Docs Home
Oracle Cloud Infrastructure v2.32.0 published on Thursday, Apr 24, 2025 by Pulumi
oci.CloudGuard.getDataMaskRules
Explore with Pulumi AI
This data source provides the list of Data Mask Rules in Oracle Cloud Infrastructure Cloud Guard service.
Returns a list of all DataMaskRule resources in the specified compartmentId (OCID) and its subcompartments.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";
const testDataMaskRules = oci.CloudGuard.getDataMaskRules({
compartmentId: compartmentId,
accessLevel: dataMaskRuleAccessLevel,
dataMaskRuleStatus: dataMaskRuleDataMaskRuleStatus,
displayName: dataMaskRuleDisplayName,
iamGroupId: testGroup.id,
state: dataMaskRuleState,
targetId: testTarget.id,
targetType: dataMaskRuleTargetType,
});
import pulumi
import pulumi_oci as oci
test_data_mask_rules = oci.CloudGuard.get_data_mask_rules(compartment_id=compartment_id,
access_level=data_mask_rule_access_level,
data_mask_rule_status=data_mask_rule_data_mask_rule_status,
display_name=data_mask_rule_display_name,
iam_group_id=test_group["id"],
state=data_mask_rule_state,
target_id=test_target["id"],
target_type=data_mask_rule_target_type)
package main
import (
"github.com/pulumi/pulumi-oci/sdk/v2/go/oci/cloudguard"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := cloudguard.GetDataMaskRules(ctx, &cloudguard.GetDataMaskRulesArgs{
CompartmentId: compartmentId,
AccessLevel: pulumi.StringRef(dataMaskRuleAccessLevel),
DataMaskRuleStatus: pulumi.StringRef(dataMaskRuleDataMaskRuleStatus),
DisplayName: pulumi.StringRef(dataMaskRuleDisplayName),
IamGroupId: pulumi.StringRef(testGroup.Id),
State: pulumi.StringRef(dataMaskRuleState),
TargetId: pulumi.StringRef(testTarget.Id),
TargetType: pulumi.StringRef(dataMaskRuleTargetType),
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Oci = Pulumi.Oci;
return await Deployment.RunAsync(() =>
{
var testDataMaskRules = Oci.CloudGuard.GetDataMaskRules.Invoke(new()
{
CompartmentId = compartmentId,
AccessLevel = dataMaskRuleAccessLevel,
DataMaskRuleStatus = dataMaskRuleDataMaskRuleStatus,
DisplayName = dataMaskRuleDisplayName,
IamGroupId = testGroup.Id,
State = dataMaskRuleState,
TargetId = testTarget.Id,
TargetType = dataMaskRuleTargetType,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.CloudGuard.CloudGuardFunctions;
import com.pulumi.oci.CloudGuard.inputs.GetDataMaskRulesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var testDataMaskRules = CloudGuardFunctions.getDataMaskRules(GetDataMaskRulesArgs.builder()
.compartmentId(compartmentId)
.accessLevel(dataMaskRuleAccessLevel)
.dataMaskRuleStatus(dataMaskRuleDataMaskRuleStatus)
.displayName(dataMaskRuleDisplayName)
.iamGroupId(testGroup.id())
.state(dataMaskRuleState)
.targetId(testTarget.id())
.targetType(dataMaskRuleTargetType)
.build());
}
}
variables:
testDataMaskRules:
fn::invoke:
function: oci:CloudGuard:getDataMaskRules
arguments:
compartmentId: ${compartmentId}
accessLevel: ${dataMaskRuleAccessLevel}
dataMaskRuleStatus: ${dataMaskRuleDataMaskRuleStatus}
displayName: ${dataMaskRuleDisplayName}
iamGroupId: ${testGroup.id}
state: ${dataMaskRuleState}
targetId: ${testTarget.id}
targetType: ${dataMaskRuleTargetType}
Using getDataMaskRules
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getDataMaskRules(args: GetDataMaskRulesArgs, opts?: InvokeOptions): Promise<GetDataMaskRulesResult>
function getDataMaskRulesOutput(args: GetDataMaskRulesOutputArgs, opts?: InvokeOptions): Output<GetDataMaskRulesResult>def get_data_mask_rules(access_level: Optional[str] = None,
compartment_id: Optional[str] = None,
data_mask_rule_status: Optional[str] = None,
display_name: Optional[str] = None,
filters: Optional[Sequence[_cloudguard.GetDataMaskRulesFilter]] = None,
iam_group_id: Optional[str] = None,
state: Optional[str] = None,
target_id: Optional[str] = None,
target_type: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetDataMaskRulesResult
def get_data_mask_rules_output(access_level: Optional[pulumi.Input[str]] = None,
compartment_id: Optional[pulumi.Input[str]] = None,
data_mask_rule_status: Optional[pulumi.Input[str]] = None,
display_name: Optional[pulumi.Input[str]] = None,
filters: Optional[pulumi.Input[Sequence[pulumi.Input[_cloudguard.GetDataMaskRulesFilterArgs]]]] = None,
iam_group_id: Optional[pulumi.Input[str]] = None,
state: Optional[pulumi.Input[str]] = None,
target_id: Optional[pulumi.Input[str]] = None,
target_type: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetDataMaskRulesResult]func GetDataMaskRules(ctx *Context, args *GetDataMaskRulesArgs, opts ...InvokeOption) (*GetDataMaskRulesResult, error)
func GetDataMaskRulesOutput(ctx *Context, args *GetDataMaskRulesOutputArgs, opts ...InvokeOption) GetDataMaskRulesResultOutput> Note: This function is named GetDataMaskRules in the Go SDK.
public static class GetDataMaskRules
{
public static Task<GetDataMaskRulesResult> InvokeAsync(GetDataMaskRulesArgs args, InvokeOptions? opts = null)
public static Output<GetDataMaskRulesResult> Invoke(GetDataMaskRulesInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetDataMaskRulesResult> getDataMaskRules(GetDataMaskRulesArgs args, InvokeOptions options)
public static Output<GetDataMaskRulesResult> getDataMaskRules(GetDataMaskRulesArgs args, InvokeOptions options)
fn::invoke:
function: oci:CloudGuard/getDataMaskRules:getDataMaskRules
arguments:
# arguments dictionaryThe following arguments are supported:
- Compartment
Id string - The OCID of the compartment in which to list resources.
- Access
Level string - Valid values are
RESTRICTEDandACCESSIBLE. Default isRESTRICTED. Setting this toACCESSIBLEreturns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set toRESTRICTEDpermissions are checked and no partial results are displayed. - Data
Mask stringRule Status - The status of the data mask rule
- Display
Name string - A filter to return only resources that match the entire display name given.
- Filters
List<Get
Data Mask Rules Filter> - Iam
Group stringId - OCID of the IAM group
- State string
- The field lifecycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.
- Target
Id string - OCID of the target
- Target
Type string - Type of target
- Compartment
Id string - The OCID of the compartment in which to list resources.
- Access
Level string - Valid values are
RESTRICTEDandACCESSIBLE. Default isRESTRICTED. Setting this toACCESSIBLEreturns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set toRESTRICTEDpermissions are checked and no partial results are displayed. - Data
Mask stringRule Status - The status of the data mask rule
- Display
Name string - A filter to return only resources that match the entire display name given.
- Filters
[]Get
Data Mask Rules Filter - Iam
Group stringId - OCID of the IAM group
- State string
- The field lifecycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.
- Target
Id string - OCID of the target
- Target
Type string - Type of target
- compartment
Id String - The OCID of the compartment in which to list resources.
- access
Level String - Valid values are
RESTRICTEDandACCESSIBLE. Default isRESTRICTED. Setting this toACCESSIBLEreturns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set toRESTRICTEDpermissions are checked and no partial results are displayed. - data
Mask StringRule Status - The status of the data mask rule
- display
Name String - A filter to return only resources that match the entire display name given.
- filters
List<Get
Data Mask Rules Filter> - iam
Group StringId - OCID of the IAM group
- state String
- The field lifecycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.
- target
Id String - OCID of the target
- target
Type String - Type of target
- compartment
Id string - The OCID of the compartment in which to list resources.
- access
Level string - Valid values are
RESTRICTEDandACCESSIBLE. Default isRESTRICTED. Setting this toACCESSIBLEreturns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set toRESTRICTEDpermissions are checked and no partial results are displayed. - data
Mask stringRule Status - The status of the data mask rule
- display
Name string - A filter to return only resources that match the entire display name given.
- filters
Get
Data Mask Rules Filter[] - iam
Group stringId - OCID of the IAM group
- state string
- The field lifecycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.
- target
Id string - OCID of the target
- target
Type string - Type of target
- compartment_
id str - The OCID of the compartment in which to list resources.
- access_
level str - Valid values are
RESTRICTEDandACCESSIBLE. Default isRESTRICTED. Setting this toACCESSIBLEreturns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set toRESTRICTEDpermissions are checked and no partial results are displayed. - data_
mask_ strrule_ status - The status of the data mask rule
- display_
name str - A filter to return only resources that match the entire display name given.
- filters
Sequence[cloudguard.
Get Data Mask Rules Filter] - iam_
group_ strid - OCID of the IAM group
- state str
- The field lifecycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.
- target_
id str - OCID of the target
- target_
type str - Type of target
- compartment
Id String - The OCID of the compartment in which to list resources.
- access
Level String - Valid values are
RESTRICTEDandACCESSIBLE. Default isRESTRICTED. Setting this toACCESSIBLEreturns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set toRESTRICTEDpermissions are checked and no partial results are displayed. - data
Mask StringRule Status - The status of the data mask rule
- display
Name String - A filter to return only resources that match the entire display name given.
- filters List<Property Map>
- iam
Group StringId - OCID of the IAM group
- state String
- The field lifecycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.
- target
Id String - OCID of the target
- target
Type String - Type of target
getDataMaskRules Result
The following output properties are available:
- Compartment
Id string - Compartment OCID where the resource is created
- Data
Mask List<GetRule Collections Data Mask Rules Data Mask Rule Collection> - The list of data_mask_rule_collection.
- Id string
- The provider-assigned unique ID for this managed resource.
- Access
Level string - Data
Mask stringRule Status - The current status of the data mask rule
- Display
Name string - Data mask rule display name
- Filters
List<Get
Data Mask Rules Filter> - Iam
Group stringId - IAM Group ID associated with the data mask rule
- State string
- The current lifecycle state of the data mask rule
- Target
Id string - Target
Type string
- Compartment
Id string - Compartment OCID where the resource is created
- Data
Mask []GetRule Collections Data Mask Rules Data Mask Rule Collection - The list of data_mask_rule_collection.
- Id string
- The provider-assigned unique ID for this managed resource.
- Access
Level string - Data
Mask stringRule Status - The current status of the data mask rule
- Display
Name string - Data mask rule display name
- Filters
[]Get
Data Mask Rules Filter - Iam
Group stringId - IAM Group ID associated with the data mask rule
- State string
- The current lifecycle state of the data mask rule
- Target
Id string - Target
Type string
- compartment
Id String - Compartment OCID where the resource is created
- data
Mask List<GetRule Collections Data Mask Rules Data Mask Rule Collection> - The list of data_mask_rule_collection.
- id String
- The provider-assigned unique ID for this managed resource.
- access
Level String - data
Mask StringRule Status - The current status of the data mask rule
- display
Name String - Data mask rule display name
- filters
List<Get
Data Mask Rules Filter> - iam
Group StringId - IAM Group ID associated with the data mask rule
- state String
- The current lifecycle state of the data mask rule
- target
Id String - target
Type String
- compartment
Id string - Compartment OCID where the resource is created
- data
Mask GetRule Collections Data Mask Rules Data Mask Rule Collection[] - The list of data_mask_rule_collection.
- id string
- The provider-assigned unique ID for this managed resource.
- access
Level string - data
Mask stringRule Status - The current status of the data mask rule
- display
Name string - Data mask rule display name
- filters
Get
Data Mask Rules Filter[] - iam
Group stringId - IAM Group ID associated with the data mask rule
- state string
- The current lifecycle state of the data mask rule
- target
Id string - target
Type string
- compartment_
id str - Compartment OCID where the resource is created
- data_
mask_ Sequence[cloudguard.rule_ collections Get Data Mask Rules Data Mask Rule Collection] - The list of data_mask_rule_collection.
- id str
- The provider-assigned unique ID for this managed resource.
- access_
level str - data_
mask_ strrule_ status - The current status of the data mask rule
- display_
name str - Data mask rule display name
- filters
Sequence[cloudguard.
Get Data Mask Rules Filter] - iam_
group_ strid - IAM Group ID associated with the data mask rule
- state str
- The current lifecycle state of the data mask rule
- target_
id str - target_
type str
- compartment
Id String - Compartment OCID where the resource is created
- data
Mask List<Property Map>Rule Collections - The list of data_mask_rule_collection.
- id String
- The provider-assigned unique ID for this managed resource.
- access
Level String - data
Mask StringRule Status - The current status of the data mask rule
- display
Name String - Data mask rule display name
- filters List<Property Map>
- iam
Group StringId - IAM Group ID associated with the data mask rule
- state String
- The current lifecycle state of the data mask rule
- target
Id String - target
Type String
Supporting Types
GetDataMaskRulesDataMaskRuleCollection
GetDataMaskRulesDataMaskRuleCollectionItem
- Compartment
Id string - The OCID of the compartment in which to list resources.
- Data
Mask List<string>Categories - List of data mask rule categories
- Data
Mask stringRule Status - The status of the data mask rule
- Dictionary<string, string>
- Defined tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"foo-namespace.bar-key": "value"} - Description string
- The data mask rule description
- Display
Name string - A filter to return only resources that match the entire display name given.
- Dictionary<string, string>
- Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"} - Iam
Group stringId - OCID of the IAM group
- Id string
- Unique identifier that can't be changed after creation
- Lifecyle
Details string - Additional details on the substate of the lifecycle state [DEPRECATE]
- State string
- The field lifecycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.
- Dictionary<string, string>
- System tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. System tags can be viewed by users, but can only be created by the system. Example:
{"orcl-cloud.free-tier-retained": "true"} - Target
Selecteds List<GetData Mask Rules Data Mask Rule Collection Item Target Selected> - Specification of how targets are to be selected (select ALL, or select by TargetResourceType or TargetId).
- Time
Created string - The date and time the target was created. Format defined by RFC3339.
- Time
Updated string - The date and time the target was updated. Format defined by RFC3339.
- Compartment
Id string - The OCID of the compartment in which to list resources.
- Data
Mask []stringCategories - List of data mask rule categories
- Data
Mask stringRule Status - The status of the data mask rule
- map[string]string
- Defined tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"foo-namespace.bar-key": "value"} - Description string
- The data mask rule description
- Display
Name string - A filter to return only resources that match the entire display name given.
- map[string]string
- Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"} - Iam
Group stringId - OCID of the IAM group
- Id string
- Unique identifier that can't be changed after creation
- Lifecyle
Details string - Additional details on the substate of the lifecycle state [DEPRECATE]
- State string
- The field lifecycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.
- map[string]string
- System tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. System tags can be viewed by users, but can only be created by the system. Example:
{"orcl-cloud.free-tier-retained": "true"} - Target
Selecteds []GetData Mask Rules Data Mask Rule Collection Item Target Selected - Specification of how targets are to be selected (select ALL, or select by TargetResourceType or TargetId).
- Time
Created string - The date and time the target was created. Format defined by RFC3339.
- Time
Updated string - The date and time the target was updated. Format defined by RFC3339.
- compartment
Id String - The OCID of the compartment in which to list resources.
- data
Mask List<String>Categories - List of data mask rule categories
- data
Mask StringRule Status - The status of the data mask rule
- Map<String,String>
- Defined tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"foo-namespace.bar-key": "value"} - description String
- The data mask rule description
- display
Name String - A filter to return only resources that match the entire display name given.
- Map<String,String>
- Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"} - iam
Group StringId - OCID of the IAM group
- id String
- Unique identifier that can't be changed after creation
- lifecyle
Details String - Additional details on the substate of the lifecycle state [DEPRECATE]
- state String
- The field lifecycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.
- Map<String,String>
- System tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. System tags can be viewed by users, but can only be created by the system. Example:
{"orcl-cloud.free-tier-retained": "true"} - target
Selecteds List<GetData Mask Rules Data Mask Rule Collection Item Target Selected> - Specification of how targets are to be selected (select ALL, or select by TargetResourceType or TargetId).
- time
Created String - The date and time the target was created. Format defined by RFC3339.
- time
Updated String - The date and time the target was updated. Format defined by RFC3339.
- compartment
Id string - The OCID of the compartment in which to list resources.
- data
Mask string[]Categories - List of data mask rule categories
- data
Mask stringRule Status - The status of the data mask rule
- {[key: string]: string}
- Defined tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"foo-namespace.bar-key": "value"} - description string
- The data mask rule description
- display
Name string - A filter to return only resources that match the entire display name given.
- {[key: string]: string}
- Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"} - iam
Group stringId - OCID of the IAM group
- id string
- Unique identifier that can't be changed after creation
- lifecyle
Details string - Additional details on the substate of the lifecycle state [DEPRECATE]
- state string
- The field lifecycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.
- {[key: string]: string}
- System tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. System tags can be viewed by users, but can only be created by the system. Example:
{"orcl-cloud.free-tier-retained": "true"} - target
Selecteds GetData Mask Rules Data Mask Rule Collection Item Target Selected[] - Specification of how targets are to be selected (select ALL, or select by TargetResourceType or TargetId).
- time
Created string - The date and time the target was created. Format defined by RFC3339.
- time
Updated string - The date and time the target was updated. Format defined by RFC3339.
- compartment_
id str - The OCID of the compartment in which to list resources.
- data_
mask_ Sequence[str]categories - List of data mask rule categories
- data_
mask_ strrule_ status - The status of the data mask rule
- Mapping[str, str]
- Defined tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"foo-namespace.bar-key": "value"} - description str
- The data mask rule description
- display_
name str - A filter to return only resources that match the entire display name given.
- Mapping[str, str]
- Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"} - iam_
group_ strid - OCID of the IAM group
- id str
- Unique identifier that can't be changed after creation
- lifecyle_
details str - Additional details on the substate of the lifecycle state [DEPRECATE]
- state str
- The field lifecycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.
- Mapping[str, str]
- System tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. System tags can be viewed by users, but can only be created by the system. Example:
{"orcl-cloud.free-tier-retained": "true"} - target_
selecteds Sequence[cloudguard.Get Data Mask Rules Data Mask Rule Collection Item Target Selected] - Specification of how targets are to be selected (select ALL, or select by TargetResourceType or TargetId).
- time_
created str - The date and time the target was created. Format defined by RFC3339.
- time_
updated str - The date and time the target was updated. Format defined by RFC3339.
- compartment
Id String - The OCID of the compartment in which to list resources.
- data
Mask List<String>Categories - List of data mask rule categories
- data
Mask StringRule Status - The status of the data mask rule
- Map<String>
- Defined tags for this resource. Each key is predefined and scoped to a namespace. Example:
{"foo-namespace.bar-key": "value"} - description String
- The data mask rule description
- display
Name String - A filter to return only resources that match the entire display name given.
- Map<String>
- Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:
{"bar-key": "value"} - iam
Group StringId - OCID of the IAM group
- id String
- Unique identifier that can't be changed after creation
- lifecyle
Details String - Additional details on the substate of the lifecycle state [DEPRECATE]
- state String
- The field lifecycle state. Only one state can be provided. Default value for state is active. If no value is specified state is active.
- Map<String>
- System tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. System tags can be viewed by users, but can only be created by the system. Example:
{"orcl-cloud.free-tier-retained": "true"} - target
Selecteds List<Property Map> - Specification of how targets are to be selected (select ALL, or select by TargetResourceType or TargetId).
- time
Created String - The date and time the target was created. Format defined by RFC3339.
- time
Updated String - The date and time the target was updated. Format defined by RFC3339.
GetDataMaskRulesDataMaskRuleCollectionItemTargetSelected
GetDataMaskRulesFilter
Package Details
- Repository
- oci pulumi/pulumi-oci
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
ociTerraform Provider.