Class: OracleBMC::Identity::IdentityClient

Inherits:

Object

• Object
• OracleBMC::Identity::IdentityClient

Defined in:

lib/oraclebmc/identity/identity_client.rb

Instance Attribute Summary

• #api_client ⇒ OracleBMC::ApiClient readonly

  Client used to make HTTP requests.

• #endpoint ⇒ String readonly

  Fully qualified endpoint URL.

• #region ⇒ String

  The region, which will usually correspond to a value in Regions::REGION_ENUM.

Instance Method Summary

• #add_user_to_group(add_user_to_group_details, opts = {}) ⇒ Response

  Adds the specified user to the specified group and returns a ‘UserGroupMembership` object with its own OCID.

• #create_compartment(create_compartment_details, opts = {}) ⇒ Response

  Creates a new compartment in your tenancy.

• #create_group(create_group_details, opts = {}) ⇒ Response

  Creates a new group in your tenancy.

• #create_or_reset_ui_password(user_id, opts = {}) ⇒ Response

  Creates a new Console one-time password for the specified user.

• #create_policy(create_policy_details, opts = {}) ⇒ Response

  Creates a new policy in the specified compartment (either the tenancy or another of your compartments).

• #create_swift_password(create_swift_password_details, user_id, opts = {}) ⇒ Response

  Creates a new Swift password for the specified user.

• #create_user(create_user_details, opts = {}) ⇒ Response

  Creates a new user in your tenancy.

• #delete_api_key(user_id, fingerprint, opts = {}) ⇒ Response

  Deletes the specified API signing key for the specified user.

• #delete_group(group_id, opts = {}) ⇒ Response

  Deletes the specified group.

• #delete_policy(policy_id, opts = {}) ⇒ Response

  Deletes the specified policy.

• #delete_swift_password(user_id, swift_password_id, opts = {}) ⇒ Response

  Deletes the specified Swift password for the specified user.

• #delete_user(user_id, opts = {}) ⇒ Response

  Deletes the specified user.

• #get_compartment(compartment_id, opts = {}) ⇒ Response

  Gets the specified compartment’s information.

• #get_group(group_id, opts = {}) ⇒ Response

  Gets the specified group’s information.

• #get_policy(policy_id, opts = {}) ⇒ Response

  Gets the specified policy’s information.

• #get_user(user_id, opts = {}) ⇒ Response

  Gets the specified user’s information.

• #get_user_group_membership(user_group_membership_id, opts = {}) ⇒ Response

  Gets the specified UserGroupMembership’s information.

• #initialize(config: nil, region: nil) ⇒ IdentityClient constructor

  Creates a new IdentityClient.

• #list_api_keys(user_id, opts = {}) ⇒ Response

  Lists the API signing keys for the specified user.

• #list_availability_domains(compartment_id, opts = {}) ⇒ Response

  Lists the Availability Domains in your tenancy.

• #list_compartments(compartment_id, opts = {}) ⇒ Response

  Lists the compartments in your tenancy.

• #list_groups(compartment_id, opts = {}) ⇒ Response

  Lists the groups in your tenancy.

• #list_policies(compartment_id, opts = {}) ⇒ Response

  Lists the policies in the specified compartment (either the tenancy or another of your compartments).

• #list_swift_passwords(user_id, opts = {}) ⇒ Response

  Lists the Swift passwords for the specified user.

• #list_user_group_memberships(compartment_id, opts = {}) ⇒ Response

  Lists the ‘UserGroupMembership` objects in your tenancy.

• #list_users(compartment_id, opts = {}) ⇒ Response

  Lists the users in your tenancy.

• #logger ⇒ Logger

  The logger for this client.

• #remove_user_from_group(user_group_membership_id, opts = {}) ⇒ Response

  Removes a user from a group by deleting the corresponding ‘UserGroupMembership`.

• #update_compartment(compartment_id, update_compartment_details, opts = {}) ⇒ Response

  Updates the specified compartment’s description.

• #update_group(group_id, update_group_details, opts = {}) ⇒ Response

  Updates the specified group.

• #update_policy(policy_id, update_policy_details, opts = {}) ⇒ Response

  Updates the specified policy.

• #update_swift_password(user_id, swift_password_id, update_swift_password_details, opts = {}) ⇒ Response

  Updates the specified Swift password’s description.

• #update_user(user_id, update_user_details, opts = {}) ⇒ Response

  Updates the description of the specified user.

• #update_user_state(user_id, update_state_details, opts = {}) ⇒ Response

  Updates the state of the specified user.

• #upload_api_key(user_id, create_api_key_details, opts = {}) ⇒ Response

  Uploads an API signing key for the specified user.

Constructor Details

#initialize(config: nil, region: nil) ⇒ IdentityClient

Creates a new IdentityClient. If a config is not specified, then the global OracleBMC.config will be used.

A region must be specified in either the config or the region parameter. If specified in both, then the region parameter will be used.

Parameters:

• config (Config) (defaults to: nil) —

  A Config object.

• region (String) (defaults to: nil) —

  A region used to determine the service endpoint. This will usually correspond to a value in Regions::REGION_ENUM, but may be an arbitrary string.

# File 'lib/oraclebmc/identity/identity_client.rb', line 32

def initialize(config:nil, region:nil)
  config ||= OracleBMC.config
  signer = Signer.new(config.user, config.fingerprint, config.tenancy, config.key_file, pass_phrase: config.pass_phrase)
  @api_client = ApiClient.new(config, signer)

  region ||= config.region
  self.region = region
end

Instance Attribute Details

#api_client ⇒ OracleBMC::ApiClient (readonly)

Client used to make HTTP requests.

Returns:

• (OracleBMC::ApiClient)

# File 'lib/oraclebmc/identity/identity_client.rb', line 12

def api_client
  @api_client
end

#endpoint ⇒ String (readonly)

Fully qualified endpoint URL

Returns:

• (String)

# File 'lib/oraclebmc/identity/identity_client.rb', line 16

def endpoint
  @endpoint
end

#region ⇒ String

The region, which will usually correspond to a value in Regions::REGION_ENUM.

Returns:

• (String)

# File 'lib/oraclebmc/identity/identity_client.rb', line 20

def region
  @region
end

Instance Method Details

#add_user_to_group(add_user_to_group_details, opts = {}) ⇒ Response

Adds the specified user to the specified group and returns a ‘UserGroupMembership` object with its own OCID.

After you send your request, the new object’s ‘lifecycleState` will temporarily be CREATING. Before using the object, first make sure its `lifecycleState` has changed to ACTIVE.

Parameters:

• add_user_to_group_details (AddUserToGroupDetails) —

  Request object for adding a user to a group.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :opc_retry_token (String) —

  A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected).

Returns:

• (Response) —

  A Response object with data of type OracleBMC::Identity::Models::UserGroupMembership

# File 'lib/oraclebmc/identity/identity_client.rb', line 73

def add_user_to_group(add_user_to_group_details, opts = {})
  logger.debug "Calling operation IdentityClient#add_user_to_group." if logger

  fail "Missing the required parameter 'add_user_to_group_details' when calling add_user_to_group." if add_user_to_group_details.nil?

  path = "/userGroupMemberships/"

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'opc-retry-token'] = opts[:'opc_retry_token'] if opts[:'opc_retry_token']

  post_body = @api_client.object_to_http_body(add_user_to_group_details)

  return @api_client.call_api(
    :POST,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OracleBMC::Identity::Models::UserGroupMembership')
end

#create_compartment(create_compartment_details, opts = {}) ⇒ Response

Creates a new compartment in your tenancy.

Important: Compartments cannot be renamed or deleted.

You must specify your tenancy’s OCID as the compartment ID in the request object. Remember that the tenancy is simply the root compartment. For information about OCIDs, see [Resource Identifiers](docs.us-phoenix-1.oraclecloud.com/Content/General/Concepts/identifiers.htm).

You must also specify a name for the compartment, which must be unique across all compartments in your tenancy and cannot be changed. You can use this name or the OCID when writing policies that apply to the compartment. For more information about policies, see [How Policies Work](docs.us-phoenix-1.oraclecloud.com/Content/Identity/Concepts/policies.htm).

You must also specify a description for the compartment (although it can be an empty string). It does not have to be unique, and you can change it anytime with update_compartment.

After you send your request, the new object’s ‘lifecycleState` will temporarily be CREATING. Before using the object, first make sure its `lifecycleState` has changed to ACTIVE.

Parameters:

• create_compartment_details (CreateCompartmentDetails) —

  Request object for creating a new compartment.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :opc_retry_token (String) —

  A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected).

Returns:

• (Response) —

  A Response object with data of type OracleBMC::Identity::Models::Compartment

# File 'lib/oraclebmc/identity/identity_client.rb', line 130

def create_compartment(create_compartment_details, opts = {})
  logger.debug "Calling operation IdentityClient#create_compartment." if logger

  fail "Missing the required parameter 'create_compartment_details' when calling create_compartment." if create_compartment_details.nil?

  path = "/compartments/"

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'opc-retry-token'] = opts[:'opc_retry_token'] if opts[:'opc_retry_token']

  post_body = @api_client.object_to_http_body(create_compartment_details)

  return @api_client.call_api(
    :POST,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OracleBMC::Identity::Models::Compartment')
end

#create_group(create_group_details, opts = {}) ⇒ Response

Creates a new group in your tenancy.

You must specify your tenancy’s OCID as the compartment ID in the request object (remember that the tenancy is simply the root compartment). Notice that IAM resources (users, groups, compartments, and some policies) reside within the tenancy itself, unlike cloud resources such as compute instances, which typically reside within compartments inside the tenancy. For information about OCIDs, see [Resource Identifiers](docs.us-phoenix-1.oraclecloud.com/Content/General/Concepts/identifiers.htm).

You must also specify a name for the group, which must be unique across all groups in your tenancy and cannot be changed. You can use this name or the OCID when writing policies that apply to the group. For more information about policies, see [How Policies Work](docs.us-phoenix-1.oraclecloud.com/Content/Identity/Concepts/policies.htm).

You must also specify a description for the group (although it can be an empty string). It does not have to be unique, and you can change it anytime with update_group.

After you send your request, the new object’s ‘lifecycleState` will temporarily be CREATING. Before using the object, first make sure its `lifecycleState` has changed to ACTIVE.

After creating the group, you need to put users in it and write policies for it. See add_user_to_group and create_policy.

Parameters:

• create_group_details (CreateGroupDetails) —

  Request object for creating a new group.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :opc_retry_token (String) —

  A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected).

Returns:

• (Response) —

  A Response object with data of type OracleBMC::Identity::Models::Group

# File 'lib/oraclebmc/identity/identity_client.rb', line 189

def create_group(create_group_details, opts = {})
  logger.debug "Calling operation IdentityClient#create_group." if logger

  fail "Missing the required parameter 'create_group_details' when calling create_group." if create_group_details.nil?

  path = "/groups/"

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'opc-retry-token'] = opts[:'opc_retry_token'] if opts[:'opc_retry_token']

  post_body = @api_client.object_to_http_body(create_group_details)

  return @api_client.call_api(
    :POST,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OracleBMC::Identity::Models::Group')
end

#create_or_reset_ui_password(user_id, opts = {}) ⇒ Response

Creates a new Console one-time password for the specified user. For more information about user credentials, see [User Credentials](docs.us-phoenix-1.oraclecloud.com/Content/Identity/Concepts/usercredentials.htm).

Use this operation after creating a new user, or if a user forgets their password. The new one-time password is returned to you in the response, and you must securely deliver it to the user. They’ll be prompted to change this password the next time they sign in to the Console. If they don’t change it within 7 days, the password will expire and you’ll need to create a new one-time password for the user.

Note: The user’s Console login is the unique name you specified when you created the user (see create_user).

Parameters:

• user_id (String) —

  The OCID of the user.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :opc_retry_token (String) —

  A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected).

Returns:

• (Response) —

  A Response object with data of type OracleBMC::Identity::Models::UIPassword

# File 'lib/oraclebmc/identity/identity_client.rb', line 238

def create_or_reset_ui_password(user_id, opts = {})
  logger.debug "Calling operation IdentityClient#create_or_reset_ui_password." if logger

  fail "Missing the required parameter 'user_id' when calling create_or_reset_ui_password." if user_id.nil?

  path = "/users/{userId}/uiPassword".sub('{userId}', user_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'opc-retry-token'] = opts[:'opc_retry_token'] if opts[:'opc_retry_token']

  post_body = nil

  return @api_client.call_api(
    :POST,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OracleBMC::Identity::Models::UIPassword')
end

#create_policy(create_policy_details, opts = {}) ⇒ Response

Creates a new policy in the specified compartment (either the tenancy or another of your compartments). If you’re new to policies, see [Getting Started with Policies](docs.us-phoenix-1.oraclecloud.com/Content/Identity/Concepts/policygetstarted.htm).

You must specify a name for the policy, which must be unique across all policies in your tenancy and cannot be changed.

You must also specify a description for the policy (although it can be an empty string). It does not have to be unique, and you can change it anytime with update_policy.

You must specify one or more policy statements in the statements array. For information about writing policies, see [How Policies Work](docs.us-phoenix-1.oraclecloud.com/Content/Identity/Concepts/policies.htm) and [Common Policies](docs.us-phoenix-1.oraclecloud.com/Content/Identity/Concepts/commonpolicies.htm).

After you send your request, the new object’s ‘lifecycleState` will temporarily be CREATING. Before using the object, first make sure its `lifecycleState` has changed to ACTIVE.

New policies take effect typically within 10 seconds.

Parameters:

• create_policy_details (CreatePolicyDetails) —

  Request object for creating a new policy.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :opc_retry_token (String) —

  A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected).

Returns:

• (Response) —

  A Response object with data of type OracleBMC::Identity::Models::Policy

# File 'lib/oraclebmc/identity/identity_client.rb', line 293

def create_policy(create_policy_details, opts = {})
  logger.debug "Calling operation IdentityClient#create_policy." if logger

  fail "Missing the required parameter 'create_policy_details' when calling create_policy." if create_policy_details.nil?

  path = "/policies/"

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'opc-retry-token'] = opts[:'opc_retry_token'] if opts[:'opc_retry_token']

  post_body = @api_client.object_to_http_body(create_policy_details)

  return @api_client.call_api(
    :POST,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OracleBMC::Identity::Models::Policy')
end

#create_swift_password(create_swift_password_details, user_id, opts = {}) ⇒ Response

Creates a new Swift password for the specified user. For information about what Swift passwords are for, see [Managing User Credentials](docs.us-phoenix-1.oraclecloud.com/Content/Identity/Tasks/managingcredentials.htm).

You must specify a description for the Swift password (although it can be an empty string). It does not have to be unique, and you can change it anytime with update_swift_password.

Every user has permission to create a Swift password for *their own user ID*. An administrator in your organization does not need to write a policy to give users this ability. To compare, administrators who have permission to the tenancy can use this operation to create a Swift password for any user, including themselves.

Parameters:

• create_swift_password_details (CreateSwiftPasswordDetails) —

  Request object for creating a new swift password.

• user_id (String) —

  The OCID of the user.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :opc_retry_token (String) —

  A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected).

Returns:

• (Response) —

  A Response object with data of type OracleBMC::Identity::Models::SwiftPassword

# File 'lib/oraclebmc/identity/identity_client.rb', line 342

def create_swift_password(create_swift_password_details, user_id, opts = {})
  logger.debug "Calling operation IdentityClient#create_swift_password." if logger

  fail "Missing the required parameter 'create_swift_password_details' when calling create_swift_password." if create_swift_password_details.nil?
  fail "Missing the required parameter 'user_id' when calling create_swift_password." if user_id.nil?

  path = "/users/{userId}/swiftPasswords/".sub('{userId}', user_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'opc-retry-token'] = opts[:'opc_retry_token'] if opts[:'opc_retry_token']

  post_body = @api_client.object_to_http_body(create_swift_password_details)

  return @api_client.call_api(
    :POST,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OracleBMC::Identity::Models::SwiftPassword')
end

#create_user(create_user_details, opts = {}) ⇒ Response

Creates a new user in your tenancy. For conceptual information about users, your tenancy, and other IAM Service components, see [Overview of the IAM Service](docs.us-phoenix-1.oraclecloud.com/Content/Identity/Concepts/overview.htm).

You must specify your tenancy’s OCID as the compartment ID in the request object (remember that the tenancy is simply the root compartment). Notice that IAM resources (users, groups, compartments, and some policies) reside within the tenancy itself, unlike cloud resources such as compute instances, which typically reside within compartments inside the tenancy. For information about OCIDs, see [Resource Identifiers](docs.us-phoenix-1.oraclecloud.com/Content/General/Concepts/identifiers.htm).

You must also specify a name for the user, which must be unique across all users in your tenancy and cannot be changed. Allowed characters: No spaces. Only letters, numerals, hyphens, periods, underscores, +, and @. If you specify a name that’s already in use, you’ll get a 409 error. This name will be the user’s login to the Console. You might want to pick a name that your company’s own identity system (e.g., Active Directory, LDAP, etc.) already uses. If you delete a user and then create a new user with the same name, they’ll be considered different users because they have different OCIDs.

You must also specify a description for the user (although it can be an empty string). It does not have to be unique, and you can change it anytime with update_user. You can use the field to provide the user’s full name, a description, a nickname, or other information to generally identify the user.

After you send your request, the new object’s ‘lifecycleState` will temporarily be CREATING. Before using the object, first make sure its `lifecycleState` has changed to ACTIVE.

A new user has no permissions until you place the user in one or more groups (see add_user_to_group). If the user needs to access the Console, you need to provide the user a password (see create_or_reset_ui_password). If the user needs to access the Oracle Bare Metal Cloud Services REST API, you need to upload a public API signing key for that user (see [Required Keys and OCIDs](docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm) and also upload_api_key).

Important: Make sure to inform the new user which compartment(s) they have access to.

Parameters:

• create_user_details (CreateUserDetails) —

  Request object for creating a new user.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :opc_retry_token (String) —

  A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected).

Returns:

• (Response) —

  A Response object with data of type OracleBMC::Identity::Models::User

# File 'lib/oraclebmc/identity/identity_client.rb', line 416

def create_user(create_user_details, opts = {})
  logger.debug "Calling operation IdentityClient#create_user." if logger

  fail "Missing the required parameter 'create_user_details' when calling create_user." if create_user_details.nil?

  path = "/users/"

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'opc-retry-token'] = opts[:'opc_retry_token'] if opts[:'opc_retry_token']

  post_body = @api_client.object_to_http_body(create_user_details)

  return @api_client.call_api(
    :POST,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OracleBMC::Identity::Models::User')
end

#delete_api_key(user_id, fingerprint, opts = {}) ⇒ Response

Deletes the specified API signing key for the specified user.

Every user has permission to use this operation to delete a key for *their own user ID*. An administrator in your organization does not need to write a policy to give users this ability. To compare, administrators who have permission to the tenancy can use this operation to delete a key for any user, including themselves.

Parameters:

• user_id (String) —

  The OCID of the user.

• fingerprint (String) —

  The key's fingerprint.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :if_match (String) —

  For optimistic concurrency control. In the PUT or DELETE call for a resource, set the ‘if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource's current etag value.

Returns:

• (Response) —

  A Response object with data of type nil

# File 'lib/oraclebmc/identity/identity_client.rb', line 459

def delete_api_key(user_id, fingerprint, opts = {})
  logger.debug "Calling operation IdentityClient#delete_api_key." if logger

  fail "Missing the required parameter 'user_id' when calling delete_api_key." if user_id.nil?
  fail "Missing the required parameter 'fingerprint' when calling delete_api_key." if fingerprint.nil?

  path = "/users/{userId}/apiKeys/{fingerprint}".sub('{userId}', user_id.to_s).sub('{fingerprint}', fingerprint.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'if-match'] = opts[:'if_match'] if opts[:'if_match']

  post_body = nil

  return @api_client.call_api(
    :DELETE,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body)
end

#delete_group(group_id, opts = {}) ⇒ Response

Deletes the specified group. The group must be empty.

Parameters:

• group_id (String) —

  The OCID of the group.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :if_match (String) —

  For optimistic concurrency control. In the PUT or DELETE call for a resource, set the ‘if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource's current etag value.

Returns:

• (Response) —

  A Response object with data of type nil

# File 'lib/oraclebmc/identity/identity_client.rb', line 496

def delete_group(group_id, opts = {})
  logger.debug "Calling operation IdentityClient#delete_group." if logger

  fail "Missing the required parameter 'group_id' when calling delete_group." if group_id.nil?

  path = "/groups/{groupId}".sub('{groupId}', group_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'if-match'] = opts[:'if_match'] if opts[:'if_match']

  post_body = nil

  return @api_client.call_api(
    :DELETE,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body)
end

#delete_policy(policy_id, opts = {}) ⇒ Response

Deletes the specified policy. The deletion takes effect typically within 10 seconds.

Parameters:

• policy_id (String) —

  The OCID of the policy.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :if_match (String) —

  For optimistic concurrency control. In the PUT or DELETE call for a resource, set the ‘if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource's current etag value.

Returns:

• (Response) —

  A Response object with data of type nil

# File 'lib/oraclebmc/identity/identity_client.rb', line 531

def delete_policy(policy_id, opts = {})
  logger.debug "Calling operation IdentityClient#delete_policy." if logger

  fail "Missing the required parameter 'policy_id' when calling delete_policy." if policy_id.nil?

  path = "/policies/{policyId}".sub('{policyId}', policy_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'if-match'] = opts[:'if_match'] if opts[:'if_match']

  post_body = nil

  return @api_client.call_api(
    :DELETE,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body)
end

#delete_swift_password(user_id, swift_password_id, opts = {}) ⇒ Response

Deletes the specified Swift password for the specified user.

Parameters:

• user_id (String) —

  The OCID of the user.

• swift_password_id (String) —

  The OCID of the Swift password.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :if_match (String) —

  For optimistic concurrency control. In the PUT or DELETE call for a resource, set the ‘if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource's current etag value.

Returns:

• (Response) —

  A Response object with data of type nil

# File 'lib/oraclebmc/identity/identity_client.rb', line 568

def delete_swift_password(user_id, swift_password_id, opts = {})
  logger.debug "Calling operation IdentityClient#delete_swift_password." if logger

  fail "Missing the required parameter 'user_id' when calling delete_swift_password." if user_id.nil?
  fail "Missing the required parameter 'swift_password_id' when calling delete_swift_password." if swift_password_id.nil?

  path = "/users/{userId}/swiftPasswords/{swiftPasswordId}".sub('{userId}', user_id.to_s).sub('{swiftPasswordId}', swift_password_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'if-match'] = opts[:'if_match'] if opts[:'if_match']

  post_body = nil

  return @api_client.call_api(
    :DELETE,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body)
end

#delete_user(user_id, opts = {}) ⇒ Response

Deletes the specified user. The user must not be in any groups.

Parameters:

• user_id (String) —

  The OCID of the user.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :if_match (String) —

  For optimistic concurrency control. In the PUT or DELETE call for a resource, set the ‘if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource's current etag value.

Returns:

• (Response) —

  A Response object with data of type nil

# File 'lib/oraclebmc/identity/identity_client.rb', line 604

def delete_user(user_id, opts = {})
  logger.debug "Calling operation IdentityClient#delete_user." if logger

  fail "Missing the required parameter 'user_id' when calling delete_user." if user_id.nil?

  path = "/users/{userId}".sub('{userId}', user_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'if-match'] = opts[:'if_match'] if opts[:'if_match']

  post_body = nil

  return @api_client.call_api(
    :DELETE,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body)
end

#get_compartment(compartment_id, opts = {}) ⇒ Response

Gets the specified compartment’s information.

This operation does not return a list of all the resources inside the compartment. There is no single API operation that does that. Compartments can contain multiple types of resources (instances, block storage volumes, etc.). To find out what’s in a compartment, you must call the "List" operation for each resource type and specify the compartment’s OCID as a query parameter in the request. For example, call the list_instances operation in the Cloud Compute Service or the list_volumes operation in Cloud Block Storage.

Parameters:

• compartment_id (String) —

  The OCID of the compartment.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Response) —

  A Response object with data of type OracleBMC::Identity::Models::Compartment

# File 'lib/oraclebmc/identity/identity_client.rb', line 643

def get_compartment(compartment_id, opts = {})
  logger.debug "Calling operation IdentityClient#get_compartment." if logger

  fail "Missing the required parameter 'compartment_id' when calling get_compartment." if compartment_id.nil?

  path = "/compartments/{compartmentId}".sub('{compartmentId}', compartment_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'

  post_body = nil

  return @api_client.call_api(
    :GET,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OracleBMC::Identity::Models::Compartment')
end

#get_group(group_id, opts = {}) ⇒ Response

Gets the specified group’s information.

This operation does not return a list of all the users in the group. To do that, use list_user_group_memberships and provide the group’s OCID as a query parameter in the request.

Parameters:

• group_id (String) —

  The OCID of the group.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Response) —

  A Response object with data of type OracleBMC::Identity::Models::Group

# File 'lib/oraclebmc/identity/identity_client.rb', line 679

def get_group(group_id, opts = {})
  logger.debug "Calling operation IdentityClient#get_group." if logger

  fail "Missing the required parameter 'group_id' when calling get_group." if group_id.nil?

  path = "/groups/{groupId}".sub('{groupId}', group_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'

  post_body = nil

  return @api_client.call_api(
    :GET,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OracleBMC::Identity::Models::Group')
end

#get_policy(policy_id, opts = {}) ⇒ Response

Gets the specified policy’s information.

Parameters:

• policy_id (String) —

  The OCID of the policy.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Response) —

  A Response object with data of type OracleBMC::Identity::Models::Policy

# File 'lib/oraclebmc/identity/identity_client.rb', line 710

def get_policy(policy_id, opts = {})
  logger.debug "Calling operation IdentityClient#get_policy." if logger

  fail "Missing the required parameter 'policy_id' when calling get_policy." if policy_id.nil?

  path = "/policies/{policyId}".sub('{policyId}', policy_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'

  post_body = nil

  return @api_client.call_api(
    :GET,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OracleBMC::Identity::Models::Policy')
end

#get_user(user_id, opts = {}) ⇒ Response

Gets the specified user’s information.

Parameters:

• user_id (String) —

  The OCID of the user.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Response) —

  A Response object with data of type OracleBMC::Identity::Models::User

# File 'lib/oraclebmc/identity/identity_client.rb', line 741

def get_user(user_id, opts = {})
  logger.debug "Calling operation IdentityClient#get_user." if logger

  fail "Missing the required parameter 'user_id' when calling get_user." if user_id.nil?

  path = "/users/{userId}".sub('{userId}', user_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'

  post_body = nil

  return @api_client.call_api(
    :GET,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OracleBMC::Identity::Models::User')
end

#get_user_group_membership(user_group_membership_id, opts = {}) ⇒ Response

Gets the specified UserGroupMembership’s information.

Parameters:

• user_group_membership_id (String) —

  The OCID of the userGroupMembership.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Response) —

  A Response object with data of type OracleBMC::Identity::Models::UserGroupMembership

# File 'lib/oraclebmc/identity/identity_client.rb', line 772

def get_user_group_membership(user_group_membership_id, opts = {})
  logger.debug "Calling operation IdentityClient#get_user_group_membership." if logger

  fail "Missing the required parameter 'user_group_membership_id' when calling get_user_group_membership." if user_group_membership_id.nil?

  path = "/userGroupMemberships/{userGroupMembershipId}".sub('{userGroupMembershipId}', user_group_membership_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'

  post_body = nil

  return @api_client.call_api(
    :GET,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OracleBMC::Identity::Models::UserGroupMembership')
end

#list_api_keys(user_id, opts = {}) ⇒ Response

Lists the API signing keys for the specified user. A user can have a maximum of three keys.

Every user has permission to use this API call for *their own user ID*. An administrator in your organization does not need to write a policy to give users this ability.

Parameters:

• user_id (String) —

  The OCID of the user.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Response) —

  A Response object with data of type Array<OracleBMC::Identity::Models::ApiKey>

# File 'lib/oraclebmc/identity/identity_client.rb', line 807

def list_api_keys(user_id, opts = {})
  logger.debug "Calling operation IdentityClient#list_api_keys." if logger

  fail "Missing the required parameter 'user_id' when calling list_api_keys." if user_id.nil?

  path = "/users/{userId}/apiKeys/".sub('{userId}', user_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'

  post_body = nil

  return @api_client.call_api(
    :GET,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'Array<OracleBMC::Identity::Models::ApiKey>')
end

#list_availability_domains(compartment_id, opts = {}) ⇒ Response

Lists the Availability Domains in your tenancy. Specify the OCID of either the tenancy or another of your compartments as the value for the compartment ID (remember that the tenancy is simply the root compartment). See [Where to Get the Tenancy’s OCID and User’s OCID](docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm#five).

Parameters:

• compartment_id (String) —

  The OCID of the compartment (remember that the tenancy is simply the root compartment).

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Response) —

  A Response object with data of type Array<OracleBMC::Identity::Models::AvailabilityDomain>

# File 'lib/oraclebmc/identity/identity_client.rb', line 842

def list_availability_domains(compartment_id, opts = {})
  logger.debug "Calling operation IdentityClient#list_availability_domains." if logger

  fail "Missing the required parameter 'compartment_id' when calling list_availability_domains." if compartment_id.nil?

  path = "/availabilityDomains/"

  # Query Params
  query_params = {}
  query_params[:'compartmentId'] = compartment_id

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'

  post_body = nil

  return @api_client.call_api(
    :GET,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'Array<OracleBMC::Identity::Models::AvailabilityDomain>')
end

#list_compartments(compartment_id, opts = {}) ⇒ Response

Lists the compartments in your tenancy. You must specify your tenancy’s OCID as the value for the compartment ID (remember that the tenancy is simply the root compartment). See [Where to Get the Tenancy’s OCID and User’s OCID](docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm#five).

To use this and other API operations, you must be authorized in an IAM policy. If you’re not authorized, talk to an administrator. If you’re an administrator who needs to write policies to give users access, see [Getting Started with Policies](docs.us-phoenix-1.oraclecloud.com/Content/Identity/Concepts/policygetstarted.htm).

Parameters:

• compartment_id (String) —

  The OCID of the compartment (remember that the tenancy is simply the root compartment).

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page (String) —

  The value of the ‘opc-next-page` response header from the previous &quot;List&quot; call.

• :limit (Integer) —

  The maximum number of items to return in a paginated &quot;List&quot; call.

Returns:

• (Response) —

  A Response object with data of type Array<OracleBMC::Identity::Models::Compartment>

# File 'lib/oraclebmc/identity/identity_client.rb', line 886

def list_compartments(compartment_id, opts = {})
  logger.debug "Calling operation IdentityClient#list_compartments." if logger

  fail "Missing the required parameter 'compartment_id' when calling list_compartments." if compartment_id.nil?

  path = "/compartments/"

  # Query Params
  query_params = {}
  query_params[:'compartmentId'] = compartment_id
  query_params[:'page'] = opts[:'page'] if opts[:'page']
  query_params[:'limit'] = opts[:'limit'] if opts[:'limit']

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'

  post_body = nil

  return @api_client.call_api(
    :GET,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'Array<OracleBMC::Identity::Models::Compartment>')
end

#list_groups(compartment_id, opts = {}) ⇒ Response

Lists the groups in your tenancy. You must specify your tenancy’s OCID as the value for the compartment ID (remember that the tenancy is simply the root compartment). See [Where to Get the Tenancy’s OCID and User’s OCID](docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm#five).

Parameters:

• compartment_id (String) —

  The OCID of the compartment (remember that the tenancy is simply the root compartment).

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page (String) —

  The value of the ‘opc-next-page` response header from the previous &quot;List&quot; call.

• :limit (Integer) —

  The maximum number of items to return in a paginated &quot;List&quot; call.

Returns:

• (Response) —

  A Response object with data of type Array<OracleBMC::Identity::Models::Group>

# File 'lib/oraclebmc/identity/identity_client.rb', line 928

def list_groups(compartment_id, opts = {})
  logger.debug "Calling operation IdentityClient#list_groups." if logger

  fail "Missing the required parameter 'compartment_id' when calling list_groups." if compartment_id.nil?

  path = "/groups/"

  # Query Params
  query_params = {}
  query_params[:'compartmentId'] = compartment_id
  query_params[:'page'] = opts[:'page'] if opts[:'page']
  query_params[:'limit'] = opts[:'limit'] if opts[:'limit']

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'

  post_body = nil

  return @api_client.call_api(
    :GET,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'Array<OracleBMC::Identity::Models::Group>')
end

#list_policies(compartment_id, opts = {}) ⇒ Response

Lists the policies in the specified compartment (either the tenancy or another of your compartments). See [Where to Get the Tenancy’s OCID and User’s OCID](docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm#five).

To determine which policies apply to a particular group or compartment, you must view the individual statements inside all your policies. There isn’t a way to automatically obtain that information via the API.

Parameters:

• compartment_id (String) —

  The OCID of the compartment (remember that the tenancy is simply the root compartment).

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page (String) —

  The value of the ‘opc-next-page` response header from the previous &quot;List&quot; call.

• :limit (Integer) —

  The maximum number of items to return in a paginated &quot;List&quot; call.

Returns:

• (Response) —

  A Response object with data of type Array<OracleBMC::Identity::Models::Policy>

# File 'lib/oraclebmc/identity/identity_client.rb', line 972

def list_policies(compartment_id, opts = {})
  logger.debug "Calling operation IdentityClient#list_policies." if logger

  fail "Missing the required parameter 'compartment_id' when calling list_policies." if compartment_id.nil?

  path = "/policies/"

  # Query Params
  query_params = {}
  query_params[:'compartmentId'] = compartment_id
  query_params[:'page'] = opts[:'page'] if opts[:'page']
  query_params[:'limit'] = opts[:'limit'] if opts[:'limit']

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'

  post_body = nil

  return @api_client.call_api(
    :GET,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'Array<OracleBMC::Identity::Models::Policy>')
end

#list_swift_passwords(user_id, opts = {}) ⇒ Response

Lists the Swift passwords for the specified user. The returned object contains the password’s OCID, but not the password itself. The actual password is returned only upon creation.

Parameters:

• user_id (String) —

  The OCID of the user.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Response) —

  A Response object with data of type Array<OracleBMC::Identity::Models::SwiftPassword>

# File 'lib/oraclebmc/identity/identity_client.rb', line 1008

def list_swift_passwords(user_id, opts = {})
  logger.debug "Calling operation IdentityClient#list_swift_passwords." if logger

  fail "Missing the required parameter 'user_id' when calling list_swift_passwords." if user_id.nil?

  path = "/users/{userId}/swiftPasswords/".sub('{userId}', user_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'

  post_body = nil

  return @api_client.call_api(
    :GET,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'Array<OracleBMC::Identity::Models::SwiftPassword>')
end

#list_user_group_memberships(compartment_id, opts = {}) ⇒ Response

Lists the ‘UserGroupMembership` objects in your tenancy. You must specify your tenancy’s OCID as the value for the compartment ID (see [Where to Get the Tenancy’s OCID and User’s OCID](docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm#five)). You must also then filter the list in one of these ways:

• You can limit the results to just the memberships for a given user by specifying a ‘userId`.

• Similarly, you can limit the results to just the memberships for a given group by specifying a ‘groupId`.

• You can set both the ‘userId` and `groupId` to determine if the specified user is in the specified group.

If the answer is no, the response is an empty list.

To use this and other API operations, you must be authorized in an IAM policy. If you’re not authorized, talk to an administrator. If you’re an administrator who needs to write policies to give users access, see [Getting Started with Policies](docs.us-phoenix-1.oraclecloud.com/Content/Identity/Concepts/policygetstarted.htm).

Parameters:

• compartment_id (String) —

  The OCID of the compartment (remember that the tenancy is simply the root compartment).

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :user_id (String) —

  The OCID of the user.

• :group_id (String) —

  The OCID of the group.

• :page (String) —

  The value of the ‘opc-next-page` response header from the previous &quot;List&quot; call.

• :limit (Integer) —

  The maximum number of items to return in a paginated &quot;List&quot; call.

Returns:

• (Response) —

  A Response object with data of type Array<OracleBMC::Identity::Models::UserGroupMembership>

# File 'lib/oraclebmc/identity/identity_client.rb', line 1059

def list_user_group_memberships(compartment_id, opts = {})
  logger.debug "Calling operation IdentityClient#list_user_group_memberships." if logger

  fail "Missing the required parameter 'compartment_id' when calling list_user_group_memberships." if compartment_id.nil?

  path = "/userGroupMemberships/"

  # Query Params
  query_params = {}
  query_params[:'compartmentId'] = compartment_id
  query_params[:'userId'] = opts[:'user_id'] if opts[:'user_id']
  query_params[:'groupId'] = opts[:'group_id'] if opts[:'group_id']
  query_params[:'page'] = opts[:'page'] if opts[:'page']
  query_params[:'limit'] = opts[:'limit'] if opts[:'limit']

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'

  post_body = nil

  return @api_client.call_api(
    :GET,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'Array<OracleBMC::Identity::Models::UserGroupMembership>')
end

#list_users(compartment_id, opts = {}) ⇒ Response

Lists the users in your tenancy. You must specify your tenancy’s OCID as the value for the compartment ID (remember that the tenancy is simply the root compartment). See [Where to Get the Tenancy’s OCID and User’s OCID](docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm#five).

Parameters:

• compartment_id (String) —

  The OCID of the compartment (remember that the tenancy is simply the root compartment).

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :page (String) —

  The value of the ‘opc-next-page` response header from the previous &quot;List&quot; call.

• :limit (Integer) —

  The maximum number of items to return in a paginated &quot;List&quot; call.

Returns:

• (Response) —

  A Response object with data of type Array<OracleBMC::Identity::Models::User>

# File 'lib/oraclebmc/identity/identity_client.rb', line 1103

def list_users(compartment_id, opts = {})
  logger.debug "Calling operation IdentityClient#list_users." if logger

  fail "Missing the required parameter 'compartment_id' when calling list_users." if compartment_id.nil?

  path = "/users/"

  # Query Params
  query_params = {}
  query_params[:'compartmentId'] = compartment_id
  query_params[:'page'] = opts[:'page'] if opts[:'page']
  query_params[:'limit'] = opts[:'limit'] if opts[:'limit']

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'

  post_body = nil

  return @api_client.call_api(
    :GET,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'Array<OracleBMC::Identity::Models::User>')
end

#logger ⇒ Logger

Returns The logger for this client. May be nil.

Returns:

• (Logger) —

  The logger for this client. May be nil.

# File 'lib/oraclebmc/identity/identity_client.rb', line 54

def logger
  @api_client.config.logger
end

#remove_user_from_group(user_group_membership_id, opts = {}) ⇒ Response

Removes a user from a group by deleting the corresponding ‘UserGroupMembership`.

Parameters:

• user_group_membership_id (String) —

  The OCID of the userGroupMembership.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :if_match (String) —

  For optimistic concurrency control. In the PUT or DELETE call for a resource, set the ‘if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource&#39;s current etag value.

Returns:

• (Response) —

  A Response object with data of type nil

# File 'lib/oraclebmc/identity/identity_client.rb', line 1141

def remove_user_from_group(user_group_membership_id, opts = {})
  logger.debug "Calling operation IdentityClient#remove_user_from_group." if logger

  fail "Missing the required parameter 'user_group_membership_id' when calling remove_user_from_group." if user_group_membership_id.nil?

  path = "/userGroupMemberships/{userGroupMembershipId}".sub('{userGroupMembershipId}', user_group_membership_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'if-match'] = opts[:'if_match'] if opts[:'if_match']

  post_body = nil

  return @api_client.call_api(
    :DELETE,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body)
end

#update_compartment(compartment_id, update_compartment_details, opts = {}) ⇒ Response

Updates the specified compartment’s description.

Parameters:

• compartment_id (String) —

  The OCID of the compartment.

• update_compartment_details (UpdateCompartmentDetails) —

  Request object for updating a compartment.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :if_match (String) —

  For optimistic concurrency control. In the PUT or DELETE call for a resource, set the ‘if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource&#39;s current etag value.

Returns:

• (Response) —

  A Response object with data of type OracleBMC::Identity::Models::Compartment

# File 'lib/oraclebmc/identity/identity_client.rb', line 1177

def update_compartment(compartment_id, update_compartment_details, opts = {})
  logger.debug "Calling operation IdentityClient#update_compartment." if logger

  fail "Missing the required parameter 'compartment_id' when calling update_compartment." if compartment_id.nil?
  fail "Missing the required parameter 'update_compartment_details' when calling update_compartment." if update_compartment_details.nil?

  path = "/compartments/{compartmentId}".sub('{compartmentId}', compartment_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'if-match'] = opts[:'if_match'] if opts[:'if_match']

  post_body = @api_client.object_to_http_body(update_compartment_details)

  return @api_client.call_api(
    :PUT,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OracleBMC::Identity::Models::Compartment')
end

#update_group(group_id, update_group_details, opts = {}) ⇒ Response

Updates the specified group.

Parameters:

• group_id (String) —

  The OCID of the group.

• update_group_details (UpdateGroupDetails) —

  Request object for updating a group.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :if_match (String) —

  For optimistic concurrency control. In the PUT or DELETE call for a resource, set the ‘if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource&#39;s current etag value.

Returns:

• (Response) —

  A Response object with data of type OracleBMC::Identity::Models::Group

# File 'lib/oraclebmc/identity/identity_client.rb', line 1215

def update_group(group_id, update_group_details, opts = {})
  logger.debug "Calling operation IdentityClient#update_group." if logger

  fail "Missing the required parameter 'group_id' when calling update_group." if group_id.nil?
  fail "Missing the required parameter 'update_group_details' when calling update_group." if update_group_details.nil?

  path = "/groups/{groupId}".sub('{groupId}', group_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'if-match'] = opts[:'if_match'] if opts[:'if_match']

  post_body = @api_client.object_to_http_body(update_group_details)

  return @api_client.call_api(
    :PUT,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OracleBMC::Identity::Models::Group')
end

#update_policy(policy_id, update_policy_details, opts = {}) ⇒ Response

Updates the specified policy. You can update the description or the policy statements themselves.

Policy changes take effect typically within 10 seconds.

Parameters:

• policy_id (String) —

  The OCID of the policy.

• update_policy_details (UpdatePolicyDetails) —

  Request object for updating a policy.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :if_match (String) —

  For optimistic concurrency control. In the PUT or DELETE call for a resource, set the ‘if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource&#39;s current etag value.

Returns:

• (Response) —

  A Response object with data of type OracleBMC::Identity::Models::Policy

# File 'lib/oraclebmc/identity/identity_client.rb', line 1256

def update_policy(policy_id, update_policy_details, opts = {})
  logger.debug "Calling operation IdentityClient#update_policy." if logger

  fail "Missing the required parameter 'policy_id' when calling update_policy." if policy_id.nil?
  fail "Missing the required parameter 'update_policy_details' when calling update_policy." if update_policy_details.nil?

  path = "/policies/{policyId}".sub('{policyId}', policy_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'if-match'] = opts[:'if_match'] if opts[:'if_match']

  post_body = @api_client.object_to_http_body(update_policy_details)

  return @api_client.call_api(
    :PUT,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OracleBMC::Identity::Models::Policy')
end

#update_swift_password(user_id, swift_password_id, update_swift_password_details, opts = {}) ⇒ Response

Updates the specified Swift password’s description.

Parameters:

• user_id (String) —

  The OCID of the user.

• swift_password_id (String) —

  The OCID of the Swift password.

• update_swift_password_details (UpdateSwiftPasswordDetails) —

  Request object for updating a Swift password.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :if_match (String) —

  For optimistic concurrency control. In the PUT or DELETE call for a resource, set the ‘if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource&#39;s current etag value.

Returns:

• (Response) —

  A Response object with data of type OracleBMC::Identity::Models::SwiftPassword

# File 'lib/oraclebmc/identity/identity_client.rb', line 1296

def update_swift_password(user_id, swift_password_id, update_swift_password_details, opts = {})
  logger.debug "Calling operation IdentityClient#update_swift_password." if logger

  fail "Missing the required parameter 'user_id' when calling update_swift_password." if user_id.nil?
  fail "Missing the required parameter 'swift_password_id' when calling update_swift_password." if swift_password_id.nil?
  fail "Missing the required parameter 'update_swift_password_details' when calling update_swift_password." if update_swift_password_details.nil?

  path = "/users/{userId}/swiftPasswords/{swiftPasswordId}".sub('{userId}', user_id.to_s).sub('{swiftPasswordId}', swift_password_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'if-match'] = opts[:'if_match'] if opts[:'if_match']

  post_body = @api_client.object_to_http_body(update_swift_password_details)

  return @api_client.call_api(
    :PUT,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OracleBMC::Identity::Models::SwiftPassword')
end

#update_user(user_id, update_user_details, opts = {}) ⇒ Response

Updates the description of the specified user.

Parameters:

• user_id (String) —

  The OCID of the user.

• update_user_details (UpdateUserDetails) —

  Request object for updating a user.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :if_match (String) —

  For optimistic concurrency control. In the PUT or DELETE call for a resource, set the ‘if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource&#39;s current etag value.

Returns:

• (Response) —

  A Response object with data of type OracleBMC::Identity::Models::User

# File 'lib/oraclebmc/identity/identity_client.rb', line 1335

def update_user(user_id, update_user_details, opts = {})
  logger.debug "Calling operation IdentityClient#update_user." if logger

  fail "Missing the required parameter 'user_id' when calling update_user." if user_id.nil?
  fail "Missing the required parameter 'update_user_details' when calling update_user." if update_user_details.nil?

  path = "/users/{userId}".sub('{userId}', user_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'if-match'] = opts[:'if_match'] if opts[:'if_match']

  post_body = @api_client.object_to_http_body(update_user_details)

  return @api_client.call_api(
    :PUT,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OracleBMC::Identity::Models::User')
end

#update_user_state(user_id, update_state_details, opts = {}) ⇒ Response

Updates the state of the specified user.

Parameters:

• user_id (String) —

  The OCID of the user.

• update_state_details (UpdateStateDetails) —

  Request object for updating a user state.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :if_match (String) —

  For optimistic concurrency control. In the PUT or DELETE call for a resource, set the ‘if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource&#39;s current etag value.

Returns:

• (Response) —

  A Response object with data of type OracleBMC::Identity::Models::User

# File 'lib/oraclebmc/identity/identity_client.rb', line 1374

def update_user_state(user_id, update_state_details, opts = {})
  logger.debug "Calling operation IdentityClient#update_user_state." if logger

  fail "Missing the required parameter 'user_id' when calling update_user_state." if user_id.nil?
  fail "Missing the required parameter 'update_state_details' when calling update_user_state." if update_state_details.nil?

  path = "/users/{userId}/state/".sub('{userId}', user_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'if-match'] = opts[:'if_match'] if opts[:'if_match']

  post_body = @api_client.object_to_http_body(update_state_details)

  return @api_client.call_api(
    :PUT,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OracleBMC::Identity::Models::User')
end

#upload_api_key(user_id, create_api_key_details, opts = {}) ⇒ Response

Uploads an API signing key for the specified user.

Every user has permission to use this operation to upload a key for *their own user ID*. An administrator in your organization does not need to write a policy to give users this ability. To compare, administrators who have permission to the tenancy can use this operation to upload a key for any user, including themselves.

Important: Even though you have permission to upload an API key, you might not yet have permission to do much else. If you try calling an operation unrelated to your own credential management (e.g., ‘ListUsers`, `LaunchInstance`) and receive an "unauthorized" error, check with an administrator to confirm which IAM Service group(s) you’re in and what access you have. Also confirm you’re working in the correct compartment.

After you send your request, the new object’s ‘lifecycleState` will temporarily be CREATING. Before using the object, first make sure its `lifecycleState` has changed to ACTIVE.

Parameters:

• user_id (String) —

  The OCID of the user.

• create_api_key_details (CreateApiKeyDetails) —

  Request object for uploading an API key for a user.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :opc_retry_token (String) —

  A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected).

Returns:

• (Response) —

  A Response object with data of type OracleBMC::Identity::Models::ApiKey

# File 'lib/oraclebmc/identity/identity_client.rb', line 1429

def upload_api_key(user_id, create_api_key_details, opts = {})
  logger.debug "Calling operation IdentityClient#upload_api_key." if logger

  fail "Missing the required parameter 'user_id' when calling upload_api_key." if user_id.nil?
  fail "Missing the required parameter 'create_api_key_details' when calling upload_api_key." if create_api_key_details.nil?

  path = "/users/{userId}/apiKeys/".sub('{userId}', user_id.to_s)

  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params['accept'] = 'application/json'
  header_params['content-type'] = 'application/json'
  header_params[:'opc-retry-token'] = opts[:'opc_retry_token'] if opts[:'opc_retry_token']

  post_body = @api_client.object_to_http_body(create_api_key_details)

  return @api_client.call_api(
    :POST,
    path,
    endpoint,
    :header_params => header_params,
    :query_params => query_params,
    :body => post_body,
    :return_type => 'OracleBMC::Identity::Models::ApiKey')
end