Class: OCI::Identity::IdentityClient

Inherits:

Object

• Object
• OCI::Identity::IdentityClient

Defined in:

lib/oci/identity/identity_client.rb

Instance Attribute Summary

• #api_client ⇒ OCI::ApiClient readonly

  Client used to make HTTP requests.

• #endpoint ⇒ String readonly

  Fully qualified endpoint URL.

• #region ⇒ String

  The region, which will usually correspond to a value in Regions::REGION_ENUM.

Instance Method Summary

• #add_user_to_group(add_user_to_group_details, opts = {}) ⇒ Response

  Adds the specified user to the specified group and returns a ‘UserGroupMembership` object with its own OCID.

• #create_compartment(create_compartment_details, opts = {}) ⇒ Response

  Creates a new compartment in your tenancy.

• #create_customer_secret_key(create_customer_secret_key_details, user_id, opts = {}) ⇒ Response

  Creates a new secret key for the specified user.

• #create_group(create_group_details, opts = {}) ⇒ Response

  Creates a new group in your tenancy.

• #create_identity_provider(create_identity_provider_details, opts = {}) ⇒ Response

  Creates a new identity provider in your tenancy.

• #create_idp_group_mapping(create_idp_group_mapping_details, identity_provider_id, opts = {}) ⇒ Response

  Creates a single mapping between an IdP group and an IAM Service Group.

• #create_or_reset_ui_password(user_id, opts = {}) ⇒ Response

  Creates a new Console one-time password for the specified user.

• #create_policy(create_policy_details, opts = {}) ⇒ Response

  Creates a new policy in the specified compartment (either the tenancy or another of your compartments).

• #create_region_subscription(create_region_subscription_details, tenancy_id, opts = {}) ⇒ Response

  Creates a subscription to a region for a tenancy.

• #create_swift_password(create_swift_password_details, user_id, opts = {}) ⇒ Response

  Creates a new Swift password for the specified user.

• #create_user(create_user_details, opts = {}) ⇒ Response

  Creates a new user in your tenancy.

• #delete_api_key(user_id, fingerprint, opts = {}) ⇒ Response

  Deletes the specified API signing key for the specified user.

• #delete_customer_secret_key(user_id, customer_secret_key_id, opts = {}) ⇒ Response

  Deletes the specified secret key for the specified user.

• #delete_group(group_id, opts = {}) ⇒ Response

  Deletes the specified group.

• #delete_identity_provider(identity_provider_id, opts = {}) ⇒ Response

  Deletes the specified identity provider.

• #delete_idp_group_mapping(identity_provider_id, mapping_id, opts = {}) ⇒ Response

  Deletes the specified group mapping.

• #delete_policy(policy_id, opts = {}) ⇒ Response

  Deletes the specified policy.

• #delete_swift_password(user_id, swift_password_id, opts = {}) ⇒ Response

  Deletes the specified Swift password for the specified user.

• #delete_user(user_id, opts = {}) ⇒ Response

  Deletes the specified user.

• #get_compartment(compartment_id, opts = {}) ⇒ Response

  Gets the specified compartment’s information.

• #get_group(group_id, opts = {}) ⇒ Response

  Gets the specified group’s information.

• #get_identity_provider(identity_provider_id, opts = {}) ⇒ Response

  Gets the specified identity provider’s information.

• #get_idp_group_mapping(identity_provider_id, mapping_id, opts = {}) ⇒ Response

  Gets the specified group mapping.

• #get_policy(policy_id, opts = {}) ⇒ Response

  Gets the specified policy’s information.

• #get_tenancy(tenancy_id, opts = {}) ⇒ Response

  Get the specified tenancy’s information.

• #get_user(user_id, opts = {}) ⇒ Response

  Gets the specified user’s information.

• #get_user_group_membership(user_group_membership_id, opts = {}) ⇒ Response

  Gets the specified UserGroupMembership’s information.

• #initialize(config: nil, region: nil) ⇒ IdentityClient constructor

  Creates a new IdentityClient.

• #list_api_keys(user_id, opts = {}) ⇒ Response

  Lists the API signing keys for the specified user.

• #list_availability_domains(compartment_id, opts = {}) ⇒ Response

  Lists the Availability Domains in your tenancy.

• #list_compartments(compartment_id, opts = {}) ⇒ Response

  Lists the compartments in your tenancy.

• #list_customer_secret_keys(user_id, opts = {}) ⇒ Response

  Lists the secret keys for the specified user.

• #list_groups(compartment_id, opts = {}) ⇒ Response

  Lists the groups in your tenancy.

• #list_identity_providers(protocol, compartment_id, opts = {}) ⇒ Response

  Lists all the identity providers in your tenancy.

• #list_idp_group_mappings(identity_provider_id, opts = {}) ⇒ Response

  Lists the group mappings for the specified identity provider.

• #list_policies(compartment_id, opts = {}) ⇒ Response

  Lists the policies in the specified compartment (either the tenancy or another of your compartments).

• #list_region_subscriptions(tenancy_id, opts = {}) ⇒ Response

  Lists the region subscriptions for the specified tenancy.

• #list_regions(opts = {}) ⇒ Response

  Lists all the regions offered by Oracle Bare Metal Cloud Services.

• #list_swift_passwords(user_id, opts = {}) ⇒ Response

  Lists the Swift passwords for the specified user.

• #list_user_group_memberships(compartment_id, opts = {}) ⇒ Response

  Lists the ‘UserGroupMembership` objects in your tenancy.

• #list_users(compartment_id, opts = {}) ⇒ Response

  Lists the users in your tenancy.

• #logger ⇒ Logger

  The logger for this client.

• #remove_user_from_group(user_group_membership_id, opts = {}) ⇒ Response

  Removes a user from a group by deleting the corresponding ‘UserGroupMembership`.

• #update_compartment(compartment_id, update_compartment_details, opts = {}) ⇒ Response

  Updates the specified compartment’s description.

• #update_customer_secret_key(user_id, customer_secret_key_id, update_customer_secret_key_details, opts = {}) ⇒ Response

  Updates the specified secret key’s description.

• #update_group(group_id, update_group_details, opts = {}) ⇒ Response

  Updates the specified group.

• #update_identity_provider(identity_provider_id, update_identity_provider_details, opts = {}) ⇒ Response

  Updates the specified identity provider.

• #update_idp_group_mapping(identity_provider_id, mapping_id, update_idp_group_mapping_details, opts = {}) ⇒ Response

  Updates the specified group mapping.

• #update_policy(policy_id, update_policy_details, opts = {}) ⇒ Response

  Updates the specified policy.

• #update_swift_password(user_id, swift_password_id, update_swift_password_details, opts = {}) ⇒ Response

  Updates the specified Swift password’s description.

• #update_user(user_id, update_user_details, opts = {}) ⇒ Response

  Updates the description of the specified user.

• #update_user_state(user_id, update_state_details, opts = {}) ⇒ Response

  Updates the state of the specified user.

• #upload_api_key(user_id, create_api_key_details, opts = {}) ⇒ Response

  Uploads an API signing key for the specified user.

Constructor Details

#initialize(config: nil, region: nil) ⇒ IdentityClient

Creates a new IdentityClient. If a config is not specified, then the global OCI.config will be used.

A region must be specified in either the config or the region parameter. If specified in both, then the region parameter will be used.

Parameters:

• config (Config) (defaults to: nil) —

  A Config object.

• region (String) (defaults to: nil) —

  A region used to determine the service endpoint. This will usually correspond to a value in Regions::REGION_ENUM, but may be an arbitrary string.

# File 'lib/oci/identity/identity_client.rb', line 32

def initialize(config:nil, region:nil)
  config ||= OCI.config
  config.validate

  signer = Signer.new(config.user, config.fingerprint, config.tenancy, config.key_file, pass_phrase: config.pass_phrase, private_key_content: config.key_content)
  @api_client = ApiClient.new(config, signer)

  region ||= config.region
  self.region = region
end

Instance Attribute Details

#api_client ⇒ OCI::ApiClient (readonly)

Client used to make HTTP requests.

Returns:

• (OCI::ApiClient)

# File 'lib/oci/identity/identity_client.rb', line 12

def api_client
  @api_client
end

#endpoint ⇒ String (readonly)

Fully qualified endpoint URL

Returns:

• (String)

# File 'lib/oci/identity/identity_client.rb', line 16

def endpoint
  @endpoint
end

#region ⇒ String

The region, which will usually correspond to a value in Regions::REGION_ENUM.

Returns:

• (String)

# File 'lib/oci/identity/identity_client.rb', line 20

def region
  @region
end

Instance Method Details

#add_user_to_group(add_user_to_group_details, opts = {}) ⇒ Response

Adds the specified user to the specified group and returns a ‘UserGroupMembership` object with its own OCID.

After you send your request, the new object’s ‘lifecycleState` will temporarily be CREATING. Before using the object, first make sure its `lifecycleState` has changed to ACTIVE.

Parameters:

• add_user_to_group_details (AddUserToGroupDetails) —

  Request object for adding a user to a group.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :opc_retry_token (String) —

  A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected).

Returns:

• (Response) —

  A Response object with data of type OCI::Identity::Models::UserGroupMembership

# File 'lib/oci/identity/identity_client.rb', line 75

def add_user_to_group(add_user_to_group_details, opts = {})
  logger.debug "Calling operation IdentityClient#add_user_to_group." if logger

  fail "Missing the required parameter 'add_user_to_group_details' when calling add_user_to_group." if add_user_to_group_details.nil?

  path = "/userGroupMemberships/"

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'opc-retry-token'] = opts[:'opc_retry_token'] if opts[:'opc_retry_token']

  post_body = @api_client.object_to_http_body(add_user_to_group_details)

  return @api_client.call_api(
    :POST,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OCI::Identity::Models::UserGroupMembership')
end

#create_compartment(create_compartment_details, opts = {}) ⇒ Response

Creates a new compartment in your tenancy.

Important: Compartments cannot be renamed or deleted.

You must specify your tenancy’s OCID as the compartment ID in the request object. Remember that the tenancy is simply the root compartment. For information about OCIDs, see [Resource Identifiers](docs.us-phoenix-1.oraclecloud.com/Content/General/Concepts/identifiers.htm).

You must also specify a name for the compartment, which must be unique across all compartments in your tenancy and cannot be changed. You can use this name or the OCID when writing policies that apply to the compartment. For more information about policies, see [How Policies Work](docs.us-phoenix-1.oraclecloud.com/Content/Identity/Concepts/policies.htm).

You must also specify a description for the compartment (although it can be an empty string). It does not have to be unique, and you can change it anytime with update_compartment.

After you send your request, the new object’s ‘lifecycleState` will temporarily be CREATING. Before using the object, first make sure its `lifecycleState` has changed to ACTIVE.

Parameters:

• create_compartment_details (CreateCompartmentDetails) —

  Request object for creating a new compartment.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :opc_retry_token (String) —

  A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected).

Returns:

• (Response) —

  A Response object with data of type OCI::Identity::Models::Compartment

# File 'lib/oci/identity/identity_client.rb', line 132

def create_compartment(create_compartment_details, opts = {})
  logger.debug "Calling operation IdentityClient#create_compartment." if logger

  fail "Missing the required parameter 'create_compartment_details' when calling create_compartment." if create_compartment_details.nil?

  path = "/compartments/"

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'opc-retry-token'] = opts[:'opc_retry_token'] if opts[:'opc_retry_token']

  post_body = @api_client.object_to_http_body(create_compartment_details)

  return @api_client.call_api(
    :POST,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OCI::Identity::Models::Compartment')
end

#create_customer_secret_key(create_customer_secret_key_details, user_id, opts = {}) ⇒ Response

Creates a new secret key for the specified user. Secret keys are used for authentication with the Object Storage Service’s Amazon S3 compatible API. For information, see [Managing User Credentials](docs.us-phoenix-1.oraclecloud.com/Content/Identity/Tasks/managingcredentials.htm).

You must specify a description for the secret key (although it can be an empty string). It does not have to be unique, and you can change it anytime with update_customer_secret_key.

Every user has permission to create a secret key for *their own user ID*. An administrator in your organization does not need to write a policy to give users this ability. To compare, administrators who have permission to the tenancy can use this operation to create a secret key for any user, including themselves.

Parameters:

• create_customer_secret_key_details (CreateCustomerSecretKeyDetails) —

  Request object for creating a new secret key.

• user_id (String) —

  The OCID of the user.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :opc_retry_token (String) —

  A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected).

Returns:

• (Response) —

  A Response object with data of type OCI::Identity::Models::CustomerSecretKey

# File 'lib/oci/identity/identity_client.rb', line 182

def create_customer_secret_key(create_customer_secret_key_details, user_id, opts = {})
  logger.debug "Calling operation IdentityClient#create_customer_secret_key." if logger

  fail "Missing the required parameter 'create_customer_secret_key_details' when calling create_customer_secret_key." if create_customer_secret_key_details.nil?
  fail "Missing the required parameter 'user_id' when calling create_customer_secret_key." if user_id.nil?

  path = "/users/{userId}/customerSecretKeys/".sub('{userId}', user_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'opc-retry-token'] = opts[:'opc_retry_token'] if opts[:'opc_retry_token']

  post_body = @api_client.object_to_http_body(create_customer_secret_key_details)

  return @api_client.call_api(
    :POST,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OCI::Identity::Models::CustomerSecretKey')
end

#create_group(create_group_details, opts = {}) ⇒ Response

Creates a new group in your tenancy.

You must specify your tenancy’s OCID as the compartment ID in the request object (remember that the tenancy is simply the root compartment). Notice that IAM resources (users, groups, compartments, and some policies) reside within the tenancy itself, unlike cloud resources such as compute instances, which typically reside within compartments inside the tenancy. For information about OCIDs, see [Resource Identifiers](docs.us-phoenix-1.oraclecloud.com/Content/General/Concepts/identifiers.htm).

You must also specify a name for the group, which must be unique across all groups in your tenancy and cannot be changed. You can use this name or the OCID when writing policies that apply to the group. For more information about policies, see [How Policies Work](docs.us-phoenix-1.oraclecloud.com/Content/Identity/Concepts/policies.htm).

You must also specify a description for the group (although it can be an empty string). It does not have to be unique, and you can change it anytime with update_group.

After you send your request, the new object’s ‘lifecycleState` will temporarily be CREATING. Before using the object, first make sure its `lifecycleState` has changed to ACTIVE.

After creating the group, you need to put users in it and write policies for it. See add_user_to_group and create_policy.

Parameters:

• create_group_details (CreateGroupDetails) —

  Request object for creating a new group.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :opc_retry_token (String) —

  A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected).

Returns:

• (Response) —

  A Response object with data of type OCI::Identity::Models::Group

# File 'lib/oci/identity/identity_client.rb', line 242

def create_group(create_group_details, opts = {})
  logger.debug "Calling operation IdentityClient#create_group." if logger

  fail "Missing the required parameter 'create_group_details' when calling create_group." if create_group_details.nil?

  path = "/groups/"

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'opc-retry-token'] = opts[:'opc_retry_token'] if opts[:'opc_retry_token']

  post_body = @api_client.object_to_http_body(create_group_details)

  return @api_client.call_api(
    :POST,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OCI::Identity::Models::Group')
end

#create_identity_provider(create_identity_provider_details, opts = {}) ⇒ Response

Creates a new identity provider in your tenancy. For more information, see [Identity Providers and Federation](docs.us-phoenix-1.oraclecloud.com/Content/Identity/Concepts/federation.htm).

You must specify your tenancy’s OCID as the compartment ID in the request object. Remember that the tenancy is simply the root compartment. For information about OCIDs, see [Resource Identifiers](docs.us-phoenix-1.oraclecloud.com/Content/General/Concepts/identifiers.htm).

You must also specify a name for the ‘IdentityProvider`, which must be unique across all `IdentityProvider` objects in your tenancy and cannot be changed.

You must also specify a description for the ‘IdentityProvider` (although it can be an empty string). It does not have to be unique, and you can change it anytime with update_identity_provider.

After you send your request, the new object’s ‘lifecycleState` will temporarily be CREATING. Before using the object, first make sure its `lifecycleState` has changed to ACTIVE.

Parameters:

• create_identity_provider_details (CreateIdentityProviderDetails) —

  Request object for creating a new SAML2 identity provider.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :opc_retry_token (String) —

  A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected).

Returns:

• (Response) —

  A Response object with data of type OCI::Identity::Models::IdentityProvider

# File 'lib/oci/identity/identity_client.rb', line 298

def create_identity_provider(create_identity_provider_details, opts = {})
  logger.debug "Calling operation IdentityClient#create_identity_provider." if logger

  fail "Missing the required parameter 'create_identity_provider_details' when calling create_identity_provider." if create_identity_provider_details.nil?

  path = "/identityProviders/"

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'opc-retry-token'] = opts[:'opc_retry_token'] if opts[:'opc_retry_token']

  post_body = @api_client.object_to_http_body(create_identity_provider_details)

  return @api_client.call_api(
    :POST,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OCI::Identity::Models::IdentityProvider')
end

#create_idp_group_mapping(create_idp_group_mapping_details, identity_provider_id, opts = {}) ⇒ Response

Creates a single mapping between an IdP group and an IAM Service Group.

Parameters:

• create_idp_group_mapping_details (CreateIdpGroupMappingDetails) —

  Add a mapping from an SAML2.0 identity provider group to a BMC group.

• identity_provider_id (String) —

  The OCID of the identity provider.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :opc_retry_token (String) —

  A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected).

Returns:

• (Response) —

  A Response object with data of type OCI::Identity::Models::IdpGroupMapping

# File 'lib/oci/identity/identity_client.rb', line 339

def create_idp_group_mapping(create_idp_group_mapping_details, identity_provider_id, opts = {})
  logger.debug "Calling operation IdentityClient#create_idp_group_mapping." if logger

  fail "Missing the required parameter 'create_idp_group_mapping_details' when calling create_idp_group_mapping." if create_idp_group_mapping_details.nil?
  fail "Missing the required parameter 'identity_provider_id' when calling create_idp_group_mapping." if identity_provider_id.nil?

  path = "/identityProviders/{identityProviderId}/groupMappings/".sub('{identityProviderId}', identity_provider_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'opc-retry-token'] = opts[:'opc_retry_token'] if opts[:'opc_retry_token']

  post_body = @api_client.object_to_http_body(create_idp_group_mapping_details)

  return @api_client.call_api(
    :POST,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OCI::Identity::Models::IdpGroupMapping')
end

#create_or_reset_ui_password(user_id, opts = {}) ⇒ Response

Creates a new Console one-time password for the specified user. For more information about user credentials, see [User Credentials](docs.us-phoenix-1.oraclecloud.com/Content/Identity/Concepts/usercredentials.htm).

Use this operation after creating a new user, or if a user forgets their password. The new one-time password is returned to you in the response, and you must securely deliver it to the user. They’ll be prompted to change this password the next time they sign in to the Console. If they don’t change it within 7 days, the password will expire and you’ll need to create a new one-time password for the user.

Note: The user’s Console login is the unique name you specified when you created the user (see create_user).

Parameters:

• user_id (String) —

  The OCID of the user.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :opc_retry_token (String) —

  A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected).

Returns:

• (Response) —

  A Response object with data of type OCI::Identity::Models::UIPassword

# File 'lib/oci/identity/identity_client.rb', line 389

def create_or_reset_ui_password(user_id, opts = {})
  logger.debug "Calling operation IdentityClient#create_or_reset_ui_password." if logger

  fail "Missing the required parameter 'user_id' when calling create_or_reset_ui_password." if user_id.nil?

  path = "/users/{userId}/uiPassword".sub('{userId}', user_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'opc-retry-token'] = opts[:'opc_retry_token'] if opts[:'opc_retry_token']

  post_body = nil

  return @api_client.call_api(
    :POST,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OCI::Identity::Models::UIPassword')
end

#create_policy(create_policy_details, opts = {}) ⇒ Response

Creates a new policy in the specified compartment (either the tenancy or another of your compartments). If you’re new to policies, see [Getting Started with Policies](docs.us-phoenix-1.oraclecloud.com/Content/Identity/Concepts/policygetstarted.htm).

You must specify a name for the policy, which must be unique across all policies in your tenancy and cannot be changed.

You must also specify a description for the policy (although it can be an empty string). It does not have to be unique, and you can change it anytime with update_policy.

You must specify one or more policy statements in the statements array. For information about writing policies, see [How Policies Work](docs.us-phoenix-1.oraclecloud.com/Content/Identity/Concepts/policies.htm) and [Common Policies](docs.us-phoenix-1.oraclecloud.com/Content/Identity/Concepts/commonpolicies.htm).

After you send your request, the new object’s ‘lifecycleState` will temporarily be CREATING. Before using the object, first make sure its `lifecycleState` has changed to ACTIVE.

New policies take effect typically within 10 seconds.

Parameters:

• create_policy_details (CreatePolicyDetails) —

  Request object for creating a new policy.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :opc_retry_token (String) —

  A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected).

Returns:

• (Response) —

  A Response object with data of type OCI::Identity::Models::Policy

# File 'lib/oci/identity/identity_client.rb', line 444

def create_policy(create_policy_details, opts = {})
  logger.debug "Calling operation IdentityClient#create_policy." if logger

  fail "Missing the required parameter 'create_policy_details' when calling create_policy." if create_policy_details.nil?

  path = "/policies/"

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'opc-retry-token'] = opts[:'opc_retry_token'] if opts[:'opc_retry_token']

  post_body = @api_client.object_to_http_body(create_policy_details)

  return @api_client.call_api(
    :POST,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OCI::Identity::Models::Policy')
end

#create_region_subscription(create_region_subscription_details, tenancy_id, opts = {}) ⇒ Response

Creates a subscription to a region for a tenancy.

Parameters:

• create_region_subscription_details (CreateRegionSubscriptionDetails) —

  Request object for activate a new region.

• tenancy_id (String) —

  The OCID of the tenancy.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :opc_retry_token (String) —

  A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected).

Returns:

• (Response) —

  A Response object with data of type OCI::Identity::Models::RegionSubscription

# File 'lib/oci/identity/identity_client.rb', line 484

def create_region_subscription(create_region_subscription_details, tenancy_id, opts = {})
  logger.debug "Calling operation IdentityClient#create_region_subscription." if logger

  fail "Missing the required parameter 'create_region_subscription_details' when calling create_region_subscription." if create_region_subscription_details.nil?
  fail "Missing the required parameter 'tenancy_id' when calling create_region_subscription." if tenancy_id.nil?

  path = "/tenancies/{tenancyId}/regionSubscriptions".sub('{tenancyId}', tenancy_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'opc-retry-token'] = opts[:'opc_retry_token'] if opts[:'opc_retry_token']

  post_body = @api_client.object_to_http_body(create_region_subscription_details)

  return @api_client.call_api(
    :POST,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OCI::Identity::Models::RegionSubscription')
end

#create_swift_password(create_swift_password_details, user_id, opts = {}) ⇒ Response

Creates a new Swift password for the specified user. For information about what Swift passwords are for, see [Managing User Credentials](docs.us-phoenix-1.oraclecloud.com/Content/Identity/Tasks/managingcredentials.htm).

You must specify a description for the Swift password (although it can be an empty string). It does not have to be unique, and you can change it anytime with update_swift_password.

Every user has permission to create a Swift password for *their own user ID*. An administrator in your organization does not need to write a policy to give users this ability. To compare, administrators who have permission to the tenancy can use this operation to create a Swift password for any user, including themselves.

Parameters:

• create_swift_password_details (CreateSwiftPasswordDetails) —

  Request object for creating a new swift password.

• user_id (String) —

  The OCID of the user.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :opc_retry_token (String) —

  A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected).

Returns:

• (Response) —

  A Response object with data of type OCI::Identity::Models::SwiftPassword

# File 'lib/oci/identity/identity_client.rb', line 534

def create_swift_password(create_swift_password_details, user_id, opts = {})
  logger.debug "Calling operation IdentityClient#create_swift_password." if logger

  fail "Missing the required parameter 'create_swift_password_details' when calling create_swift_password." if create_swift_password_details.nil?
  fail "Missing the required parameter 'user_id' when calling create_swift_password." if user_id.nil?

  path = "/users/{userId}/swiftPasswords/".sub('{userId}', user_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'opc-retry-token'] = opts[:'opc_retry_token'] if opts[:'opc_retry_token']

  post_body = @api_client.object_to_http_body(create_swift_password_details)

  return @api_client.call_api(
    :POST,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OCI::Identity::Models::SwiftPassword')
end

#create_user(create_user_details, opts = {}) ⇒ Response

Creates a new user in your tenancy. For conceptual information about users, your tenancy, and other IAM Service components, see [Overview of the IAM Service](docs.us-phoenix-1.oraclecloud.com/Content/Identity/Concepts/overview.htm).

You must specify your tenancy’s OCID as the compartment ID in the request object (remember that the tenancy is simply the root compartment). Notice that IAM resources (users, groups, compartments, and some policies) reside within the tenancy itself, unlike cloud resources such as compute instances, which typically reside within compartments inside the tenancy. For information about OCIDs, see [Resource Identifiers](docs.us-phoenix-1.oraclecloud.com/Content/General/Concepts/identifiers.htm).

You must also specify a name for the user, which must be unique across all users in your tenancy and cannot be changed. Allowed characters: No spaces. Only letters, numerals, hyphens, periods, underscores, +, and @. If you specify a name that’s already in use, you’ll get a 409 error. This name will be the user’s login to the Console. You might want to pick a name that your company’s own identity system (e.g., Active Directory, LDAP, etc.) already uses. If you delete a user and then create a new user with the same name, they’ll be considered different users because they have different OCIDs.

You must also specify a description for the user (although it can be an empty string). It does not have to be unique, and you can change it anytime with update_user. You can use the field to provide the user’s full name, a description, a nickname, or other information to generally identify the user.

After you send your request, the new object’s ‘lifecycleState` will temporarily be CREATING. Before using the object, first make sure its `lifecycleState` has changed to ACTIVE.

A new user has no permissions until you place the user in one or more groups (see add_user_to_group). If the user needs to access the Console, you need to provide the user a password (see create_or_reset_ui_password). If the user needs to access the Oracle Bare Metal Cloud Services REST API, you need to upload a public API signing key for that user (see [Required Keys and OCIDs](docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm) and also upload_api_key).

Important: Make sure to inform the new user which compartment(s) they have access to.

Parameters:

• create_user_details (CreateUserDetails) —

  Request object for creating a new user.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :opc_retry_token (String) —

  A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected).

Returns:

• (Response) —

  A Response object with data of type OCI::Identity::Models::User

# File 'lib/oci/identity/identity_client.rb', line 608

def create_user(create_user_details, opts = {})
  logger.debug "Calling operation IdentityClient#create_user." if logger

  fail "Missing the required parameter 'create_user_details' when calling create_user." if create_user_details.nil?

  path = "/users/"

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'opc-retry-token'] = opts[:'opc_retry_token'] if opts[:'opc_retry_token']

  post_body = @api_client.object_to_http_body(create_user_details)

  return @api_client.call_api(
    :POST,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OCI::Identity::Models::User')
end

#delete_api_key(user_id, fingerprint, opts = {}) ⇒ Response

Deletes the specified API signing key for the specified user.

Every user has permission to use this operation to delete a key for *their own user ID*. An administrator in your organization does not need to write a policy to give users this ability. To compare, administrators who have permission to the tenancy can use this operation to delete a key for any user, including themselves.

Parameters:

• user_id (String) —

  The OCID of the user.

• fingerprint (String) —

  The key’s fingerprint.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :if_match (String) —

  For optimistic concurrency control. In the PUT or DELETE call for a resource, set the ‘if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

Returns:

• (Response) —

  A Response object with data of type nil

# File 'lib/oci/identity/identity_client.rb', line 651

def delete_api_key(user_id, fingerprint, opts = {})
  logger.debug "Calling operation IdentityClient#delete_api_key." if logger

  fail "Missing the required parameter 'user_id' when calling delete_api_key." if user_id.nil?
  fail "Missing the required parameter 'fingerprint' when calling delete_api_key." if fingerprint.nil?

  path = "/users/{userId}/apiKeys/{fingerprint}".sub('{userId}', user_id.to_s).sub('{fingerprint}', fingerprint.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'if-match'] = opts[:'if_match'] if opts[:'if_match']

  post_body = nil

  return @api_client.call_api(
    :DELETE,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body)
end

#delete_customer_secret_key(user_id, customer_secret_key_id, opts = {}) ⇒ Response

Deletes the specified secret key for the specified user.

Parameters:

• user_id (String) —

  The OCID of the user.

• customer_secret_key_id (String) —

  The OCID of the secret key.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :if_match (String) —

  For optimistic concurrency control. In the PUT or DELETE call for a resource, set the ‘if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

Returns:

• (Response) —

  A Response object with data of type nil

# File 'lib/oci/identity/identity_client.rb', line 689

def delete_customer_secret_key(user_id, customer_secret_key_id, opts = {})
  logger.debug "Calling operation IdentityClient#delete_customer_secret_key." if logger

  fail "Missing the required parameter 'user_id' when calling delete_customer_secret_key." if user_id.nil?
  fail "Missing the required parameter 'customer_secret_key_id' when calling delete_customer_secret_key." if customer_secret_key_id.nil?

  path = "/users/{userId}/customerSecretKeys/{customerSecretKeyId}".sub('{userId}', user_id.to_s).sub('{customerSecretKeyId}', customer_secret_key_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'if-match'] = opts[:'if_match'] if opts[:'if_match']

  post_body = nil

  return @api_client.call_api(
    :DELETE,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body)
end

#delete_group(group_id, opts = {}) ⇒ Response

Deletes the specified group. The group must be empty.

Parameters:

• group_id (String) —

  The OCID of the group.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :if_match (String) —

  For optimistic concurrency control. In the PUT or DELETE call for a resource, set the ‘if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

Returns:

• (Response) —

  A Response object with data of type nil

# File 'lib/oci/identity/identity_client.rb', line 726

def delete_group(group_id, opts = {})
  logger.debug "Calling operation IdentityClient#delete_group." if logger

  fail "Missing the required parameter 'group_id' when calling delete_group." if group_id.nil?

  path = "/groups/{groupId}".sub('{groupId}', group_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'if-match'] = opts[:'if_match'] if opts[:'if_match']

  post_body = nil

  return @api_client.call_api(
    :DELETE,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body)
end

#delete_identity_provider(identity_provider_id, opts = {}) ⇒ Response

Deletes the specified identity provider. The identity provider must not have any group mappings (see IdpGroupMapping).

Parameters:

• identity_provider_id (String) —

  The OCID of the identity provider.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :if_match (String) —

  For optimistic concurrency control. In the PUT or DELETE call for a resource, set the ‘if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

Returns:

• (Response) —

  A Response object with data of type nil

# File 'lib/oci/identity/identity_client.rb', line 763

def delete_identity_provider(identity_provider_id, opts = {})
  logger.debug "Calling operation IdentityClient#delete_identity_provider." if logger

  fail "Missing the required parameter 'identity_provider_id' when calling delete_identity_provider." if identity_provider_id.nil?

  path = "/identityProviders/{identityProviderId}".sub('{identityProviderId}', identity_provider_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'if-match'] = opts[:'if_match'] if opts[:'if_match']

  post_body = nil

  return @api_client.call_api(
    :DELETE,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body)
end

#delete_idp_group_mapping(identity_provider_id, mapping_id, opts = {}) ⇒ Response

Deletes the specified group mapping.

Parameters:

• identity_provider_id (String) —

  The OCID of the identity provider.

• mapping_id (String) —

  The OCID of the group mapping.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :if_match (String) —

  For optimistic concurrency control. In the PUT or DELETE call for a resource, set the ‘if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

Returns:

• (Response) —

  A Response object with data of type nil

# File 'lib/oci/identity/identity_client.rb', line 799

def delete_idp_group_mapping(identity_provider_id, mapping_id, opts = {})
  logger.debug "Calling operation IdentityClient#delete_idp_group_mapping." if logger

  fail "Missing the required parameter 'identity_provider_id' when calling delete_idp_group_mapping." if identity_provider_id.nil?
  fail "Missing the required parameter 'mapping_id' when calling delete_idp_group_mapping." if mapping_id.nil?

  path = "/identityProviders/{identityProviderId}/groupMappings/{mappingId}".sub('{identityProviderId}', identity_provider_id.to_s).sub('{mappingId}', mapping_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'if-match'] = opts[:'if_match'] if opts[:'if_match']

  post_body = nil

  return @api_client.call_api(
    :DELETE,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body)
end

#delete_policy(policy_id, opts = {}) ⇒ Response

Deletes the specified policy. The deletion takes effect typically within 10 seconds.

Parameters:

• policy_id (String) —

  The OCID of the policy.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :if_match (String) —

  For optimistic concurrency control. In the PUT or DELETE call for a resource, set the ‘if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

Returns:

• (Response) —

  A Response object with data of type nil

# File 'lib/oci/identity/identity_client.rb', line 835

def delete_policy(policy_id, opts = {})
  logger.debug "Calling operation IdentityClient#delete_policy." if logger

  fail "Missing the required parameter 'policy_id' when calling delete_policy." if policy_id.nil?

  path = "/policies/{policyId}".sub('{policyId}', policy_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'if-match'] = opts[:'if_match'] if opts[:'if_match']

  post_body = nil

  return @api_client.call_api(
    :DELETE,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body)
end

#delete_swift_password(user_id, swift_password_id, opts = {}) ⇒ Response

Deletes the specified Swift password for the specified user.

Parameters:

• user_id (String) —

  The OCID of the user.

• swift_password_id (String) —

  The OCID of the Swift password.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :if_match (String) —

  For optimistic concurrency control. In the PUT or DELETE call for a resource, set the ‘if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

Returns:

• (Response) —

  A Response object with data of type nil

# File 'lib/oci/identity/identity_client.rb', line 872

def delete_swift_password(user_id, swift_password_id, opts = {})
  logger.debug "Calling operation IdentityClient#delete_swift_password." if logger

  fail "Missing the required parameter 'user_id' when calling delete_swift_password." if user_id.nil?
  fail "Missing the required parameter 'swift_password_id' when calling delete_swift_password." if swift_password_id.nil?

  path = "/users/{userId}/swiftPasswords/{swiftPasswordId}".sub('{userId}', user_id.to_s).sub('{swiftPasswordId}', swift_password_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'if-match'] = opts[:'if_match'] if opts[:'if_match']

  post_body = nil

  return @api_client.call_api(
    :DELETE,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body)
end

#delete_user(user_id, opts = {}) ⇒ Response

Deletes the specified user. The user must not be in any groups.

Parameters:

• user_id (String) —

  The OCID of the user.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :if_match (String) —

  For optimistic concurrency control. In the PUT or DELETE call for a resource, set the ‘if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

Returns:

• (Response) —

  A Response object with data of type nil

# File 'lib/oci/identity/identity_client.rb', line 908

def delete_user(user_id, opts = {})
  logger.debug "Calling operation IdentityClient#delete_user." if logger

  fail "Missing the required parameter 'user_id' when calling delete_user." if user_id.nil?

  path = "/users/{userId}".sub('{userId}', user_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'if-match'] = opts[:'if_match'] if opts[:'if_match']

  post_body = nil

  return @api_client.call_api(
    :DELETE,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body)
end

#get_compartment(compartment_id, opts = {}) ⇒ Response

Gets the specified compartment’s information.

This operation does not return a list of all the resources inside the compartment. There is no single API operation that does that. Compartments can contain multiple types of resources (instances, block storage volumes, etc.). To find out what’s in a compartment, you must call the "List" operation for each resource type and specify the compartment’s OCID as a query parameter in the request. For example, call the list_instances operation in the Cloud Compute Service or the list_volumes operation in Cloud Block Storage.

Parameters:

• compartment_id (String) —

  The OCID of the compartment.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Response) —

  A Response object with data of type OCI::Identity::Models::Compartment

# File 'lib/oci/identity/identity_client.rb', line 947

def get_compartment(compartment_id, opts = {})
  logger.debug "Calling operation IdentityClient#get_compartment." if logger

  fail "Missing the required parameter 'compartment_id' when calling get_compartment." if compartment_id.nil?

  path = "/compartments/{compartmentId}".sub('{compartmentId}', compartment_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'

  post_body = nil

  return @api_client.call_api(
    :GET,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OCI::Identity::Models::Compartment')
end

#get_group(group_id, opts = {}) ⇒ Response

Gets the specified group’s information.

This operation does not return a list of all the users in the group. To do that, use list_user_group_memberships and provide the group’s OCID as a query parameter in the request.

Parameters:

• group_id (String) —

  The OCID of the group.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Response) —

  A Response object with data of type OCI::Identity::Models::Group

# File 'lib/oci/identity/identity_client.rb', line 983

def get_group(group_id, opts = {})
  logger.debug "Calling operation IdentityClient#get_group." if logger

  fail "Missing the required parameter 'group_id' when calling get_group." if group_id.nil?

  path = "/groups/{groupId}".sub('{groupId}', group_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'

  post_body = nil

  return @api_client.call_api(
    :GET,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OCI::Identity::Models::Group')
end

#get_identity_provider(identity_provider_id, opts = {}) ⇒ Response

Gets the specified identity provider’s information.

Parameters:

• identity_provider_id (String) —

  The OCID of the identity provider.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Response) —

  A Response object with data of type OCI::Identity::Models::IdentityProvider

# File 'lib/oci/identity/identity_client.rb', line 1014

def get_identity_provider(identity_provider_id, opts = {})
  logger.debug "Calling operation IdentityClient#get_identity_provider." if logger

  fail "Missing the required parameter 'identity_provider_id' when calling get_identity_provider." if identity_provider_id.nil?

  path = "/identityProviders/{identityProviderId}".sub('{identityProviderId}', identity_provider_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'

  post_body = nil

  return @api_client.call_api(
    :GET,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OCI::Identity::Models::IdentityProvider')
end

#get_idp_group_mapping(identity_provider_id, mapping_id, opts = {}) ⇒ Response

Gets the specified group mapping.

Parameters:

• identity_provider_id (String) —

  The OCID of the identity provider.

• mapping_id (String) —

  The OCID of the group mapping.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Response) —

  A Response object with data of type OCI::Identity::Models::IdpGroupMapping

# File 'lib/oci/identity/identity_client.rb', line 1046

def get_idp_group_mapping(identity_provider_id, mapping_id, opts = {})
  logger.debug "Calling operation IdentityClient#get_idp_group_mapping." if logger

  fail "Missing the required parameter 'identity_provider_id' when calling get_idp_group_mapping." if identity_provider_id.nil?
  fail "Missing the required parameter 'mapping_id' when calling get_idp_group_mapping." if mapping_id.nil?

  path = "/identityProviders/{identityProviderId}/groupMappings/{mappingId}".sub('{identityProviderId}', identity_provider_id.to_s).sub('{mappingId}', mapping_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'

  post_body = nil

  return @api_client.call_api(
    :GET,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OCI::Identity::Models::IdpGroupMapping')
end

#get_policy(policy_id, opts = {}) ⇒ Response

Gets the specified policy’s information.

Parameters:

• policy_id (String) —

  The OCID of the policy.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Response) —

  A Response object with data of type OCI::Identity::Models::Policy

# File 'lib/oci/identity/identity_client.rb', line 1078

def get_policy(policy_id, opts = {})
  logger.debug "Calling operation IdentityClient#get_policy." if logger

  fail "Missing the required parameter 'policy_id' when calling get_policy." if policy_id.nil?

  path = "/policies/{policyId}".sub('{policyId}', policy_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'

  post_body = nil

  return @api_client.call_api(
    :GET,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OCI::Identity::Models::Policy')
end

#get_tenancy(tenancy_id, opts = {}) ⇒ Response

Get the specified tenancy’s information.

Parameters:

• tenancy_id (String) —

  The OCID of the tenancy.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Response) —

  A Response object with data of type OCI::Identity::Models::Tenancy

# File 'lib/oci/identity/identity_client.rb', line 1109

def get_tenancy(tenancy_id, opts = {})
  logger.debug "Calling operation IdentityClient#get_tenancy." if logger

  fail "Missing the required parameter 'tenancy_id' when calling get_tenancy." if tenancy_id.nil?

  path = "/tenancies/{tenancyId}".sub('{tenancyId}', tenancy_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'

  post_body = nil

  return @api_client.call_api(
    :GET,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OCI::Identity::Models::Tenancy')
end

#get_user(user_id, opts = {}) ⇒ Response

Gets the specified user’s information.

Parameters:

• user_id (String) —

  The OCID of the user.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Response) —

  A Response object with data of type OCI::Identity::Models::User

# File 'lib/oci/identity/identity_client.rb', line 1140

def get_user(user_id, opts = {})
  logger.debug "Calling operation IdentityClient#get_user." if logger

  fail "Missing the required parameter 'user_id' when calling get_user." if user_id.nil?

  path = "/users/{userId}".sub('{userId}', user_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'

  post_body = nil

  return @api_client.call_api(
    :GET,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OCI::Identity::Models::User')
end

#get_user_group_membership(user_group_membership_id, opts = {}) ⇒ Response

Gets the specified UserGroupMembership’s information.

Parameters:

• user_group_membership_id (String) —

  The OCID of the userGroupMembership.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Response) —

  A Response object with data of type OCI::Identity::Models::UserGroupMembership

# File 'lib/oci/identity/identity_client.rb', line 1171

def get_user_group_membership(user_group_membership_id, opts = {})
  logger.debug "Calling operation IdentityClient#get_user_group_membership." if logger

  fail "Missing the required parameter 'user_group_membership_id' when calling get_user_group_membership." if user_group_membership_id.nil?

  path = "/userGroupMemberships/{userGroupMembershipId}".sub('{userGroupMembershipId}', user_group_membership_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'

  post_body = nil

  return @api_client.call_api(
    :GET,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OCI::Identity::Models::UserGroupMembership')
end

#list_api_keys(user_id, opts = {}) ⇒ Response

Lists the API signing keys for the specified user. A user can have a maximum of three keys.

Every user has permission to use this API call for *their own user ID*. An administrator in your organization does not need to write a policy to give users this ability.

Parameters:

• user_id (String) —

  The OCID of the user.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Response) —

  A Response object with data of type Array<OCI::Identity::Models::ApiKey>

# File 'lib/oci/identity/identity_client.rb', line 1206

def list_api_keys(user_id, opts = {})
  logger.debug "Calling operation IdentityClient#list_api_keys." if logger

  fail "Missing the required parameter 'user_id' when calling list_api_keys." if user_id.nil?

  path = "/users/{userId}/apiKeys/".sub('{userId}', user_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'

  post_body = nil

  return @api_client.call_api(
    :GET,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'Array<OCI::Identity::Models::ApiKey>')
end

#list_availability_domains(compartment_id, opts = {}) ⇒ Response

Lists the Availability Domains in your tenancy. Specify the OCID of either the tenancy or another of your compartments as the value for the compartment ID (remember that the tenancy is simply the root compartment). See [Where to Get the Tenancy’s OCID and User’s OCID](docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm#five).

Parameters:

• compartment_id (String) —

  The OCID of the compartment (remember that the tenancy is simply the root compartment).

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Response) —

  A Response object with data of type Array<OCI::Identity::Models::AvailabilityDomain>

# File 'lib/oci/identity/identity_client.rb', line 1241

def list_availability_domains(compartment_id, opts = {})
  logger.debug "Calling operation IdentityClient#list_availability_domains." if logger

  fail "Missing the required parameter 'compartment_id' when calling list_availability_domains." if compartment_id.nil?

  path = "/availabilityDomains/"

  # Query Params
  query_params = {}
  query_params[:'compartmentId'] = compartment_id

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'

  post_body = nil

  return @api_client.call_api(
    :GET,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'Array<OCI::Identity::Models::AvailabilityDomain>')
end

#list_compartments(compartment_id, opts = {}) ⇒ Response

Lists the compartments in your tenancy. You must specify your tenancy’s OCID as the value for the compartment ID (remember that the tenancy is simply the root compartment). See [Where to Get the Tenancy’s OCID and User’s OCID](docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm#five).

Parameters:

• compartment_id (String) —

  The OCID of the compartment (remember that the tenancy is simply the root compartment).

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page (String) —

  The value of the ‘opc-next-page` response header from the previous "List" call.

• :limit (Integer) —

  The maximum number of items to return in a paginated "List" call.

Returns:

• (Response) —

  A Response object with data of type Array<OCI::Identity::Models::Compartment>

# File 'lib/oci/identity/identity_client.rb', line 1281

def list_compartments(compartment_id, opts = {})
  logger.debug "Calling operation IdentityClient#list_compartments." if logger

  fail "Missing the required parameter 'compartment_id' when calling list_compartments." if compartment_id.nil?

  path = "/compartments/"

  # Query Params
  query_params = {}
  query_params[:'compartmentId'] = compartment_id
  query_params[:'page'] = opts[:'page'] if opts[:'page']
  query_params[:'limit'] = opts[:'limit'] if opts[:'limit']

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'

  post_body = nil

  return @api_client.call_api(
    :GET,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'Array<OCI::Identity::Models::Compartment>')
end

#list_customer_secret_keys(user_id, opts = {}) ⇒ Response

Lists the secret keys for the specified user. The returned object contains the secret key’s OCID, but not the secret key itself. The actual secret key is returned only upon creation.

Parameters:

• user_id (String) —

  The OCID of the user.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Response) —

  A Response object with data of type Array<OCI::Identity::Models::CustomerSecretKeySummary>

# File 'lib/oci/identity/identity_client.rb', line 1317

def list_customer_secret_keys(user_id, opts = {})
  logger.debug "Calling operation IdentityClient#list_customer_secret_keys." if logger

  fail "Missing the required parameter 'user_id' when calling list_customer_secret_keys." if user_id.nil?

  path = "/users/{userId}/customerSecretKeys/".sub('{userId}', user_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'

  post_body = nil

  return @api_client.call_api(
    :GET,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'Array<OCI::Identity::Models::CustomerSecretKeySummary>')
end

#list_groups(compartment_id, opts = {}) ⇒ Response

Lists the groups in your tenancy. You must specify your tenancy’s OCID as the value for the compartment ID (remember that the tenancy is simply the root compartment). See [Where to Get the Tenancy’s OCID and User’s OCID](docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm#five).

Parameters:

• compartment_id (String) —

  The OCID of the compartment (remember that the tenancy is simply the root compartment).

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page (String) —

  The value of the ‘opc-next-page` response header from the previous "List" call.

• :limit (Integer) —

  The maximum number of items to return in a paginated "List" call.

Returns:

• (Response) —

  A Response object with data of type Array<OCI::Identity::Models::Group>

# File 'lib/oci/identity/identity_client.rb', line 1356

def list_groups(compartment_id, opts = {})
  logger.debug "Calling operation IdentityClient#list_groups." if logger

  fail "Missing the required parameter 'compartment_id' when calling list_groups." if compartment_id.nil?

  path = "/groups/"

  # Query Params
  query_params = {}
  query_params[:'compartmentId'] = compartment_id
  query_params[:'page'] = opts[:'page'] if opts[:'page']
  query_params[:'limit'] = opts[:'limit'] if opts[:'limit']

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'

  post_body = nil

  return @api_client.call_api(
    :GET,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'Array<OCI::Identity::Models::Group>')
end

#list_identity_providers(protocol, compartment_id, opts = {}) ⇒ Response

Lists all the identity providers in your tenancy. You must specify the identity provider type (e.g., ‘SAML2` for identity providers using the SAML2.0 protocol). You must specify your tenancy’s OCID as the value for the compartment ID (remember that the tenancy is simply the root compartment). See [Where to Get the Tenancy’s OCID and User’s OCID](docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm#five).

Parameters:

• protocol (String) —

  The protocol used for federation.

• compartment_id (String) —

  The OCID of the compartment (remember that the tenancy is simply the root compartment).

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page (String) —

  The value of the ‘opc-next-page` response header from the previous "List" call.

• :limit (Integer) —

  The maximum number of items to return in a paginated "List" call.

Returns:

• (Response) —

  A Response object with data of type Array<OCI::Identity::Models::IdentityProvider>

# File 'lib/oci/identity/identity_client.rb', line 1400

def list_identity_providers(protocol, compartment_id, opts = {})
  logger.debug "Calling operation IdentityClient#list_identity_providers." if logger

  fail "Missing the required parameter 'protocol' when calling list_identity_providers." if protocol.nil?
  unless ['SAML2'].include?(protocol)
    fail "Invalid value for 'protocol', must be one of SAML2."
  end
  fail "Missing the required parameter 'compartment_id' when calling list_identity_providers." if compartment_id.nil?

  path = "/identityProviders/"

  # Query Params
  query_params = {}
  query_params[:'protocol'] = protocol
  query_params[:'compartmentId'] = compartment_id
  query_params[:'page'] = opts[:'page'] if opts[:'page']
  query_params[:'limit'] = opts[:'limit'] if opts[:'limit']

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'

  post_body = nil

  return @api_client.call_api(
    :GET,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'Array<OCI::Identity::Models::IdentityProvider>')
end

#list_idp_group_mappings(identity_provider_id, opts = {}) ⇒ Response

Lists the group mappings for the specified identity provider.

Parameters:

• identity_provider_id (String) —

  The OCID of the identity provider.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page (String) —

  The value of the ‘opc-next-page` response header from the previous "List" call.

• :limit (Integer) —

  The maximum number of items to return in a paginated "List" call.

Returns:

• (Response) —

  A Response object with data of type Array<OCI::Identity::Models::IdpGroupMapping>

# File 'lib/oci/identity/identity_client.rb', line 1444

def list_idp_group_mappings(identity_provider_id, opts = {})
  logger.debug "Calling operation IdentityClient#list_idp_group_mappings." if logger

  fail "Missing the required parameter 'identity_provider_id' when calling list_idp_group_mappings." if identity_provider_id.nil?

  path = "/identityProviders/{identityProviderId}/groupMappings/".sub('{identityProviderId}', identity_provider_id.to_s)

  # Query Params
  query_params = {}
  query_params[:'page'] = opts[:'page'] if opts[:'page']
  query_params[:'limit'] = opts[:'limit'] if opts[:'limit']

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'

  post_body = nil

  return @api_client.call_api(
    :GET,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'Array<OCI::Identity::Models::IdpGroupMapping>')
end

#list_policies(compartment_id, opts = {}) ⇒ Response

Lists the policies in the specified compartment (either the tenancy or another of your compartments). See [Where to Get the Tenancy’s OCID and User’s OCID](docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm#five).

To determine which policies apply to a particular group or compartment, you must view the individual statements inside all your policies. There isn’t a way to automatically obtain that information via the API.

Parameters:

• compartment_id (String) —

  The OCID of the compartment (remember that the tenancy is simply the root compartment).

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page (String) —

  The value of the ‘opc-next-page` response header from the previous "List" call.

• :limit (Integer) —

  The maximum number of items to return in a paginated "List" call.

Returns:

• (Response) —

  A Response object with data of type Array<OCI::Identity::Models::Policy>

# File 'lib/oci/identity/identity_client.rb', line 1487

def list_policies(compartment_id, opts = {})
  logger.debug "Calling operation IdentityClient#list_policies." if logger

  fail "Missing the required parameter 'compartment_id' when calling list_policies." if compartment_id.nil?

  path = "/policies/"

  # Query Params
  query_params = {}
  query_params[:'compartmentId'] = compartment_id
  query_params[:'page'] = opts[:'page'] if opts[:'page']
  query_params[:'limit'] = opts[:'limit'] if opts[:'limit']

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'

  post_body = nil

  return @api_client.call_api(
    :GET,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'Array<OCI::Identity::Models::Policy>')
end

#list_region_subscriptions(tenancy_id, opts = {}) ⇒ Response

Lists the region subscriptions for the specified tenancy.

Parameters:

• tenancy_id (String) —

  The OCID of the tenancy.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Response) —

  A Response object with data of type Array<OCI::Identity::Models::RegionSubscription>

# File 'lib/oci/identity/identity_client.rb', line 1521

def list_region_subscriptions(tenancy_id, opts = {})
  logger.debug "Calling operation IdentityClient#list_region_subscriptions." if logger

  fail "Missing the required parameter 'tenancy_id' when calling list_region_subscriptions." if tenancy_id.nil?

  path = "/tenancies/{tenancyId}/regionSubscriptions".sub('{tenancyId}', tenancy_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'

  post_body = nil

  return @api_client.call_api(
    :GET,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'Array<OCI::Identity::Models::RegionSubscription>')
end

#list_regions(opts = {}) ⇒ Response

Lists all the regions offered by Oracle Bare Metal Cloud Services.

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Response) —

  A Response object with data of type Array<OCI::Identity::Models::Region>

# File 'lib/oci/identity/identity_client.rb', line 1551

def list_regions(opts = {})
  logger.debug "Calling operation IdentityClient#list_regions." if logger


  path = "/regions"

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'

  post_body = nil

  return @api_client.call_api(
    :GET,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'Array<OCI::Identity::Models::Region>')
end

#list_swift_passwords(user_id, opts = {}) ⇒ Response

Lists the Swift passwords for the specified user. The returned object contains the password’s OCID, but not the password itself. The actual password is returned only upon creation.

Parameters:

• user_id (String) —

  The OCID of the user.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Response) —

  A Response object with data of type Array<OCI::Identity::Models::SwiftPassword>

# File 'lib/oci/identity/identity_client.rb', line 1583

def list_swift_passwords(user_id, opts = {})
  logger.debug "Calling operation IdentityClient#list_swift_passwords." if logger

  fail "Missing the required parameter 'user_id' when calling list_swift_passwords." if user_id.nil?

  path = "/users/{userId}/swiftPasswords/".sub('{userId}', user_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'

  post_body = nil

  return @api_client.call_api(
    :GET,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'Array<OCI::Identity::Models::SwiftPassword>')
end

#list_user_group_memberships(compartment_id, opts = {}) ⇒ Response

Lists the ‘UserGroupMembership` objects in your tenancy. You must specify your tenancy’s OCID as the value for the compartment ID (see [Where to Get the Tenancy’s OCID and User’s OCID](docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm#five)). You must also then filter the list in one of these ways:

• You can limit the results to just the memberships for a given user by specifying a ‘userId`.

• Similarly, you can limit the results to just the memberships for a given group by specifying a ‘groupId`.

• You can set both the ‘userId` and `groupId` to determine if the specified user is in the specified group.

If the answer is no, the response is an empty list.

Parameters:

• compartment_id (String) —

  The OCID of the compartment (remember that the tenancy is simply the root compartment).

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :user_id (String) —

  The OCID of the user.

• :group_id (String) —

  The OCID of the group.

• :page (String) —

  The value of the ‘opc-next-page` response header from the previous "List" call.

• :limit (Integer) —

  The maximum number of items to return in a paginated "List" call.

Returns:

• (Response) —

  A Response object with data of type Array<OCI::Identity::Models::UserGroupMembership>

# File 'lib/oci/identity/identity_client.rb', line 1630

def list_user_group_memberships(compartment_id, opts = {})
  logger.debug "Calling operation IdentityClient#list_user_group_memberships." if logger

  fail "Missing the required parameter 'compartment_id' when calling list_user_group_memberships." if compartment_id.nil?

  path = "/userGroupMemberships/"

  # Query Params
  query_params = {}
  query_params[:'compartmentId'] = compartment_id
  query_params[:'userId'] = opts[:'user_id'] if opts[:'user_id']
  query_params[:'groupId'] = opts[:'group_id'] if opts[:'group_id']
  query_params[:'page'] = opts[:'page'] if opts[:'page']
  query_params[:'limit'] = opts[:'limit'] if opts[:'limit']

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'

  post_body = nil

  return @api_client.call_api(
    :GET,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'Array<OCI::Identity::Models::UserGroupMembership>')
end

#list_users(compartment_id, opts = {}) ⇒ Response

Lists the users in your tenancy. You must specify your tenancy’s OCID as the value for the compartment ID (remember that the tenancy is simply the root compartment). See [Where to Get the Tenancy’s OCID and User’s OCID](docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm#five).

Parameters:

• compartment_id (String) —

  The OCID of the compartment (remember that the tenancy is simply the root compartment).

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page (String) —

  The value of the ‘opc-next-page` response header from the previous "List" call.

• :limit (Integer) —

  The maximum number of items to return in a paginated "List" call.

Returns:

• (Response) —

  A Response object with data of type Array<OCI::Identity::Models::User>

# File 'lib/oci/identity/identity_client.rb', line 1674

def list_users(compartment_id, opts = {})
  logger.debug "Calling operation IdentityClient#list_users." if logger

  fail "Missing the required parameter 'compartment_id' when calling list_users." if compartment_id.nil?

  path = "/users/"

  # Query Params
  query_params = {}
  query_params[:'compartmentId'] = compartment_id
  query_params[:'page'] = opts[:'page'] if opts[:'page']
  query_params[:'limit'] = opts[:'limit'] if opts[:'limit']

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'

  post_body = nil

  return @api_client.call_api(
    :GET,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'Array<OCI::Identity::Models::User>')
end

#logger ⇒ Logger

Returns The logger for this client. May be nil.

Returns:

• (Logger) —

  The logger for this client. May be nil.

# File 'lib/oci/identity/identity_client.rb', line 56

def logger
  @api_client.config.logger
end

#remove_user_from_group(user_group_membership_id, opts = {}) ⇒ Response

Removes a user from a group by deleting the corresponding ‘UserGroupMembership`.

Parameters:

• user_group_membership_id (String) —

  The OCID of the userGroupMembership.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :if_match (String) —

  For optimistic concurrency control. In the PUT or DELETE call for a resource, set the ‘if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

Returns:

• (Response) —

  A Response object with data of type nil

# File 'lib/oci/identity/identity_client.rb', line 1712

def remove_user_from_group(user_group_membership_id, opts = {})
  logger.debug "Calling operation IdentityClient#remove_user_from_group." if logger

  fail "Missing the required parameter 'user_group_membership_id' when calling remove_user_from_group." if user_group_membership_id.nil?

  path = "/userGroupMemberships/{userGroupMembershipId}".sub('{userGroupMembershipId}', user_group_membership_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'if-match'] = opts[:'if_match'] if opts[:'if_match']

  post_body = nil

  return @api_client.call_api(
    :DELETE,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body)
end

#update_compartment(compartment_id, update_compartment_details, opts = {}) ⇒ Response

Updates the specified compartment’s description.

Parameters:

• compartment_id (String) —

  The OCID of the compartment.

• update_compartment_details (UpdateCompartmentDetails) —

  Request object for updating a compartment.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :if_match (String) —

  For optimistic concurrency control. In the PUT or DELETE call for a resource, set the ‘if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

Returns:

• (Response) —

  A Response object with data of type OCI::Identity::Models::Compartment

# File 'lib/oci/identity/identity_client.rb', line 1748

def update_compartment(compartment_id, update_compartment_details, opts = {})
  logger.debug "Calling operation IdentityClient#update_compartment." if logger

  fail "Missing the required parameter 'compartment_id' when calling update_compartment." if compartment_id.nil?
  fail "Missing the required parameter 'update_compartment_details' when calling update_compartment." if update_compartment_details.nil?

  path = "/compartments/{compartmentId}".sub('{compartmentId}', compartment_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'if-match'] = opts[:'if_match'] if opts[:'if_match']

  post_body = @api_client.object_to_http_body(update_compartment_details)

  return @api_client.call_api(
    :PUT,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OCI::Identity::Models::Compartment')
end

#update_customer_secret_key(user_id, customer_secret_key_id, update_customer_secret_key_details, opts = {}) ⇒ Response

Updates the specified secret key’s description.

Parameters:

• user_id (String) —

  The OCID of the user.

• customer_secret_key_id (String) —

  The OCID of the secret key.

• update_customer_secret_key_details (UpdateCustomerSecretKeyDetails) —

  Request object for updating a secret key.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :if_match (String) —

  For optimistic concurrency control. In the PUT or DELETE call for a resource, set the ‘if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

Returns:

• (Response) —

  A Response object with data of type OCI::Identity::Models::CustomerSecretKeySummary

# File 'lib/oci/identity/identity_client.rb', line 1788

def update_customer_secret_key(user_id, customer_secret_key_id, update_customer_secret_key_details, opts = {})
  logger.debug "Calling operation IdentityClient#update_customer_secret_key." if logger

  fail "Missing the required parameter 'user_id' when calling update_customer_secret_key." if user_id.nil?
  fail "Missing the required parameter 'customer_secret_key_id' when calling update_customer_secret_key." if customer_secret_key_id.nil?
  fail "Missing the required parameter 'update_customer_secret_key_details' when calling update_customer_secret_key." if update_customer_secret_key_details.nil?

  path = "/users/{userId}/customerSecretKeys/{customerSecretKeyId}".sub('{userId}', user_id.to_s).sub('{customerSecretKeyId}', customer_secret_key_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'if-match'] = opts[:'if_match'] if opts[:'if_match']

  post_body = @api_client.object_to_http_body(update_customer_secret_key_details)

  return @api_client.call_api(
    :PUT,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OCI::Identity::Models::CustomerSecretKeySummary')
end

#update_group(group_id, update_group_details, opts = {}) ⇒ Response

Updates the specified group.

Parameters:

• group_id (String) —

  The OCID of the group.

• update_group_details (UpdateGroupDetails) —

  Request object for updating a group.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :if_match (String) —

  For optimistic concurrency control. In the PUT or DELETE call for a resource, set the ‘if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

Returns:

• (Response) —

  A Response object with data of type OCI::Identity::Models::Group

# File 'lib/oci/identity/identity_client.rb', line 1827

def update_group(group_id, update_group_details, opts = {})
  logger.debug "Calling operation IdentityClient#update_group." if logger

  fail "Missing the required parameter 'group_id' when calling update_group." if group_id.nil?
  fail "Missing the required parameter 'update_group_details' when calling update_group." if update_group_details.nil?

  path = "/groups/{groupId}".sub('{groupId}', group_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'if-match'] = opts[:'if_match'] if opts[:'if_match']

  post_body = @api_client.object_to_http_body(update_group_details)

  return @api_client.call_api(
    :PUT,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OCI::Identity::Models::Group')
end

#update_identity_provider(identity_provider_id, update_identity_provider_details, opts = {}) ⇒ Response

Updates the specified identity provider.

Parameters:

• identity_provider_id (String) —

  The OCID of the identity provider.

• update_identity_provider_details (UpdateIdentityProviderDetails) —

  Request object for updating a identity provider.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :if_match (String) —

  For optimistic concurrency control. In the PUT or DELETE call for a resource, set the ‘if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

Returns:

• (Response) —

  A Response object with data of type OCI::Identity::Models::IdentityProvider

# File 'lib/oci/identity/identity_client.rb', line 1865

def update_identity_provider(identity_provider_id, update_identity_provider_details, opts = {})
  logger.debug "Calling operation IdentityClient#update_identity_provider." if logger

  fail "Missing the required parameter 'identity_provider_id' when calling update_identity_provider." if identity_provider_id.nil?
  fail "Missing the required parameter 'update_identity_provider_details' when calling update_identity_provider." if update_identity_provider_details.nil?

  path = "/identityProviders/{identityProviderId}".sub('{identityProviderId}', identity_provider_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'if-match'] = opts[:'if_match'] if opts[:'if_match']

  post_body = @api_client.object_to_http_body(update_identity_provider_details)

  return @api_client.call_api(
    :PUT,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OCI::Identity::Models::IdentityProvider')
end

#update_idp_group_mapping(identity_provider_id, mapping_id, update_idp_group_mapping_details, opts = {}) ⇒ Response

Updates the specified group mapping.

Parameters:

• identity_provider_id (String) —

  The OCID of the identity provider.

• mapping_id (String) —

  The OCID of the group mapping.

• update_idp_group_mapping_details (UpdateIdpGroupMappingDetails) —

  Request object for updating an identity provider group mapping

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :if_match (String) —

  For optimistic concurrency control. In the PUT or DELETE call for a resource, set the ‘if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

Returns:

• (Response) —

  A Response object with data of type OCI::Identity::Models::IdpGroupMapping

# File 'lib/oci/identity/identity_client.rb', line 1904

def update_idp_group_mapping(identity_provider_id, mapping_id, update_idp_group_mapping_details, opts = {})
  logger.debug "Calling operation IdentityClient#update_idp_group_mapping." if logger

  fail "Missing the required parameter 'identity_provider_id' when calling update_idp_group_mapping." if identity_provider_id.nil?
  fail "Missing the required parameter 'mapping_id' when calling update_idp_group_mapping." if mapping_id.nil?
  fail "Missing the required parameter 'update_idp_group_mapping_details' when calling update_idp_group_mapping." if update_idp_group_mapping_details.nil?

  path = "/identityProviders/{identityProviderId}/groupMappings/{mappingId}".sub('{identityProviderId}', identity_provider_id.to_s).sub('{mappingId}', mapping_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'if-match'] = opts[:'if_match'] if opts[:'if_match']

  post_body = @api_client.object_to_http_body(update_idp_group_mapping_details)

  return @api_client.call_api(
    :PUT,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OCI::Identity::Models::IdpGroupMapping')
end

#update_policy(policy_id, update_policy_details, opts = {}) ⇒ Response

Updates the specified policy. You can update the description or the policy statements themselves.

Policy changes take effect typically within 10 seconds.

Parameters:

• policy_id (String) —

  The OCID of the policy.

• update_policy_details (UpdatePolicyDetails) —

  Request object for updating a policy.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :if_match (String) —

  For optimistic concurrency control. In the PUT or DELETE call for a resource, set the ‘if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

Returns:

• (Response) —

  A Response object with data of type OCI::Identity::Models::Policy

# File 'lib/oci/identity/identity_client.rb', line 1946

def update_policy(policy_id, update_policy_details, opts = {})
  logger.debug "Calling operation IdentityClient#update_policy." if logger

  fail "Missing the required parameter 'policy_id' when calling update_policy." if policy_id.nil?
  fail "Missing the required parameter 'update_policy_details' when calling update_policy." if update_policy_details.nil?

  path = "/policies/{policyId}".sub('{policyId}', policy_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'if-match'] = opts[:'if_match'] if opts[:'if_match']

  post_body = @api_client.object_to_http_body(update_policy_details)

  return @api_client.call_api(
    :PUT,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OCI::Identity::Models::Policy')
end

#update_swift_password(user_id, swift_password_id, update_swift_password_details, opts = {}) ⇒ Response

Updates the specified Swift password’s description.

Parameters:

• user_id (String) —

  The OCID of the user.

• swift_password_id (String) —

  The OCID of the Swift password.

• update_swift_password_details (UpdateSwiftPasswordDetails) —

  Request object for updating a Swift password.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :if_match (String) —

  For optimistic concurrency control. In the PUT or DELETE call for a resource, set the ‘if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

Returns:

• (Response) —

  A Response object with data of type OCI::Identity::Models::SwiftPassword

# File 'lib/oci/identity/identity_client.rb', line 1986

def update_swift_password(user_id, swift_password_id, update_swift_password_details, opts = {})
  logger.debug "Calling operation IdentityClient#update_swift_password." if logger

  fail "Missing the required parameter 'user_id' when calling update_swift_password." if user_id.nil?
  fail "Missing the required parameter 'swift_password_id' when calling update_swift_password." if swift_password_id.nil?
  fail "Missing the required parameter 'update_swift_password_details' when calling update_swift_password." if update_swift_password_details.nil?

  path = "/users/{userId}/swiftPasswords/{swiftPasswordId}".sub('{userId}', user_id.to_s).sub('{swiftPasswordId}', swift_password_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'if-match'] = opts[:'if_match'] if opts[:'if_match']

  post_body = @api_client.object_to_http_body(update_swift_password_details)

  return @api_client.call_api(
    :PUT,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OCI::Identity::Models::SwiftPassword')
end

#update_user(user_id, update_user_details, opts = {}) ⇒ Response

Updates the description of the specified user.

Parameters:

• user_id (String) —

  The OCID of the user.

• update_user_details (UpdateUserDetails) —

  Request object for updating a user.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :if_match (String) —

  For optimistic concurrency control. In the PUT or DELETE call for a resource, set the ‘if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

Returns:

• (Response) —

  A Response object with data of type OCI::Identity::Models::User

# File 'lib/oci/identity/identity_client.rb', line 2025

def update_user(user_id, update_user_details, opts = {})
  logger.debug "Calling operation IdentityClient#update_user." if logger

  fail "Missing the required parameter 'user_id' when calling update_user." if user_id.nil?
  fail "Missing the required parameter 'update_user_details' when calling update_user." if update_user_details.nil?

  path = "/users/{userId}".sub('{userId}', user_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'if-match'] = opts[:'if_match'] if opts[:'if_match']

  post_body = @api_client.object_to_http_body(update_user_details)

  return @api_client.call_api(
    :PUT,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OCI::Identity::Models::User')
end

#update_user_state(user_id, update_state_details, opts = {}) ⇒ Response

Updates the state of the specified user.

Parameters:

• user_id (String) —

  The OCID of the user.

• update_state_details (UpdateStateDetails) —

  Request object for updating a user state.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :if_match (String) —

  For optimistic concurrency control. In the PUT or DELETE call for a resource, set the ‘if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource’s current etag value.

Returns:

• (Response) —

  A Response object with data of type OCI::Identity::Models::User

# File 'lib/oci/identity/identity_client.rb', line 2064

def update_user_state(user_id, update_state_details, opts = {})
  logger.debug "Calling operation IdentityClient#update_user_state." if logger

  fail "Missing the required parameter 'user_id' when calling update_user_state." if user_id.nil?
  fail "Missing the required parameter 'update_state_details' when calling update_user_state." if update_state_details.nil?

  path = "/users/{userId}/state/".sub('{userId}', user_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'if-match'] = opts[:'if_match'] if opts[:'if_match']

  post_body = @api_client.object_to_http_body(update_state_details)

  return @api_client.call_api(
    :PUT,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OCI::Identity::Models::User')
end

#upload_api_key(user_id, create_api_key_details, opts = {}) ⇒ Response

Uploads an API signing key for the specified user.

Every user has permission to use this operation to upload a key for *their own user ID*. An administrator in your organization does not need to write a policy to give users this ability. To compare, administrators who have permission to the tenancy can use this operation to upload a key for any user, including themselves.

Important: Even though you have permission to upload an API key, you might not yet have permission to do much else. If you try calling an operation unrelated to your own credential management (e.g., ‘ListUsers`, `LaunchInstance`) and receive an "unauthorized" error, check with an administrator to confirm which IAM Service group(s) you’re in and what access you have. Also confirm you’re working in the correct compartment.

After you send your request, the new object’s ‘lifecycleState` will temporarily be CREATING. Before using the object, first make sure its `lifecycleState` has changed to ACTIVE.

Parameters:

• user_id (String) —

  The OCID of the user.

• create_api_key_details (CreateApiKeyDetails) —

  Request object for uploading an API key for a user.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :opc_retry_token (String) —

  A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected).

Returns:

• (Response) —

  A Response object with data of type OCI::Identity::Models::ApiKey

# File 'lib/oci/identity/identity_client.rb', line 2119

def upload_api_key(user_id, create_api_key_details, opts = {})
  logger.debug "Calling operation IdentityClient#upload_api_key." if logger

  fail "Missing the required parameter 'user_id' when calling upload_api_key." if user_id.nil?
  fail "Missing the required parameter 'create_api_key_details' when calling upload_api_key." if create_api_key_details.nil?

  path = "/users/{userId}/apiKeys/".sub('{userId}', user_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'opc-retry-token'] = opts[:'opc_retry_token'] if opts[:'opc_retry_token']

  post_body = @api_client.object_to_http_body(create_api_key_details)

  return @api_client.call_api(
    :POST,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OCI::Identity::Models::ApiKey')
end