile
get

resource-profile-endpoint-summary
list-resource-profile-endpoints

resource-profile-impacted-resource-summary
list-resource-profile-impacted-resources

resource-profile-risk-score-aggregation-summary
request-summarized-top-trend-resource-profile-risk-scores

resource-profile-summary
list-resource-profiles

resource-risk-score-aggregation
request-summarized-trend-resource-risk-scores

resource-type-summary
list-resource-types

responder-activity-summary
list-responder-activities

responder-execution
  • execute
  • get
  • skip
  • skip-bulk

responder-execution-aggregation
request-summarized-responder-executions

responder-execution-summary
list-responder-executions

responder-execution-trend-aggregation
request-summarized-trend-responder-executions

responder-recipe
  • change-compartment
  • create
  • delete
  • get
  • list
  • update

responder-recipe-responder-rule
  • get
  • list
  • update

responder-rule
  • get
  • list

risk-score-aggregation
  • request-risk-scores
  • request-summarized-risk-scores

security-policy
get

security-policy-collection
list-security-policies

security-recipe
  • change-compartment
  • create
  • delete
  • get
  • update

security-recipe-collection
list-security-recipes

security-score-aggregation
  • request-security-scores
  • request-summarized-security-scores

security-score-trend-aggregation
  • request-security-score-summarized-trend
  • request-summarized-trend-security-scores

security-zone
  • add
  • change-compartment
  • create
  • delete
  • get
  • remove
  • update

security-zone-collection
list-security-zones

sighting
get

sighting-endpoint-summary
list-sighting-endpoints

sighting-impacted-resource-summary
list-sighting-impacted-resources

sighting-summary
list-sightings

tactic-summary
list-tactics

target
  • create
  • delete
  • get
  • list
  • update

target-detector-recipe
  • create
  • delete
  • get
  • list
  • update

target-detector-recipe-detector-rule
  • get
  • list
  • update

target-responder-recipe
  • create
  • delete
  • get
  • list
  • update

target-responder-recipe-responder-rule
  • get
  • list
  • update

technique-summary
list-techniques


Provides the dimensions and their corresponding count.

request-summarized-activity-problems

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Returns the summary of Activity type problems identified by cloud guard, for a given set of dimensions.

The parameter accessLevel specifies whether to return only those compartments for which the requestor has INSPECT permissions on at least one resource directly or indirectly (ACCESSIBLE) (the resource can be in a subcompartment) or to return Not Authorized if Principal doesn’t have access to even one of the child compartments. This is valid only when compartmentIdInSubtree is set to true.

The parameter compartmentIdInSubtree applies when you perform summarize API on the compartmentId passed and when it is set to true, the entire hierarchy of compartments can be returned. To get a full list of all compartments and subcompartments in the tenancy (root compartment), set the parameter compartmentIdInSubtree to true and accessLevel to ACCESSIBLE.

The compartmentId to be passed with accessLevel and compartmentIdInSubtree params has to be the root compartment id (tenant-id) only.

oci cloud-guard activity-problem-aggregation request-summarized-activity-problems [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--access-level [text]

Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.

Accepted values are:

ACCESSIBLE, RESTRICTED


--compartment-id-in-subtree [boolean]

Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned depending on the the setting of accessLevel.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--include-unknown-locations [boolean]

Default is false. When set to true, the summary of activity problems that has unknown values for city, state or country will be included.

--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/activity-problem-aggregation/request-summarized-activity-problems.html#cmdoption-compartment-id
    oci cloud-guard activity-problem-aggregation request-summarized-activity-problems --compartment-id $compartment_id


condition type provided by cloud guard

  • get
  • list

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Returns ConditionType with its details.

oci cloud-guard condition-metadata-type get [OPTIONS]


--condition-metadata-type-id [text]

The type of the condition meta data.

Accepted values are:

ActivityCondition, CloudGuardCondition, SecurityCondition, ThreatCondition


--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--resource-type [text]

Resource filter for the condition meta data.

--service-type [text]

ServiceType filter for the condition meta data.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export condition_metadata_type_id=<substitute-value-of-condition_metadata_type_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/condition-metadata-type/get.html#cmdoption-condition-metadata-type-id
    oci cloud-guard condition-metadata-type get --condition-metadata-type-id $condition_metadata_type_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Returns a list of condition types.

oci cloud-guard condition-metadata-type list [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--lifecycle-state [text]

The field life cycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--sort-by [text]

The field to sort by. Only one sort order may be provided. Default order for timeCreated is descending. Default order for displayName is ascending. If no value is specified timeCreated is default.

Accepted values are:

displayName, timeCreated


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/condition-metadata-type/list.html#cmdoption-compartment-id
    oci cloud-guard condition-metadata-type list --compartment-id $compartment_id


Cloud Guard configuration details of a tenancy.

  • get
  • update

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

GET Cloud Guard Configuration Details for a Tenancy.

oci cloud-guard configuration get [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/configuration/get.html#cmdoption-compartment-id
    oci cloud-guard configuration get --compartment-id $compartment_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Enable/Disable Cloud Guard. The reporting region cannot be updated once created.

oci cloud-guard configuration update [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--reporting-region [text]

The reporting region value

--status [text]

Status of Cloud Guard Tenant

Accepted values are:

DISABLED, ENABLED


--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

--self-manage-resources [boolean]

Identifies if Oracle managed resources will be created by customers. If no value is specified false is the default.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/configuration/update.html#cmdoption-compartment-id
    export reporting_region=<substitute-value-of-reporting_region> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/configuration/update.html#cmdoption-reporting-region
    export status=<substitute-value-of-status> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/configuration/update.html#cmdoption-status
    oci cloud-guard configuration update --compartment-id $compartment_id --reporting-region $reporting_region --status $status


Description of DataMaskRule.

  • create
  • create-for-all-targets
  • create-for-services
  • create-for-targets
  • delete
  • get
  • list
  • update
  • update-for-all-targets
  • update-for-services
  • update-for-targets

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Creates a new Data Mask Rule Definition

oci cloud-guard data-mask-rule create [OPTIONS]


--compartment-id, -c [text]

Compartment Identifier where the resource is created

--data-mask-categories [text]

Data Mask Categories

Accepted values are:

ACTOR, CUSTOM, FINANCIAL, LOCATION, PHI, PII


--display-name [text]

Data mask rule name.

Avoid entering confidential information.

--iam-group-id [text]

IAM Group id associated with the data mask rule

--target-selected [complex type]

This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--data-mask-rule-status [text]

The status of the dataMaskRule.

Accepted values are:

DISABLED, ENABLED


--defined-tags [complex type]

Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {“foo-namespace”: {“bar-key”: “value”}} This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--description [text]

The data mask rule description. Avoid entering confidential information.

--freeform-tags [complex type]

Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {“bar-key”: “value”}

Avoid entering confidential information. This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--lifecycle-state [text]

The current state of the DataMaskRule.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy and paste the following example into a JSON file, replacing the example parameters with your own.

    oci cloud-guard data-mask-rule create --generate-param-json-input target-selected > target-selected.json


Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create.html#cmdoption-compartment-id
    export data_mask_categories=<substitute-value-of-data_mask_categories> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create.html#cmdoption-data-mask-categories
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create.html#cmdoption-display-name
    export iam_group_id=<substitute-value-of-iam_group_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create.html#cmdoption-iam-group-id
    oci cloud-guard data-mask-rule create --compartment-id $compartment_id --data-mask-categories $data_mask_categories --display-name $display_name --iam-group-id $iam_group_id --target-selected file://target-selected.json


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Creates a new Data Mask Rule Definition

oci cloud-guard data-mask-rule create-for-all-targets [OPTIONS]


--compartment-id, -c [text]

Compartment Identifier where the resource is created

--data-mask-categories [text]

Data Mask Categories

Accepted values are:

ACTOR, CUSTOM, FINANCIAL, LOCATION, PHI, PII


--display-name [text]

Data mask rule name.

Avoid entering confidential information.

--iam-group-id [text]

IAM Group id associated with the data mask rule

--data-mask-rule-status [text]

The status of the dataMaskRule.

Accepted values are:

DISABLED, ENABLED


--defined-tags [complex type]

Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {“foo-namespace”: {“bar-key”: “value”}} This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--description [text]

The data mask rule description. Avoid entering confidential information.

--freeform-tags [complex type]

Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {“bar-key”: “value”}

Avoid entering confidential information. This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--lifecycle-state [text]

The current state of the DataMaskRule.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create-for-all-targets.html#cmdoption-compartment-id
    export data_mask_categories=<substitute-value-of-data_mask_categories> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create-for-all-targets.html#cmdoption-data-mask-categories
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create-for-all-targets.html#cmdoption-display-name
    export iam_group_id=<substitute-value-of-iam_group_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create-for-all-targets.html#cmdoption-iam-group-id
    oci cloud-guard data-mask-rule create-for-all-targets --compartment-id $compartment_id --data-mask-categories $data_mask_categories --display-name $display_name --iam-group-id $iam_group_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Creates a new Data Mask Rule Definition

oci cloud-guard data-mask-rule create-for-services [OPTIONS]


--compartment-id, -c [text]

Compartment Identifier where the resource is created

--data-mask-categories [text]

Data Mask Categories

Accepted values are:

ACTOR, CUSTOM, FINANCIAL, LOCATION, PHI, PII


--display-name [text]

Data mask rule name.

Avoid entering confidential information.

--iam-group-id [text]

IAM Group id associated with the data mask rule

--data-mask-rule-status [text]

The status of the dataMaskRule.

Accepted values are:

DISABLED, ENABLED


--defined-tags [complex type]

Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {“foo-namespace”: {“bar-key”: “value”}} This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--description [text]

The data mask rule description. Avoid entering confidential information.

--freeform-tags [complex type]

Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {“bar-key”: “value”}

Avoid entering confidential information. This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--lifecycle-state [text]

The current state of the DataMaskRule.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--target-selected-values [text]

Types of Targets

Accepted values are:

COMPARTMENT, ERPCLOUD, HCMCLOUD, SECURITY_ZONE


--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create-for-services.html#cmdoption-compartment-id
    export data_mask_categories=<substitute-value-of-data_mask_categories> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create-for-services.html#cmdoption-data-mask-categories
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create-for-services.html#cmdoption-display-name
    export iam_group_id=<substitute-value-of-iam_group_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create-for-services.html#cmdoption-iam-group-id
    oci cloud-guard data-mask-rule create-for-services --compartment-id $compartment_id --data-mask-categories $data_mask_categories --display-name $display_name --iam-group-id $iam_group_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Creates a new Data Mask Rule Definition

oci cloud-guard data-mask-rule create-for-targets [OPTIONS]


--compartment-id, -c [text]

Compartment Identifier where the resource is created

--data-mask-categories [text]

Data Mask Categories

Accepted values are:

ACTOR, CUSTOM, FINANCIAL, LOCATION, PHI, PII


--display-name [text]

Data mask rule name.

Avoid entering confidential information.

--iam-group-id [text]

IAM Group id associated with the data mask rule

--data-mask-rule-status [text]

The status of the dataMaskRule.

Accepted values are:

DISABLED, ENABLED


--defined-tags [complex type]

Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {“foo-namespace”: {“bar-key”: “value”}} This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--description [text]

The data mask rule description. Avoid entering confidential information.

--freeform-tags [complex type]

Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {“bar-key”: “value”}

Avoid entering confidential information. This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--lifecycle-state [text]

The current state of the DataMaskRule.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--target-selected-values [complex type]

Ids of Target This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create-for-targets.html#cmdoption-compartment-id
    export data_mask_categories=<substitute-value-of-data_mask_categories> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create-for-targets.html#cmdoption-data-mask-categories
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create-for-targets.html#cmdoption-display-name
    export iam_group_id=<substitute-value-of-iam_group_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create-for-targets.html#cmdoption-iam-group-id
    oci cloud-guard data-mask-rule create-for-targets --compartment-id $compartment_id --data-mask-categories $data_mask_categories --display-name $display_name --iam-group-id $iam_group_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Deletes a DataMaskRule identified by dataMaskRuleId

oci cloud-guard data-mask-rule delete [OPTIONS]


--data-mask-rule-id [text]

OCID of dataMaskRule

--force

Perform deletion without prompting for confirmation.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy and paste the following example into a JSON file, replacing the example parameters with your own.

    oci cloud-guard data-mask-rule create --generate-param-json-input target-selected > target-selected.json


Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create.html#cmdoption-compartment-id
    export data_mask_categories=<substitute-value-of-data_mask_categories> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create.html#cmdoption-data-mask-categories
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create.html#cmdoption-display-name
    export iam_group_id=<substitute-value-of-iam_group_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create.html#cmdoption-iam-group-id
    data_mask_rule_id=$(oci cloud-guard data-mask-rule create --compartment-id $compartment_id --data-mask-categories $data_mask_categories --display-name $display_name --iam-group-id $iam_group_id --target-selected file://target-selected.json --query data.id --raw-output)
    oci cloud-guard data-mask-rule delete --data-mask-rule-id $data_mask_rule_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Returns a DataMaskRule identified by DataMaskRuleId

oci cloud-guard data-mask-rule get [OPTIONS]


--data-mask-rule-id [text]

OCID of dataMaskRule

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy and paste the following example into a JSON file, replacing the example parameters with your own.

    oci cloud-guard data-mask-rule create --generate-param-json-input target-selected > target-selected.json


Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create.html#cmdoption-compartment-id
    export data_mask_categories=<substitute-value-of-data_mask_categories> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create.html#cmdoption-data-mask-categories
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create.html#cmdoption-display-name
    export iam_group_id=<substitute-value-of-iam_group_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create.html#cmdoption-iam-group-id
    data_mask_rule_id=$(oci cloud-guard data-mask-rule create --compartment-id $compartment_id --data-mask-categories $data_mask_categories --display-name $display_name --iam-group-id $iam_group_id --target-selected file://target-selected.json --query data.id --raw-output)
    oci cloud-guard data-mask-rule get --data-mask-rule-id $data_mask_rule_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Returns a list of all Data Mask Rules in the root ‘compartmentId’ passed.

oci cloud-guard data-mask-rule list [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--access-level [text]

Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.

Accepted values are:

ACCESSIBLE, RESTRICTED


--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--data-mask-rule-status [text]

The status of the dataMaskRule.

Accepted values are:

DISABLED, ENABLED


--display-name [text]

A filter to return only resources that match the entire display name given.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--iam-group-id [text]

OCID of iamGroup

--lifecycle-state [text]

The field life cycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--sort-by [text]

The field to sort by. Only one sort order may be provided. Default order for timeCreated is descending. Default order for displayName is ascending. If no value is specified timeCreated is default.

Accepted values are:

displayName, timeCreated


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


--target-id [text]

OCID of target

--target-type [text]

Type of target

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/list.html#cmdoption-compartment-id
    oci cloud-guard data-mask-rule list --compartment-id $compartment_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Updates a DataMaskRule identified by dataMaskRuleId

oci cloud-guard data-mask-rule update [OPTIONS]


--data-mask-rule-id [text]

OCID of dataMaskRule

--compartment-id, -c [text]

Compartment Identifier where the resource is created

--data-mask-categories [text]

Data Mask Categories

Accepted values are:

ACTOR, CUSTOM, FINANCIAL, LOCATION, PHI, PII


--data-mask-rule-status [text]

The status of the dataMaskRule.

Accepted values are:

DISABLED, ENABLED


--defined-tags [complex type]

Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {“foo-namespace”: {“bar-key”: “value”}} This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--display-name [text]

Data mask rule Name.

Avoid entering confidential information.

--force

Perform update without prompting for confirmation.

--freeform-tags [complex type]

Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {“bar-key”: “value”}

Avoid entering confidential information. This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--iam-group-id [text]

IAM Group id associated with the data mask rule

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--target-selected [complex type]

This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy and paste the following example into a JSON file, replacing the example parameters with your own.

    oci cloud-guard data-mask-rule create --generate-param-json-input target-selected > target-selected.json


Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create.html#cmdoption-compartment-id
    export data_mask_categories=<substitute-value-of-data_mask_categories> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create.html#cmdoption-data-mask-categories
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create.html#cmdoption-display-name
    export iam_group_id=<substitute-value-of-iam_group_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create.html#cmdoption-iam-group-id
    data_mask_rule_id=$(oci cloud-guard data-mask-rule create --compartment-id $compartment_id --data-mask-categories $data_mask_categories --display-name $display_name --iam-group-id $iam_group_id --target-selected file://target-selected.json --query data.id --raw-output)
    oci cloud-guard data-mask-rule update --data-mask-rule-id $data_mask_rule_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Updates a DataMaskRule identified by dataMaskRuleId

oci cloud-guard data-mask-rule update-for-all-targets [OPTIONS]


--data-mask-rule-id [text]

OCID of dataMaskRule

--compartment-id, -c [text]

Compartment Identifier where the resource is created

--data-mask-categories [text]

Data Mask Categories

Accepted values are:

ACTOR, CUSTOM, FINANCIAL, LOCATION, PHI, PII


--data-mask-rule-status [text]

The status of the dataMaskRule.

Accepted values are:

DISABLED, ENABLED


--defined-tags [complex type]

Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {“foo-namespace”: {“bar-key”: “value”}} This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--display-name [text]

Data mask rule Name.

Avoid entering confidential information.

--force

Perform update without prompting for confirmation.

--freeform-tags [complex type]

Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {“bar-key”: “value”}

Avoid entering confidential information. This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--iam-group-id [text]

IAM Group id associated with the data mask rule

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy and paste the following example into a JSON file, replacing the example parameters with your own.

    oci cloud-guard data-mask-rule create --generate-param-json-input target-selected > target-selected.json


Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create.html#cmdoption-compartment-id
    export data_mask_categories=<substitute-value-of-data_mask_categories> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create.html#cmdoption-data-mask-categories
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create.html#cmdoption-display-name
    export iam_group_id=<substitute-value-of-iam_group_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create.html#cmdoption-iam-group-id
    data_mask_rule_id=$(oci cloud-guard data-mask-rule create --compartment-id $compartment_id --data-mask-categories $data_mask_categories --display-name $display_name --iam-group-id $iam_group_id --target-selected file://target-selected.json --query data.id --raw-output)
    oci cloud-guard data-mask-rule update-for-all-targets --data-mask-rule-id $data_mask_rule_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Updates a DataMaskRule identified by dataMaskRuleId

oci cloud-guard data-mask-rule update-for-services [OPTIONS]


--data-mask-rule-id [text]

OCID of dataMaskRule

--compartment-id, -c [text]

Compartment Identifier where the resource is created

--data-mask-categories [text]

Data Mask Categories

Accepted values are:

ACTOR, CUSTOM, FINANCIAL, LOCATION, PHI, PII


--data-mask-rule-status [text]

The status of the dataMaskRule.

Accepted values are:

DISABLED, ENABLED


--defined-tags [complex type]

Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {“foo-namespace”: {“bar-key”: “value”}} This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--display-name [text]

Data mask rule Name.

Avoid entering confidential information.

--force

Perform update without prompting for confirmation.

--freeform-tags [complex type]

Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {“bar-key”: “value”}

Avoid entering confidential information. This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--iam-group-id [text]

IAM Group id associated with the data mask rule

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--target-selected-values [text]

Types of Targets

Accepted values are:

COMPARTMENT, ERPCLOUD, HCMCLOUD, SECURITY_ZONE


--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy and paste the following example into a JSON file, replacing the example parameters with your own.

    oci cloud-guard data-mask-rule create --generate-param-json-input target-selected > target-selected.json


Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create.html#cmdoption-compartment-id
    export data_mask_categories=<substitute-value-of-data_mask_categories> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create.html#cmdoption-data-mask-categories
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create.html#cmdoption-display-name
    export iam_group_id=<substitute-value-of-iam_group_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create.html#cmdoption-iam-group-id
    data_mask_rule_id=$(oci cloud-guard data-mask-rule create --compartment-id $compartment_id --data-mask-categories $data_mask_categories --display-name $display_name --iam-group-id $iam_group_id --target-selected file://target-selected.json --query data.id --raw-output)
    oci cloud-guard data-mask-rule update-for-services --data-mask-rule-id $data_mask_rule_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Updates a DataMaskRule identified by dataMaskRuleId

oci cloud-guard data-mask-rule update-for-targets [OPTIONS]


--data-mask-rule-id [text]

OCID of dataMaskRule

--compartment-id, -c [text]

Compartment Identifier where the resource is created

--data-mask-categories [text]

Data Mask Categories

Accepted values are:

ACTOR, CUSTOM, FINANCIAL, LOCATION, PHI, PII


--data-mask-rule-status [text]

The status of the dataMaskRule.

Accepted values are:

DISABLED, ENABLED


--defined-tags [complex type]

Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {“foo-namespace”: {“bar-key”: “value”}} This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--display-name [text]

Data mask rule Name.

Avoid entering confidential information.

--force

Perform update without prompting for confirmation.

--freeform-tags [complex type]

Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {“bar-key”: “value”}

Avoid entering confidential information. This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--iam-group-id [text]

IAM Group id associated with the data mask rule

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--target-selected-values [complex type]

Ids of Target This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy and paste the following example into a JSON file, replacing the example parameters with your own.

    oci cloud-guard data-mask-rule create --generate-param-json-input target-selected > target-selected.json


Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create.html#cmdoption-compartment-id
    export data_mask_categories=<substitute-value-of-data_mask_categories> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create.html#cmdoption-data-mask-categories
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create.html#cmdoption-display-name
    export iam_group_id=<substitute-value-of-iam_group_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/data-mask-rule/create.html#cmdoption-iam-group-id
    data_mask_rule_id=$(oci cloud-guard data-mask-rule create --compartment-id $compartment_id --data-mask-categories $data_mask_categories --display-name $display_name --iam-group-id $iam_group_id --target-selected file://target-selected.json --query data.id --raw-output)
    oci cloud-guard data-mask-rule update-for-targets --data-mask-rule-id $data_mask_rule_id


A single Detector

  • get
  • list

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Returns a Detector identified by detectorId.

oci cloud-guard detector get [OPTIONS]


--detector-id [text]

The Name of Detector.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export detector_id=<substitute-value-of-detector_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector/get.html#cmdoption-detector-id
    oci cloud-guard detector get --detector-id $detector_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Returns detector catalog - list of detectors supported by Cloud Guard

oci cloud-guard detector list [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--lifecycle-state [text]

The field life cycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--sort-by [text]

The field to sort by. Only one sort order may be provided. Default order for timeCreated is descending. Default order for displayName is ascending. If no value is specified timeCreated is default.

Accepted values are:

displayName, timeCreated


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector/list.html#cmdoption-compartment-id
    oci cloud-guard detector list --compartment-id $compartment_id


Details of Detector recipe

  • change-compartment
  • create
  • delete
  • get
  • list
  • update

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Moves the DetectorRecipe from current compartment to another.

oci cloud-guard detector-recipe change-compartment [OPTIONS]


--compartment-id, -c [text]

The OCID of the compartment into which the DetectorRecipe should be moved

--detector-recipe-id [text]

DetectorRecipe OCID

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-recipe/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-recipe/create.html#cmdoption-display-name
    export source_detector_recipe_id=<substitute-value-of-source_detector_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-recipe/create.html#cmdoption-source-detector-recipe-id
    detector_recipe_id=$(oci cloud-guard detector-recipe create --compartment-id $compartment_id --display-name $display_name --source-detector-recipe-id $source_detector_recipe_id --query data.id --raw-output)
    oci cloud-guard detector-recipe change-compartment --compartment-id $compartment_id --detector-recipe-id $detector_recipe_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Creates a DetectorRecipe

oci cloud-guard detector-recipe create [OPTIONS]


--compartment-id, -c [text]

Compartment Identifier

--display-name [text]

Detector recipe display name.

Avoid entering confidential information.

--source-detector-recipe-id [text]

The id of the source detector recipe.

--defined-tags [complex type]

Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {“foo-namespace”: {“bar-key”: “value”}} This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--description [text]

Detector recipe description.

Avoid entering confidential information.

--detector-rules [complex type]

Detector Rules to override from source detector recipe

This option is a JSON list with items of type UpdateDetectorRecipeDetectorRule. For documentation on UpdateDetectorRecipeDetectorRule please see our API reference: https://docs.cloud.oracle.com/api/#/en/cloudguard/20200131/datatypes/UpdateDetectorRecipeDetectorRule. This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--freeform-tags [complex type]

Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {“bar-key”: “value”}

Avoid entering confidential information. This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-recipe/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-recipe/create.html#cmdoption-display-name
    export source_detector_recipe_id=<substitute-value-of-source_detector_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-recipe/create.html#cmdoption-source-detector-recipe-id
    oci cloud-guard detector-recipe create --compartment-id $compartment_id --display-name $display_name --source-detector-recipe-id $source_detector_recipe_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Deletes a DetectorRecipe identified by detectorRecipeId

oci cloud-guard detector-recipe delete [OPTIONS]


--detector-recipe-id [text]

DetectorRecipe OCID

--force

Perform deletion without prompting for confirmation.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-recipe/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-recipe/create.html#cmdoption-display-name
    export source_detector_recipe_id=<substitute-value-of-source_detector_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-recipe/create.html#cmdoption-source-detector-recipe-id
    detector_recipe_id=$(oci cloud-guard detector-recipe create --compartment-id $compartment_id --display-name $display_name --source-detector-recipe-id $source_detector_recipe_id --query data.id --raw-output)
    oci cloud-guard detector-recipe delete --detector-recipe-id $detector_recipe_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Returns a DetectorRecipe identified by detectorRecipeId

oci cloud-guard detector-recipe get [OPTIONS]


--detector-recipe-id [text]

DetectorRecipe OCID

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-recipe/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-recipe/create.html#cmdoption-display-name
    export source_detector_recipe_id=<substitute-value-of-source_detector_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-recipe/create.html#cmdoption-source-detector-recipe-id
    detector_recipe_id=$(oci cloud-guard detector-recipe create --compartment-id $compartment_id --display-name $display_name --source-detector-recipe-id $source_detector_recipe_id --query data.id --raw-output)
    oci cloud-guard detector-recipe get --detector-recipe-id $detector_recipe_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Returns a list of all Detector Recipes in a compartment

The ListDetectorRecipes operation returns only the detector recipes in compartmentId passed. The list does not include any subcompartments of the compartmentId passed.

The parameter accessLevel specifies whether to return only those compartments for which the requestor has INSPECT permissions on at least one resource directly or indirectly (ACCESSIBLE) (the resource can be in a subcompartment) or to return Not Authorized if Principal doesn’t have access to even one of the child compartments. This is valid only when compartmentIdInSubtree is set to true.

The parameter compartmentIdInSubtree applies when you perform ListDetectorRecipes on the compartmentId passed and when it is set to true, the entire hierarchy of compartments can be returned. To get a full list of all compartments and subcompartments in the tenancy (root compartment), set the parameter compartmentIdInSubtree to true and accessLevel to ACCESSIBLE.

oci cloud-guard detector-recipe list [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--access-level [text]

Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.

Accepted values are:

ACCESSIBLE, RESTRICTED


--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--compartment-id-in-subtree [boolean]

Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned depending on the the setting of accessLevel.

--display-name [text]

A filter to return only resources that match the entire display name given.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--lifecycle-state [text]

The field life cycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--resource-metadata-only [boolean]

Default is false. When set to true, the list of all Oracle Managed Resources Metadata supported by Cloud Guard are returned.

--sort-by [text]

The field to sort by. Only one sort order may be provided. Default order for timeCreated is descending. Default order for displayName is ascending. If no value is specified timeCreated is default.

Accepted values are:

displayName, timeCreated


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-recipe/list.html#cmdoption-compartment-id
    oci cloud-guard detector-recipe list --compartment-id $compartment_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Updates a detector recipe identified by detectorRecipeId

oci cloud-guard detector-recipe update [OPTIONS]


--detector-recipe-id [text]

DetectorRecipe OCID

--defined-tags [complex type]

Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {“foo-namespace”: {“bar-key”: “value”}} This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--description [text]

Detector recipe description.

Avoid entering confidential information.

--detector-rules [complex type]

Detector Rules to update

This option is a JSON list with items of type UpdateDetectorRecipeDetectorRule. For documentation on UpdateDetectorRecipeDetectorRule please see our API reference: https://docs.cloud.oracle.com/api/#/en/cloudguard/20200131/datatypes/UpdateDetectorRecipeDetectorRule. This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--display-name [text]

Display name of detector recipe.

Avoid entering confidential information.

--force

Perform update without prompting for confirmation.

--freeform-tags [complex type]

Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {“bar-key”: “value”}

Avoid entering confidential information. This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-recipe/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-recipe/create.html#cmdoption-display-name
    export source_detector_recipe_id=<substitute-value-of-source_detector_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-recipe/create.html#cmdoption-source-detector-recipe-id
    detector_recipe_id=$(oci cloud-guard detector-recipe create --compartment-id $compartment_id --display-name $display_name --source-detector-recipe-id $source_detector_recipe_id --query data.id --raw-output)
    oci cloud-guard detector-recipe update --detector-recipe-id $detector_recipe_id


Detector Recipe Rule

  • get
  • list
  • update

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Get DetectorRule by identifier

oci cloud-guard detector-recipe-detector-rule get [OPTIONS]


--detector-recipe-id [text]

DetectorRecipe OCID

--detector-rule-id [text]

The key of Detector Rule.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-recipe/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-recipe/create.html#cmdoption-display-name
    export source_detector_recipe_id=<substitute-value-of-source_detector_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-recipe/create.html#cmdoption-source-detector-recipe-id
    export detector_rule_id=<substitute-value-of-detector_rule_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-recipe-detector-rule/get.html#cmdoption-detector-rule-id
    detector_recipe_id=$(oci cloud-guard detector-recipe create --compartment-id $compartment_id --display-name $display_name --source-detector-recipe-id $source_detector_recipe_id --query data.id --raw-output)
    oci cloud-guard detector-recipe-detector-rule get --detector-recipe-id $detector_recipe_id --detector-rule-id $detector_rule_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Returns a list of DetectorRule associated with DetectorRecipe.

oci cloud-guard detector-recipe-detector-rule list [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--detector-recipe-id [text]

DetectorRecipe OCID

--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--display-name [text]

A filter to return only resources that match the entire display name given.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--lifecycle-state [text]

The field life cycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--sort-by [text]

The field to sort by. Only one sort order may be provided. Default order for displayName is ascending. If no value is specified displayName is default.

Accepted values are:

displayName, riskLevel


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-recipe/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-recipe/create.html#cmdoption-display-name
    export source_detector_recipe_id=<substitute-value-of-source_detector_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-recipe/create.html#cmdoption-source-detector-recipe-id
    detector_recipe_id=$(oci cloud-guard detector-recipe create --compartment-id $compartment_id --display-name $display_name --source-detector-recipe-id $source_detector_recipe_id --query data.id --raw-output)
    oci cloud-guard detector-recipe-detector-rule list --compartment-id $compartment_id --detector-recipe-id $detector_recipe_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Update the DetectorRule by identifier

oci cloud-guard detector-recipe-detector-rule update [OPTIONS]


--detector-recipe-id [text]

DetectorRecipe OCID

--detector-rule-id [text]

The key of Detector Rule.

--details [complex type]

This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--force

Perform update without prompting for confirmation.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-recipe/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-recipe/create.html#cmdoption-display-name
    export source_detector_recipe_id=<substitute-value-of-source_detector_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-recipe/create.html#cmdoption-source-detector-recipe-id
    export detector_rule_id=<substitute-value-of-detector_rule_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-recipe-detector-rule/update.html#cmdoption-detector-rule-id
    detector_recipe_id=$(oci cloud-guard detector-recipe create --compartment-id $compartment_id --display-name $display_name --source-detector-recipe-id $source_detector_recipe_id --query data.id --raw-output)
    oci cloud-guard detector-recipe-detector-rule update --detector-recipe-id $detector_recipe_id --detector-rule-id $detector_rule_id


Detector

  • get
  • list

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Returns a Detector Rule identified by detectorRuleId

oci cloud-guard detector-rule get [OPTIONS]


--detector-id [text]

The Name of Detector.

--detector-rule-id [text]

The key of Detector Rule.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export detector_id=<substitute-value-of-detector_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-rule/get.html#cmdoption-detector-id
    export detector_rule_id=<substitute-value-of-detector_rule_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-rule/get.html#cmdoption-detector-rule-id
    oci cloud-guard detector-rule get --detector-id $detector_id --detector-rule-id $detector_rule_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Returns a list of detector rules for the detectorId passed.

oci cloud-guard detector-rule list [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--detector-id [text]

The Name of Detector.

--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--display-name [text]

A filter to return only resources that match the entire display name given.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--lifecycle-state [text]

The field life cycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--sort-by [text]

The field to sort by. Only one sort order may be provided. Default order for timeCreated is descending. Default order for displayName is ascending. If no value is specified timeCreated is default.

Accepted values are:

displayName, timeCreated


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-rule/list.html#cmdoption-compartment-id
    export detector_id=<substitute-value-of-detector_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-rule/list.html#cmdoption-detector-id
    oci cloud-guard detector-rule list --compartment-id $compartment_id --detector-id $detector_id


Impacted Resource summary Definition.

list-impacted-resources

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Returns a list of Impacted Resources for a CloudGuard Problem

oci cloud-guard impacted-resource-summary list-impacted-resources [OPTIONS]


--problem-id [text]

OCId of the problem.

--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--sort-by [text]

The field to sort by. Only one sort order may be provided. Default order for timeCreated is descending. If no value is specified timeCreated is default.

Accepted values are:

timeCreated


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export problem_id=<substitute-value-of-problem_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/impacted-resource-summary/list-impacted-resources.html#cmdoption-problem-id
    oci cloud-guard impacted-resource-summary list-impacted-resources --problem-id $problem_id


A cloud guard list containing one or more items of a list type

  • change-compartment
  • create
  • delete
  • get
  • list
  • update

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Moves the ManagedList from current compartment to another.

oci cloud-guard managed-list change-compartment [OPTIONS]


--compartment-id, -c [text]

The OCID of the compartment into which the ManagedList should be moved

--managed-list-id [text]

The cloudguard list OCID to be passed in the request.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/managed-list/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/managed-list/create.html#cmdoption-display-name
    managed_list_id=$(oci cloud-guard managed-list create --compartment-id $compartment_id --display-name $display_name --query data.id --raw-output)
    oci cloud-guard managed-list change-compartment --compartment-id $compartment_id --managed-list-id $managed_list_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Creates a new ManagedList.

oci cloud-guard managed-list create [OPTIONS]


--compartment-id, -c [text]

Compartment Identifier

--display-name [text]

Managed list display name.

Avoid entering confidential information.

--defined-tags [complex type]

Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {“foo-namespace”: {“bar-key”: “value”}} This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--description [text]

Managed list description.

Avoid entering confidential information.

--freeform-tags [complex type]

Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {“bar-key”: “value”}

Avoid entering confidential information. This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--list-items [complex type]

List of ManagedListItem This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--list-type [text]

type of the list

Accepted values are:

CIDR_BLOCK, CITY, COUNTRY, GENERIC, GROUPS, IPV4ADDRESS, IPV6ADDRESS, REGION, RESOURCE_OCID, STATE, TAGS, USERS


--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--source-managed-list-id [text]

OCID of the Source ManagedList

--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/managed-list/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/managed-list/create.html#cmdoption-display-name
    oci cloud-guard managed-list create --compartment-id $compartment_id --display-name $display_name


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Deletes a managed list identified by managedListId

oci cloud-guard managed-list delete [OPTIONS]


--managed-list-id [text]

The cloudguard list OCID to be passed in the request.

--force

Perform deletion without prompting for confirmation.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/managed-list/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/managed-list/create.html#cmdoption-display-name
    managed_list_id=$(oci cloud-guard managed-list create --compartment-id $compartment_id --display-name $display_name --query data.id --raw-output)
    oci cloud-guard managed-list delete --managed-list-id $managed_list_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Returns a managed list identified by managedListId

oci cloud-guard managed-list get [OPTIONS]


--managed-list-id [text]

The cloudguard list OCID to be passed in the request.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/managed-list/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/managed-list/create.html#cmdoption-display-name
    managed_list_id=$(oci cloud-guard managed-list create --compartment-id $compartment_id --display-name $display_name --query data.id --raw-output)
    oci cloud-guard managed-list get --managed-list-id $managed_list_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Returns a list of ListManagedLists. The ListManagedLists operation returns only the managed lists in compartmentId passed. The list does not include any subcompartments of the compartmentId passed.

The parameter accessLevel specifies whether to return ManagedLists in only those compartments for which the requestor has INSPECT permissions on at least one resource directly or indirectly (ACCESSIBLE) (the resource can be in a subcompartment) or to return Not Authorized if Principal doesn’t have access to even one of the child compartments. This is valid only when compartmentIdInSubtree is set to true.

The parameter compartmentIdInSubtree applies when you perform ListManagedLists on the compartmentId passed and when it is set to true, the entire hierarchy of compartments can be returned. To get a full list of all compartments and subcompartments in the tenancy (root compartment), set the parameter compartmentIdInSubtree to true and accessLevel to ACCESSIBLE.

oci cloud-guard managed-list list [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--access-level [text]

Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.

Accepted values are:

ACCESSIBLE, RESTRICTED


--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--compartment-id-in-subtree [boolean]

Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned depending on the the setting of accessLevel.

--display-name [text]

A filter to return only resources that match the entire display name given.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--lifecycle-state [text]

The field life cycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--limit [integer]

The maximum number of items to return.

--list-type [text]

The type of the ManagedList.

Accepted values are:

CIDR_BLOCK, CITY, COUNTRY, GENERIC, GROUPS, IPV4ADDRESS, IPV6ADDRESS, REGION, RESOURCE_OCID, STATE, TAGS, USERS


--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--resource-metadata-only [boolean]

Default is false. When set to true, the list of all Oracle Managed Resources Metadata supported by Cloud Guard are returned.

--sort-by [text]

The field to sort by. Only one sort order may be provided. Default order for timeCreated is descending. Default order for displayName is ascending. If no value is specified timeCreated is default.

Accepted values are:

displayName, timeCreated


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/managed-list/list.html#cmdoption-compartment-id
    oci cloud-guard managed-list list --compartment-id $compartment_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Updates a managed list identified by managedListId

oci cloud-guard managed-list update [OPTIONS]


--managed-list-id [text]

The cloudguard list OCID to be passed in the request.

--defined-tags [complex type]

Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {“foo-namespace”: {“bar-key”: “value”}} This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--description [text]

Managed list description. Avoid entering confidential information.

--display-name [text]

Managed list display name.

Avoid entering confidential information.

--force

Perform update without prompting for confirmation.

--freeform-tags [complex type]

Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {“bar-key”: “value”}

Avoid entering confidential information. This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

--list-items [complex type]

List of ManagedListItem This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/managed-list/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/managed-list/create.html#cmdoption-display-name
    managed_list_id=$(oci cloud-guard managed-list create --compartment-id $compartment_id --display-name $display_name --query data.id --raw-output)
    oci cloud-guard managed-list update --managed-list-id $managed_list_id


Summary of the ManagedListType.

list-managed-list-types

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Returns all ManagedList types supported by Cloud Guard

oci cloud-guard managed-list-type-summary list-managed-list-types [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--lifecycle-state [text]

The field life cycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--sort-by [text]

The field to sort by. Only one sort order may be provided. Default order for displayName is ascending. If no value is specified displayName is default.

Accepted values are:

displayName, riskLevel


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/managed-list-type-summary/list-managed-list-types.html#cmdoption-compartment-id
    oci cloud-guard managed-list-type-summary list-managed-list-types --compartment-id $compartment_id


Global policy statement

list-policies

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Returns the list of global policy statements needed by Cloud Guard when enabling

oci cloud-guard policy-summary list-policies [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--sort-by [text]

The field to sort by. Only one sort order may be provided. Default order for timeCreated is descending. Default order for displayName is ascending. If no value is specified timeCreated is default.

Accepted values are:

displayName, timeCreated


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/policy-summary/list-policies.html#cmdoption-compartment-id
    oci cloud-guard policy-summary list-policies --compartment-id $compartment_id


Problem Definition.

  • get
  • list
  • list-problem-histories
  • trigger-responder
  • update-bulk-problem-status
  • update-problem-status

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Returns a Problems response

oci cloud-guard problem get [OPTIONS]


--problem-id [text]

OCId of the problem.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export problem_id=<substitute-value-of-problem_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/problem/get.html#cmdoption-problem-id
    oci cloud-guard problem get --problem-id $problem_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • UTC with microseconds
  • Timezone with microseconds
  • UTC with microseconds
  • Timezone with microseconds
  • UTC with microseconds
  • Timezone with microseconds
  • UTC with microseconds
  • Timezone with microseconds

  • Global Parameters
  • Examples

Returns a list of all Problems identified by the Cloud Guard

The ListProblems operation returns only the problems in compartmentId passed. The list does not include any subcompartments of the compartmentId passed.

The parameter accessLevel specifies whether to return only those compartments for which the requestor has INSPECT permissions on at least one resource directly or indirectly (ACCESSIBLE) (the resource can be in a subcompartment) or to return Not Authorized if Principal doesn’t have access to even one of the child compartments. This is valid only when compartmentIdInSubtree is set to true.

The parameter compartmentIdInSubtree applies when you perform ListProblems on the compartmentId passed and when it is set to true, the entire hierarchy of compartments can be returned. To get a full list of all compartments and subcompartments in the tenancy (root compartment), set the parameter compartmentIdInSubtree to true and accessLevel to ACCESSIBLE.

oci cloud-guard problem list [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--access-level [text]

Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.

Accepted values are:

ACCESSIBLE, RESTRICTED


--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--city [text]

City of the problem.

--compartment-id-in-subtree [boolean]

Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned depending on the the setting of accessLevel.

--country [text]

Country of the problem.

--detector-rule-id-list [text]

Comma seperated list of detector rule ids to be passed in to match against Problems.

--detector-type [text]

The field to list the Problems by Detector Type. Valid values are IAAS_ACTIVITY_DETECTOR and IAAS_CONFIGURATION_DETECTOR

Accepted values are:

IAAS_ACTIVITY_DETECTOR, IAAS_CONFIGURATION_DETECTOR, IAAS_THREAT_DETECTOR


--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--label [text]

Label associated with the Problem.

--lifecycle-detail [text]

The field life cycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.

Accepted values are:

DELETED, DISMISSED, OPEN, RESOLVED


--lifecycle-state [text]

The field life cycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.

Accepted values are:

ACTIVE, INACTIVE


--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--problem-category [text]

Setting this to SECURITY_ZONE returns only security-zone related violations.

Accepted values are:

SECURITY_ZONE


--problem-region [text]

OCI Monitoring region.

--resource-id [text]

The ID of the resource associated with the problem.

--resource-type [text]

Resource Type associated with the resource.

--risk-level [text]

Risk level of the Problem.

--sort-by [text]

The field to sort by. Only one sort order may be provided. Default order for riskLevel, timeLastDetected and resourceName is descending. Default order for riskLevel and resourceName is ascending. If no value is specified timeLastDetected is default.

Accepted values are:

resourceName, riskLevel, timeLastDetected


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


--state [text]

State of the problem.

--target-id [text]

The ID of the target in which to list resources.

--time-first-detected-greater-than-or-equal-to [datetime]

Start time for a filter. If start time is not specified, start time will be set to current time - 30 days.

The following datetime formats are supported:


Format: YYYY-MM-DDTHH:mm:ss.ssssssTZD
Example: 2017-09-15T20:30:00.123456Z
UTC with milliseconds
***********************
.. code::
    Format: YYYY-MM-DDTHH:mm:ss.sssTZD
    Example: 2017-09-15T20:30:00.123Z
UTC without milliseconds
**************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T20:30:00Z
UTC with minute precision
**************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T20:30Z


Format: YYYY-MM-DDTHH:mm:ssTZD
Example: 2017-09-15T12:30:00.456789-08:00, 2017-09-15T12:30:00.456789-0800
Timezone with milliseconds
***************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00.456-08:00, 2017-09-15T12:30:00.456-0800
Timezone without milliseconds
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00-08:00, 2017-09-15T12:30:00-0800
Timezone with minute precision
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T12:30-08:00, 2017-09-15T12:30-0800
Short date and time
********************
The timezone for this date and time will be taken as UTC (Needs to be surrounded by single or double quotes)
.. code::
    Format: 'YYYY-MM-DD HH:mm' or "YYYY-MM-DD HH:mm"
    Example: '2017-09-15 17:25'
Date Only
**********
This date will be taken as midnight UTC of that day
.. code::
    Format: YYYY-MM-DD
    Example: 2017-09-15
Epoch seconds
**************
.. code::
    Example: 1412195400


--time-first-detected-less-than-or-equal-to [datetime]

End time for a filter. If end time is not specified, end time will be set to current time.

The following datetime formats are supported:


Format: YYYY-MM-DDTHH:mm:ss.ssssssTZD
Example: 2017-09-15T20:30:00.123456Z
UTC with milliseconds
***********************
.. code::
    Format: YYYY-MM-DDTHH:mm:ss.sssTZD
    Example: 2017-09-15T20:30:00.123Z
UTC without milliseconds
**************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T20:30:00Z
UTC with minute precision
**************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T20:30Z


Format: YYYY-MM-DDTHH:mm:ssTZD
Example: 2017-09-15T12:30:00.456789-08:00, 2017-09-15T12:30:00.456789-0800
Timezone with milliseconds
***************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00.456-08:00, 2017-09-15T12:30:00.456-0800
Timezone without milliseconds
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00-08:00, 2017-09-15T12:30:00-0800
Timezone with minute precision
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T12:30-08:00, 2017-09-15T12:30-0800
Short date and time
********************
The timezone for this date and time will be taken as UTC (Needs to be surrounded by single or double quotes)
.. code::
    Format: 'YYYY-MM-DD HH:mm' or "YYYY-MM-DD HH:mm"
    Example: '2017-09-15 17:25'
Date Only
**********
This date will be taken as midnight UTC of that day
.. code::
    Format: YYYY-MM-DD
    Example: 2017-09-15
Epoch seconds
**************
.. code::
    Example: 1412195400


--time-last-detected-greater-than-or-equal-to [datetime]

Start time for a filter. If start time is not specified, start time will be set to current time - 30 days.

The following datetime formats are supported:


Format: YYYY-MM-DDTHH:mm:ss.ssssssTZD
Example: 2017-09-15T20:30:00.123456Z
UTC with milliseconds
***********************
.. code::
    Format: YYYY-MM-DDTHH:mm:ss.sssTZD
    Example: 2017-09-15T20:30:00.123Z
UTC without milliseconds
**************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T20:30:00Z
UTC with minute precision
**************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T20:30Z


Format: YYYY-MM-DDTHH:mm:ssTZD
Example: 2017-09-15T12:30:00.456789-08:00, 2017-09-15T12:30:00.456789-0800
Timezone with milliseconds
***************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00.456-08:00, 2017-09-15T12:30:00.456-0800
Timezone without milliseconds
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00-08:00, 2017-09-15T12:30:00-0800
Timezone with minute precision
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T12:30-08:00, 2017-09-15T12:30-0800
Short date and time
********************
The timezone for this date and time will be taken as UTC (Needs to be surrounded by single or double quotes)
.. code::
    Format: 'YYYY-MM-DD HH:mm' or "YYYY-MM-DD HH:mm"
    Example: '2017-09-15 17:25'
Date Only
**********
This date will be taken as midnight UTC of that day
.. code::
    Format: YYYY-MM-DD
    Example: 2017-09-15
Epoch seconds
**************
.. code::
    Example: 1412195400


--time-last-detected-less-than-or-equal-to [datetime]

End time for a filter. If end time is not specified, end time will be set to current time.

The following datetime formats are supported:


Format: YYYY-MM-DDTHH:mm:ss.ssssssTZD
Example: 2017-09-15T20:30:00.123456Z
UTC with milliseconds
***********************
.. code::
    Format: YYYY-MM-DDTHH:mm:ss.sssTZD
    Example: 2017-09-15T20:30:00.123Z
UTC without milliseconds
**************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T20:30:00Z
UTC with minute precision
**************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T20:30Z


Format: YYYY-MM-DDTHH:mm:ssTZD
Example: 2017-09-15T12:30:00.456789-08:00, 2017-09-15T12:30:00.456789-0800
Timezone with milliseconds
***************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00.456-08:00, 2017-09-15T12:30:00.456-0800
Timezone without milliseconds
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00-08:00, 2017-09-15T12:30:00-0800
Timezone with minute precision
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T12:30-08:00, 2017-09-15T12:30-0800
Short date and time
********************
The timezone for this date and time will be taken as UTC (Needs to be surrounded by single or double quotes)
.. code::
    Format: 'YYYY-MM-DD HH:mm' or "YYYY-MM-DD HH:mm"
    Example: '2017-09-15 17:25'
Date Only
**********
This date will be taken as midnight UTC of that day
.. code::
    Format: YYYY-MM-DD
    Example: 2017-09-15
Epoch seconds
**************
.. code::
    Example: 1412195400


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/problem/list.html#cmdoption-compartment-id
    oci cloud-guard problem list --compartment-id $compartment_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Returns a list of Actions done on CloudGuard Problem

oci cloud-guard problem list-problem-histories [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--problem-id [text]

OCId of the problem.

--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--sort-by [text]

The field to sort by. Only one sort order may be provided. Default order for timeCreated is descending. If no value is specified timeCreated is default.

Accepted values are:

timeCreated


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/problem/list-problem-histories.html#cmdoption-compartment-id
    export problem_id=<substitute-value-of-problem_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/problem/list-problem-histories.html#cmdoption-problem-id
    oci cloud-guard problem list-problem-histories --compartment-id $compartment_id --problem-id $problem_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

push the problem to responder

oci cloud-guard problem trigger-responder [OPTIONS]


--problem-id [text]

OCId of the problem.

--responder-rule-id [text]

ResponderRule ID

--configurations [complex type]

ResponderRule configurations

This option is a JSON list with items of type ResponderConfiguration. For documentation on ResponderConfiguration please see our API reference: https://docs.cloud.oracle.com/api/#/en/cloudguard/20200131/datatypes/ResponderConfiguration. This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export problem_id=<substitute-value-of-problem_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/problem/trigger-responder.html#cmdoption-problem-id
    export responder_rule_id=<substitute-value-of-responder_rule_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/problem/trigger-responder.html#cmdoption-responder-rule-id
    oci cloud-guard problem trigger-responder --problem-id $problem_id --responder-rule-id $responder_rule_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Updates the statuses in bulk for a list of problems The operation is atomic in nature

oci cloud-guard problem update-bulk-problem-status [OPTIONS]


--problem-ids [complex type]

List of ProblemIds to be passed in to update the Problem status. This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--status [text]

Action taken by user

Accepted values are:

DELETED, DISMISSED, OPEN, RESOLVED


--comment [text]

User defined comment to be passed in to update the problem.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy and paste the following example into a JSON file, replacing the example parameters with your own.

    oci cloud-guard problem update-bulk-problem-status --generate-param-json-input problem-ids > problem-ids.json


Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export status=<substitute-value-of-status> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/problem/update-bulk-problem-status.html#cmdoption-status
    oci cloud-guard problem update-bulk-problem-status --problem-ids file://problem-ids.json --status $status


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

updates the problem details

oci cloud-guard problem update-problem-status [OPTIONS]


--problem-id [text]

OCId of the problem.

--status [text]

Action taken by user

Accepted values are:

DELETED, DISMISSED, OPEN, RESOLVED


--comment [text]

User Comments

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, INACTIVE


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export problem_id=<substitute-value-of-problem_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/problem/update-problem-status.html#cmdoption-problem-id
    export status=<substitute-value-of-status> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/problem/update-problem-status.html#cmdoption-status
    oci cloud-guard problem update-problem-status --problem-id $problem_id --status $status


Provides the dimensions and their corresponding count value.

request-summarized-problems

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Returns the number of problems identified by cloud guard, for a given set of dimensions.

The parameter accessLevel specifies whether to return only those compartments for which the requestor has INSPECT permissions on at least one resource directly or indirectly (ACCESSIBLE) (the resource can be in a subcompartment) or to return Not Authorized if Principal doesn’t have access to even one of the child compartments. This is valid only when compartmentIdInSubtree is set to true.

The parameter compartmentIdInSubtree applies when you perform summarize API on the compartmentId passed and when it is set to true, the entire hierarchy of compartments can be returned. To get a full list of all compartments and subcompartments in the tenancy (root compartment), set the parameter compartmentIdInSubtree to true and accessLevel to ACCESSIBLE.

oci cloud-guard problem-aggregation request-summarized-problems [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--list-dimensions [text]

The possible attributes based on which the problems can be distinguished.

Accepted values are:

COMPARTMENT_ID, REGION, RESOURCE_TYPE, RISK_LEVEL


--access-level [text]

Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.

Accepted values are:

ACCESSIBLE, RESTRICTED


--compartment-id-in-subtree [boolean]

Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned depending on the the setting of accessLevel.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/problem-aggregation/request-summarized-problems.html#cmdoption-compartment-id
    export list_dimensions=<substitute-value-of-list_dimensions> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/problem-aggregation/request-summarized-problems.html#cmdoption-list-dimensions
    oci cloud-guard problem-aggregation request-summarized-problems --compartment-id $compartment_id --list-dimensions $list_dimensions


Problem endpoints summary.

list-problem-endpoints

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Returns a list of endpoints associated with a cloud guard problem

oci cloud-guard problem-endpoint-summary list-problem-endpoints [OPTIONS]


--problem-id [text]

OCId of the problem.

--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--sort-by [text]

The field to sort by. Only one sort order may be provided. Default order for timeCreated is descending. If no value is specified timeCreated is default.

Accepted values are:

timeCreated


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export problem_id=<substitute-value-of-problem_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/problem-endpoint-summary/list-problem-endpoints.html#cmdoption-problem-id
    oci cloud-guard problem-endpoint-summary list-problem-endpoints --problem-id $problem_id


Provides the dimensions and their corresponding time and count.

request-summarized-trend-problems

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • UTC with microseconds
  • Timezone with microseconds
  • UTC with microseconds
  • Timezone with microseconds

  • Global Parameters
  • Examples

Returns the number of problems identified by cloud guard, for a given time period.

The parameter accessLevel specifies whether to return only those compartments for which the requestor has INSPECT permissions on at least one resource directly or indirectly (ACCESSIBLE) (the resource can be in a subcompartment) or to return Not Authorized if Principal doesn’t have access to even one of the child compartments. This is valid only when compartmentIdInSubtree is set to true.

The parameter compartmentIdInSubtree applies when you perform summarize API on the compartmentId passed and when it is set to true, the entire hierarchy of compartments can be returned. To get a full list of all compartments and subcompartments in the tenancy (root compartment), set the parameter compartmentIdInSubtree to true and accessLevel to ACCESSIBLE.

oci cloud-guard problem-trend-aggregation request-summarized-trend-problems [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--access-level [text]

Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.

Accepted values are:

ACCESSIBLE, RESTRICTED


--compartment-id-in-subtree [boolean]

Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned depending on the the setting of accessLevel.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--time-first-detected-greater-than-or-equal-to [datetime]

Start time for a filter. If start time is not specified, start time will be set to current time - 30 days.

The following datetime formats are supported:


Format: YYYY-MM-DDTHH:mm:ss.ssssssTZD
Example: 2017-09-15T20:30:00.123456Z
UTC with milliseconds
***********************
.. code::
    Format: YYYY-MM-DDTHH:mm:ss.sssTZD
    Example: 2017-09-15T20:30:00.123Z
UTC without milliseconds
**************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T20:30:00Z
UTC with minute precision
**************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T20:30Z


Format: YYYY-MM-DDTHH:mm:ssTZD
Example: 2017-09-15T12:30:00.456789-08:00, 2017-09-15T12:30:00.456789-0800
Timezone with milliseconds
***************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00.456-08:00, 2017-09-15T12:30:00.456-0800
Timezone without milliseconds
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00-08:00, 2017-09-15T12:30:00-0800
Timezone with minute precision
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T12:30-08:00, 2017-09-15T12:30-0800
Short date and time
********************
The timezone for this date and time will be taken as UTC (Needs to be surrounded by single or double quotes)
.. code::
    Format: 'YYYY-MM-DD HH:mm' or "YYYY-MM-DD HH:mm"
    Example: '2017-09-15 17:25'
Date Only
**********
This date will be taken as midnight UTC of that day
.. code::
    Format: YYYY-MM-DD
    Example: 2017-09-15
Epoch seconds
**************
.. code::
    Example: 1412195400


--time-first-detected-less-than-or-equal-to [datetime]

End time for a filter. If end time is not specified, end time will be set to current time.

The following datetime formats are supported:


Format: YYYY-MM-DDTHH:mm:ss.ssssssTZD
Example: 2017-09-15T20:30:00.123456Z
UTC with milliseconds
***********************
.. code::
    Format: YYYY-MM-DDTHH:mm:ss.sssTZD
    Example: 2017-09-15T20:30:00.123Z
UTC without milliseconds
**************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T20:30:00Z
UTC with minute precision
**************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T20:30Z


Format: YYYY-MM-DDTHH:mm:ssTZD
Example: 2017-09-15T12:30:00.456789-08:00, 2017-09-15T12:30:00.456789-0800
Timezone with milliseconds
***************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00.456-08:00, 2017-09-15T12:30:00.456-0800
Timezone without milliseconds
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00-08:00, 2017-09-15T12:30:00-0800
Timezone with minute precision
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T12:30-08:00, 2017-09-15T12:30-0800
Short date and time
********************
The timezone for this date and time will be taken as UTC (Needs to be surrounded by single or double quotes)
.. code::
    Format: 'YYYY-MM-DD HH:mm' or "YYYY-MM-DD HH:mm"
    Example: '2017-09-15 17:25'
Date Only
**********
This date will be taken as midnight UTC of that day
.. code::
    Format: YYYY-MM-DD
    Example: 2017-09-15
Epoch seconds
**************
.. code::
    Example: 1412195400


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/problem-trend-aggregation/request-summarized-trend-problems.html#cmdoption-compartment-id
    oci cloud-guard problem-trend-aggregation request-summarized-trend-problems --compartment-id $compartment_id


Recommendation Definition.

list-recommendations

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Returns a list of all Recommendations.

oci cloud-guard recommendation-summary list-recommendations [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--access-level [text]

Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.

Accepted values are:

ACCESSIBLE, RESTRICTED


--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--compartment-id-in-subtree [boolean]

Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned depending on the the setting of accessLevel.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--lifecycle-detail [text]

The field life cycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.

Accepted values are:

DISMISSED, OPEN, RESOLVED


--lifecycle-state [text]

The field life cycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--sort-by [text]

The field to sort by. Only one sort order may be provided. Default order for riskLevel and timeCreated is descending. If no value is specified riskLevel is default.

Accepted values are:

riskLevel, timeCreated


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


--target-id [text]

The ID of the target in which to list resources.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/recommendation-summary/list-recommendations.html#cmdoption-compartment-id
    oci cloud-guard recommendation-summary list-recommendations --compartment-id $compartment_id


Resource profile details

get

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Returns resource profile details

oci cloud-guard resource-profile get [OPTIONS]


--resource-profile-id [text]

OCID of the resource profile.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export resource_profile_id=<substitute-value-of-resource_profile_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/resource-profile/get.html#cmdoption-resource-profile-id
    oci cloud-guard resource-profile get --resource-profile-id $resource_profile_id


Resource Profile Endpoints summary.

list-resource-profile-endpoints

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Returns a list of endpoints for Cloud Guard resource profile

oci cloud-guard resource-profile-endpoint-summary list-resource-profile-endpoints [OPTIONS]


--resource-profile-id [text]

OCID of the resource profile.

--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--sort-by [text]

The field to sort by. Only one sort order may be provided. Default order for timeCreated is descending. If no value is specified timeCreated is default.

Accepted values are:

timeCreated


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export resource_profile_id=<substitute-value-of-resource_profile_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/resource-profile-endpoint-summary/list-resource-profile-endpoints.html#cmdoption-resource-profile-id
    oci cloud-guard resource-profile-endpoint-summary list-resource-profile-endpoints --resource-profile-id $resource_profile_id


Resource Profile impacted resource summary.

list-resource-profile-impacted-resources

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Returns a list of impacted resources for Cloud Guard resource profile

oci cloud-guard resource-profile-impacted-resource-summary list-resource-profile-impacted-resources [OPTIONS]


--resource-profile-id [text]

OCID of the resource profile.

--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--sort-by [text]

The field to sort by. Only one sort order may be provided. Default order for timeCreated is descending. If no value is specified timeCreated is default.

Accepted values are:

timeCreated


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export resource_profile_id=<substitute-value-of-resource_profile_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/resource-profile-impacted-resource-summary/list-resource-profile-impacted-resources.html#cmdoption-resource-profile-id
    oci cloud-guard resource-profile-impacted-resource-summary list-resource-profile-impacted-resources --resource-profile-id $resource_profile_id


Resource profile risk score trend-line

request-summarized-top-trend-resource-profile-risk-scores

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • UTC with microseconds
  • Timezone with microseconds
  • UTC with microseconds
  • Timezone with microseconds

  • Global Parameters
  • Examples

Summarizes the resource profile risk score top trends for the given time range based on the search filters.

oci cloud-guard resource-profile-risk-score-aggregation-summary request-summarized-top-trend-resource-profile-risk-scores [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--access-level [text]

Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.

Accepted values are:

ACCESSIBLE, RESTRICTED


--compartment-id-in-subtree [boolean]

Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned depending on the the setting of accessLevel.

--count [integer]

Number of resource profile risk score trend-lines to be displayed. Default value is 10.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--sort-by [text]

The field to sort trendlines for resource profiles. Only one sort order may be provided. If no value is specified riskScore is default.

Accepted values are:

riskScore, riskScoreGrowth, timeFirstDetected, timeLastDetected


--time-score-computed-greater-than-or-equal-to [datetime]

Start time for a filter. If start time is not specified, start time will be set to today’s current time - 30 days.

The following datetime formats are supported:


Format: YYYY-MM-DDTHH:mm:ss.ssssssTZD
Example: 2017-09-15T20:30:00.123456Z
UTC with milliseconds
***********************
.. code::
    Format: YYYY-MM-DDTHH:mm:ss.sssTZD
    Example: 2017-09-15T20:30:00.123Z
UTC without milliseconds
**************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T20:30:00Z
UTC with minute precision
**************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T20:30Z


Format: YYYY-MM-DDTHH:mm:ssTZD
Example: 2017-09-15T12:30:00.456789-08:00, 2017-09-15T12:30:00.456789-0800
Timezone with milliseconds
***************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00.456-08:00, 2017-09-15T12:30:00.456-0800
Timezone without milliseconds
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00-08:00, 2017-09-15T12:30:00-0800
Timezone with minute precision
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T12:30-08:00, 2017-09-15T12:30-0800
Short date and time
********************
The timezone for this date and time will be taken as UTC (Needs to be surrounded by single or double quotes)
.. code::
    Format: 'YYYY-MM-DD HH:mm' or "YYYY-MM-DD HH:mm"
    Example: '2017-09-15 17:25'
Date Only
**********
This date will be taken as midnight UTC of that day
.. code::
    Format: YYYY-MM-DD
    Example: 2017-09-15
Epoch seconds
**************
.. code::
    Example: 1412195400


--time-score-computed-less-than-or-equal-to [datetime]

End time for a filter. If end time is not specified, end time will be set to today’s current time.

The following datetime formats are supported:


Format: YYYY-MM-DDTHH:mm:ss.ssssssTZD
Example: 2017-09-15T20:30:00.123456Z
UTC with milliseconds
***********************
.. code::
    Format: YYYY-MM-DDTHH:mm:ss.sssTZD
    Example: 2017-09-15T20:30:00.123Z
UTC without milliseconds
**************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T20:30:00Z
UTC with minute precision
**************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T20:30Z


Format: YYYY-MM-DDTHH:mm:ssTZD
Example: 2017-09-15T12:30:00.456789-08:00, 2017-09-15T12:30:00.456789-0800
Timezone with milliseconds
***************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00.456-08:00, 2017-09-15T12:30:00.456-0800
Timezone without milliseconds
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00-08:00, 2017-09-15T12:30:00-0800
Timezone with minute precision
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T12:30-08:00, 2017-09-15T12:30-0800
Short date and time
********************
The timezone for this date and time will be taken as UTC (Needs to be surrounded by single or double quotes)
.. code::
    Format: 'YYYY-MM-DD HH:mm' or "YYYY-MM-DD HH:mm"
    Example: '2017-09-15 17:25'
Date Only
**********
This date will be taken as midnight UTC of that day
.. code::
    Format: YYYY-MM-DD
    Example: 2017-09-15
Epoch seconds
**************
.. code::
    Example: 1412195400


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/resource-profile-risk-score-aggregation-summary/request-summarized-top-trend-resource-profile-risk-scores.html#cmdoption-compartment-id
    oci cloud-guard resource-profile-risk-score-aggregation-summary request-summarized-top-trend-resource-profile-risk-scores --compartment-id $compartment_id


Resource profile summary.

list-resource-profiles

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • UTC with microseconds
  • Timezone with microseconds
  • UTC with microseconds
  • Timezone with microseconds
  • UTC with microseconds
  • Timezone with microseconds
  • UTC with microseconds
  • Timezone with microseconds

  • Global Parameters
  • Examples

Returns a list of all resource profiles identified by the Cloud Guard The ListResourceProfiles operation returns only resource profiles that match the passed filters.

The ListResourceProfiles operation returns only the resource profiles in compartmentId passed. The parameter accessLevel specifies whether to return only those compartments for which the requestor has INSPECT permissions on at least one resource directly or indirectly (ACCESSIBLE) (the resource can be in a subcompartment) or to return Not Authorized if Principal doesn’t have access to even one of the child compartments. This is valid only when compartmentIdInSubtree is set to true.

The parameter compartmentIdInSubtree applies when you perform ListResourceProfiles on the compartmentId passed and when it is set to true, the entire hierarchy of compartments can be returned. To get a full list of all compartments and subcompartments in the tenancy (root compartment), set the parameter compartmentIdInSubtree to true and accessLevel to ACCESSIBLE.

oci cloud-guard resource-profile-summary list-resource-profiles [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--access-level [text]

Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.

Accepted values are:

ACCESSIBLE, RESTRICTED


--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--compartment-id-in-subtree [boolean]

Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned depending on the the setting of accessLevel.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--resource-types [text]

A filter to return only resources that match the list of resource types given

--risk-score-greater-than-or-equal-to [text]

risk score filter

--risk-score-less-than-or-equal-to [text]

risk score filter

--sort-by [text]

The field to sort resource profiles. Only one sort order may be provided. Default order for timeLastDetected is descending. If no value is specified timeLastDetected is default.

Accepted values are:

displayName, riskScore, riskScoreGrowth, sightingsCount, timeFirstDetected, timeLastDetected, type


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


--tactics [text]

A filter to return only resources that match the list of tactics given.

--techniques [text]

A filter to return only resources that match the list of techniques given

--time-first-detected-greater-than-or-equal-to [datetime]

Start time for a filter. If start time is not specified, start time will be set to current time - 30 days.

The following datetime formats are supported:


Format: YYYY-MM-DDTHH:mm:ss.ssssssTZD
Example: 2017-09-15T20:30:00.123456Z
UTC with milliseconds
***********************
.. code::
    Format: YYYY-MM-DDTHH:mm:ss.sssTZD
    Example: 2017-09-15T20:30:00.123Z
UTC without milliseconds
**************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T20:30:00Z
UTC with minute precision
**************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T20:30Z


Format: YYYY-MM-DDTHH:mm:ssTZD
Example: 2017-09-15T12:30:00.456789-08:00, 2017-09-15T12:30:00.456789-0800
Timezone with milliseconds
***************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00.456-08:00, 2017-09-15T12:30:00.456-0800
Timezone without milliseconds
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00-08:00, 2017-09-15T12:30:00-0800
Timezone with minute precision
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T12:30-08:00, 2017-09-15T12:30-0800
Short date and time
********************
The timezone for this date and time will be taken as UTC (Needs to be surrounded by single or double quotes)
.. code::
    Format: 'YYYY-MM-DD HH:mm' or "YYYY-MM-DD HH:mm"
    Example: '2017-09-15 17:25'
Date Only
**********
This date will be taken as midnight UTC of that day
.. code::
    Format: YYYY-MM-DD
    Example: 2017-09-15
Epoch seconds
**************
.. code::
    Example: 1412195400


--time-first-detected-less-than-or-equal-to [datetime]

End time for a filter. If end time is not specified, end time will be set to current time.

The following datetime formats are supported:


Format: YYYY-MM-DDTHH:mm:ss.ssssssTZD
Example: 2017-09-15T20:30:00.123456Z
UTC with milliseconds
***********************
.. code::
    Format: YYYY-MM-DDTHH:mm:ss.sssTZD
    Example: 2017-09-15T20:30:00.123Z
UTC without milliseconds
**************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T20:30:00Z
UTC with minute precision
**************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T20:30Z


Format: YYYY-MM-DDTHH:mm:ssTZD
Example: 2017-09-15T12:30:00.456789-08:00, 2017-09-15T12:30:00.456789-0800
Timezone with milliseconds
***************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00.456-08:00, 2017-09-15T12:30:00.456-0800
Timezone without milliseconds
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00-08:00, 2017-09-15T12:30:00-0800
Timezone with minute precision
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T12:30-08:00, 2017-09-15T12:30-0800
Short date and time
********************
The timezone for this date and time will be taken as UTC (Needs to be surrounded by single or double quotes)
.. code::
    Format: 'YYYY-MM-DD HH:mm' or "YYYY-MM-DD HH:mm"
    Example: '2017-09-15 17:25'
Date Only
**********
This date will be taken as midnight UTC of that day
.. code::
    Format: YYYY-MM-DD
    Example: 2017-09-15
Epoch seconds
**************
.. code::
    Example: 1412195400


--time-last-detected-greater-than-or-equal-to [datetime]

Start time for a filter. If start time is not specified, start time will be set to current time - 30 days.

The following datetime formats are supported:


Format: YYYY-MM-DDTHH:mm:ss.ssssssTZD
Example: 2017-09-15T20:30:00.123456Z
UTC with milliseconds
***********************
.. code::
    Format: YYYY-MM-DDTHH:mm:ss.sssTZD
    Example: 2017-09-15T20:30:00.123Z
UTC without milliseconds
**************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T20:30:00Z
UTC with minute precision
**************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T20:30Z


Format: YYYY-MM-DDTHH:mm:ssTZD
Example: 2017-09-15T12:30:00.456789-08:00, 2017-09-15T12:30:00.456789-0800
Timezone with milliseconds
***************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00.456-08:00, 2017-09-15T12:30:00.456-0800
Timezone without milliseconds
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00-08:00, 2017-09-15T12:30:00-0800
Timezone with minute precision
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T12:30-08:00, 2017-09-15T12:30-0800
Short date and time
********************
The timezone for this date and time will be taken as UTC (Needs to be surrounded by single or double quotes)
.. code::
    Format: 'YYYY-MM-DD HH:mm' or "YYYY-MM-DD HH:mm"
    Example: '2017-09-15 17:25'
Date Only
**********
This date will be taken as midnight UTC of that day
.. code::
    Format: YYYY-MM-DD
    Example: 2017-09-15
Epoch seconds
**************
.. code::
    Example: 1412195400


--time-last-detected-less-than-or-equal-to [datetime]

End time for a filter. If end time is not specified, end time will be set to current time.

The following datetime formats are supported:


Format: YYYY-MM-DDTHH:mm:ss.ssssssTZD
Example: 2017-09-15T20:30:00.123456Z
UTC with milliseconds
***********************
.. code::
    Format: YYYY-MM-DDTHH:mm:ss.sssTZD
    Example: 2017-09-15T20:30:00.123Z
UTC without milliseconds
**************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T20:30:00Z
UTC with minute precision
**************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T20:30Z


Format: YYYY-MM-DDTHH:mm:ssTZD
Example: 2017-09-15T12:30:00.456789-08:00, 2017-09-15T12:30:00.456789-0800
Timezone with milliseconds
***************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00.456-08:00, 2017-09-15T12:30:00.456-0800
Timezone without milliseconds
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00-08:00, 2017-09-15T12:30:00-0800
Timezone with minute precision
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T12:30-08:00, 2017-09-15T12:30-0800
Short date and time
********************
The timezone for this date and time will be taken as UTC (Needs to be surrounded by single or double quotes)
.. code::
    Format: 'YYYY-MM-DD HH:mm' or "YYYY-MM-DD HH:mm"
    Example: '2017-09-15 17:25'
Date Only
**********
This date will be taken as midnight UTC of that day
.. code::
    Format: YYYY-MM-DD
    Example: 2017-09-15
Epoch seconds
**************
.. code::
    Example: 1412195400


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/resource-profile-summary/list-resource-profiles.html#cmdoption-compartment-id
    oci cloud-guard resource-profile-summary list-resource-profiles --compartment-id $compartment_id


Risk score of a resource.

request-summarized-trend-resource-risk-scores

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • UTC with microseconds
  • Timezone with microseconds
  • UTC with microseconds
  • Timezone with microseconds

  • Global Parameters
  • Examples

Summarizes the resource risk score trend for the given time range based on the search filters.

oci cloud-guard resource-risk-score-aggregation request-summarized-trend-resource-risk-scores [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--filter [text]

The filter type.

Accepted values are:

PROBLEM_ID, RESOURCE_PROFILE_ID


--filter-id [text]

Id to be passed in to filter the risk scores.

--access-level [text]

Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.

Accepted values are:

ACCESSIBLE, RESTRICTED


--compartment-id-in-subtree [boolean]

Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned depending on the the setting of accessLevel.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--time-score-computed-greater-than-or-equal-to [datetime]

Start time for a filter. If start time is not specified, start time will be set to today’s current time - 30 days.

The following datetime formats are supported:


Format: YYYY-MM-DDTHH:mm:ss.ssssssTZD
Example: 2017-09-15T20:30:00.123456Z
UTC with milliseconds
***********************
.. code::
    Format: YYYY-MM-DDTHH:mm:ss.sssTZD
    Example: 2017-09-15T20:30:00.123Z
UTC without milliseconds
**************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T20:30:00Z
UTC with minute precision
**************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T20:30Z


Format: YYYY-MM-DDTHH:mm:ssTZD
Example: 2017-09-15T12:30:00.456789-08:00, 2017-09-15T12:30:00.456789-0800
Timezone with milliseconds
***************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00.456-08:00, 2017-09-15T12:30:00.456-0800
Timezone without milliseconds
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00-08:00, 2017-09-15T12:30:00-0800
Timezone with minute precision
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T12:30-08:00, 2017-09-15T12:30-0800
Short date and time
********************
The timezone for this date and time will be taken as UTC (Needs to be surrounded by single or double quotes)
.. code::
    Format: 'YYYY-MM-DD HH:mm' or "YYYY-MM-DD HH:mm"
    Example: '2017-09-15 17:25'
Date Only
**********
This date will be taken as midnight UTC of that day
.. code::
    Format: YYYY-MM-DD
    Example: 2017-09-15
Epoch seconds
**************
.. code::
    Example: 1412195400


--time-score-computed-less-than-or-equal-to [datetime]

End time for a filter. If end time is not specified, end time will be set to today’s current time.

The following datetime formats are supported:


Format: YYYY-MM-DDTHH:mm:ss.ssssssTZD
Example: 2017-09-15T20:30:00.123456Z
UTC with milliseconds
***********************
.. code::
    Format: YYYY-MM-DDTHH:mm:ss.sssTZD
    Example: 2017-09-15T20:30:00.123Z
UTC without milliseconds
**************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T20:30:00Z
UTC with minute precision
**************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T20:30Z


Format: YYYY-MM-DDTHH:mm:ssTZD
Example: 2017-09-15T12:30:00.456789-08:00, 2017-09-15T12:30:00.456789-0800
Timezone with milliseconds
***************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00.456-08:00, 2017-09-15T12:30:00.456-0800
Timezone without milliseconds
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00-08:00, 2017-09-15T12:30:00-0800
Timezone with minute precision
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T12:30-08:00, 2017-09-15T12:30-0800
Short date and time
********************
The timezone for this date and time will be taken as UTC (Needs to be surrounded by single or double quotes)
.. code::
    Format: 'YYYY-MM-DD HH:mm' or "YYYY-MM-DD HH:mm"
    Example: '2017-09-15 17:25'
Date Only
**********
This date will be taken as midnight UTC of that day
.. code::
    Format: YYYY-MM-DD
    Example: 2017-09-15
Epoch seconds
**************
.. code::
    Example: 1412195400


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/resource-risk-score-aggregation/request-summarized-trend-resource-risk-scores.html#cmdoption-compartment-id
    export filter=<substitute-value-of-filter> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/resource-risk-score-aggregation/request-summarized-trend-resource-risk-scores.html#cmdoption-filter
    export filter_id=<substitute-value-of-filter_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/resource-risk-score-aggregation/request-summarized-trend-resource-risk-scores.html#cmdoption-filter-id
    oci cloud-guard resource-risk-score-aggregation request-summarized-trend-resource-risk-scores --compartment-id $compartment_id --filter $filter --filter-id $filter_id


Summary of ResourceType

list-resource-types

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Returns a list of resource types.

oci cloud-guard resource-type-summary list-resource-types [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--detector-id [text]

Detector type

Accepted values are:

IAAS_ACTIVITY_DETECTOR, IAAS_CONFIGURATION_DETECTOR, IAAS_THREAT_DETECTOR


--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--lifecycle-state [text]

The field life cycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--sort-by [text]

The field to sort by. Only one sort order may be provided. Default order for displayName is ascending. If no value is specified displayName is default.

Accepted values are:

displayName, riskLevel


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/resource-type-summary/list-resource-types.html#cmdoption-compartment-id
    oci cloud-guard resource-type-summary list-resource-types --compartment-id $compartment_id


Responder Activity summary Definition.

list-responder-activities

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Returns a list of Responder activities done on CloudGuard Problem

oci cloud-guard responder-activity-summary list-responder-activities [OPTIONS]


--problem-id [text]

OCId of the problem.

--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--sort-by [text]

The field to sort by. Only one sort order may be provided. Default order for timeCreated is descending. Default order for responderRuleName is ascending. If no value is specified timeCreated is default.

Accepted values are:

responderRuleName, timeCreated


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export problem_id=<substitute-value-of-problem_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-activity-summary/list-responder-activities.html#cmdoption-problem-id
    oci cloud-guard responder-activity-summary list-responder-activities --problem-id $problem_id


Responder Execution Object.

  • execute
  • get
  • skip
  • skip-bulk

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Executes the responder execution. When provided, If-Match is checked against ETag values of the resource.

oci cloud-guard responder-execution execute [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--responder-execution-id [text]

The identifier of the responder execution.

--configurations [complex type]

ResponderRule configurations

This option is a JSON list with items of type ResponderConfiguration. For documentation on ResponderConfiguration please see our API reference: https://docs.cloud.oracle.com/api/#/en/cloudguard/20200131/datatypes/ResponderConfiguration. This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-execution/execute.html#cmdoption-compartment-id
    export responder_execution_id=<substitute-value-of-responder_execution_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-execution/execute.html#cmdoption-responder-execution-id
    oci cloud-guard responder-execution execute --compartment-id $compartment_id --responder-execution-id $responder_execution_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Returns a Responder Execution identified by responderExecutionId

oci cloud-guard responder-execution get [OPTIONS]


--responder-execution-id [text]

The identifier of the responder execution.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export responder_execution_id=<substitute-value-of-responder_execution_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-execution/get.html#cmdoption-responder-execution-id
    oci cloud-guard responder-execution get --responder-execution-id $responder_execution_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Skips the execution of the responder execution. When provided, If-Match is checked against ETag values of the resource.

oci cloud-guard responder-execution skip [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--responder-execution-id [text]

The identifier of the responder execution.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-execution/skip.html#cmdoption-compartment-id
    export responder_execution_id=<substitute-value-of-responder_execution_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-execution/skip.html#cmdoption-responder-execution-id
    oci cloud-guard responder-execution skip --compartment-id $compartment_id --responder-execution-id $responder_execution_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Skips the execution for a bulk of responder executions The operation is atomic in nature

oci cloud-guard responder-execution skip-bulk [OPTIONS]


--responder-execution-ids [complex type]

List of responder execution ids to skip the execution This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy and paste the following example into a JSON file, replacing the example parameters with your own.

    oci cloud-guard responder-execution skip-bulk --generate-param-json-input responder-execution-ids > responder-execution-ids.json


Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    oci cloud-guard responder-execution skip-bulk --responder-execution-ids file://responder-execution-ids.json


Provides the dimensions and their corresponding count value.

request-summarized-responder-executions

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Returns the number of Responder Executions, for a given set of dimensions.

The parameter accessLevel specifies whether to return only those compartments for which the requestor has INSPECT permissions on at least one resource directly or indirectly (ACCESSIBLE) (the resource can be in a subcompartment) or to return Not Authorized if Principal doesn’t have access to even one of the child compartments. This is valid only when compartmentIdInSubtree is set to true.

The parameter compartmentIdInSubtree applies when you perform summarize API on the compartmentId passed and when it is set to true, the entire hierarchy of compartments can be returned. To get a full list of all compartments and subcompartments in the tenancy (root compartment), set the parameter compartmentIdInSubtree to true and accessLevel to ACCESSIBLE.

oci cloud-guard responder-execution-aggregation request-summarized-responder-executions [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--responder-executions-dimensions [text]

The possible attributes based on which the responder executions can be distinguished

Accepted values are:

RESPONDER_EXECUTION_STATUS, RESPONDER_RULE_TYPE


--access-level [text]

Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.

Accepted values are:

ACCESSIBLE, RESTRICTED


--compartment-id-in-subtree [boolean]

Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned depending on the the setting of accessLevel.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--responder-execution-status-filter [text]

The possible filters for Responder Type Dimension to distinguish Responder Executions. If no values are passed, the metric for responder executions of all status are returned

Accepted values are:

AWAITING_CONFIRMATION, FAILED, SKIPPED, STARTED, SUCCEEDED


--responder-type-filter [text]

The possible filters for Responder Type Dimension to distinguish Responder Executions. If no values are passed, the metric for responder executions of all reponder types are returned

Accepted values are:

NOTIFICATION, REMEDIATION


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-execution-aggregation/request-summarized-responder-executions.html#cmdoption-compartment-id
    export responder_executions_dimensions=<substitute-value-of-responder_executions_dimensions> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-execution-aggregation/request-summarized-responder-executions.html#cmdoption-responder-executions-dimensions
    oci cloud-guard responder-execution-aggregation request-summarized-responder-executions --compartment-id $compartment_id --responder-executions-dimensions $responder_executions_dimensions


Summary of the Responder Execution.

list-responder-executions

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • UTC with microseconds
  • Timezone with microseconds
  • UTC with microseconds
  • Timezone with microseconds
  • UTC with microseconds
  • Timezone with microseconds
  • UTC with microseconds
  • Timezone with microseconds

  • Global Parameters
  • Examples

Returns a list of Responder Executions. A Responder Execution is an entity that tracks the collective execution of multiple Responder Rule Executions for a given Problem.

oci cloud-guard responder-execution-summary list-responder-executions [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--access-level [text]

Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.

Accepted values are:

ACCESSIBLE, RESTRICTED


--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--compartment-id-in-subtree [boolean]

Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned depending on the the setting of accessLevel.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--resource-type [text]

Resource Type associated with the resource.

--responder-execution-mode [text]

The mode of the responder execution in which to list responders.

Accepted values are:

ALL, AUTOMATED, MANUAL


--responder-execution-status [text]

The status of the responder execution in which to list responders.

Accepted values are:

ALL, AWAITING_CONFIRMATION, AWAITING_INPUT, FAILED, SKIPPED, STARTED, SUCCEEDED


--responder-rule-ids [text]

Responder Rule Ids filter for the Responder Executions.

--responder-type [text]

The field to list the Responder Executions by Responder Type. Valid values are REMEDIATION and NOTIFICATION

Accepted values are:

NOTIFICATION, REMEDIATION


--sort-by [text]

The field to sort by. Only one sort order may be provided. Default order for timeCreated is descending. Default order for responderRuleName and resourceName is ascending. If no value is specified timeCreated is default.

Accepted values are:

resourceName, responderRuleName, timeCompleted, timeCreated


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


--target-id [text]

The ID of the target in which to list resources.

--time-completed-greater-than-or-equal-to [datetime]

Completion End Time

The following datetime formats are supported:


Format: YYYY-MM-DDTHH:mm:ss.ssssssTZD
Example: 2017-09-15T20:30:00.123456Z
UTC with milliseconds
***********************
.. code::
    Format: YYYY-MM-DDTHH:mm:ss.sssTZD
    Example: 2017-09-15T20:30:00.123Z
UTC without milliseconds
**************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T20:30:00Z
UTC with minute precision
**************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T20:30Z


Format: YYYY-MM-DDTHH:mm:ssTZD
Example: 2017-09-15T12:30:00.456789-08:00, 2017-09-15T12:30:00.456789-0800
Timezone with milliseconds
***************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00.456-08:00, 2017-09-15T12:30:00.456-0800
Timezone without milliseconds
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00-08:00, 2017-09-15T12:30:00-0800
Timezone with minute precision
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T12:30-08:00, 2017-09-15T12:30-0800
Short date and time
********************
The timezone for this date and time will be taken as UTC (Needs to be surrounded by single or double quotes)
.. code::
    Format: 'YYYY-MM-DD HH:mm' or "YYYY-MM-DD HH:mm"
    Example: '2017-09-15 17:25'
Date Only
**********
This date will be taken as midnight UTC of that day
.. code::
    Format: YYYY-MM-DD
    Example: 2017-09-15
Epoch seconds
**************
.. code::
    Example: 1412195400


--time-completed-less-than-or-equal-to [datetime]

Completion Start Time

The following datetime formats are supported:


Format: YYYY-MM-DDTHH:mm:ss.ssssssTZD
Example: 2017-09-15T20:30:00.123456Z
UTC with milliseconds
***********************
.. code::
    Format: YYYY-MM-DDTHH:mm:ss.sssTZD
    Example: 2017-09-15T20:30:00.123Z
UTC without milliseconds
**************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T20:30:00Z
UTC with minute precision
**************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T20:30Z


Format: YYYY-MM-DDTHH:mm:ssTZD
Example: 2017-09-15T12:30:00.456789-08:00, 2017-09-15T12:30:00.456789-0800
Timezone with milliseconds
***************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00.456-08:00, 2017-09-15T12:30:00.456-0800
Timezone without milliseconds
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00-08:00, 2017-09-15T12:30:00-0800
Timezone with minute precision
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T12:30-08:00, 2017-09-15T12:30-0800
Short date and time
********************
The timezone for this date and time will be taken as UTC (Needs to be surrounded by single or double quotes)
.. code::
    Format: 'YYYY-MM-DD HH:mm' or "YYYY-MM-DD HH:mm"
    Example: '2017-09-15 17:25'
Date Only
**********
This date will be taken as midnight UTC of that day
.. code::
    Format: YYYY-MM-DD
    Example: 2017-09-15
Epoch seconds
**************
.. code::
    Example: 1412195400


--time-created-greater-than-or-equal-to [datetime]

Creation Start time for filtering

The following datetime formats are supported:


Format: YYYY-MM-DDTHH:mm:ss.ssssssTZD
Example: 2017-09-15T20:30:00.123456Z
UTC with milliseconds
***********************
.. code::
    Format: YYYY-MM-DDTHH:mm:ss.sssTZD
    Example: 2017-09-15T20:30:00.123Z
UTC without milliseconds
**************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T20:30:00Z
UTC with minute precision
**************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T20:30Z


Format: YYYY-MM-DDTHH:mm:ssTZD
Example: 2017-09-15T12:30:00.456789-08:00, 2017-09-15T12:30:00.456789-0800
Timezone with milliseconds
***************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00.456-08:00, 2017-09-15T12:30:00.456-0800
Timezone without milliseconds
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00-08:00, 2017-09-15T12:30:00-0800
Timezone with minute precision
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T12:30-08:00, 2017-09-15T12:30-0800
Short date and time
********************
The timezone for this date and time will be taken as UTC (Needs to be surrounded by single or double quotes)
.. code::
    Format: 'YYYY-MM-DD HH:mm' or "YYYY-MM-DD HH:mm"
    Example: '2017-09-15 17:25'
Date Only
**********
This date will be taken as midnight UTC of that day
.. code::
    Format: YYYY-MM-DD
    Example: 2017-09-15
Epoch seconds
**************
.. code::
    Example: 1412195400


--time-created-less-than-or-equal-to [datetime]

Creation End time for filtering

The following datetime formats are supported:


Format: YYYY-MM-DDTHH:mm:ss.ssssssTZD
Example: 2017-09-15T20:30:00.123456Z
UTC with milliseconds
***********************
.. code::
    Format: YYYY-MM-DDTHH:mm:ss.sssTZD
    Example: 2017-09-15T20:30:00.123Z
UTC without milliseconds
**************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T20:30:00Z
UTC with minute precision
**************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T20:30Z


Format: YYYY-MM-DDTHH:mm:ssTZD
Example: 2017-09-15T12:30:00.456789-08:00, 2017-09-15T12:30:00.456789-0800
Timezone with milliseconds
***************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00.456-08:00, 2017-09-15T12:30:00.456-0800
Timezone without milliseconds
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00-08:00, 2017-09-15T12:30:00-0800
Timezone with minute precision
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T12:30-08:00, 2017-09-15T12:30-0800
Short date and time
********************
The timezone for this date and time will be taken as UTC (Needs to be surrounded by single or double quotes)
.. code::
    Format: 'YYYY-MM-DD HH:mm' or "YYYY-MM-DD HH:mm"
    Example: '2017-09-15 17:25'
Date Only
**********
This date will be taken as midnight UTC of that day
.. code::
    Format: YYYY-MM-DD
    Example: 2017-09-15
Epoch seconds
**************
.. code::
    Example: 1412195400


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-execution-summary/list-responder-executions.html#cmdoption-compartment-id
    oci cloud-guard responder-execution-summary list-responder-executions --compartment-id $compartment_id


Provides the timestamps and their corresponding number of remediations.

request-summarized-trend-responder-executions

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • UTC with microseconds
  • Timezone with microseconds
  • UTC with microseconds
  • Timezone with microseconds

  • Global Parameters
  • Examples

Returns the number of remediations performed by Responders, for a given time period.

The parameter accessLevel specifies whether to return only those compartments for which the requestor has INSPECT permissions on at least one resource directly or indirectly (ACCESSIBLE) (the resource can be in a subcompartment) or to return Not Authorized if Principal doesn’t have access to even one of the child compartments. This is valid only when compartmentIdInSubtree is set to true.

The parameter compartmentIdInSubtree applies when you perform summarize API on the compartmentId passed and when it is set to true, the entire hierarchy of compartments can be returned. To get a full list of all compartments and subcompartments in the tenancy (root compartment), set the parameter compartmentIdInSubtree to true and accessLevel to ACCESSIBLE.

oci cloud-guard responder-execution-trend-aggregation request-summarized-trend-responder-executions [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--access-level [text]

Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.

Accepted values are:

ACCESSIBLE, RESTRICTED


--compartment-id-in-subtree [boolean]

Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned depending on the the setting of accessLevel.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--time-completed-greater-than-or-equal-to [datetime]

Completion End Time

The following datetime formats are supported:


Format: YYYY-MM-DDTHH:mm:ss.ssssssTZD
Example: 2017-09-15T20:30:00.123456Z
UTC with milliseconds
***********************
.. code::
    Format: YYYY-MM-DDTHH:mm:ss.sssTZD
    Example: 2017-09-15T20:30:00.123Z
UTC without milliseconds
**************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T20:30:00Z
UTC with minute precision
**************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T20:30Z


Format: YYYY-MM-DDTHH:mm:ssTZD
Example: 2017-09-15T12:30:00.456789-08:00, 2017-09-15T12:30:00.456789-0800
Timezone with milliseconds
***************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00.456-08:00, 2017-09-15T12:30:00.456-0800
Timezone without milliseconds
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00-08:00, 2017-09-15T12:30:00-0800
Timezone with minute precision
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T12:30-08:00, 2017-09-15T12:30-0800
Short date and time
********************
The timezone for this date and time will be taken as UTC (Needs to be surrounded by single or double quotes)
.. code::
    Format: 'YYYY-MM-DD HH:mm' or "YYYY-MM-DD HH:mm"
    Example: '2017-09-15 17:25'
Date Only
**********
This date will be taken as midnight UTC of that day
.. code::
    Format: YYYY-MM-DD
    Example: 2017-09-15
Epoch seconds
**************
.. code::
    Example: 1412195400


--time-completed-less-than-or-equal-to [datetime]

Completion Start Time

The following datetime formats are supported:


Format: YYYY-MM-DDTHH:mm:ss.ssssssTZD
Example: 2017-09-15T20:30:00.123456Z
UTC with milliseconds
***********************
.. code::
    Format: YYYY-MM-DDTHH:mm:ss.sssTZD
    Example: 2017-09-15T20:30:00.123Z
UTC without milliseconds
**************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T20:30:00Z
UTC with minute precision
**************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T20:30Z


Format: YYYY-MM-DDTHH:mm:ssTZD
Example: 2017-09-15T12:30:00.456789-08:00, 2017-09-15T12:30:00.456789-0800
Timezone with milliseconds
***************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00.456-08:00, 2017-09-15T12:30:00.456-0800
Timezone without milliseconds
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00-08:00, 2017-09-15T12:30:00-0800
Timezone with minute precision
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T12:30-08:00, 2017-09-15T12:30-0800
Short date and time
********************
The timezone for this date and time will be taken as UTC (Needs to be surrounded by single or double quotes)
.. code::
    Format: 'YYYY-MM-DD HH:mm' or "YYYY-MM-DD HH:mm"
    Example: '2017-09-15 17:25'
Date Only
**********
This date will be taken as midnight UTC of that day
.. code::
    Format: YYYY-MM-DD
    Example: 2017-09-15
Epoch seconds
**************
.. code::
    Example: 1412195400


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-execution-trend-aggregation/request-summarized-trend-responder-executions.html#cmdoption-compartment-id
    oci cloud-guard responder-execution-trend-aggregation request-summarized-trend-responder-executions --compartment-id $compartment_id


Details of ResponderRecipe.

  • change-compartment
  • create
  • delete
  • get
  • list
  • update

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Moves the ResponderRecipe from current compartment to another.

oci cloud-guard responder-recipe change-compartment [OPTIONS]


--compartment-id, -c [text]

The OCID of the compartment into which the ResponderRecipe should be moved

--responder-recipe-id [text]

OCID of ResponderRecipe

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-display-name
    export source_responder_recipe_id=<substitute-value-of-source_responder_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-source-responder-recipe-id
    responder_recipe_id=$(oci cloud-guard responder-recipe create --compartment-id $compartment_id --display-name $display_name --source-responder-recipe-id $source_responder_recipe_id --query data.id --raw-output)
    oci cloud-guard responder-recipe change-compartment --compartment-id $compartment_id --responder-recipe-id $responder_recipe_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Create a ResponderRecipe.

oci cloud-guard responder-recipe create [OPTIONS]


--compartment-id, -c [text]

Compartment Identifier

--display-name [text]

Responder recipe display name.

Avoid entering confidential information.

--source-responder-recipe-id [text]

The id of the source responder recipe.

--defined-tags [complex type]

Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {“foo-namespace”: {“bar-key”: “value”}} This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--description [text]

Responder recipe description.

Avoid entering confidential information.

--freeform-tags [complex type]

Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {“bar-key”: “value”}

Avoid entering confidential information. This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--responder-rules [complex type]

Responder Rules to override from source responder recipe

This option is a JSON list with items of type UpdateResponderRecipeResponderRule. For documentation on UpdateResponderRecipeResponderRule please see our API reference: https://docs.cloud.oracle.com/api/#/en/cloudguard/20200131/datatypes/UpdateResponderRecipeResponderRule. This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-display-name
    export source_responder_recipe_id=<substitute-value-of-source_responder_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-source-responder-recipe-id
    oci cloud-guard responder-recipe create --compartment-id $compartment_id --display-name $display_name --source-responder-recipe-id $source_responder_recipe_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Delete the ResponderRecipe resource by identifier

oci cloud-guard responder-recipe delete [OPTIONS]


--responder-recipe-id [text]

OCID of ResponderRecipe

--force

Perform deletion without prompting for confirmation.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-display-name
    export source_responder_recipe_id=<substitute-value-of-source_responder_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-source-responder-recipe-id
    responder_recipe_id=$(oci cloud-guard responder-recipe create --compartment-id $compartment_id --display-name $display_name --source-responder-recipe-id $source_responder_recipe_id --query data.id --raw-output)
    oci cloud-guard responder-recipe delete --responder-recipe-id $responder_recipe_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Get a ResponderRecipe by identifier

oci cloud-guard responder-recipe get [OPTIONS]


--responder-recipe-id [text]

OCID of ResponderRecipe

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-display-name
    export source_responder_recipe_id=<substitute-value-of-source_responder_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-source-responder-recipe-id
    responder_recipe_id=$(oci cloud-guard responder-recipe create --compartment-id $compartment_id --display-name $display_name --source-responder-recipe-id $source_responder_recipe_id --query data.id --raw-output)
    oci cloud-guard responder-recipe get --responder-recipe-id $responder_recipe_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Returns a list of all ResponderRecipes in a compartment The ListResponderRecipe operation returns only the targets in compartmentId passed. The list does not include any subcompartments of the compartmentId passed.

The parameter accessLevel specifies whether to return only those compartments for which the requestor has INSPECT permissions on at least one resource directly or indirectly (ACCESSIBLE) (the resource can be in a subcompartment) or to return Not Authorized if Principal doesn’t have access to even one of the child compartments. This is valid only when compartmentIdInSubtree is set to true.

The parameter compartmentIdInSubtree applies when you perform ListResponderRecipe on the compartmentId passed and when it is set to true, the entire hierarchy of compartments can be returned. To get a full list of all compartments and subcompartments in the tenancy (root compartment), set the parameter compartmentIdInSubtree to true and accessLevel to ACCESSIBLE.

oci cloud-guard responder-recipe list [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--access-level [text]

Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.

Accepted values are:

ACCESSIBLE, RESTRICTED


--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--compartment-id-in-subtree [boolean]

Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned depending on the the setting of accessLevel.

--display-name [text]

A filter to return only resources that match the entire display name given.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--lifecycle-state [text]

The field life cycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--resource-metadata-only [boolean]

Default is false. When set to true, the list of all Oracle Managed Resources Metadata supported by Cloud Guard are returned.

--sort-by [text]

The field to sort by. Only one sort order may be provided. Default order for timeCreated is descending. Default order for displayName is ascending. If no value is specified timeCreated is default.

Accepted values are:

displayName, timeCreated


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/list.html#cmdoption-compartment-id
    oci cloud-guard responder-recipe list --compartment-id $compartment_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Update the ResponderRecipe resource by identifier

oci cloud-guard responder-recipe update [OPTIONS]


--display-name [text]

Responder recipe identifier.

Avoid entering confidential information.

--responder-recipe-id [text]

OCID of ResponderRecipe

--defined-tags [complex type]

Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {“foo-namespace”: {“bar-key”: “value”}} This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--description [text]

Responder recipe description.

Avoid entering confidential information.

--force

Perform update without prompting for confirmation.

--freeform-tags [complex type]

Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {“bar-key”: “value”}

Avoid entering confidential information. This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--responder-rules [complex type]

Responder Rules to Update

This option is a JSON list with items of type UpdateResponderRecipeResponderRule. For documentation on UpdateResponderRecipeResponderRule please see our API reference: https://docs.cloud.oracle.com/api/#/en/cloudguard/20200131/datatypes/UpdateResponderRecipeResponderRule. This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-display-name
    export source_responder_recipe_id=<substitute-value-of-source_responder_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-source-responder-recipe-id
    responder_recipe_id=$(oci cloud-guard responder-recipe create --compartment-id $compartment_id --display-name $display_name --source-responder-recipe-id $source_responder_recipe_id --query data.id --raw-output)
    oci cloud-guard responder-recipe update --display-name $display_name --responder-recipe-id $responder_recipe_id


Details of ResponderRule.

  • get
  • list
  • update

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Get ResponderRule by identifier

oci cloud-guard responder-recipe-responder-rule get [OPTIONS]


--responder-recipe-id [text]

OCID of ResponderRecipe

--responder-rule-id [text]

The id of ResponderRule

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-display-name
    export source_responder_recipe_id=<substitute-value-of-source_responder_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-source-responder-recipe-id
    export responder_rule_id=<substitute-value-of-responder_rule_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe-responder-rule/get.html#cmdoption-responder-rule-id
    responder_recipe_id=$(oci cloud-guard responder-recipe create --compartment-id $compartment_id --display-name $display_name --source-responder-recipe-id $source_responder_recipe_id --query data.id --raw-output)
    oci cloud-guard responder-recipe-responder-rule get --responder-recipe-id $responder_recipe_id --responder-rule-id $responder_rule_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Returns a list of ResponderRule associated with ResponderRecipe.

oci cloud-guard responder-recipe-responder-rule list [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--responder-recipe-id [text]

OCID of ResponderRecipe

--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--display-name [text]

A filter to return only resources that match the entire display name given.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--lifecycle-state [text]

The field life cycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--sort-by [text]

The field to sort by. Only one sort order may be provided. Default order for displayName is ascending. If no value is specified displayName is default.

Accepted values are:

displayName, riskLevel


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-display-name
    export source_responder_recipe_id=<substitute-value-of-source_responder_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-source-responder-recipe-id
    responder_recipe_id=$(oci cloud-guard responder-recipe create --compartment-id $compartment_id --display-name $display_name --source-responder-recipe-id $source_responder_recipe_id --query data.id --raw-output)
    oci cloud-guard responder-recipe-responder-rule list --compartment-id $compartment_id --responder-recipe-id $responder_recipe_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Update the ResponderRule by identifier

oci cloud-guard responder-recipe-responder-rule update [OPTIONS]


--details [complex type]

This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--responder-recipe-id [text]

OCID of ResponderRecipe

--responder-rule-id [text]

The id of ResponderRule

--force

Perform update without prompting for confirmation.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy and paste the following example into a JSON file, replacing the example parameters with your own.

    oci cloud-guard responder-recipe-responder-rule update --generate-param-json-input details > details.json


Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-display-name
    export source_responder_recipe_id=<substitute-value-of-source_responder_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-source-responder-recipe-id
    export responder_rule_id=<substitute-value-of-responder_rule_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe-responder-rule/update.html#cmdoption-responder-rule-id
    responder_recipe_id=$(oci cloud-guard responder-recipe create --compartment-id $compartment_id --display-name $display_name --source-responder-recipe-id $source_responder_recipe_id --query data.id --raw-output)
    oci cloud-guard responder-recipe-responder-rule update --details file://details.json --responder-recipe-id $responder_recipe_id --responder-rule-id $responder_rule_id


Definition of ResponderRule.

  • get
  • list

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Get a ResponderRule by identifier

oci cloud-guard responder-rule get [OPTIONS]


--responder-rule-id [text]

The id of ResponderRule

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export responder_rule_id=<substitute-value-of-responder_rule_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-rule/get.html#cmdoption-responder-rule-id
    oci cloud-guard responder-rule get --responder-rule-id $responder_rule_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Returns a list of ResponderRule.

oci cloud-guard responder-rule list [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--display-name [text]

A filter to return only resources that match the entire display name given.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--lifecycle-state [text]

The field life cycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--sort-by [text]

The field to sort by. Only one sort order may be provided. Default order for timeCreated is descending. Default order for displayName is ascending. If no value is specified timeCreated is default.

Accepted values are:

displayName, timeCreated


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-rule/list.html#cmdoption-compartment-id
    oci cloud-guard responder-rule list --compartment-id $compartment_id


Provides the dimensions and their corresponding risk score.

  • request-risk-scores
  • request-summarized-risk-scores

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Examines the number of problems related to the resource and the relative severity of those problems.

oci cloud-guard risk-score-aggregation request-risk-scores [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/risk-score-aggregation/request-risk-scores.html#cmdoption-compartment-id
    oci cloud-guard risk-score-aggregation request-risk-scores --compartment-id $compartment_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

DEPRECATED

oci cloud-guard risk-score-aggregation request-summarized-risk-scores [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/risk-score-aggregation/request-summarized-risk-scores.html#cmdoption-compartment-id
    oci cloud-guard risk-score-aggregation request-summarized-risk-scores --compartment-id $compartment_id


A security policy defines a security requirement for resources in a security zone. If a security zone enables a policy (using a recipe), then any action that attempts to violate that policy is denied.

get

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Gets a security zone policy using its identifier. When a policy is enabled in a security zone, then any action in the zone that attempts to violate that policy is denied.

oci cloud-guard security-policy get [OPTIONS]


--security-policy-id [text]

The unique identifier of the security zone policy (SecurityPolicy)

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export security_policy_id=<substitute-value-of-security_policy_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-policy/get.html#cmdoption-security-policy-id
    oci cloud-guard security-policy get --security-policy-id $security_policy_id


Results of a security policy search. Contains SecurityPolicySummary items.

list-security-policies

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Returns a list of security zone policies. Specify any compartment.

oci cloud-guard security-policy-collection list-security-policies [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--display-name [text]

A filter to return only resources that match the entire display name given.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--id [text]

The unique identifier of the security zone policy (SecurityPolicy)

--lifecycle-state [text]

The field life cycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--sort-by [text]

The field to sort by. Only one sort order may be provided. Default order for timeCreated is descending. Default order for displayName is ascending. If no value is specified timeCreated is default.

Accepted values are:

displayName, timeCreated


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-policy-collection/list-security-policies.html#cmdoption-compartment-id
    oci cloud-guard security-policy-collection list-security-policies --compartment-id $compartment_id


A security zone recipe is a collection of security zone policies. Oracle Cloud Infrastructure enforces these policies on security zones that use the recipe.

  • change-compartment
  • create
  • delete
  • get
  • update

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Moves a security zone recipe to a different compartment. When provided, If-Match is checked against ETag values of the resource.

oci cloud-guard security-recipe change-compartment [OPTIONS]


--compartment-id, -c [text]

The OCID <https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm> of the compartment into which the resource should be moved.

--security-recipe-id [text]

The unique identifier of the security zone recipe (SecurityRecipe)

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy and paste the following example into a JSON file, replacing the example parameters with your own.

    oci cloud-guard security-recipe create --generate-param-json-input security-policies > security-policies.json


Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-recipe/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-recipe/create.html#cmdoption-display-name
    security_recipe_id=$(oci cloud-guard security-recipe create --compartment-id $compartment_id --display-name $display_name --security-policies file://security-policies.json --query data.id --raw-output)
    oci cloud-guard security-recipe change-compartment --compartment-id $compartment_id --security-recipe-id $security_recipe_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Creates a security zone recipe. A security zone recipe is a collection of security zone policies.

oci cloud-guard security-recipe create [OPTIONS]


--compartment-id, -c [text]

The compartment in which to create the recipe

--display-name [text]

The recipe’s name

--security-policies [complex type]

The list of SecurityPolicy ids to include in the recipe This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--defined-tags [complex type]

Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {“foo-namespace”: {“bar-key”: “value”}} This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--description [text]

The recipe’s description

--freeform-tags [complex type]

Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {“bar-key”: “value”}

Avoid entering confidential information. This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy and paste the following example into a JSON file, replacing the example parameters with your own.

    oci cloud-guard security-recipe create --generate-param-json-input security-policies > security-policies.json


Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-recipe/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-recipe/create.html#cmdoption-display-name
    oci cloud-guard security-recipe create --compartment-id $compartment_id --display-name $display_name --security-policies file://security-policies.json


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Deletes a security zone recipe. The recipe can’t be associated with an existing security zone.

oci cloud-guard security-recipe delete [OPTIONS]


--security-recipe-id [text]

The unique identifier of the security zone recipe (SecurityRecipe)

--force

Perform deletion without prompting for confirmation.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy and paste the following example into a JSON file, replacing the example parameters with your own.

    oci cloud-guard security-recipe create --generate-param-json-input security-policies > security-policies.json


Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-recipe/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-recipe/create.html#cmdoption-display-name
    security_recipe_id=$(oci cloud-guard security-recipe create --compartment-id $compartment_id --display-name $display_name --security-policies file://security-policies.json --query data.id --raw-output)
    oci cloud-guard security-recipe delete --security-recipe-id $security_recipe_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Gets a security zone recipe by identifier. A security zone recipe is a collection of security zone policies.

oci cloud-guard security-recipe get [OPTIONS]


--security-recipe-id [text]

The unique identifier of the security zone recipe (SecurityRecipe)

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy and paste the following example into a JSON file, replacing the example parameters with your own.

    oci cloud-guard security-recipe create --generate-param-json-input security-policies > security-policies.json


Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-recipe/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-recipe/create.html#cmdoption-display-name
    security_recipe_id=$(oci cloud-guard security-recipe create --compartment-id $compartment_id --display-name $display_name --security-policies file://security-policies.json --query data.id --raw-output)
    oci cloud-guard security-recipe get --security-recipe-id $security_recipe_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Updates a security zone recipe. A security zone recipe is a collection of security zone policies.

oci cloud-guard security-recipe update [OPTIONS]


--display-name [text]

The recipe’s name

--security-recipe-id [text]

The unique identifier of the security zone recipe (SecurityRecipe)

--defined-tags [complex type]

Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {“foo-namespace”: {“bar-key”: “value”}} This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--description [text]

The recipe’s description

--force

Perform update without prompting for confirmation.

--freeform-tags [complex type]

Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {“bar-key”: “value”}

Avoid entering confidential information. This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--security-policies [complex type]

The list of SecurityPolicy ids to include in the recipe This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy and paste the following example into a JSON file, replacing the example parameters with your own.

    oci cloud-guard security-recipe create --generate-param-json-input security-policies > security-policies.json


Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-recipe/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-recipe/create.html#cmdoption-display-name
    security_recipe_id=$(oci cloud-guard security-recipe create --compartment-id $compartment_id --display-name $display_name --security-policies file://security-policies.json --query data.id --raw-output)
    oci cloud-guard security-recipe update --display-name $display_name --security-recipe-id $security_recipe_id


Results of a security zone recipe search. Contains SecurityRecipeSummary items.

list-security-recipes

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Gets a list of all security zone recipes in a compartment.

oci cloud-guard security-recipe-collection list-security-recipes [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--display-name [text]

A filter to return only resources that match the entire display name given.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--id [text]

The unique identifier of the security zone recipe (SecurityRecipe)

--lifecycle-state [text]

The field life cycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--sort-by [text]

The field to sort by. Only one sort order may be provided. Default order for timeCreated is descending. Default order for displayName is ascending. If no value is specified timeCreated is default.

Accepted values are:

displayName, timeCreated


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-recipe-collection/list-security-recipes.html#cmdoption-compartment-id
    oci cloud-guard security-recipe-collection list-security-recipes --compartment-id $compartment_id


Provides the dimensions and their corresponding count value.

  • request-security-scores
  • request-summarized-security-scores

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Measures the number of resources examined across all regions and compares it with the number of problems detected.

oci cloud-guard security-score-aggregation request-security-scores [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-score-aggregation/request-security-scores.html#cmdoption-compartment-id
    oci cloud-guard security-score-aggregation request-security-scores --compartment-id $compartment_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

DEPRECATED

oci cloud-guard security-score-aggregation request-summarized-security-scores [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-score-aggregation/request-summarized-security-scores.html#cmdoption-compartment-id
    oci cloud-guard security-score-aggregation request-summarized-security-scores --compartment-id $compartment_id


Provides the dimensions and their corresponding time and security score.

  • request-security-score-summarized-trend
  • request-summarized-trend-security-scores

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • UTC with microseconds
  • Timezone with microseconds
  • UTC with microseconds
  • Timezone with microseconds

  • Global Parameters
  • Examples

Measures the number of resources examined across all regions and compares it with the number of problems detected, for a given time period.

oci cloud-guard security-score-trend-aggregation request-security-score-summarized-trend [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--time-score-computed-greater-than-or-equal-to [datetime]

Start time for a filter. If start time is not specified, start time will be set to today’s current time - 30 days.

The following datetime formats are supported:


Format: YYYY-MM-DDTHH:mm:ss.ssssssTZD
Example: 2017-09-15T20:30:00.123456Z
UTC with milliseconds
***********************
.. code::
    Format: YYYY-MM-DDTHH:mm:ss.sssTZD
    Example: 2017-09-15T20:30:00.123Z
UTC without milliseconds
**************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T20:30:00Z
UTC with minute precision
**************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T20:30Z


Format: YYYY-MM-DDTHH:mm:ssTZD
Example: 2017-09-15T12:30:00.456789-08:00, 2017-09-15T12:30:00.456789-0800
Timezone with milliseconds
***************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00.456-08:00, 2017-09-15T12:30:00.456-0800
Timezone without milliseconds
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00-08:00, 2017-09-15T12:30:00-0800
Timezone with minute precision
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T12:30-08:00, 2017-09-15T12:30-0800
Short date and time
********************
The timezone for this date and time will be taken as UTC (Needs to be surrounded by single or double quotes)
.. code::
    Format: 'YYYY-MM-DD HH:mm' or "YYYY-MM-DD HH:mm"
    Example: '2017-09-15 17:25'
Date Only
**********
This date will be taken as midnight UTC of that day
.. code::
    Format: YYYY-MM-DD
    Example: 2017-09-15
Epoch seconds
**************
.. code::
    Example: 1412195400


--time-score-computed-less-than-or-equal-to [datetime]

End time for a filter. If end time is not specified, end time will be set to today’s current time.

The following datetime formats are supported:


Format: YYYY-MM-DDTHH:mm:ss.ssssssTZD
Example: 2017-09-15T20:30:00.123456Z
UTC with milliseconds
***********************
.. code::
    Format: YYYY-MM-DDTHH:mm:ss.sssTZD
    Example: 2017-09-15T20:30:00.123Z
UTC without milliseconds
**************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T20:30:00Z
UTC with minute precision
**************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T20:30Z


Format: YYYY-MM-DDTHH:mm:ssTZD
Example: 2017-09-15T12:30:00.456789-08:00, 2017-09-15T12:30:00.456789-0800
Timezone with milliseconds
***************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00.456-08:00, 2017-09-15T12:30:00.456-0800
Timezone without milliseconds
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00-08:00, 2017-09-15T12:30:00-0800
Timezone with minute precision
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T12:30-08:00, 2017-09-15T12:30-0800
Short date and time
********************
The timezone for this date and time will be taken as UTC (Needs to be surrounded by single or double quotes)
.. code::
    Format: 'YYYY-MM-DD HH:mm' or "YYYY-MM-DD HH:mm"
    Example: '2017-09-15 17:25'
Date Only
**********
This date will be taken as midnight UTC of that day
.. code::
    Format: YYYY-MM-DD
    Example: 2017-09-15
Epoch seconds
**************
.. code::
    Example: 1412195400


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-score-trend-aggregation/request-security-score-summarized-trend.html#cmdoption-compartment-id
    oci cloud-guard security-score-trend-aggregation request-security-score-summarized-trend --compartment-id $compartment_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • UTC with microseconds
  • Timezone with microseconds
  • UTC with microseconds
  • Timezone with microseconds

  • Global Parameters
  • Examples

DEPRECATED

oci cloud-guard security-score-trend-aggregation request-summarized-trend-security-scores [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--time-score-computed-greater-than-or-equal-to [datetime]

Start time for a filter. If start time is not specified, start time will be set to today’s current time - 30 days.

The following datetime formats are supported:


Format: YYYY-MM-DDTHH:mm:ss.ssssssTZD
Example: 2017-09-15T20:30:00.123456Z
UTC with milliseconds
***********************
.. code::
    Format: YYYY-MM-DDTHH:mm:ss.sssTZD
    Example: 2017-09-15T20:30:00.123Z
UTC without milliseconds
**************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T20:30:00Z
UTC with minute precision
**************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T20:30Z


Format: YYYY-MM-DDTHH:mm:ssTZD
Example: 2017-09-15T12:30:00.456789-08:00, 2017-09-15T12:30:00.456789-0800
Timezone with milliseconds
***************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00.456-08:00, 2017-09-15T12:30:00.456-0800
Timezone without milliseconds
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00-08:00, 2017-09-15T12:30:00-0800
Timezone with minute precision
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T12:30-08:00, 2017-09-15T12:30-0800
Short date and time
********************
The timezone for this date and time will be taken as UTC (Needs to be surrounded by single or double quotes)
.. code::
    Format: 'YYYY-MM-DD HH:mm' or "YYYY-MM-DD HH:mm"
    Example: '2017-09-15 17:25'
Date Only
**********
This date will be taken as midnight UTC of that day
.. code::
    Format: YYYY-MM-DD
    Example: 2017-09-15
Epoch seconds
**************
.. code::
    Example: 1412195400


--time-score-computed-less-than-or-equal-to [datetime]

End time for a filter. If end time is not specified, end time will be set to today’s current time.

The following datetime formats are supported:


Format: YYYY-MM-DDTHH:mm:ss.ssssssTZD
Example: 2017-09-15T20:30:00.123456Z
UTC with milliseconds
***********************
.. code::
    Format: YYYY-MM-DDTHH:mm:ss.sssTZD
    Example: 2017-09-15T20:30:00.123Z
UTC without milliseconds
**************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T20:30:00Z
UTC with minute precision
**************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T20:30Z


Format: YYYY-MM-DDTHH:mm:ssTZD
Example: 2017-09-15T12:30:00.456789-08:00, 2017-09-15T12:30:00.456789-0800
Timezone with milliseconds
***************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00.456-08:00, 2017-09-15T12:30:00.456-0800
Timezone without milliseconds
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00-08:00, 2017-09-15T12:30:00-0800
Timezone with minute precision
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T12:30-08:00, 2017-09-15T12:30-0800
Short date and time
********************
The timezone for this date and time will be taken as UTC (Needs to be surrounded by single or double quotes)
.. code::
    Format: 'YYYY-MM-DD HH:mm' or "YYYY-MM-DD HH:mm"
    Example: '2017-09-15 17:25'
Date Only
**********
This date will be taken as midnight UTC of that day
.. code::
    Format: YYYY-MM-DD
    Example: 2017-09-15
Epoch seconds
**************
.. code::
    Example: 1412195400


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-score-trend-aggregation/request-summarized-trend-security-scores.html#cmdoption-compartment-id
    oci cloud-guard security-score-trend-aggregation request-summarized-trend-security-scores --compartment-id $compartment_id


Description

A security zone is associated with a security zone recipe and enforces all security zone policies in the recipe. Any actions in the zone’s compartment (and any subcompartments in the zone) that violate a policy are denied.

  • add
  • change-compartment
  • create
  • delete
  • get
  • remove
  • update

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Description

Add an existing compartment to a security zone. If you previously removed a subcompartment from a security zone, you can add it back to the same security zone. The security zone ensures that resources in the subcompartment comply with the security zone’s policies.

oci cloud-guard security-zone add [OPTIONS]


--compartment-id, -c [text]

The OCID <https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm> of the compartment to be added to the security zone.

--security-zone-id [text]

The unique identifier of the security zone (SecurityZone)

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-zone/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-zone/create.html#cmdoption-display-name
    export security_zone_recipe_id=<substitute-value-of-security_zone_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-zone/create.html#cmdoption-security-zone-recipe-id
    security_zone_id=$(oci cloud-guard security-zone create --compartment-id $compartment_id --display-name $display_name --security-zone-recipe-id $security_zone_recipe_id --query data.id --raw-output)
    oci cloud-guard security-zone add --compartment-id $compartment_id --security-zone-id $security_zone_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Description

Moves a security zone to a different compartment. When provided, If-Match is checked against ETag values of the resource.

oci cloud-guard security-zone change-compartment [OPTIONS]


--compartment-id, -c [text]

The OCID <https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm> of the compartment into which the resource should be moved.

--security-zone-id [text]

The unique identifier of the security zone (SecurityZone)

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-zone/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-zone/create.html#cmdoption-display-name
    export security_zone_recipe_id=<substitute-value-of-security_zone_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-zone/create.html#cmdoption-security-zone-recipe-id
    security_zone_id=$(oci cloud-guard security-zone create --compartment-id $compartment_id --display-name $display_name --security-zone-recipe-id $security_zone_recipe_id --query data.id --raw-output)
    oci cloud-guard security-zone change-compartment --compartment-id $compartment_id --security-zone-id $security_zone_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Description

Creates a security zone for a compartment. A security zone enforces all security zone policies in a given security zone recipe. Any actions that violate a policy are denied. By default, any subcompartments are also in the same security zone.

oci cloud-guard security-zone create [OPTIONS]


--compartment-id, -c [text]

The OCID of the compartment for the security zone

--display-name [text]

The security zone’s name

--security-zone-recipe-id [text]

The OCID of the recipe (SecurityRecipe) for the security zone

--defined-tags [complex type]

Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {“foo-namespace”: {“bar-key”: “value”}} This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--description [text]

The security zone’s description

--freeform-tags [complex type]

Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {“bar-key”: “value”}

Avoid entering confidential information. This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-zone/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-zone/create.html#cmdoption-display-name
    export security_zone_recipe_id=<substitute-value-of-security_zone_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-zone/create.html#cmdoption-security-zone-recipe-id
    oci cloud-guard security-zone create --compartment-id $compartment_id --display-name $display_name --security-zone-recipe-id $security_zone_recipe_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Description

Deletes an existing security zone with a given identifier.

oci cloud-guard security-zone delete [OPTIONS]


--security-zone-id [text]

The unique identifier of the security zone (SecurityZone)

--force

Perform deletion without prompting for confirmation.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-zone/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-zone/create.html#cmdoption-display-name
    export security_zone_recipe_id=<substitute-value-of-security_zone_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-zone/create.html#cmdoption-security-zone-recipe-id
    security_zone_id=$(oci cloud-guard security-zone create --compartment-id $compartment_id --display-name $display_name --security-zone-recipe-id $security_zone_recipe_id --query data.id --raw-output)
    oci cloud-guard security-zone delete --security-zone-id $security_zone_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Description

Gets a security zone by its identifier. A security zone is associated with a security zone recipe and enforces all security zone policies in the recipe. Any actions in the zone’s compartments that violate a policy are denied.

oci cloud-guard security-zone get [OPTIONS]


--security-zone-id [text]

The unique identifier of the security zone (SecurityZone)

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-zone/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-zone/create.html#cmdoption-display-name
    export security_zone_recipe_id=<substitute-value-of-security_zone_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-zone/create.html#cmdoption-security-zone-recipe-id
    security_zone_id=$(oci cloud-guard security-zone create --compartment-id $compartment_id --display-name $display_name --security-zone-recipe-id $security_zone_recipe_id --query data.id --raw-output)
    oci cloud-guard security-zone get --security-zone-id $security_zone_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Description

Removes an existing compartment from a security zone. When you remove a subcompartment from a security zone, it no longer enforces security zone policies on the resources in the subcompartment. You can’t remove the primary compartment that was used to create the security zone.

oci cloud-guard security-zone remove [OPTIONS]


--compartment-id, -c [text]

The OCID <https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm> of the compartment to be removed from the security zone.

--security-zone-id [text]

The unique identifier of the security zone (SecurityZone)

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-zone/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-zone/create.html#cmdoption-display-name
    export security_zone_recipe_id=<substitute-value-of-security_zone_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-zone/create.html#cmdoption-security-zone-recipe-id
    security_zone_id=$(oci cloud-guard security-zone create --compartment-id $compartment_id --display-name $display_name --security-zone-recipe-id $security_zone_recipe_id --query data.id --raw-output)
    oci cloud-guard security-zone remove --compartment-id $compartment_id --security-zone-id $security_zone_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Description

Updates the security zone identified by its id

oci cloud-guard security-zone update [OPTIONS]


--display-name [text]

The security zone’s name

--security-zone-id [text]

The unique identifier of the security zone (SecurityZone)

--defined-tags [complex type]

Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {“foo-namespace”: {“bar-key”: “value”}} This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--description [text]

The security zone’s description

--force

Perform update without prompting for confirmation.

--freeform-tags [complex type]

Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {“bar-key”: “value”}

Avoid entering confidential information. This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--security-zone-recipe-id [text]

The OCID of the recipe (SecurityRecipe) for the security zone

--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-zone/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-zone/create.html#cmdoption-display-name
    export security_zone_recipe_id=<substitute-value-of-security_zone_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-zone/create.html#cmdoption-security-zone-recipe-id
    security_zone_id=$(oci cloud-guard security-zone create --compartment-id $compartment_id --display-name $display_name --security-zone-recipe-id $security_zone_recipe_id --query data.id --raw-output)
    oci cloud-guard security-zone update --display-name $display_name --security-zone-id $security_zone_id


Description

Results of a security zone search. Contains SecurityZoneSummary items.

list-security-zones

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Description

Gets a list of all security zones in a compartment.

oci cloud-guard security-zone-collection list-security-zones [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--display-name [text]

A filter to return only resources that match the entire display name given.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--id [text]

The unique identifier of the security zone (SecurityZone)

--is-required-security-zones-in-subtree [boolean]

security zones in the subtree

--lifecycle-state [text]

The field life cycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--security-recipe-id [text]

The unique identifier of the security zone recipe (SecurityRecipe)

--sort-by [text]

The field to sort by. Only one sort order may be provided. Default order for timeCreated is descending. Default order for displayName is ascending. If no value is specified timeCreated is default.

Accepted values are:

displayName, timeCreated


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/security-zone-collection/list-security-zones.html#cmdoption-compartment-id
    oci cloud-guard security-zone-collection list-security-zones --compartment-id $compartment_id


Description

Sighting details.

get

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Description

Returns Sighting details

oci cloud-guard sighting get [OPTIONS]


--sighting-id [text]

OCID of the sighting.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export sighting_id=<substitute-value-of-sighting_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/sighting/get.html#cmdoption-sighting-id
    oci cloud-guard sighting get --sighting-id $sighting_id


Description

Sighting Endpoints summary.

list-sighting-endpoints

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Description

Returns Sighting endpoints details

oci cloud-guard sighting-endpoint-summary list-sighting-endpoints [OPTIONS]


--sighting-id [text]

OCID of the sighting.

--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--sort-by [text]

The field to sort by. Only one sort order may be provided. Default order for timeCreated is descending. If no value is specified timeCreated is default.

Accepted values are:

timeCreated


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export sighting_id=<substitute-value-of-sighting_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/sighting-endpoint-summary/list-sighting-endpoints.html#cmdoption-sighting-id
    oci cloud-guard sighting-endpoint-summary list-sighting-endpoints --sighting-id $sighting_id


Description

Sighting Impacted Resource summary.

list-sighting-impacted-resources

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Description

Return a list of Impacted Resources for a CloudGuard Sighting

oci cloud-guard sighting-impacted-resource-summary list-sighting-impacted-resources [OPTIONS]


--sighting-id [text]

OCID of the sighting.

--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--sort-by [text]

The field to sort by. Only one sort order may be provided. Default order for timeCreated is descending. If no value is specified timeCreated is default.

Accepted values are:

timeCreated


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export sighting_id=<substitute-value-of-sighting_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/sighting-impacted-resource-summary/list-sighting-impacted-resources.html#cmdoption-sighting-id
    oci cloud-guard sighting-impacted-resource-summary list-sighting-impacted-resources --sighting-id $sighting_id


Description

Sighting summary Definition.

list-sightings

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • UTC with microseconds
  • Timezone with microseconds
  • UTC with microseconds
  • Timezone with microseconds

  • Global Parameters
  • Examples

Description

Returns a list of all Sightings identified by the Cloud Guard The ListSightings operation returns only sightings that match the passed filters.

The parameter accessLevel specifies whether to return only those compartments for which the requestor has INSPECT permissions on at least one resource directly or indirectly (ACCESSIBLE) (the resource can be in a subcompartment) or to return Not Authorized if Principal doesn’t have access to even one of the child compartments. This is valid only when compartmentIdInSubtree is set to true.

The parameter compartmentIdInSubtree applies when you perform ListSightings on the compartmentId passed and when it is set to true, the entire hierarchy of compartments can be returned. To get a full list of all compartments and subcompartments in the tenancy (root compartment), set the parameter compartmentIdInSubtree to true and accessLevel to ACCESSIBLE.

oci cloud-guard sighting-summary list-sightings [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--access-level [text]

Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.

Accepted values are:

ACCESSIBLE, RESTRICTED


--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--compartment-id-in-subtree [boolean]

Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned depending on the the setting of accessLevel.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--problem-id [text]

OCID of the problem.

--resource-profile-id [text]

OCID of the resource profile.

--sort-by [text]

The field to sort by. Only one sort order may be provided. Default order for timeCreated is descending. If no value is specified timeCreated is default.

Accepted values are:

timeCreated


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


--time-last-detected-greater-than-or-equal-to [datetime]

Start time for a filter. If start time is not specified, start time will be set to current time - 30 days.

The following datetime formats are supported:


Format: YYYY-MM-DDTHH:mm:ss.ssssssTZD
Example: 2017-09-15T20:30:00.123456Z
UTC with milliseconds
***********************
.. code::
    Format: YYYY-MM-DDTHH:mm:ss.sssTZD
    Example: 2017-09-15T20:30:00.123Z
UTC without milliseconds
**************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T20:30:00Z
UTC with minute precision
**************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T20:30Z


Format: YYYY-MM-DDTHH:mm:ssTZD
Example: 2017-09-15T12:30:00.456789-08:00, 2017-09-15T12:30:00.456789-0800
Timezone with milliseconds
***************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00.456-08:00, 2017-09-15T12:30:00.456-0800
Timezone without milliseconds
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00-08:00, 2017-09-15T12:30:00-0800
Timezone with minute precision
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T12:30-08:00, 2017-09-15T12:30-0800
Short date and time
********************
The timezone for this date and time will be taken as UTC (Needs to be surrounded by single or double quotes)
.. code::
    Format: 'YYYY-MM-DD HH:mm' or "YYYY-MM-DD HH:mm"
    Example: '2017-09-15 17:25'
Date Only
**********
This date will be taken as midnight UTC of that day
.. code::
    Format: YYYY-MM-DD
    Example: 2017-09-15
Epoch seconds
**************
.. code::
    Example: 1412195400


--time-last-detected-less-than-or-equal-to [datetime]

End time for a filter. If end time is not specified, end time will be set to current time.

The following datetime formats are supported:


Format: YYYY-MM-DDTHH:mm:ss.ssssssTZD
Example: 2017-09-15T20:30:00.123456Z
UTC with milliseconds
***********************
.. code::
    Format: YYYY-MM-DDTHH:mm:ss.sssTZD
    Example: 2017-09-15T20:30:00.123Z
UTC without milliseconds
**************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T20:30:00Z
UTC with minute precision
**************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T20:30Z


Format: YYYY-MM-DDTHH:mm:ssTZD
Example: 2017-09-15T12:30:00.456789-08:00, 2017-09-15T12:30:00.456789-0800
Timezone with milliseconds
***************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00.456-08:00, 2017-09-15T12:30:00.456-0800
Timezone without milliseconds
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mm:ssTZD
    Example: 2017-09-15T12:30:00-08:00, 2017-09-15T12:30:00-0800
Timezone with minute precision
*******************************
.. code::
    Format: YYYY-MM-DDTHH:mmTZD
    Example: 2017-09-15T12:30-08:00, 2017-09-15T12:30-0800
Short date and time
********************
The timezone for this date and time will be taken as UTC (Needs to be surrounded by single or double quotes)
.. code::
    Format: 'YYYY-MM-DD HH:mm' or "YYYY-MM-DD HH:mm"
    Example: '2017-09-15 17:25'
Date Only
**********
This date will be taken as midnight UTC of that day
.. code::
    Format: YYYY-MM-DD
    Example: 2017-09-15
Epoch seconds
**************
.. code::
    Example: 1412195400


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/sighting-summary/list-sightings.html#cmdoption-compartment-id
    oci cloud-guard sighting-summary list-sightings --compartment-id $compartment_id


Description

Tactic summary.

list-tactics

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Description

Returns a list of tactics associated with detector rules.

oci cloud-guard tactic-summary list-tactics [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--lifecycle-state [text]

The field life cycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--sort-by [text]

The field to sort by. Only one sort order may be provided. Default order for displayName is ascending. If no value is specified displayName is default.

Accepted values are:

displayName


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/tactic-summary/list-tactics.html#cmdoption-compartment-id
    oci cloud-guard tactic-summary list-tactics --compartment-id $compartment_id


Description

Description of Target.

  • create
  • delete
  • get
  • list
  • update

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Description

Creates a new Target

oci cloud-guard target create [OPTIONS]


--compartment-id, -c [text]

Compartment Identifier where the resource is created

--display-name [text]

DetectorTemplate identifier.

Avoid entering confidential information.

--target-resource-id [text]

Resource ID which the target uses to monitor

--target-resource-type [text]

possible type of targets(compartment/HCMCloud/ERPCloud)

Accepted values are:

COMPARTMENT, ERPCLOUD, HCMCLOUD, SECURITY_ZONE


--defined-tags [complex type]

Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {“foo-namespace”: {“bar-key”: “value”}} This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--description [text]

The target description.

Avoid entering confidential information.

--freeform-tags [complex type]

Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {“bar-key”: “value”}

Avoid entering confidential information. This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--lifecycle-state [text]

The current state of the DetectorRule.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--target-detector-recipes [complex type]

List of detector recipes to associate with target

This option is a JSON list with items of type CreateTargetDetectorRecipeDetails. For documentation on CreateTargetDetectorRecipeDetails please see our API reference: https://docs.cloud.oracle.com/api/#/en/cloudguard/20200131/datatypes/CreateTargetDetectorRecipeDetails. This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--target-responder-recipes [complex type]

List of responder recipes to associate with target

This option is a JSON list with items of type CreateTargetResponderRecipeDetails. For documentation on CreateTargetResponderRecipeDetails please see our API reference: https://docs.cloud.oracle.com/api/#/en/cloudguard/20200131/datatypes/CreateTargetResponderRecipeDetails. This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-display-name
    export target_resource_id=<substitute-value-of-target_resource_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-id
    export target_resource_type=<substitute-value-of-target_resource_type> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-type
    oci cloud-guard target create --compartment-id $compartment_id --display-name $display_name --target-resource-id $target_resource_id --target-resource-type $target_resource_type


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Description

Deletes a Target identified by targetId

oci cloud-guard target delete [OPTIONS]


--target-id [text]

OCID of target

--force

Perform deletion without prompting for confirmation.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-display-name
    export target_resource_id=<substitute-value-of-target_resource_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-id
    export target_resource_type=<substitute-value-of-target_resource_type> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-type
    target_id=$(oci cloud-guard target create --compartment-id $compartment_id --display-name $display_name --target-resource-id $target_resource_id --target-resource-type $target_resource_type --query data.id --raw-output)
    oci cloud-guard target delete --target-id $target_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Description

Returns a Target identified by targetId

oci cloud-guard target get [OPTIONS]


--target-id [text]

OCID of target

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-display-name
    export target_resource_id=<substitute-value-of-target_resource_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-id
    export target_resource_type=<substitute-value-of-target_resource_type> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-type
    target_id=$(oci cloud-guard target create --compartment-id $compartment_id --display-name $display_name --target-resource-id $target_resource_id --target-resource-type $target_resource_type --query data.id --raw-output)
    oci cloud-guard target get --target-id $target_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Description

Returns a list of all Targets in a compartment The ListTargets operation returns only the targets in compartmentId passed. The list does not include any subcompartments of the compartmentId passed.

The parameter accessLevel specifies whether to return only those compartments for which the requestor has INSPECT permissions on at least one resource directly or indirectly (ACCESSIBLE) (the resource can be in a subcompartment) or to return Not Authorized if Principal doesn’t have access to even one of the child compartments. This is valid only when compartmentIdInSubtree is set to true.

The parameter compartmentIdInSubtree applies when you perform ListTargets on the compartmentId passed and when it is set to true, the entire hierarchy of compartments can be returned. To get a full list of all compartments and subcompartments in the tenancy (root compartment), set the parameter compartmentIdInSubtree to true and accessLevel to ACCESSIBLE.

oci cloud-guard target list [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--access-level [text]

Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.

Accepted values are:

ACCESSIBLE, RESTRICTED


--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--compartment-id-in-subtree [boolean]

Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned depending on the the setting of accessLevel.

--display-name [text]

A filter to return only resources that match the entire display name given.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--is-non-security-zone-targets-only-query [boolean]

Default is false. When set to true, only the targets that would be deleted as part of security zone creation will be returned.

--lifecycle-state [text]

The field life cycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--sort-by [text]

The field to sort by. Only one sort order may be provided. Default order for timeCreated is descending. Default order for displayName is ascending. If no value is specified timeCreated is default.

Accepted values are:

displayName, timeCreated


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/list.html#cmdoption-compartment-id
    oci cloud-guard target list --compartment-id $compartment_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Description

Updates a Target identified by targetId

oci cloud-guard target update [OPTIONS]


--target-id [text]

OCID of target

--defined-tags [complex type]

Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {“foo-namespace”: {“bar-key”: “value”}} This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--display-name [text]

DetectorTemplate identifier.

Avoid entering confidential information.

--force

Perform update without prompting for confirmation.

--freeform-tags [complex type]

Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {“bar-key”: “value”}

Avoid entering confidential information. This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

--lifecycle-state [text]

The current state of the Target.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--target-detector-recipes [complex type]

The details of target detector recipes to be updated.

This option is a JSON list with items of type UpdateTargetDetectorRecipe. For documentation on UpdateTargetDetectorRecipe please see our API reference: https://docs.cloud.oracle.com/api/#/en/cloudguard/20200131/datatypes/UpdateTargetDetectorRecipe. This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--target-responder-recipes [complex type]

The details of target responder recipes to be updated.

This option is a JSON list with items of type UpdateTargetResponderRecipe. For documentation on UpdateTargetResponderRecipe please see our API reference: https://docs.cloud.oracle.com/api/#/en/cloudguard/20200131/datatypes/UpdateTargetResponderRecipe. This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-display-name
    export target_resource_id=<substitute-value-of-target_resource_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-id
    export target_resource_type=<substitute-value-of-target_resource_type> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-type
    target_id=$(oci cloud-guard target create --compartment-id $compartment_id --display-name $display_name --target-resource-id $target_resource_id --target-resource-type $target_resource_type --query data.id --raw-output)
    oci cloud-guard target update --target-id $target_id


Description

Target Detector recipe

  • create
  • delete
  • get
  • list
  • update

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Description

Attach a DetectorRecipe with the Target

oci cloud-guard target-detector-recipe create [OPTIONS]


--detector-recipe-id [text]

DetectorRecipe Identifier

--target-id [text]

OCID of target

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-display-name
    export source_detector_recipe_id=<substitute-value-of-source_detector_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-recipe/create.html#cmdoption-source-detector-recipe-id
    export target_resource_id=<substitute-value-of-target_resource_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-id
    export target_resource_type=<substitute-value-of-target_resource_type> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-type
    detector_recipe_id=$(oci cloud-guard detector-recipe create --compartment-id $compartment_id --display-name $display_name --source-detector-recipe-id $source_detector_recipe_id --query data.id --raw-output)
    target_id=$(oci cloud-guard target create --compartment-id $compartment_id --display-name $display_name --target-resource-id $target_resource_id --target-resource-type $target_resource_type --query data.id --raw-output)
    oci cloud-guard target-detector-recipe create --detector-recipe-id $detector_recipe_id --target-id $target_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Description

Delete the TargetDetectorRecipe resource by identifier

oci cloud-guard target-detector-recipe delete [OPTIONS]


--target-detector-recipe-id [text]

OCID of TargetDetectorRecipe

--target-id [text]

OCID of target

--force

Perform deletion without prompting for confirmation.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-display-name
    export source_detector_recipe_id=<substitute-value-of-source_detector_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-recipe/create.html#cmdoption-source-detector-recipe-id
    export target_resource_id=<substitute-value-of-target_resource_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-id
    export target_resource_type=<substitute-value-of-target_resource_type> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-type
    detector_recipe_id=$(oci cloud-guard detector-recipe create --compartment-id $compartment_id --display-name $display_name --source-detector-recipe-id $source_detector_recipe_id --query data.id --raw-output)
    target_id=$(oci cloud-guard target create --compartment-id $compartment_id --display-name $display_name --target-resource-id $target_resource_id --target-resource-type $target_resource_type --query data.id --raw-output)
    target_detector_recipe_id=$(oci cloud-guard target-detector-recipe create --detector-recipe-id $detector_recipe_id --target-id $target_id --query data.id --raw-output)
    oci cloud-guard target-detector-recipe delete --target-detector-recipe-id $target_detector_recipe_id --target-id $target_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Description

Get a TargetDetectorRecipe by identifier

oci cloud-guard target-detector-recipe get [OPTIONS]


--target-detector-recipe-id [text]

OCID of TargetDetectorRecipe

--target-id [text]

OCID of target

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-display-name
    export source_detector_recipe_id=<substitute-value-of-source_detector_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-recipe/create.html#cmdoption-source-detector-recipe-id
    export target_resource_id=<substitute-value-of-target_resource_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-id
    export target_resource_type=<substitute-value-of-target_resource_type> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-type
    detector_recipe_id=$(oci cloud-guard detector-recipe create --compartment-id $compartment_id --display-name $display_name --source-detector-recipe-id $source_detector_recipe_id --query data.id --raw-output)
    target_id=$(oci cloud-guard target create --compartment-id $compartment_id --display-name $display_name --target-resource-id $target_resource_id --target-resource-type $target_resource_type --query data.id --raw-output)
    target_detector_recipe_id=$(oci cloud-guard target-detector-recipe create --detector-recipe-id $detector_recipe_id --target-id $target_id --query data.id --raw-output)
    oci cloud-guard target-detector-recipe get --target-detector-recipe-id $target_detector_recipe_id --target-id $target_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Description

Returns a list of all detector recipes associated with the target identified by targetId

oci cloud-guard target-detector-recipe list [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--target-id [text]

OCID of target

--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--display-name [text]

A filter to return only resources that match the entire display name given.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--lifecycle-state [text]

The field life cycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--sort-by [text]

The field to sort by. Only one sort order may be provided. Default order for timeCreated is descending. Default order for displayName is ascending. If no value is specified timeCreated is default.

Accepted values are:

displayName, timeCreated


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-display-name
    export target_resource_id=<substitute-value-of-target_resource_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-id
    export target_resource_type=<substitute-value-of-target_resource_type> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-type
    target_id=$(oci cloud-guard target create --compartment-id $compartment_id --display-name $display_name --target-resource-id $target_resource_id --target-resource-type $target_resource_type --query data.id --raw-output)
    oci cloud-guard target-detector-recipe list --compartment-id $compartment_id --target-id $target_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Description

Update the TargetDetectorRecipe resource by identifier

oci cloud-guard target-detector-recipe update [OPTIONS]


--target-detector-recipe-id [text]

OCID of TargetDetectorRecipe

--target-id [text]

OCID of target

--detector-recipe-id [text]

Detector recipe identifier associated with the target

--detector-rules [complex type]

Update detector rules associated with detector recipe in a target.

This option is a JSON list with items of type UpdateTargetRecipeDetectorRuleDetails. For documentation on UpdateTargetRecipeDetectorRuleDetails please see our API reference: https://docs.cloud.oracle.com/api/#/en/cloudguard/20200131/datatypes/UpdateTargetRecipeDetectorRuleDetails. This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--force

Perform update without prompting for confirmation.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

--is-validation-only-query [boolean]

When enabled, validation is performed for attaching the detector recipe.

--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-display-name
    export source_detector_recipe_id=<substitute-value-of-source_detector_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-recipe/create.html#cmdoption-source-detector-recipe-id
    export target_resource_id=<substitute-value-of-target_resource_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-id
    export target_resource_type=<substitute-value-of-target_resource_type> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-type
    detector_recipe_id=$(oci cloud-guard detector-recipe create --compartment-id $compartment_id --display-name $display_name --source-detector-recipe-id $source_detector_recipe_id --query data.id --raw-output)
    target_id=$(oci cloud-guard target create --compartment-id $compartment_id --display-name $display_name --target-resource-id $target_resource_id --target-resource-type $target_resource_type --query data.id --raw-output)
    target_detector_recipe_id=$(oci cloud-guard target-detector-recipe create --detector-recipe-id $detector_recipe_id --target-id $target_id --query data.id --raw-output)
    oci cloud-guard target-detector-recipe update --target-detector-recipe-id $target_detector_recipe_id --target-id $target_id


Description

Detector Recipe Rule

  • get
  • list
  • update

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Description

Get DetectorRule by identifier

oci cloud-guard target-detector-recipe-detector-rule get [OPTIONS]


--detector-rule-id [text]

The id of DetectorRule

--target-detector-recipe-id [text]

OCID of TargetDetectorRecipe

--target-id [text]

OCID of target

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-display-name
    export source_detector_recipe_id=<substitute-value-of-source_detector_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-recipe/create.html#cmdoption-source-detector-recipe-id
    export target_resource_id=<substitute-value-of-target_resource_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-id
    export target_resource_type=<substitute-value-of-target_resource_type> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-type
    export detector_rule_id=<substitute-value-of-detector_rule_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target-detector-recipe-detector-rule/get.html#cmdoption-detector-rule-id
    detector_recipe_id=$(oci cloud-guard detector-recipe create --compartment-id $compartment_id --display-name $display_name --source-detector-recipe-id $source_detector_recipe_id --query data.id --raw-output)
    target_id=$(oci cloud-guard target create --compartment-id $compartment_id --display-name $display_name --target-resource-id $target_resource_id --target-resource-type $target_resource_type --query data.id --raw-output)
    target_detector_recipe_id=$(oci cloud-guard target-detector-recipe create --detector-recipe-id $detector_recipe_id --target-id $target_id --query data.id --raw-output)
    oci cloud-guard target-detector-recipe-detector-rule get --detector-rule-id $detector_rule_id --target-detector-recipe-id $target_detector_recipe_id --target-id $target_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Description

Returns a list of DetectorRule associated with DetectorRecipe within a Target.

oci cloud-guard target-detector-recipe-detector-rule list [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--target-detector-recipe-id [text]

OCID of TargetDetectorRecipe

--target-id [text]

OCID of target

--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--display-name [text]

A filter to return only resources that match the entire display name given.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--lifecycle-state [text]

The field life cycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--sort-by [text]

The field to sort by. Only one sort order may be provided. Default order for displayName is ascending. If no value is specified displayName is default.

Accepted values are:

displayName, riskLevel


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-display-name
    export source_detector_recipe_id=<substitute-value-of-source_detector_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-recipe/create.html#cmdoption-source-detector-recipe-id
    export target_resource_id=<substitute-value-of-target_resource_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-id
    export target_resource_type=<substitute-value-of-target_resource_type> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-type
    detector_recipe_id=$(oci cloud-guard detector-recipe create --compartment-id $compartment_id --display-name $display_name --source-detector-recipe-id $source_detector_recipe_id --query data.id --raw-output)
    target_id=$(oci cloud-guard target create --compartment-id $compartment_id --display-name $display_name --target-resource-id $target_resource_id --target-resource-type $target_resource_type --query data.id --raw-output)
    target_detector_recipe_id=$(oci cloud-guard target-detector-recipe create --detector-recipe-id $detector_recipe_id --target-id $target_id --query data.id --raw-output)
    oci cloud-guard target-detector-recipe-detector-rule list --compartment-id $compartment_id --target-detector-recipe-id $target_detector_recipe_id --target-id $target_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Description

Update the DetectorRule by identifier

oci cloud-guard target-detector-recipe-detector-rule update [OPTIONS]


--details [complex type]

This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--detector-rule-id [text]

The id of DetectorRule

--target-detector-recipe-id [text]

OCID of TargetDetectorRecipe

--target-id [text]

OCID of target

--force

Perform update without prompting for confirmation.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy and paste the following example into a JSON file, replacing the example parameters with your own.

    oci cloud-guard target-detector-recipe-detector-rule update --generate-param-json-input details > details.json


Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-display-name
    export source_detector_recipe_id=<substitute-value-of-source_detector_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/detector-recipe/create.html#cmdoption-source-detector-recipe-id
    export target_resource_id=<substitute-value-of-target_resource_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-id
    export target_resource_type=<substitute-value-of-target_resource_type> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-type
    export detector_rule_id=<substitute-value-of-detector_rule_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target-detector-recipe-detector-rule/update.html#cmdoption-detector-rule-id
    detector_recipe_id=$(oci cloud-guard detector-recipe create --compartment-id $compartment_id --display-name $display_name --source-detector-recipe-id $source_detector_recipe_id --query data.id --raw-output)
    target_id=$(oci cloud-guard target create --compartment-id $compartment_id --display-name $display_name --target-resource-id $target_resource_id --target-resource-type $target_resource_type --query data.id --raw-output)
    target_detector_recipe_id=$(oci cloud-guard target-detector-recipe create --detector-recipe-id $detector_recipe_id --target-id $target_id --query data.id --raw-output)
    oci cloud-guard target-detector-recipe-detector-rule update --details file://details.json --detector-rule-id $detector_rule_id --target-detector-recipe-id $target_detector_recipe_id --target-id $target_id


Description

Details of Target ResponderRecipe

  • create
  • delete
  • get
  • list
  • update

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Description

Attach a ResponderRecipe with the Target

oci cloud-guard target-responder-recipe create [OPTIONS]


--responder-recipe-id [text]

ResponderRecipe Identifier

--target-id [text]

OCID of target

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-display-name
    export source_responder_recipe_id=<substitute-value-of-source_responder_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-source-responder-recipe-id
    export target_id=<substitute-value-of-target_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target-responder-recipe/create.html#cmdoption-target-id
    responder_recipe_id=$(oci cloud-guard responder-recipe create --compartment-id $compartment_id --display-name $display_name --source-responder-recipe-id $source_responder_recipe_id --query data.id --raw-output)
    oci cloud-guard target-responder-recipe create --responder-recipe-id $responder_recipe_id --target-id $target_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Description

Delete the TargetResponderRecipe resource by identifier

oci cloud-guard target-responder-recipe delete [OPTIONS]


--target-id [text]

OCID of target

--target-responder-recipe-id [text]

OCID of TargetResponderRecipe

--force

Perform deletion without prompting for confirmation.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-display-name
    export target_resource_id=<substitute-value-of-target_resource_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-id
    export target_resource_type=<substitute-value-of-target_resource_type> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-type
    export source_responder_recipe_id=<substitute-value-of-source_responder_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-source-responder-recipe-id
    export target_id=<substitute-value-of-target_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target-responder-recipe/create.html#cmdoption-target-id
    target_id=$(oci cloud-guard target create --compartment-id $compartment_id --display-name $display_name --target-resource-id $target_resource_id --target-resource-type $target_resource_type --query data.id --raw-output)
    responder_recipe_id=$(oci cloud-guard responder-recipe create --compartment-id $compartment_id --display-name $display_name --source-responder-recipe-id $source_responder_recipe_id --query data.id --raw-output)
    target_responder_recipe_id=$(oci cloud-guard target-responder-recipe create --responder-recipe-id $responder_recipe_id --target-id $target_id --query data.id --raw-output)
    oci cloud-guard target-responder-recipe delete --target-id $target_id --target-responder-recipe-id $target_responder_recipe_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Description

Get a TargetResponderRecipe by identifier

oci cloud-guard target-responder-recipe get [OPTIONS]


--target-id [text]

OCID of target

--target-responder-recipe-id [text]

OCID of TargetResponderRecipe

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-display-name
    export target_resource_id=<substitute-value-of-target_resource_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-id
    export target_resource_type=<substitute-value-of-target_resource_type> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-type
    export source_responder_recipe_id=<substitute-value-of-source_responder_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-source-responder-recipe-id
    export target_id=<substitute-value-of-target_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target-responder-recipe/create.html#cmdoption-target-id
    target_id=$(oci cloud-guard target create --compartment-id $compartment_id --display-name $display_name --target-resource-id $target_resource_id --target-resource-type $target_resource_type --query data.id --raw-output)
    responder_recipe_id=$(oci cloud-guard responder-recipe create --compartment-id $compartment_id --display-name $display_name --source-responder-recipe-id $source_responder_recipe_id --query data.id --raw-output)
    target_responder_recipe_id=$(oci cloud-guard target-responder-recipe create --responder-recipe-id $responder_recipe_id --target-id $target_id --query data.id --raw-output)
    oci cloud-guard target-responder-recipe get --target-id $target_id --target-responder-recipe-id $target_responder_recipe_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Description

Returns a list of all responder recipes associated with the target identified by targetId

oci cloud-guard target-responder-recipe list [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--target-id [text]

OCID of target

--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--display-name [text]

A filter to return only resources that match the entire display name given.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--lifecycle-state [text]

The field life cycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--sort-by [text]

The field to sort by. Only one sort order may be provided. Default order for timeCreated is descending. Default order for displayName is ascending. If no value is specified timeCreated is default.

Accepted values are:

displayName, timeCreated


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-display-name
    export target_resource_id=<substitute-value-of-target_resource_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-id
    export target_resource_type=<substitute-value-of-target_resource_type> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-type
    target_id=$(oci cloud-guard target create --compartment-id $compartment_id --display-name $display_name --target-resource-id $target_resource_id --target-resource-type $target_resource_type --query data.id --raw-output)
    oci cloud-guard target-responder-recipe list --compartment-id $compartment_id --target-id $target_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Description

Update the TargetResponderRecipe resource by identifier

oci cloud-guard target-responder-recipe update [OPTIONS]


--responder-rules [complex type]

Update responder rules associated with responder recipe in a target. This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--target-id [text]

OCID of target

--target-responder-recipe-id [text]

OCID of TargetResponderRecipe

--force

Perform update without prompting for confirmation.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy and paste the following example into a JSON file, replacing the example parameters with your own.

    oci cloud-guard target-responder-recipe update --generate-param-json-input responder-rules > responder-rules.json


Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-display-name
    export target_resource_id=<substitute-value-of-target_resource_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-id
    export target_resource_type=<substitute-value-of-target_resource_type> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-type
    export source_responder_recipe_id=<substitute-value-of-source_responder_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-source-responder-recipe-id
    export target_id=<substitute-value-of-target_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target-responder-recipe/create.html#cmdoption-target-id
    target_id=$(oci cloud-guard target create --compartment-id $compartment_id --display-name $display_name --target-resource-id $target_resource_id --target-resource-type $target_resource_type --query data.id --raw-output)
    responder_recipe_id=$(oci cloud-guard responder-recipe create --compartment-id $compartment_id --display-name $display_name --source-responder-recipe-id $source_responder_recipe_id --query data.id --raw-output)
    target_responder_recipe_id=$(oci cloud-guard target-responder-recipe create --responder-recipe-id $responder_recipe_id --target-id $target_id --query data.id --raw-output)
    oci cloud-guard target-responder-recipe update --responder-rules file://responder-rules.json --target-id $target_id --target-responder-recipe-id $target_responder_recipe_id


Description

Details of ResponderRule.

  • get
  • list
  • update

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Description

Get ResponderRule by identifier

oci cloud-guard target-responder-recipe-responder-rule get [OPTIONS]


--responder-rule-id [text]

The id of ResponderRule

--target-id [text]

OCID of target

--target-responder-recipe-id [text]

OCID of TargetResponderRecipe

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-display-name
    export target_resource_id=<substitute-value-of-target_resource_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-id
    export target_resource_type=<substitute-value-of-target_resource_type> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-type
    export source_responder_recipe_id=<substitute-value-of-source_responder_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-source-responder-recipe-id
    export target_id=<substitute-value-of-target_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target-responder-recipe/create.html#cmdoption-target-id
    export responder_rule_id=<substitute-value-of-responder_rule_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target-responder-recipe-responder-rule/get.html#cmdoption-responder-rule-id
    target_id=$(oci cloud-guard target create --compartment-id $compartment_id --display-name $display_name --target-resource-id $target_resource_id --target-resource-type $target_resource_type --query data.id --raw-output)
    responder_recipe_id=$(oci cloud-guard responder-recipe create --compartment-id $compartment_id --display-name $display_name --source-responder-recipe-id $source_responder_recipe_id --query data.id --raw-output)
    target_responder_recipe_id=$(oci cloud-guard target-responder-recipe create --responder-recipe-id $responder_recipe_id --target-id $target_id --query data.id --raw-output)
    oci cloud-guard target-responder-recipe-responder-rule get --responder-rule-id $responder_rule_id --target-id $target_id --target-responder-recipe-id $target_responder_recipe_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Description

Returns a list of ResponderRule associated with ResponderRecipe within a Target.

oci cloud-guard target-responder-recipe-responder-rule list [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--target-id [text]

OCID of target

--target-responder-recipe-id [text]

OCID of TargetResponderRecipe

--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--display-name [text]

A filter to return only resources that match the entire display name given.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--lifecycle-state [text]

The field life cycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--sort-by [text]

The field to sort by. Only one sort order may be provided. Default order for displayName is ascending. If no value is specified displayName is default.

Accepted values are:

displayName, riskLevel


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-display-name
    export target_resource_id=<substitute-value-of-target_resource_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-id
    export target_resource_type=<substitute-value-of-target_resource_type> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-type
    export source_responder_recipe_id=<substitute-value-of-source_responder_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-source-responder-recipe-id
    export target_id=<substitute-value-of-target_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target-responder-recipe/create.html#cmdoption-target-id
    target_id=$(oci cloud-guard target create --compartment-id $compartment_id --display-name $display_name --target-resource-id $target_resource_id --target-resource-type $target_resource_type --query data.id --raw-output)
    responder_recipe_id=$(oci cloud-guard responder-recipe create --compartment-id $compartment_id --display-name $display_name --source-responder-recipe-id $source_responder_recipe_id --query data.id --raw-output)
    target_responder_recipe_id=$(oci cloud-guard target-responder-recipe create --responder-recipe-id $responder_recipe_id --target-id $target_id --query data.id --raw-output)
    oci cloud-guard target-responder-recipe-responder-rule list --compartment-id $compartment_id --target-id $target_id --target-responder-recipe-id $target_responder_recipe_id


  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Description

Update the ResponderRule by identifier

oci cloud-guard target-responder-recipe-responder-rule update [OPTIONS]


--details [complex type]

This is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

The --generate-param-json-input option can be used to generate an example of the JSON which must be provided. We recommend storing this example in a file, modifying it as needed and then passing it back in via the file:// syntax.

--responder-rule-id [text]

The id of ResponderRule

--target-id [text]

OCID of target

--target-responder-recipe-id [text]

OCID of TargetResponderRecipe

--force

Perform update without prompting for confirmation.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--if-match [text]

For optimistic concurrency control. In the PUT or DELETE call for a resource, set the if-match parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

--max-wait-seconds [integer]

The maximum time to wait for the resource to reach the lifecycle state defined by --wait-for-state. Defaults to 1200 seconds.

--wait-for-state [text]

This operation creates, modifies or deletes a resource that has a defined lifecycle state. Specify this option to perform the action and then wait until the resource reaches a given lifecycle state. Multiple states can be specified, returning on the first state. For example, --wait-for-state SUCCEEDED --wait-for-state FAILED would return on whichever lifecycle state is reached first. If timeout is reached, a return code of 2 is returned. For any other error, a return code of 1 is returned.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--wait-interval-seconds [integer]

Check every --wait-interval-seconds to see whether the resource to see if it has reached the lifecycle state defined by --wait-for-state. Defaults to 30 seconds.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy and paste the following example into a JSON file, replacing the example parameters with your own.

    oci cloud-guard target-responder-recipe-responder-rule update --generate-param-json-input details > details.json


Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-compartment-id
    export display_name=<substitute-value-of-display_name> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-display-name
    export target_resource_id=<substitute-value-of-target_resource_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-id
    export target_resource_type=<substitute-value-of-target_resource_type> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target/create.html#cmdoption-target-resource-type
    export source_responder_recipe_id=<substitute-value-of-source_responder_recipe_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/responder-recipe/create.html#cmdoption-source-responder-recipe-id
    export target_id=<substitute-value-of-target_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target-responder-recipe/create.html#cmdoption-target-id
    export responder_rule_id=<substitute-value-of-responder_rule_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/target-responder-recipe-responder-rule/update.html#cmdoption-responder-rule-id
    target_id=$(oci cloud-guard target create --compartment-id $compartment_id --display-name $display_name --target-resource-id $target_resource_id --target-resource-type $target_resource_type --query data.id --raw-output)
    responder_recipe_id=$(oci cloud-guard responder-recipe create --compartment-id $compartment_id --display-name $display_name --source-responder-recipe-id $source_responder_recipe_id --query data.id --raw-output)
    target_responder_recipe_id=$(oci cloud-guard target-responder-recipe create --responder-recipe-id $responder_recipe_id --target-id $target_id --query data.id --raw-output)
    oci cloud-guard target-responder-recipe-responder-rule update --details file://details.json --responder-rule-id $responder_rule_id --target-id $target_id --target-responder-recipe-id $target_responder_recipe_id


Description

Technique summary.

list-techniques

  • Description
  • Usage
  • Required Parameters
  • Optional Parameters
  • Global Parameters
  • Examples

Description

Returns a list of techniques associated with detector rules.

oci cloud-guard technique-summary list-techniques [OPTIONS]


--compartment-id, -c [text]

The ID of the compartment in which to list resources.

--all

Fetches all pages of results. If you provide this option, then you cannot provide the --limit option.

--from-json [text]

Provide input to this command as a JSON document from a file using the file://path-to/file syntax.

The --generate-full-command-json-input option can be used to generate a sample json file to be used with this command option. The key names are pre-populated and match the command option names (converted to camelCase format, e.g. compartment-id –> compartmentId), while the values of the keys need to be populated by the user before using the sample file as an input to this command. For any command option that accepts multiple values, the value of the key can be a JSON array.

Options can still be provided on the command line. If an option exists in both the JSON document and the command line then the command line specified value will be used.

For examples on usage of this option, please see our “using CLI with advanced JSON options” link: https://docs.cloud.oracle.com/iaas/Content/API/SDKDocs/cliusing.htm#AdvancedJSONOptions

--lifecycle-state [text]

The field life cycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.

Accepted values are:

ACTIVE, CREATING, DELETED, DELETING, FAILED, INACTIVE, UPDATING


--limit [integer]

The maximum number of items to return.

--page [text]

The page token representing the page at which to start retrieving results. This is usually retrieved from a previous list call.

--page-size [integer]

When fetching results, the number of results to fetch per call. Only valid when used with --all or --limit, and ignored otherwise.

--sort-by [text]

The field to sort by. Only one sort order may be provided. Default order for displayName is ascending. If no value is specified displayName is default.

Accepted values are:

displayName


--sort-order [text]

The sort order to use, either ‘asc’ or ‘desc’.

Accepted values are:

ASC, DESC


--tactics [text]

A filter to return only resources that match the list of tactics given.

Use oci --help for help on global parameters.

--auth-purpose, --auth, --cert-bundle, --cli-auto-prompt, --cli-rc-file, --config-file, --debug, --defaults-file, --endpoint, --generate-full-command-json-input, --generate-param-json-input, --help, --latest-version, --max-retries, --no-retry, --opc-client-request-id, --opc-request-id, --output, --profile, --query, --raw-output, --region, --release-info, --request-id, --version, -?, -d, -h, -i, -v

Copy the following CLI commands into a file named example.sh. Run the command by typing “bash example.sh” and replacing the example parameters with your own.

Please note this sample will only work in the POSIX-compliant bash-like shell. You need to set up the OCI configuration <https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm#configfile> and appropriate security policies <https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policygetstarted.htm> before trying the examples.

    export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/cloud-guard/technique-summary/list-techniques.html#cmdoption-compartment-id
    oci cloud-guard technique-summary list-techniques --compartment-id $compartment_id


Oracle

2016, 2022, Oracle
May 17, 2022 3.9.1

Search for    or go to Top of page |  Section 1 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.