Service-specific Condition Keys Supported by COC
Request conditions are useful in determining when a custom policy is in effect. A request condition consists of condition keys and operators. Condition keys are either global or service-specific and are used in the Condition element of a policy statement. Global condition keys (starting with g:) are available for operations of all services, while service-level condition keys (starting with a service name such as coc) are available only for operations of a specific service. An operator must be used together with a condition key to form a complete condition statement.
|
Service-specific Condition Key |
Type |
Single-valued/Multivalued |
Description |
|---|---|---|---|
|
coc:TicketLevel |
String |
Single-valued |
Filters access based on the ticket level in the request parameter. |
|
coc:TicketCurrentHandlers |
String |
Multivalued |
Filters access based on the ticket operator in the request parameter. |
|
coc:TicketStatus |
String |
Single-valued |
Filters access based on the ticket status in the request parameter. |
|
coc:TicketType |
String |
Single-valued |
Filters access based on the ticket type in the request parameter. |
|
coc:TicketBeginTime |
date |
Single-valued |
Filters access based on the ticket start time in the request parameter. |
|
coc:TicketEndTime |
date |
Single-valued |
Filters access based on the ticket end time in the request parameter. |
|
coc:OperatorName |
String |
Single-valued |
Filters access based on the operator in the request parameter. |
|
coc:RequestTarget |
String |
Single-valued |
Filters access based on the privilege escalation application in the request parameter. |
|
coc:TicketTarget |
String |
Multivalued |
Filters access based on the ticket application in the request parameter. |
|
coc:TicketScope |
String |
Multivalued |
Filters access based on the ticket scope in the request parameter. |
|
coc:RequestScope |
String |
Single-valued |
Filters access based on the privilege escalation scope in the request. |
|
coc:EscapeSwitchIsEnabled |
boolean |
Single-valued |
Filters access based on the escape switch in the request parameter. |
|
coc:Creator |
String |
Single-valued |
Filters access based on the creator of resource in COC. |
|
coc:Executor |
String |
Single-valued |
Filters access based on the executor specified by the service ticket in COC. |
|
coc:DocumentRiskLevel |
String |
Single-valued |
Filters access based on the document risk level specified in the request parameter. |
|
coc:JobType |
String |
Single-valued |
Filters access based on the service ticket type specified in the request parameter. |
|
coc:ApplicationCode |
String |
Multivalued |
Filters access based on the application code specified in the request parameter. |
|
coc:ApplicationGroupCode |
String |
Single-valued |
Filters access based on the application group code specified in the request parameter. |
|
coc:AttackTargetType |
String |
Single-valued |
Filters access based on the attack target type specified in the request parameter. |
|
coc:QuickSetupType |
String |
Single-valued |
Filters access based on the request configuration type specified in the request parameter. |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
