Package com.ibm.cloud.ibm_key_protect_api.v2.model

Class SetMultipleInstancePoliciesResourcesItemPolicyDataAttributes

  • All Implemented Interfaces:
    com.ibm.cloud.sdk.core.service.model.ObjectModel
    public class SetMultipleInstancePoliciesResourcesItemPolicyDataAttributes
extends com.ibm.cloud.sdk.core.service.model.GenericModel
    Attributes associated with any instance policy type. Must be provided if the `enabled` field is `true`. Cannot be provided if the `enabled` field is `false`. Only attributes corresponding to the `policy_type` can be provided.

    • Method Detail

      • allowedNetwork

        public String allowedNetwork()
        Gets the allowedNetwork. If set to `public-and-private`, Key Protect allows the instance to be accessible through public and private endpoints. If set to `private-only`, Key Protect restricts the instance to only be accessible through a private endpoint.
        Returns:
        the allowedNetwork

      • allowedIp

        public List<String> allowedIp()
        Gets the allowedIp. A string array of IPv4 or IPv6 CIDR notated subnets that are authorized to interact with the instance. If both `allowedNetwork` and `allowedIP` policies are set, only traffic aligning with both the `allowed_network` allowed network policy attribute and the `allowed_ip` allowed IP policy attribute will be allowed. IPv4 and iIP6 addresses are accepted for public endpoints. Only the IPv4 private network gateway addresses from the array will be authorized to access your instance via private endpoint. **Important:** Once set, accessing your instance may require additional steps. For more information, see [Accessing an instance via public endpoint](/docs/key-protect?topic=key-protect-manage-allowed-ip#access-allowed-ip-public-endpoint) and [Accessing an instance via private endpoint](/docs/key-protect?topic=key-protect-manage-allowed-ip#access-allowed-ip-private-endpoint) for more details. **Note:** An allowed IP policy does not affect requests from other IBM Cloud services.
        Returns:
        the allowedIp

      • createRootKey

        public Boolean createRootKey()
        Gets the createRootKey. If set to `false`, the service prevents you or any authorized users from using Key Protect to create root keys in the specified service instance. If set to `true`, Key Protect allows you or any authorized users to create root keys in the instance. **Note:** If omitted, `POST /instance/policies` will set this attribute to the default value (`true`).
        Returns:
        the createRootKey

      • createStandardKey

        public Boolean createStandardKey()
        Gets the createStandardKey. If set to `false`, the service prevents you or any authorized users from using Key Protect to create standard keys in the specified service instance. If set to `true`, Key Protect allows you or any authorized users to create standard keys in the instance. **Note:** If omitted, `POST /instance/policies` will set this attribute to the default value (`true`).
        Returns:
        the createStandardKey

      • importRootKey

        public Boolean importRootKey()
        Gets the importRootKey. If set to `false`, the service prevents you or any authorized users from importing root keys into the specified service instance. If set to `true`, Key Protect allows you or any authorized users to import root keys into the instance. **Note:** If omitted, `POST /instance/policies` will set this attribute to the default value (`true`).
        Returns:
        the importRootKey

      • importStandardKey

        public Boolean importStandardKey()
        Gets the importStandardKey. If set to `false`, the service prevents you or any authorized users from importing standard keys into the specified service instance. If set to `true`, Key Protect allows you or any authorized users to import standard keys into the instance. **Note:** If omitted, `POST /instance/policies` will set this attribute to the default value (`true`).
        Returns:
        the importStandardKey

      • enforceToken

        public Boolean enforceToken()
        Gets the enforceToken. If set to `true`, the service prevents you or any authorized users from importing key material into the specified service instance without using an import token. If set to `false`, Key Protect allows you or any authorized users to import key material into the instance without the use of an import token. **Note:** If omitted, `POST /instance/policies` will set this attribute to the default value (`false`).
        Returns:
        the enforceToken

      • intervalMonth

        public Long intervalMonth()
        Gets the intervalMonth. Specifies the key rotation time interval in approximate months, where a month is equivalent to 30 days. A minimum of 1 and a maximum of 12 can be set.
        Returns:
        the intervalMonth