ibm_cloud_iam 1.0.1 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (493) hide show
  1. checksums.yaml +4 -4
  2. data/LICENSE.txt +202 -0
  3. data/README.md +548 -36
  4. data/docs/APIKeysApi.md +714 -0
  5. data/docs/AccessGroupCount.md +20 -0
  6. data/docs/AccountBasedMfaEnrollment.md +24 -0
  7. data/docs/AccountIdpSettings.md +32 -0
  8. data/docs/AccountLimitsApi.md +173 -0
  9. data/docs/AccountLoginSettings.md +18 -0
  10. data/docs/AccountSettingsApi.md +224 -0
  11. data/docs/AccountSettingsAssignedTemplatesSection.md +46 -0
  12. data/docs/AccountSettingsEffectiveSection.md +38 -0
  13. data/docs/AccountSettingsForIdPApi.md +489 -0
  14. data/docs/AccountSettingsMeta.md +24 -0
  15. data/docs/AccountSettingsRequest.md +40 -0
  16. data/docs/AccountSettingsResponse.md +48 -0
  17. data/docs/AccountSettingsTemplateApi.md +720 -0
  18. data/docs/AccountSettingsTemplateAssignmentsApi.md +376 -0
  19. data/docs/AccountSettingsTemplateList.md +30 -0
  20. data/docs/AccountSettingsTemplateRequest.md +24 -0
  21. data/docs/AccountSettingsTemplateResponse.md +44 -0
  22. data/docs/AccountSettingsUserDomainRestriction.md +22 -0
  23. data/docs/AccountSettingsUserMFAResponse.md +28 -0
  24. data/docs/ActionControls.md +22 -0
  25. data/docs/ActionControlsIdentities.md +20 -0
  26. data/docs/ActivitiesApi.md +149 -0
  27. data/docs/Activity.md +20 -0
  28. data/docs/AddAccountIdpSettingRequest.md +22 -0
  29. data/docs/ApiKey.md +44 -33
  30. data/docs/ApiKeyInsideCreateServiceIdRequest.md +18 -13
  31. data/docs/ApiKeyList.md +20 -19
  32. data/docs/ApikeyActivity.md +28 -0
  33. data/docs/ApikeyActivityServiceid.md +20 -0
  34. data/docs/ApikeyActivityUser.md +24 -0
  35. data/docs/AssignedTemplatesAccountSettings.md +40 -0
  36. data/docs/CommonAccountSettingsRequest.md +36 -0
  37. data/docs/CommonAccountSettingsResponse.md +34 -0
  38. data/docs/ConsumersResponse.md +20 -0
  39. data/docs/ConsumersResponseConsumersInner.md +20 -0
  40. data/docs/CreateApiKeyRequest.md +24 -17
  41. data/docs/CreateIdpRequest.md +30 -0
  42. data/docs/CreateIdpRequestProperties.md +20 -0
  43. data/docs/CreateIdpRequestPropertiesIdp.md +26 -0
  44. data/docs/CreateIdpRequestPropertiesSp.md +32 -0
  45. data/docs/CreateIdpRequestPropertiesSpAuthnContext.md +20 -0
  46. data/docs/CreateIdpRequestSecrets.md +20 -0
  47. data/docs/CreateIdpRequestSecretsIdp.md +22 -0
  48. data/docs/CreateIdpRequestSecretsIdpSigningInner.md +20 -0
  49. data/docs/CreateIdpRequestSecretsSp.md +18 -0
  50. data/docs/CreateIdpRequestSecretsSpSigningInner.md +24 -0
  51. data/docs/CreateProfileLinkRequest.md +24 -0
  52. data/docs/CreateProfileLinkRequestLink.md +26 -0
  53. data/docs/CreateServiceIdGroupRequest.md +22 -0
  54. data/docs/CreateServiceIdRequest.md +18 -15
  55. data/docs/CreateTemplateAssignmentRequest.md +24 -0
  56. data/docs/CreateTrustedProfileRequest.md +24 -0
  57. data/docs/EffectiveAccountSettingsResponse.md +26 -0
  58. data/docs/EnityHistoryRecord.md +18 -17
  59. data/docs/EntityActivity.md +22 -0
  60. data/docs/Error.md +14 -13
  61. data/docs/ExceptionResponse.md +14 -13
  62. data/docs/ExceptionResponseContext.md +30 -29
  63. data/docs/IDPManagementApi.md +692 -0
  64. data/docs/IdBasedMfaEnrollment.md +26 -0
  65. data/docs/IdentityCount.md +20 -0
  66. data/docs/IdentityLimitsUsageRequest.md +42 -0
  67. data/docs/IdentityLimitsUsageResponse.md +44 -0
  68. data/docs/IdentityLimitsUsageResponseApikeysPerIdentity.md +20 -0
  69. data/docs/IdentityLimitsUsageResponseClaimRulesPerGroup.md +20 -0
  70. data/docs/IdentityLimitsUsageResponseClaimRulesPerProfile.md +20 -0
  71. data/docs/IdentityLimitsUsageResponseServiceidsPerGroup.md +20 -0
  72. data/docs/IdentityLimitsUsageResponseTemplateVersionsPerTemplate.md +20 -0
  73. data/docs/IdentityPreferenceResponse.md +28 -0
  74. data/docs/IdentityPreferencesApi.md +304 -0
  75. data/docs/IdentityPreferencesResponse.md +18 -0
  76. data/docs/Idp.md +38 -0
  77. data/docs/LimitCount.md +20 -0
  78. data/docs/ListIdPSettings200Response.md +18 -0
  79. data/docs/ListIdps200Response.md +18 -0
  80. data/docs/MFAEnrollmentStatusApi.md +216 -0
  81. data/docs/MFARequirementsResponse.md +12 -11
  82. data/docs/MfaEnrollmentTypeStatus.md +20 -0
  83. data/docs/MfaOptions.md +15 -0
  84. data/docs/OidcExceptionResponse.md +16 -15
  85. data/docs/PolicyTemplateReference.md +20 -0
  86. data/docs/ProfileClaimRule.md +36 -0
  87. data/docs/ProfileClaimRuleConditions.md +22 -0
  88. data/docs/ProfileClaimRuleList.md +20 -0
  89. data/docs/ProfileClaimRuleRequest.md +30 -0
  90. data/docs/ProfileCount.md +20 -0
  91. data/docs/ProfileIdentitiesResponse.md +20 -0
  92. data/docs/ProfileIdentitiesUpdateRequest.md +18 -0
  93. data/docs/ProfileIdentityRequest.md +24 -0
  94. data/docs/ProfileIdentityResponse.md +26 -0
  95. data/docs/ProfileLink.md +32 -0
  96. data/docs/ProfileLinkLink.md +26 -0
  97. data/docs/ProfileLinkList.md +18 -0
  98. data/docs/Report.md +34 -0
  99. data/docs/ReportMfaEnrollmentStatus.md +28 -0
  100. data/docs/ReportReference.md +18 -0
  101. data/docs/ResponseContext.md +28 -27
  102. data/docs/RetrictActions.md +15 -0
  103. data/docs/SamlMetadataImportResponse.md +42 -0
  104. data/docs/ServiceIDGroupsApi.md +347 -0
  105. data/docs/ServiceIDsApi.md +515 -0
  106. data/docs/ServiceId.md +38 -33
  107. data/docs/ServiceIdGroup.md +34 -0
  108. data/docs/ServiceIdGroupCount.md +20 -0
  109. data/docs/ServiceIdGroupList.md +18 -0
  110. data/docs/ServiceIdList.md +20 -19
  111. data/docs/ShareScope.md +20 -0
  112. data/docs/TemplateAccountSettings.md +40 -0
  113. data/docs/TemplateAccountSettingsAllOfRestrictUserDomains.md +20 -0
  114. data/docs/TemplateAssignmentListResponse.md +30 -0
  115. data/docs/TemplateAssignmentResource.md +18 -0
  116. data/docs/TemplateAssignmentResourceError.md +24 -0
  117. data/docs/TemplateAssignmentResponse.md +48 -0
  118. data/docs/TemplateAssignmentResponseResource.md +24 -0
  119. data/docs/TemplateAssignmentResponseResourceDetail.md +26 -0
  120. data/docs/TemplateCount.md +20 -0
  121. data/docs/TemplateProfileComponentRequest.md +26 -0
  122. data/docs/TemplateProfileComponentResponse.md +26 -0
  123. data/docs/TestResult.md +28 -0
  124. data/docs/TestResultStepsInner.md +24 -0
  125. data/docs/TestTriggerResponse.md +20 -0
  126. data/docs/TokenResponse.md +18 -17
  127. data/docs/TokenRetrievalApi.md +461 -0
  128. data/docs/TrustedProfile.md +50 -0
  129. data/docs/TrustedProfileTemplateApi.md +720 -0
  130. data/docs/TrustedProfileTemplateAssignmentsApi.md +376 -0
  131. data/docs/TrustedProfileTemplateClaimRule.md +26 -0
  132. data/docs/TrustedProfileTemplateList.md +30 -0
  133. data/docs/TrustedProfileTemplateRequest.md +28 -0
  134. data/docs/TrustedProfileTemplateResponse.md +48 -0
  135. data/docs/TrustedProfilesApi.md +1414 -0
  136. data/docs/TrustedProfilesList.md +30 -0
  137. data/docs/UpdateAccountIdpSettingRequest.md +22 -0
  138. data/docs/UpdateAccountLoginSettings.md +18 -0
  139. data/docs/UpdateApiKeyRequest.md +16 -9
  140. data/docs/UpdateIdPRequest.md +28 -0
  141. data/docs/UpdateIdPRequestProperties.md +20 -0
  142. data/docs/UpdateIdPRequestPropertiesIdp.md +24 -0
  143. data/docs/UpdateIdPRequestSecrets.md +20 -0
  144. data/docs/UpdateIdPRequestSecretsIdp.md +20 -0
  145. data/docs/UpdatePreferenceRequest.md +20 -0
  146. data/docs/UpdateServiceIdGroupRequest.md +20 -0
  147. data/docs/UpdateServiceIdRequest.md +12 -11
  148. data/docs/UpdateTemplateAssignmentRequest.md +18 -0
  149. data/docs/UpdateTrustedProfileRequest.md +22 -0
  150. data/docs/UserActivity.md +26 -0
  151. data/docs/UserMFAResolved.md +24 -0
  152. data/docs/UserMfa.md +20 -0
  153. data/docs/UserMfaEnrollments.md +24 -0
  154. data/docs/UserReportMfaEnrollmentStatus.md +30 -0
  155. data/docs/UserVisbilityRetrictActions.md +15 -0
  156. data/docs/UserVisbilityRetrictActionsForTemplate.md +15 -0
  157. data/git_push.sh +3 -4
  158. data/ibm_cloud_iam.gemspec +6 -5
  159. data/lib/ibm_cloud_iam/api/account_limits_api.rb +208 -0
  160. data/lib/ibm_cloud_iam/api/account_settings_api.rb +262 -0
  161. data/lib/ibm_cloud_iam/api/account_settings_for_id_p_api.rb +571 -0
  162. data/lib/ibm_cloud_iam/api/account_settings_template_api.rb +823 -0
  163. data/lib/ibm_cloud_iam/api/account_settings_template_assignments_api.rb +422 -0
  164. data/lib/ibm_cloud_iam/api/activities_api.rb +174 -0
  165. data/lib/ibm_cloud_iam/api/api_keys_api.rb +786 -0
  166. data/lib/ibm_cloud_iam/api/identity_preferences_api.rb +357 -0
  167. data/lib/ibm_cloud_iam/api/idp_management_api.rb +744 -0
  168. data/lib/ibm_cloud_iam/api/mfa_enrollment_status_api.rb +248 -0
  169. data/lib/ibm_cloud_iam/api/service_id_groups_api.rb +392 -0
  170. data/lib/ibm_cloud_iam/api/service_ids_api.rb +575 -0
  171. data/lib/ibm_cloud_iam/api/token_retrieval_api.rb +557 -0
  172. data/lib/ibm_cloud_iam/api/trusted_profile_template_api.rb +823 -0
  173. data/lib/ibm_cloud_iam/api/trusted_profile_template_assignments_api.rb +422 -0
  174. data/lib/ibm_cloud_iam/api/trusted_profiles_api.rb +1630 -0
  175. data/lib/ibm_cloud_iam/api_client.rb +74 -65
  176. data/lib/ibm_cloud_iam/api_error.rb +4 -3
  177. data/lib/ibm_cloud_iam/api_model_base.rb +88 -0
  178. data/lib/ibm_cloud_iam/configuration.rb +75 -15
  179. data/lib/ibm_cloud_iam/models/access_group_count.rb +159 -0
  180. data/lib/ibm_cloud_iam/models/account_based_mfa_enrollment.rb +243 -0
  181. data/lib/ibm_cloud_iam/models/account_idp_settings.rb +244 -0
  182. data/lib/ibm_cloud_iam/models/account_login_settings.rb +147 -0
  183. data/lib/ibm_cloud_iam/models/account_settings_assigned_templates_section.rb +377 -0
  184. data/lib/ibm_cloud_iam/models/account_settings_effective_section.rb +282 -0
  185. data/lib/ibm_cloud_iam/models/account_settings_meta.rb +179 -0
  186. data/lib/ibm_cloud_iam/models/account_settings_request.rb +301 -0
  187. data/lib/ibm_cloud_iam/models/account_settings_response.rb +567 -0
  188. data/lib/ibm_cloud_iam/models/account_settings_template_list.rb +256 -0
  189. data/lib/ibm_cloud_iam/models/account_settings_template_request.rb +178 -0
  190. data/lib/ibm_cloud_iam/models/account_settings_template_response.rb +416 -0
  191. data/lib/ibm_cloud_iam/models/account_settings_user_domain_restriction.rb +188 -0
  192. data/lib/ibm_cloud_iam/models/account_settings_user_mfa_response.rb +261 -0
  193. data/lib/ibm_cloud_iam/models/action_controls.rb +199 -0
  194. data/lib/ibm_cloud_iam/models/action_controls_identities.rb +190 -0
  195. data/lib/ibm_cloud_iam/models/activity.rb +175 -0
  196. data/lib/ibm_cloud_iam/models/add_account_idp_setting_request.rb +243 -0
  197. data/lib/ibm_cloud_iam/models/api_key.rb +188 -104
  198. data/lib/ibm_cloud_iam/models/api_key_inside_create_service_id_request.rb +70 -99
  199. data/lib/ibm_cloud_iam/models/api_key_list.rb +46 -95
  200. data/lib/ibm_cloud_iam/models/apikey_activity.rb +231 -0
  201. data/lib/ibm_cloud_iam/models/apikey_activity_serviceid.rb +159 -0
  202. data/lib/ibm_cloud_iam/models/apikey_activity_user.rb +179 -0
  203. data/lib/ibm_cloud_iam/models/assigned_templates_account_settings.rb +296 -0
  204. data/lib/ibm_cloud_iam/models/common_account_settings_request.rb +272 -0
  205. data/lib/ibm_cloud_iam/models/common_account_settings_response.rb +260 -0
  206. data/lib/ibm_cloud_iam/models/consumers_response.rb +158 -0
  207. data/lib/ibm_cloud_iam/models/consumers_response_consumers_inner.rb +158 -0
  208. data/lib/ibm_cloud_iam/models/create_api_key_request.rb +92 -99
  209. data/lib/ibm_cloud_iam/models/create_idp_request.rb +283 -0
  210. data/lib/ibm_cloud_iam/models/create_idp_request_properties.rb +157 -0
  211. data/lib/ibm_cloud_iam/models/create_idp_request_properties_idp.rb +189 -0
  212. data/lib/ibm_cloud_iam/models/create_idp_request_properties_sp.rb +222 -0
  213. data/lib/ibm_cloud_iam/models/create_idp_request_properties_sp_authn_context.rb +163 -0
  214. data/lib/ibm_cloud_iam/models/create_idp_request_secrets.rb +157 -0
  215. data/lib/ibm_cloud_iam/models/create_idp_request_secrets_idp.rb +173 -0
  216. data/lib/ibm_cloud_iam/models/create_idp_request_secrets_idp_signing_inner.rb +192 -0
  217. data/lib/ibm_cloud_iam/models/create_idp_request_secrets_sp.rb +151 -0
  218. data/lib/ibm_cloud_iam/models/create_idp_request_secrets_sp_signing_inner.rb +212 -0
  219. data/lib/ibm_cloud_iam/models/create_profile_link_request.rb +211 -0
  220. data/lib/ibm_cloud_iam/models/create_profile_link_request_link.rb +206 -0
  221. data/lib/ibm_cloud_iam/models/create_service_id_group_request.rb +203 -0
  222. data/lib/ibm_cloud_iam/models/create_service_id_request.rb +68 -95
  223. data/lib/ibm_cloud_iam/models/create_template_assignment_request.rb +280 -0
  224. data/lib/ibm_cloud_iam/models/create_trusted_profile_request.rb +213 -0
  225. data/lib/ibm_cloud_iam/models/effective_account_settings_response.rb +239 -0
  226. data/lib/ibm_cloud_iam/models/enity_history_record.rb +112 -101
  227. data/lib/ibm_cloud_iam/models/entity_activity.rb +185 -0
  228. data/lib/ibm_cloud_iam/models/error.rb +69 -94
  229. data/lib/ibm_cloud_iam/models/exception_response.rb +57 -94
  230. data/lib/ibm_cloud_iam/models/exception_response_context.rb +33 -94
  231. data/lib/ibm_cloud_iam/models/id_based_mfa_enrollment.rb +270 -0
  232. data/lib/ibm_cloud_iam/models/identity_count.rb +159 -0
  233. data/lib/ibm_cloud_iam/models/identity_limits_usage_request.rb +283 -0
  234. data/lib/ibm_cloud_iam/models/identity_limits_usage_response.rb +265 -0
  235. data/lib/ibm_cloud_iam/models/identity_limits_usage_response_apikeys_per_identity.rb +178 -0
  236. data/lib/ibm_cloud_iam/models/identity_limits_usage_response_claim_rules_per_group.rb +178 -0
  237. data/lib/ibm_cloud_iam/models/identity_limits_usage_response_claim_rules_per_profile.rb +178 -0
  238. data/lib/ibm_cloud_iam/models/identity_limits_usage_response_serviceids_per_group.rb +178 -0
  239. data/lib/ibm_cloud_iam/models/identity_limits_usage_response_template_versions_per_template.rb +178 -0
  240. data/lib/ibm_cloud_iam/models/identity_preference_response.rb +200 -0
  241. data/lib/ibm_cloud_iam/models/identity_preferences_response.rb +167 -0
  242. data/lib/ibm_cloud_iam/models/idp.rb +239 -0
  243. data/lib/ibm_cloud_iam/models/limit_count.rb +176 -0
  244. data/lib/ibm_cloud_iam/models/list_id_p_settings200_response.rb +149 -0
  245. data/lib/ibm_cloud_iam/models/list_idps200_response.rb +149 -0
  246. data/lib/ibm_cloud_iam/models/mfa_enrollment_type_status.rb +192 -0
  247. data/lib/ibm_cloud_iam/models/mfa_options.rb +45 -0
  248. data/lib/ibm_cloud_iam/models/mfa_requirements_response.rb +69 -94
  249. data/lib/ibm_cloud_iam/models/oidc_exception_response.rb +57 -94
  250. data/lib/ibm_cloud_iam/models/policy_template_reference.rb +193 -0
  251. data/lib/ibm_cloud_iam/models/profile_claim_rule.rb +342 -0
  252. data/lib/ibm_cloud_iam/models/profile_claim_rule_conditions.rb +219 -0
  253. data/lib/ibm_cloud_iam/models/profile_claim_rule_list.rb +176 -0
  254. data/lib/ibm_cloud_iam/models/profile_claim_rule_request.rb +243 -0
  255. data/lib/ibm_cloud_iam/models/profile_count.rb +159 -0
  256. data/lib/ibm_cloud_iam/models/profile_identities_response.rb +160 -0
  257. data/lib/ibm_cloud_iam/models/profile_identities_update_request.rb +150 -0
  258. data/lib/ibm_cloud_iam/models/profile_identity_request.rb +238 -0
  259. data/lib/ibm_cloud_iam/models/profile_identity_response.rb +265 -0
  260. data/lib/ibm_cloud_iam/models/profile_link.rb +320 -0
  261. data/lib/ibm_cloud_iam/models/profile_link_link.rb +188 -0
  262. data/lib/ibm_cloud_iam/models/profile_link_list.rb +167 -0
  263. data/lib/ibm_cloud_iam/models/report.rb +321 -0
  264. data/lib/ibm_cloud_iam/models/report_mfa_enrollment_status.rb +268 -0
  265. data/lib/ibm_cloud_iam/models/report_reference.rb +165 -0
  266. data/lib/ibm_cloud_iam/models/response_context.rb +33 -94
  267. data/lib/ibm_cloud_iam/models/retrict_actions.rb +41 -0
  268. data/lib/ibm_cloud_iam/models/saml_metadata_import_response.rb +494 -0
  269. data/lib/ibm_cloud_iam/models/service_id.rb +184 -108
  270. data/lib/ibm_cloud_iam/models/service_id_group.rb +313 -0
  271. data/lib/ibm_cloud_iam/models/service_id_group_count.rb +159 -0
  272. data/lib/ibm_cloud_iam/models/service_id_group_list.rb +167 -0
  273. data/lib/ibm_cloud_iam/models/service_id_list.rb +47 -96
  274. data/lib/ibm_cloud_iam/models/share_scope.rb +190 -0
  275. data/lib/ibm_cloud_iam/models/template_account_settings.rb +296 -0
  276. data/lib/ibm_cloud_iam/models/template_account_settings_all_of_restrict_user_domains.rb +159 -0
  277. data/lib/ibm_cloud_iam/models/template_assignment_list_response.rb +227 -0
  278. data/lib/ibm_cloud_iam/models/template_assignment_resource.rb +149 -0
  279. data/lib/ibm_cloud_iam/models/template_assignment_resource_error.rb +179 -0
  280. data/lib/ibm_cloud_iam/models/template_assignment_response.rb +506 -0
  281. data/lib/ibm_cloud_iam/models/template_assignment_response_resource.rb +196 -0
  282. data/lib/ibm_cloud_iam/models/template_assignment_response_resource_detail.rb +203 -0
  283. data/lib/ibm_cloud_iam/models/template_count.rb +159 -0
  284. data/lib/ibm_cloud_iam/models/template_profile_component_request.rb +210 -0
  285. data/lib/ibm_cloud_iam/models/template_profile_component_response.rb +210 -0
  286. data/lib/ibm_cloud_iam/models/test_result.rb +194 -0
  287. data/lib/ibm_cloud_iam/models/test_result_steps_inner.rb +174 -0
  288. data/lib/ibm_cloud_iam/models/test_trigger_response.rb +156 -0
  289. data/lib/ibm_cloud_iam/models/token_response.rb +33 -94
  290. data/lib/ibm_cloud_iam/models/trusted_profile.rb +411 -0
  291. data/lib/ibm_cloud_iam/models/trusted_profile_template_claim_rule.rb +248 -0
  292. data/lib/ibm_cloud_iam/models/trusted_profile_template_list.rb +256 -0
  293. data/lib/ibm_cloud_iam/models/trusted_profile_template_request.rb +199 -0
  294. data/lib/ibm_cloud_iam/models/trusted_profile_template_response.rb +369 -0
  295. data/lib/ibm_cloud_iam/models/trusted_profiles_list.rb +227 -0
  296. data/lib/ibm_cloud_iam/models/update_account_idp_setting_request.rb +202 -0
  297. data/lib/ibm_cloud_iam/models/update_account_login_settings.rb +148 -0
  298. data/lib/ibm_cloud_iam/models/update_api_key_request.rb +68 -99
  299. data/lib/ibm_cloud_iam/models/update_id_p_request.rb +198 -0
  300. data/lib/ibm_cloud_iam/models/update_id_p_request_properties.rb +157 -0
  301. data/lib/ibm_cloud_iam/models/update_id_p_request_properties_idp.rb +179 -0
  302. data/lib/ibm_cloud_iam/models/update_id_p_request_secrets.rb +157 -0
  303. data/lib/ibm_cloud_iam/models/update_id_p_request_secrets_idp.rb +163 -0
  304. data/lib/ibm_cloud_iam/models/update_preference_request.rb +161 -0
  305. data/lib/ibm_cloud_iam/models/update_service_id_group_request.rb +176 -0
  306. data/lib/ibm_cloud_iam/models/update_service_id_request.rb +34 -95
  307. data/lib/ibm_cloud_iam/models/update_template_assignment_request.rb +175 -0
  308. data/lib/ibm_cloud_iam/models/update_trusted_profile_request.rb +169 -0
  309. data/lib/ibm_cloud_iam/models/user_activity.rb +222 -0
  310. data/lib/ibm_cloud_iam/models/user_mfa.rb +179 -0
  311. data/lib/ibm_cloud_iam/models/user_mfa_enrollments.rb +193 -0
  312. data/lib/ibm_cloud_iam/models/user_mfa_resolved.rb +178 -0
  313. data/lib/ibm_cloud_iam/models/user_report_mfa_enrollment_status.rb +291 -0
  314. data/lib/ibm_cloud_iam/models/user_visbility_retrict_actions.rb +40 -0
  315. data/lib/ibm_cloud_iam/models/user_visbility_retrict_actions_for_template.rb +41 -0
  316. data/lib/ibm_cloud_iam/version.rb +4 -4
  317. data/lib/ibm_cloud_iam.rb +140 -9
  318. data/spec/api/account_limits_api_spec.rb +75 -0
  319. data/spec/api/account_settings_api_spec.rb +80 -0
  320. data/spec/api/account_settings_for_id_p_api_spec.rb +132 -0
  321. data/spec/api/account_settings_template_api_spec.rb +184 -0
  322. data/spec/api/account_settings_template_assignments_api_spec.rb +112 -0
  323. data/spec/api/activities_api_spec.rb +64 -0
  324. data/spec/api/api_keys_api_spec.rb +182 -0
  325. data/spec/api/identity_preferences_api_spec.rb +98 -0
  326. data/spec/api/idp_management_api_spec.rb +166 -0
  327. data/spec/api/mfa_enrollment_status_api_spec.rb +77 -0
  328. data/spec/api/service_id_groups_api_spec.rb +102 -0
  329. data/spec/api/service_ids_api_spec.rb +143 -0
  330. data/spec/api/token_retrieval_api_spec.rb +134 -0
  331. data/spec/api/trusted_profile_template_api_spec.rb +184 -0
  332. data/spec/api/trusted_profile_template_assignments_api_spec.rb +112 -0
  333. data/spec/api/trusted_profiles_api_spec.rb +328 -0
  334. data/spec/models/access_group_count_spec.rb +42 -0
  335. data/spec/models/account_based_mfa_enrollment_spec.rb +54 -0
  336. data/spec/models/account_idp_settings_spec.rb +82 -0
  337. data/spec/models/account_login_settings_spec.rb +36 -0
  338. data/spec/models/account_settings_assigned_templates_section_spec.rb +120 -0
  339. data/spec/models/account_settings_effective_section_spec.rb +96 -0
  340. data/spec/models/account_settings_meta_spec.rb +54 -0
  341. data/spec/models/account_settings_request_spec.rb +102 -0
  342. data/spec/models/account_settings_response_spec.rb +126 -0
  343. data/spec/models/account_settings_template_list_spec.rb +72 -0
  344. data/spec/models/account_settings_template_request_spec.rb +54 -0
  345. data/spec/models/account_settings_template_response_spec.rb +114 -0
  346. data/spec/models/account_settings_user_domain_restriction_spec.rb +48 -0
  347. data/spec/models/account_settings_user_mfa_response_spec.rb +66 -0
  348. data/spec/models/action_controls_identities_spec.rb +42 -0
  349. data/spec/models/action_controls_spec.rb +48 -0
  350. data/spec/models/activity_spec.rb +42 -0
  351. data/spec/models/add_account_idp_setting_request_spec.rb +52 -0
  352. data/spec/models/api_key_inside_create_service_id_request_spec.rb +24 -17
  353. data/spec/models/api_key_list_spec.rb +15 -20
  354. data/spec/models/api_key_spec.rb +52 -27
  355. data/spec/models/apikey_activity_serviceid_spec.rb +42 -0
  356. data/spec/models/apikey_activity_spec.rb +66 -0
  357. data/spec/models/apikey_activity_user_spec.rb +54 -0
  358. data/spec/models/assigned_templates_account_settings_spec.rb +102 -0
  359. data/spec/models/common_account_settings_request_spec.rb +90 -0
  360. data/spec/models/common_account_settings_response_spec.rb +84 -0
  361. data/spec/models/consumers_response_consumers_inner_spec.rb +42 -0
  362. data/spec/models/consumers_response_spec.rb +42 -0
  363. data/spec/models/create_api_key_request_spec.rb +32 -19
  364. data/spec/models/create_idp_request_properties_idp_spec.rb +60 -0
  365. data/spec/models/create_idp_request_properties_sp_authn_context_spec.rb +42 -0
  366. data/spec/models/create_idp_request_properties_sp_spec.rb +78 -0
  367. data/spec/models/create_idp_request_properties_spec.rb +42 -0
  368. data/spec/models/create_idp_request_secrets_idp_signing_inner_spec.rb +46 -0
  369. data/spec/models/create_idp_request_secrets_idp_spec.rb +48 -0
  370. data/spec/models/create_idp_request_secrets_sp_signing_inner_spec.rb +58 -0
  371. data/spec/models/create_idp_request_secrets_sp_spec.rb +36 -0
  372. data/spec/models/create_idp_request_secrets_spec.rb +42 -0
  373. data/spec/models/create_idp_request_spec.rb +76 -0
  374. data/spec/models/create_profile_link_request_link_spec.rb +60 -0
  375. data/spec/models/create_profile_link_request_spec.rb +54 -0
  376. data/spec/models/create_service_id_group_request_spec.rb +48 -0
  377. data/spec/models/create_service_id_request_spec.rb +19 -18
  378. data/spec/models/create_template_assignment_request_spec.rb +58 -0
  379. data/spec/models/create_trusted_profile_request_spec.rb +54 -0
  380. data/spec/models/effective_account_settings_response_spec.rb +60 -0
  381. data/spec/models/enity_history_record_spec.rb +14 -19
  382. data/spec/models/entity_activity_spec.rb +48 -0
  383. data/spec/models/error_spec.rb +12 -17
  384. data/spec/models/exception_response_context_spec.rb +20 -25
  385. data/spec/models/exception_response_spec.rb +12 -17
  386. data/spec/models/id_based_mfa_enrollment_spec.rb +64 -0
  387. data/spec/models/identity_count_spec.rb +42 -0
  388. data/spec/models/identity_limits_usage_request_spec.rb +108 -0
  389. data/spec/models/identity_limits_usage_response_apikeys_per_identity_spec.rb +42 -0
  390. data/spec/models/identity_limits_usage_response_claim_rules_per_group_spec.rb +42 -0
  391. data/spec/models/identity_limits_usage_response_claim_rules_per_profile_spec.rb +42 -0
  392. data/spec/models/identity_limits_usage_response_serviceids_per_group_spec.rb +42 -0
  393. data/spec/models/identity_limits_usage_response_spec.rb +114 -0
  394. data/spec/models/identity_limits_usage_response_template_versions_per_template_spec.rb +42 -0
  395. data/spec/models/identity_preference_response_spec.rb +66 -0
  396. data/spec/models/identity_preferences_response_spec.rb +36 -0
  397. data/spec/models/idp_spec.rb +96 -0
  398. data/spec/models/limit_count_spec.rb +42 -0
  399. data/spec/models/list_id_p_settings200_response_spec.rb +36 -0
  400. data/spec/models/list_idps200_response_spec.rb +36 -0
  401. data/spec/models/mfa_enrollment_type_status_spec.rb +42 -0
  402. data/spec/models/mfa_options_spec.rb +30 -0
  403. data/spec/models/mfa_requirements_response_spec.rb +11 -16
  404. data/spec/models/oidc_exception_response_spec.rb +13 -18
  405. data/spec/models/policy_template_reference_spec.rb +42 -0
  406. data/spec/models/profile_claim_rule_conditions_spec.rb +48 -0
  407. data/spec/models/profile_claim_rule_list_spec.rb +42 -0
  408. data/spec/models/profile_claim_rule_request_spec.rb +72 -0
  409. data/spec/models/profile_claim_rule_spec.rb +90 -0
  410. data/spec/models/profile_count_spec.rb +42 -0
  411. data/spec/models/profile_identities_response_spec.rb +42 -0
  412. data/spec/models/profile_identities_update_request_spec.rb +36 -0
  413. data/spec/models/profile_identity_request_spec.rb +58 -0
  414. data/spec/models/profile_identity_response_spec.rb +64 -0
  415. data/spec/models/profile_link_link_spec.rb +60 -0
  416. data/spec/models/profile_link_list_spec.rb +36 -0
  417. data/spec/models/profile_link_spec.rb +78 -0
  418. data/spec/models/report_mfa_enrollment_status_spec.rb +66 -0
  419. data/spec/models/report_reference_spec.rb +36 -0
  420. data/spec/models/report_spec.rb +84 -0
  421. data/spec/models/response_context_spec.rb +19 -24
  422. data/spec/models/retrict_actions_spec.rb +30 -0
  423. data/spec/models/saml_metadata_import_response_spec.rb +112 -0
  424. data/spec/models/service_id_group_count_spec.rb +42 -0
  425. data/spec/models/service_id_group_list_spec.rb +36 -0
  426. data/spec/models/service_id_group_spec.rb +84 -0
  427. data/spec/models/service_id_list_spec.rb +15 -20
  428. data/spec/models/service_id_spec.rb +34 -27
  429. data/spec/models/share_scope_spec.rb +46 -0
  430. data/spec/models/template_account_settings_all_of_restrict_user_domains_spec.rb +42 -0
  431. data/spec/models/template_account_settings_spec.rb +102 -0
  432. data/spec/models/template_assignment_list_response_spec.rb +72 -0
  433. data/spec/models/template_assignment_resource_error_spec.rb +54 -0
  434. data/spec/models/template_assignment_resource_spec.rb +36 -0
  435. data/spec/models/template_assignment_response_resource_detail_spec.rb +60 -0
  436. data/spec/models/template_assignment_response_resource_spec.rb +54 -0
  437. data/spec/models/template_assignment_response_spec.rb +126 -0
  438. data/spec/models/template_count_spec.rb +42 -0
  439. data/spec/models/template_profile_component_request_spec.rb +60 -0
  440. data/spec/models/template_profile_component_response_spec.rb +60 -0
  441. data/spec/models/test_result_spec.rb +66 -0
  442. data/spec/models/test_result_steps_inner_spec.rb +54 -0
  443. data/spec/models/test_trigger_response_spec.rb +42 -0
  444. data/spec/models/token_response_spec.rb +14 -19
  445. data/spec/models/trusted_profile_spec.rb +132 -0
  446. data/spec/models/trusted_profile_template_claim_rule_spec.rb +64 -0
  447. data/spec/models/trusted_profile_template_list_spec.rb +72 -0
  448. data/spec/models/trusted_profile_template_request_spec.rb +66 -0
  449. data/spec/models/trusted_profile_template_response_spec.rb +126 -0
  450. data/spec/models/trusted_profiles_list_spec.rb +72 -0
  451. data/spec/models/update_account_idp_setting_request_spec.rb +52 -0
  452. data/spec/models/update_account_login_settings_spec.rb +36 -0
  453. data/spec/models/update_api_key_request_spec.rb +28 -15
  454. data/spec/models/update_id_p_request_properties_idp_spec.rb +54 -0
  455. data/spec/models/update_id_p_request_properties_spec.rb +42 -0
  456. data/spec/models/update_id_p_request_secrets_idp_spec.rb +42 -0
  457. data/spec/models/update_id_p_request_secrets_spec.rb +42 -0
  458. data/spec/models/update_id_p_request_spec.rb +66 -0
  459. data/spec/models/update_preference_request_spec.rb +42 -0
  460. data/spec/models/update_service_id_group_request_spec.rb +42 -0
  461. data/spec/models/update_service_id_request_spec.rb +11 -16
  462. data/spec/models/update_template_assignment_request_spec.rb +36 -0
  463. data/spec/models/update_trusted_profile_request_spec.rb +48 -0
  464. data/spec/models/user_activity_spec.rb +60 -0
  465. data/spec/models/user_mfa_enrollments_spec.rb +54 -0
  466. data/spec/models/user_mfa_resolved_spec.rb +54 -0
  467. data/spec/models/user_mfa_spec.rb +42 -0
  468. data/spec/models/user_report_mfa_enrollment_status_spec.rb +72 -0
  469. data/spec/models/user_visbility_retrict_actions_for_template_spec.rb +30 -0
  470. data/spec/models/user_visbility_retrict_actions_spec.rb +30 -0
  471. data/spec/spec_helper.rb +3 -3
  472. metadata +550 -36
  473. data/docs/IdentityOperationsApi.md +0 -828
  474. data/docs/InlineObject.md +0 -19
  475. data/docs/InlineObject1.md +0 -23
  476. data/docs/InlineObject2.md +0 -21
  477. data/docs/InlineObject3.md +0 -25
  478. data/docs/TokenOperationsApi.md +0 -226
  479. data/ibm_cloud_iam-1.0.0.gem +0 -0
  480. data/lib/ibm_cloud_iam/api/identity_operations_api.rb +0 -1083
  481. data/lib/ibm_cloud_iam/api/token_operations_api.rb +0 -351
  482. data/lib/ibm_cloud_iam/models/inline_object.rb +0 -229
  483. data/lib/ibm_cloud_iam/models/inline_object1.rb +0 -254
  484. data/lib/ibm_cloud_iam/models/inline_object2.rb +0 -244
  485. data/lib/ibm_cloud_iam/models/inline_object3.rb +0 -269
  486. data/spec/api/identity_operations_api_spec.rb +0 -253
  487. data/spec/api/token_operations_api_spec.rb +0 -94
  488. data/spec/api_client_spec.rb +0 -226
  489. data/spec/configuration_spec.rb +0 -42
  490. data/spec/models/inline_object1_spec.rb +0 -59
  491. data/spec/models/inline_object2_spec.rb +0 -53
  492. data/spec/models/inline_object3_spec.rb +0 -65
  493. data/spec/models/inline_object_spec.rb +0 -47
@@ -0,0 +1,159 @@
1
+ =begin
2
+ #IAM Identity Services
3
+
4
+ #  ## Introduction The IAM Identity Service API is used to manage service IDs, API key identities, trusted profiles, account security settings and to create IAM access tokens for a user or service ID. With trusted profile templates and assignments you can centrally manage access for child accounts in your organization from the root enterprise account. Similarly with settings templates and assignments, you can centrally administer account security settings. For more information, see [Working with template versions](https://cloud.ibm.com/docs/secure-enterprise?topic=secure-enterprise-working-with-versions&interface=ui) and [Best practices for assigning access in an enterprise](https://cloud.ibm.com/docs/secure-enterprise?topic=secure-enterprise-access-enterprises). SDKs for Java, Node, Python, and Go are available to make it easier to programmatically access the API from your code. The client libraries that are provided by the SDKs implement best practices for using the API and reduce the amount of code that you need to write. The tab for each language includes code examples that demonstrate how to use the client libraries. For more information about using the SDKs, see the [IBM Cloud SDK Common project](https://github.com/IBM/ibm-cloud-sdk-common) on GitHub. Installing the Java SDK Maven ```xml <dependency> <groupId>com.ibm.cloud</groupId> <artifactId>iam-identity</artifactId> <version>{version}</version> </dependency> ``` Gradle ```bash compile 'com.ibm.cloud:iam-identity:{version}' ``` Replace `{version}` in these examples with the release version. View on GitHub [https://github.com/IBM/platform-services-java-sdk](https://github.com/IBM/platform-services-java-sdk) Installing the Go SDK Go modules (recommended): Add the following import in your code, and then run `go build` or `go mod tidy` ```go import ( \"github.com/IBM/platform-services-go-sdk/iamidentityv1\" ) ``` ```bash go get -u github.com/IBM/platform-services-go-sdk/iamidentityv1 ``` View on GitHub [https://github.com/IBM/platform-services-go-sdk](https://github.com/IBM/platform-services-go-sdk) Installing the Node SDK ```bash npm install @ibm-cloud/platform-services ``` View on GitHub [https://github.com/IBM/platform-services-node-sdk](https://github.com/IBM/platform-services-node-sdk) Installing the Python SDK ```bash pip install --upgrade \"ibm-platform-services\" ``` View on GitHub [https://github.com/IBM/platform-services-python-sdk](https://github.com/IBM/platform-services-python-sdk) The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). ## Endpoint URLs The IAM Identity Services API uses the following public global endpoint URL. When you call the API, add the path for each method to form the complete API endpoint for your requests. ```bash https://iam.cloud.ibm.com ``` Virtual private cloud (VPC) based access requires a virtual private endpoint gateway (VPE gateway). For more information , see [Creating an endpoint gateway](https://cloud.ibm.com/docs/vpc?topic=vpc-ordering-endpoint-gateway). * Private endpoint URL for VPC infrastructure: `https://private.iam.cloud.ibm.com`. VPE gateway creation is supported in all datacenters (see https://cloud.ibm.com/docs/overview?topic=overview-locations#regions). If you enabled service endpoints in your account, you can send API requests over the IBM Cloud® private network at the following base endpoint URLs. For more information, see [Enabling VRF and service endpoints](https://cloud.ibm.com/docs/account?topic=account-vrf-service-endpoint). * Private endpoint URLs for classic infrastructure. Supported URLs: * Sydney: `https://private.au-syd.iam.cloud.ibm.com` * Sao Paulo: `https://private.br-sao.iam.cloud.ibm.com` * Montreal: `https://private.ca-mon.iam.cloud.ibm.com` * Toronto: `https://private.ca-tor.iam.cloud.ibm.com` * Frankfurt DC: `https://private.eu-de.iam.cloud.ibm.com` * London: `https://private.eu-gb.iam.cloud.ibm.com` * Madrid: `https://private.eu-es.iam.cloud.ibm.com` * Tokyo: `https://private.jp-tok.iam.cloud.ibm.com` * Osaka: `https://private.jp-osa.iam.cloud.ibm.com` * Washington DC: `https://private.us-east.iam.cloud.ibm.com` * Dallas: `https://private.us-south.iam.cloud.ibm.com` IAM is a global service and deployed to multiple MZRs world wide. IAM can be reached from all locations using the public global endpoint or using one of the private endpoints. Each request is sent to the closest region related to the client that invokes the call to IAM. Example API request ```bash curl -u \"apikey:{apikey}\" -X {request_method} \"https://iam.cloud.ibm.com/{method_endpoint}\" ``` Replace `{apikey}`, `{request_method}`, and `{method_endpoint}` in this example with the values for your particular API call. ## Authentication Authorization to the Identity Services REST API is enforced by using an IBM Cloud Identity and Access Management (IAM) access token. The token is used to determine the actions that a user or service ID has access to when they use the API. You can generate an access token by first [creating an API key](https://cloud.ibm.com/docs/account?topic=account-iamtoken_from_apikey) and then exchanging your API key for an IBM Cloud IAM token. Don't have an API key? Try running `ibmcloud iam oauth-tokens` in the [IBM Cloud Shell](https://cloud.ibm.com/shell) to quickly generate a personal access token. When you use the SDK, configure an IAM authenticator with the IAM API key. The authenticator automatically obtains the IAM access token for the API key and includes it with each request. You can construct an authenticator in either of two ways: - Programmatically by constructing an IAM authenticator instance and supplying your IAM API key - By defining the API key in external configuration properties and then using the SDK authenticator factory to construct an IAM authenticator that uses the configured IAM API key In this example of using external configuration properties, an IAM authenticator instance is created with the configured API key, and then the service client is constructed with this authenticator instance and the configured service URL. For more information, see the Authentication section of the [IBM Cloud SDK Common](https://github.com/IBM/ibm-cloud-sdk-common/blob/main/README.md) documentation. To call each method, you'll need to be assigned a role that includes the required IAM actions. Each method lists the associated action. For more information about IAM actions and how they map to roles, see [IAM Identity service](https://cloud.ibm.com/docs/account?topic=account-account-services#identity-service-account-management). To retrieve your access token: ```bash curl -X POST \\ \"https://iam.cloud.ibm.com/identity/token\" \\ --header 'Content-Type: application/x-www-form-urlencoded' \\ --header 'Accept: application/json' \\ --data-urlencode 'grant_type=urn:ibm:params:oauth:grant-type:apikey' \\ --data-urlencode 'apikey=<API_KEY>' ``` Replace `<API_KEY>` with your IAM API key. Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```go import { \"github.com/IBM/platform-services-go-sdk/iamidentityv1\" } ... serviceClientOptions := &iamidentityv1.IamIdentityV1Options{} serviceClient, err := iamidentityv1.NewIamIdentityV1UsingExternalConfig(serviceClientOptions) ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```java import com.ibm.cloud.platform_services.iam_identity.v1.IamIdentity; ... IamIdentity serviceClient = IamIdentity.newInstance(); ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```javascript const IamIdentityV1 = require('@ibm-cloud/platform-services/iam-identity/v1'); ... const serviceClient = IamIdentityV1.newInstance({}); ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```python from ibm_platform_services import IamIdentityV1 ... service_client = IamIdentityV1.new_instance() ``` You authenticate to the API by using Cloud Identity and Access Management (IAM). You can pass either a bearer token in an authorization header or an [API key](https://cloud.ibm.com/docs/account?topic=account-manapikey). The SDK provides initialization methods for each form of authentication. - Use the API key to have the SDK manage the lifecycle of the access token. The SDK requests an access token, ensures that the access token is valid, includes the access token in each outgoing request, and refreshes it when it expires. - Use the access token to manage the lifecycle yourself. Keep in mind that access tokens are valid for 1 hour, so you must refresh them regularly to maintain access. For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). ## Auditing You can monitor API activity within your account by using the IBM Cloud Logs service. Whenever an API method is called, an event is generated that you can then track and audit from within IBM Cloud Logs. The specific event type is listed for each individual method. If an event is tracked for a method, you can find it listed with the method. For more information about how to track IAM activity, see [Activity tracking events for IAM](https://cloud.ibm.com/docs/account?topic=account-at_events_iam). ## Error handling The IAM Token Service uses standard HTTP response codes to indicate whether a method completed successfully. A `200` response always indicates success. A `400` type response indicates that a parameter validation failed and can occur if required parameters are missing or if any parameter values are invalid. A `401` or `403` response indicates that the incoming request did not contain valid authentication information. A `500` type response indicates an internal server error that is seen in an unexpected error situation. The Identity Services REST APIs return standard HTTP status codes to indicate the success or failure of a request. The format of the response is represented in JSON as follows: ```json { \"trace\": \"9daee671-916a-4678-850b-10b911f0236d\", \"errors\": [ { \"code\": \"invalid_access_token\", \"message\": \"The provided access token provided is invalid.\" } ] \"status_code\": 401 } ``` If an operation cannot be fulfilled, an appropriate 400 or 500 series HTTP response is returned from the server. The operations that are defined in the `Reference` section describe example errors that might be returned from a failed request. All responses from the Identity Services REST API are in JSON format. The following table show the potential error codes the API might return. | HTTP Error Code | Description | Recovery | |-----------------|-------------|----------| | `200` | Success | The request was successful. | | `201` | Created | The resource was successfully created. | | `204` | No Content | The request was successful. No response body is provided. | | `400` | Bad Request | The input parameters in the request body are either incomplete or in the wrong format. Be sure to include all required parameters in your request. | | `401` | Unauthorized | You are not authorized to make this request. The token is either missing or expired. Get a new valid token and try again. | | `403` | Forbidden | The supplied authentication is not authorized to perform the operation. If this error persists, contact the account owner to check your permissions. | | `404` | Not Found | The requested resource can't be found. | | `409` | Conflict | The entity is already in the requested state. | | `429` | Too Many Requests | Too many requests have been made within a time window. Wait before calling the API again. | | `500` | Internal error | Error that is seen in an unexpected error situation. | ## Additional headers Some additional headers might be required to make successful requests to the API. Those additional headers are: An optional transaction ID can be passed to your request, which can be useful for tracking calls through multiple services using one identifier. The header key must be set to `Transaction-Id` and the value is anything that you choose. If there is not a transaction ID that is passed in, then one is generated randomly. ## API Parameters Some API parameter have additional details that need to be considered while using it in a request. Those API parameters are as follow: ### Filtering list results When listing service IDs, trusted profiles or API keys you can filter the result set by providing an optional `filter` parameter. The exact syntax of this parameter is described below. Query syntax will follow the SCIM query syntax with reduced operator support. The value must be URL encoded. Only the following operators are supported. * Supported attribute operators- - `sw` - starts with - `sw_ci` - starts with ingnore case - non SCIM standard - `ew` - ends with - `ew_ci` - ends with ingnore case - non SCIM standard - `co` - contains - `co_ci` - contains ingnore case - non SCIM standard * Supported operators- - `and` - `or` * Grouping operators- - `()` * Data Values -`Text` * Sample - `name co \"Foo\" and description sw \"Bar\"`
5
+
6
+ The version of the OpenAPI document: 1.0.0
7
+
8
+ Generated by: https://openapi-generator.tech
9
+ Generator version: 7.23.0
10
+
11
+ =end
12
+
13
+ require 'date'
14
+ require 'time'
15
+
16
+ module IbmCloudIam
17
+ class TemplateAccountSettingsAllOfRestrictUserDomains < ApiModelBase
18
+ attr_accessor :account_sufficient
19
+
20
+ # Defines if account invitations are restricted to specified domains. To remove an entry for a realm_id, perform an update (PUT) request with only the realm_id set.
21
+ attr_accessor :restrictions
22
+
23
+ # Attribute mapping from ruby-style variable name to JSON key.
24
+ def self.attribute_map
25
+ {
26
+ :'account_sufficient' => :'account_sufficient',
27
+ :'restrictions' => :'restrictions'
28
+ }
29
+ end
30
+
31
+ # Returns attribute mapping this model knows about
32
+ def self.acceptable_attribute_map
33
+ attribute_map
34
+ end
35
+
36
+ # Returns all the JSON keys this model knows about
37
+ def self.acceptable_attributes
38
+ acceptable_attribute_map.values
39
+ end
40
+
41
+ # Attribute type mapping.
42
+ def self.openapi_types
43
+ {
44
+ :'account_sufficient' => :'Boolean',
45
+ :'restrictions' => :'Array<AccountSettingsUserDomainRestriction>'
46
+ }
47
+ end
48
+
49
+ # List of attributes with nullable: true
50
+ def self.openapi_nullable
51
+ Set.new([
52
+ ])
53
+ end
54
+
55
+ # Initializes the object
56
+ # @param [Hash] attributes Model attributes in the form of hash
57
+ def initialize(attributes = {})
58
+ if (!attributes.is_a?(Hash))
59
+ fail ArgumentError, "The input argument (attributes) must be a hash in `IbmCloudIam::TemplateAccountSettingsAllOfRestrictUserDomains` initialize method"
60
+ end
61
+
62
+ # check to see if the attribute exists and convert string to symbol for hash key
63
+ acceptable_attribute_map = self.class.acceptable_attribute_map
64
+ attributes = attributes.each_with_object({}) { |(k, v), h|
65
+ if (!acceptable_attribute_map.key?(k.to_sym))
66
+ fail ArgumentError, "`#{k}` is not a valid attribute in `IbmCloudIam::TemplateAccountSettingsAllOfRestrictUserDomains`. Please check the name to make sure it's valid. List of attributes: " + acceptable_attribute_map.keys.inspect
67
+ end
68
+ h[k.to_sym] = v
69
+ }
70
+
71
+ if attributes.key?(:'account_sufficient')
72
+ self.account_sufficient = attributes[:'account_sufficient']
73
+ end
74
+
75
+ if attributes.key?(:'restrictions')
76
+ if (value = attributes[:'restrictions']).is_a?(Array)
77
+ self.restrictions = value
78
+ end
79
+ end
80
+ end
81
+
82
+ # Show invalid properties with the reasons. Usually used together with valid?
83
+ # @return Array for valid properties with the reasons
84
+ def list_invalid_properties
85
+ warn '[DEPRECATED] the `list_invalid_properties` method is obsolete'
86
+ invalid_properties = Array.new
87
+ invalid_properties
88
+ end
89
+
90
+ # Check to see if the all the properties in the model are valid
91
+ # @return true if the model is valid
92
+ def valid?
93
+ warn '[DEPRECATED] the `valid?` method is obsolete'
94
+ true
95
+ end
96
+
97
+ # Checks equality by comparing each attribute.
98
+ # @param [Object] Object to be compared
99
+ def ==(o)
100
+ return true if self.equal?(o)
101
+ self.class == o.class &&
102
+ account_sufficient == o.account_sufficient &&
103
+ restrictions == o.restrictions
104
+ end
105
+
106
+ # @see the `==` method
107
+ # @param [Object] Object to be compared
108
+ def eql?(o)
109
+ self == o
110
+ end
111
+
112
+ # Calculates hash code according to all attributes.
113
+ # @return [Integer] Hash code
114
+ def hash
115
+ [account_sufficient, restrictions].hash
116
+ end
117
+
118
+ # Builds the object from hash
119
+ # @param [Hash] attributes Model attributes in the form of hash
120
+ # @return [Object] Returns the model itself
121
+ def self.build_from_hash(attributes)
122
+ return nil unless attributes.is_a?(Hash)
123
+ attributes = attributes.transform_keys(&:to_sym)
124
+ transformed_hash = {}
125
+ openapi_types.each_pair do |key, type|
126
+ if attributes.key?(attribute_map[key]) && attributes[attribute_map[key]].nil?
127
+ transformed_hash["#{key}"] = nil
128
+ elsif type =~ /\AArray<(.*)>/i
129
+ # check to ensure the input is an array given that the attribute
130
+ # is documented as an array but the input is not
131
+ if attributes[attribute_map[key]].is_a?(Array)
132
+ transformed_hash["#{key}"] = attributes[attribute_map[key]].map { |v| _deserialize($1, v) }
133
+ end
134
+ elsif !attributes[attribute_map[key]].nil?
135
+ transformed_hash["#{key}"] = _deserialize(type, attributes[attribute_map[key]])
136
+ end
137
+ end
138
+ new(transformed_hash)
139
+ end
140
+
141
+ # Returns the object in the form of hash
142
+ # @return [Hash] Returns the object in the form of hash
143
+ def to_hash
144
+ hash = {}
145
+ self.class.attribute_map.each_pair do |attr, param|
146
+ value = self.send(attr)
147
+ if value.nil?
148
+ is_nullable = self.class.openapi_nullable.include?(attr)
149
+ next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}"))
150
+ end
151
+
152
+ hash[param] = _to_hash(value)
153
+ end
154
+ hash
155
+ end
156
+
157
+ end
158
+
159
+ end
@@ -0,0 +1,227 @@
1
+ =begin
2
+ #IAM Identity Services
3
+
4
+ #  ## Introduction The IAM Identity Service API is used to manage service IDs, API key identities, trusted profiles, account security settings and to create IAM access tokens for a user or service ID. With trusted profile templates and assignments you can centrally manage access for child accounts in your organization from the root enterprise account. Similarly with settings templates and assignments, you can centrally administer account security settings. For more information, see [Working with template versions](https://cloud.ibm.com/docs/secure-enterprise?topic=secure-enterprise-working-with-versions&interface=ui) and [Best practices for assigning access in an enterprise](https://cloud.ibm.com/docs/secure-enterprise?topic=secure-enterprise-access-enterprises). SDKs for Java, Node, Python, and Go are available to make it easier to programmatically access the API from your code. The client libraries that are provided by the SDKs implement best practices for using the API and reduce the amount of code that you need to write. The tab for each language includes code examples that demonstrate how to use the client libraries. For more information about using the SDKs, see the [IBM Cloud SDK Common project](https://github.com/IBM/ibm-cloud-sdk-common) on GitHub. Installing the Java SDK Maven ```xml <dependency> <groupId>com.ibm.cloud</groupId> <artifactId>iam-identity</artifactId> <version>{version}</version> </dependency> ``` Gradle ```bash compile 'com.ibm.cloud:iam-identity:{version}' ``` Replace `{version}` in these examples with the release version. View on GitHub [https://github.com/IBM/platform-services-java-sdk](https://github.com/IBM/platform-services-java-sdk) Installing the Go SDK Go modules (recommended): Add the following import in your code, and then run `go build` or `go mod tidy` ```go import ( \"github.com/IBM/platform-services-go-sdk/iamidentityv1\" ) ``` ```bash go get -u github.com/IBM/platform-services-go-sdk/iamidentityv1 ``` View on GitHub [https://github.com/IBM/platform-services-go-sdk](https://github.com/IBM/platform-services-go-sdk) Installing the Node SDK ```bash npm install @ibm-cloud/platform-services ``` View on GitHub [https://github.com/IBM/platform-services-node-sdk](https://github.com/IBM/platform-services-node-sdk) Installing the Python SDK ```bash pip install --upgrade \"ibm-platform-services\" ``` View on GitHub [https://github.com/IBM/platform-services-python-sdk](https://github.com/IBM/platform-services-python-sdk) The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). ## Endpoint URLs The IAM Identity Services API uses the following public global endpoint URL. When you call the API, add the path for each method to form the complete API endpoint for your requests. ```bash https://iam.cloud.ibm.com ``` Virtual private cloud (VPC) based access requires a virtual private endpoint gateway (VPE gateway). For more information , see [Creating an endpoint gateway](https://cloud.ibm.com/docs/vpc?topic=vpc-ordering-endpoint-gateway). * Private endpoint URL for VPC infrastructure: `https://private.iam.cloud.ibm.com`. VPE gateway creation is supported in all datacenters (see https://cloud.ibm.com/docs/overview?topic=overview-locations#regions). If you enabled service endpoints in your account, you can send API requests over the IBM Cloud® private network at the following base endpoint URLs. For more information, see [Enabling VRF and service endpoints](https://cloud.ibm.com/docs/account?topic=account-vrf-service-endpoint). * Private endpoint URLs for classic infrastructure. Supported URLs: * Sydney: `https://private.au-syd.iam.cloud.ibm.com` * Sao Paulo: `https://private.br-sao.iam.cloud.ibm.com` * Montreal: `https://private.ca-mon.iam.cloud.ibm.com` * Toronto: `https://private.ca-tor.iam.cloud.ibm.com` * Frankfurt DC: `https://private.eu-de.iam.cloud.ibm.com` * London: `https://private.eu-gb.iam.cloud.ibm.com` * Madrid: `https://private.eu-es.iam.cloud.ibm.com` * Tokyo: `https://private.jp-tok.iam.cloud.ibm.com` * Osaka: `https://private.jp-osa.iam.cloud.ibm.com` * Washington DC: `https://private.us-east.iam.cloud.ibm.com` * Dallas: `https://private.us-south.iam.cloud.ibm.com` IAM is a global service and deployed to multiple MZRs world wide. IAM can be reached from all locations using the public global endpoint or using one of the private endpoints. Each request is sent to the closest region related to the client that invokes the call to IAM. Example API request ```bash curl -u \"apikey:{apikey}\" -X {request_method} \"https://iam.cloud.ibm.com/{method_endpoint}\" ``` Replace `{apikey}`, `{request_method}`, and `{method_endpoint}` in this example with the values for your particular API call. ## Authentication Authorization to the Identity Services REST API is enforced by using an IBM Cloud Identity and Access Management (IAM) access token. The token is used to determine the actions that a user or service ID has access to when they use the API. You can generate an access token by first [creating an API key](https://cloud.ibm.com/docs/account?topic=account-iamtoken_from_apikey) and then exchanging your API key for an IBM Cloud IAM token. Don't have an API key? Try running `ibmcloud iam oauth-tokens` in the [IBM Cloud Shell](https://cloud.ibm.com/shell) to quickly generate a personal access token. When you use the SDK, configure an IAM authenticator with the IAM API key. The authenticator automatically obtains the IAM access token for the API key and includes it with each request. You can construct an authenticator in either of two ways: - Programmatically by constructing an IAM authenticator instance and supplying your IAM API key - By defining the API key in external configuration properties and then using the SDK authenticator factory to construct an IAM authenticator that uses the configured IAM API key In this example of using external configuration properties, an IAM authenticator instance is created with the configured API key, and then the service client is constructed with this authenticator instance and the configured service URL. For more information, see the Authentication section of the [IBM Cloud SDK Common](https://github.com/IBM/ibm-cloud-sdk-common/blob/main/README.md) documentation. To call each method, you'll need to be assigned a role that includes the required IAM actions. Each method lists the associated action. For more information about IAM actions and how they map to roles, see [IAM Identity service](https://cloud.ibm.com/docs/account?topic=account-account-services#identity-service-account-management). To retrieve your access token: ```bash curl -X POST \\ \"https://iam.cloud.ibm.com/identity/token\" \\ --header 'Content-Type: application/x-www-form-urlencoded' \\ --header 'Accept: application/json' \\ --data-urlencode 'grant_type=urn:ibm:params:oauth:grant-type:apikey' \\ --data-urlencode 'apikey=<API_KEY>' ``` Replace `<API_KEY>` with your IAM API key. Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```go import { \"github.com/IBM/platform-services-go-sdk/iamidentityv1\" } ... serviceClientOptions := &iamidentityv1.IamIdentityV1Options{} serviceClient, err := iamidentityv1.NewIamIdentityV1UsingExternalConfig(serviceClientOptions) ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```java import com.ibm.cloud.platform_services.iam_identity.v1.IamIdentity; ... IamIdentity serviceClient = IamIdentity.newInstance(); ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```javascript const IamIdentityV1 = require('@ibm-cloud/platform-services/iam-identity/v1'); ... const serviceClient = IamIdentityV1.newInstance({}); ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```python from ibm_platform_services import IamIdentityV1 ... service_client = IamIdentityV1.new_instance() ``` You authenticate to the API by using Cloud Identity and Access Management (IAM). You can pass either a bearer token in an authorization header or an [API key](https://cloud.ibm.com/docs/account?topic=account-manapikey). The SDK provides initialization methods for each form of authentication. - Use the API key to have the SDK manage the lifecycle of the access token. The SDK requests an access token, ensures that the access token is valid, includes the access token in each outgoing request, and refreshes it when it expires. - Use the access token to manage the lifecycle yourself. Keep in mind that access tokens are valid for 1 hour, so you must refresh them regularly to maintain access. For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). ## Auditing You can monitor API activity within your account by using the IBM Cloud Logs service. Whenever an API method is called, an event is generated that you can then track and audit from within IBM Cloud Logs. The specific event type is listed for each individual method. If an event is tracked for a method, you can find it listed with the method. For more information about how to track IAM activity, see [Activity tracking events for IAM](https://cloud.ibm.com/docs/account?topic=account-at_events_iam). ## Error handling The IAM Token Service uses standard HTTP response codes to indicate whether a method completed successfully. A `200` response always indicates success. A `400` type response indicates that a parameter validation failed and can occur if required parameters are missing or if any parameter values are invalid. A `401` or `403` response indicates that the incoming request did not contain valid authentication information. A `500` type response indicates an internal server error that is seen in an unexpected error situation. The Identity Services REST APIs return standard HTTP status codes to indicate the success or failure of a request. The format of the response is represented in JSON as follows: ```json { \"trace\": \"9daee671-916a-4678-850b-10b911f0236d\", \"errors\": [ { \"code\": \"invalid_access_token\", \"message\": \"The provided access token provided is invalid.\" } ] \"status_code\": 401 } ``` If an operation cannot be fulfilled, an appropriate 400 or 500 series HTTP response is returned from the server. The operations that are defined in the `Reference` section describe example errors that might be returned from a failed request. All responses from the Identity Services REST API are in JSON format. The following table show the potential error codes the API might return. | HTTP Error Code | Description | Recovery | |-----------------|-------------|----------| | `200` | Success | The request was successful. | | `201` | Created | The resource was successfully created. | | `204` | No Content | The request was successful. No response body is provided. | | `400` | Bad Request | The input parameters in the request body are either incomplete or in the wrong format. Be sure to include all required parameters in your request. | | `401` | Unauthorized | You are not authorized to make this request. The token is either missing or expired. Get a new valid token and try again. | | `403` | Forbidden | The supplied authentication is not authorized to perform the operation. If this error persists, contact the account owner to check your permissions. | | `404` | Not Found | The requested resource can't be found. | | `409` | Conflict | The entity is already in the requested state. | | `429` | Too Many Requests | Too many requests have been made within a time window. Wait before calling the API again. | | `500` | Internal error | Error that is seen in an unexpected error situation. | ## Additional headers Some additional headers might be required to make successful requests to the API. Those additional headers are: An optional transaction ID can be passed to your request, which can be useful for tracking calls through multiple services using one identifier. The header key must be set to `Transaction-Id` and the value is anything that you choose. If there is not a transaction ID that is passed in, then one is generated randomly. ## API Parameters Some API parameter have additional details that need to be considered while using it in a request. Those API parameters are as follow: ### Filtering list results When listing service IDs, trusted profiles or API keys you can filter the result set by providing an optional `filter` parameter. The exact syntax of this parameter is described below. Query syntax will follow the SCIM query syntax with reduced operator support. The value must be URL encoded. Only the following operators are supported. * Supported attribute operators- - `sw` - starts with - `sw_ci` - starts with ingnore case - non SCIM standard - `ew` - ends with - `ew_ci` - ends with ingnore case - non SCIM standard - `co` - contains - `co_ci` - contains ingnore case - non SCIM standard * Supported operators- - `and` - `or` * Grouping operators- - `()` * Data Values -`Text` * Sample - `name co \"Foo\" and description sw \"Bar\"`
5
+
6
+ The version of the OpenAPI document: 1.0.0
7
+
8
+ Generated by: https://openapi-generator.tech
9
+ Generator version: 7.23.0
10
+
11
+ =end
12
+
13
+ require 'date'
14
+ require 'time'
15
+
16
+ module IbmCloudIam
17
+ # List Response body format for Template Assignments Records
18
+ class TemplateAssignmentListResponse < ApiModelBase
19
+ attr_accessor :context
20
+
21
+ # The offset of the current page.
22
+ attr_accessor :offset
23
+
24
+ # Optional size of a single page. Default is 20 items per page. Valid range is 1 to 100
25
+ attr_accessor :limit
26
+
27
+ # Link to the first page.
28
+ attr_accessor :first
29
+
30
+ # Link to the previous available page. If 'previous' property is not part of the response no previous page is available.
31
+ attr_accessor :previous
32
+
33
+ # Link to the next available page. If 'next' property is not part of the response no next page is available.
34
+ attr_accessor :_next
35
+
36
+ # List of Assignments based on the query paramters and the page size. The assignments array is always part of the response but might be empty depending on the query parameter values provided.
37
+ attr_accessor :assignments
38
+
39
+ # Attribute mapping from ruby-style variable name to JSON key.
40
+ def self.attribute_map
41
+ {
42
+ :'context' => :'context',
43
+ :'offset' => :'offset',
44
+ :'limit' => :'limit',
45
+ :'first' => :'first',
46
+ :'previous' => :'previous',
47
+ :'_next' => :'next',
48
+ :'assignments' => :'assignments'
49
+ }
50
+ end
51
+
52
+ # Returns attribute mapping this model knows about
53
+ def self.acceptable_attribute_map
54
+ attribute_map
55
+ end
56
+
57
+ # Returns all the JSON keys this model knows about
58
+ def self.acceptable_attributes
59
+ acceptable_attribute_map.values
60
+ end
61
+
62
+ # Attribute type mapping.
63
+ def self.openapi_types
64
+ {
65
+ :'context' => :'ResponseContext',
66
+ :'offset' => :'Integer',
67
+ :'limit' => :'Integer',
68
+ :'first' => :'String',
69
+ :'previous' => :'String',
70
+ :'_next' => :'String',
71
+ :'assignments' => :'Array<TemplateAssignmentResponse>'
72
+ }
73
+ end
74
+
75
+ # List of attributes with nullable: true
76
+ def self.openapi_nullable
77
+ Set.new([
78
+ ])
79
+ end
80
+
81
+ # Initializes the object
82
+ # @param [Hash] attributes Model attributes in the form of hash
83
+ def initialize(attributes = {})
84
+ if (!attributes.is_a?(Hash))
85
+ fail ArgumentError, "The input argument (attributes) must be a hash in `IbmCloudIam::TemplateAssignmentListResponse` initialize method"
86
+ end
87
+
88
+ # check to see if the attribute exists and convert string to symbol for hash key
89
+ acceptable_attribute_map = self.class.acceptable_attribute_map
90
+ attributes = attributes.each_with_object({}) { |(k, v), h|
91
+ if (!acceptable_attribute_map.key?(k.to_sym))
92
+ fail ArgumentError, "`#{k}` is not a valid attribute in `IbmCloudIam::TemplateAssignmentListResponse`. Please check the name to make sure it's valid. List of attributes: " + acceptable_attribute_map.keys.inspect
93
+ end
94
+ h[k.to_sym] = v
95
+ }
96
+
97
+ if attributes.key?(:'context')
98
+ self.context = attributes[:'context']
99
+ end
100
+
101
+ if attributes.key?(:'offset')
102
+ self.offset = attributes[:'offset']
103
+ end
104
+
105
+ if attributes.key?(:'limit')
106
+ self.limit = attributes[:'limit']
107
+ end
108
+
109
+ if attributes.key?(:'first')
110
+ self.first = attributes[:'first']
111
+ end
112
+
113
+ if attributes.key?(:'previous')
114
+ self.previous = attributes[:'previous']
115
+ end
116
+
117
+ if attributes.key?(:'_next')
118
+ self._next = attributes[:'_next']
119
+ end
120
+
121
+ if attributes.key?(:'assignments')
122
+ if (value = attributes[:'assignments']).is_a?(Array)
123
+ self.assignments = value
124
+ end
125
+ else
126
+ self.assignments = nil
127
+ end
128
+ end
129
+
130
+ # Show invalid properties with the reasons. Usually used together with valid?
131
+ # @return Array for valid properties with the reasons
132
+ def list_invalid_properties
133
+ warn '[DEPRECATED] the `list_invalid_properties` method is obsolete'
134
+ invalid_properties = Array.new
135
+ if @assignments.nil?
136
+ invalid_properties.push('invalid value for "assignments", assignments cannot be nil.')
137
+ end
138
+
139
+ invalid_properties
140
+ end
141
+
142
+ # Check to see if the all the properties in the model are valid
143
+ # @return true if the model is valid
144
+ def valid?
145
+ warn '[DEPRECATED] the `valid?` method is obsolete'
146
+ return false if @assignments.nil?
147
+ true
148
+ end
149
+
150
+ # Custom attribute writer method with validation
151
+ # @param [Object] assignments Value to be assigned
152
+ def assignments=(assignments)
153
+ if assignments.nil?
154
+ fail ArgumentError, 'assignments cannot be nil'
155
+ end
156
+
157
+ @assignments = assignments
158
+ end
159
+
160
+ # Checks equality by comparing each attribute.
161
+ # @param [Object] Object to be compared
162
+ def ==(o)
163
+ return true if self.equal?(o)
164
+ self.class == o.class &&
165
+ context == o.context &&
166
+ offset == o.offset &&
167
+ limit == o.limit &&
168
+ first == o.first &&
169
+ previous == o.previous &&
170
+ _next == o._next &&
171
+ assignments == o.assignments
172
+ end
173
+
174
+ # @see the `==` method
175
+ # @param [Object] Object to be compared
176
+ def eql?(o)
177
+ self == o
178
+ end
179
+
180
+ # Calculates hash code according to all attributes.
181
+ # @return [Integer] Hash code
182
+ def hash
183
+ [context, offset, limit, first, previous, _next, assignments].hash
184
+ end
185
+
186
+ # Builds the object from hash
187
+ # @param [Hash] attributes Model attributes in the form of hash
188
+ # @return [Object] Returns the model itself
189
+ def self.build_from_hash(attributes)
190
+ return nil unless attributes.is_a?(Hash)
191
+ attributes = attributes.transform_keys(&:to_sym)
192
+ transformed_hash = {}
193
+ openapi_types.each_pair do |key, type|
194
+ if attributes.key?(attribute_map[key]) && attributes[attribute_map[key]].nil?
195
+ transformed_hash["#{key}"] = nil
196
+ elsif type =~ /\AArray<(.*)>/i
197
+ # check to ensure the input is an array given that the attribute
198
+ # is documented as an array but the input is not
199
+ if attributes[attribute_map[key]].is_a?(Array)
200
+ transformed_hash["#{key}"] = attributes[attribute_map[key]].map { |v| _deserialize($1, v) }
201
+ end
202
+ elsif !attributes[attribute_map[key]].nil?
203
+ transformed_hash["#{key}"] = _deserialize(type, attributes[attribute_map[key]])
204
+ end
205
+ end
206
+ new(transformed_hash)
207
+ end
208
+
209
+ # Returns the object in the form of hash
210
+ # @return [Hash] Returns the object in the form of hash
211
+ def to_hash
212
+ hash = {}
213
+ self.class.attribute_map.each_pair do |attr, param|
214
+ value = self.send(attr)
215
+ if value.nil?
216
+ is_nullable = self.class.openapi_nullable.include?(attr)
217
+ next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}"))
218
+ end
219
+
220
+ hash[param] = _to_hash(value)
221
+ end
222
+ hash
223
+ end
224
+
225
+ end
226
+
227
+ end
@@ -0,0 +1,149 @@
1
+ =begin
2
+ #IAM Identity Services
3
+
4
+ #  ## Introduction The IAM Identity Service API is used to manage service IDs, API key identities, trusted profiles, account security settings and to create IAM access tokens for a user or service ID. With trusted profile templates and assignments you can centrally manage access for child accounts in your organization from the root enterprise account. Similarly with settings templates and assignments, you can centrally administer account security settings. For more information, see [Working with template versions](https://cloud.ibm.com/docs/secure-enterprise?topic=secure-enterprise-working-with-versions&interface=ui) and [Best practices for assigning access in an enterprise](https://cloud.ibm.com/docs/secure-enterprise?topic=secure-enterprise-access-enterprises). SDKs for Java, Node, Python, and Go are available to make it easier to programmatically access the API from your code. The client libraries that are provided by the SDKs implement best practices for using the API and reduce the amount of code that you need to write. The tab for each language includes code examples that demonstrate how to use the client libraries. For more information about using the SDKs, see the [IBM Cloud SDK Common project](https://github.com/IBM/ibm-cloud-sdk-common) on GitHub. Installing the Java SDK Maven ```xml <dependency> <groupId>com.ibm.cloud</groupId> <artifactId>iam-identity</artifactId> <version>{version}</version> </dependency> ``` Gradle ```bash compile 'com.ibm.cloud:iam-identity:{version}' ``` Replace `{version}` in these examples with the release version. View on GitHub [https://github.com/IBM/platform-services-java-sdk](https://github.com/IBM/platform-services-java-sdk) Installing the Go SDK Go modules (recommended): Add the following import in your code, and then run `go build` or `go mod tidy` ```go import ( \"github.com/IBM/platform-services-go-sdk/iamidentityv1\" ) ``` ```bash go get -u github.com/IBM/platform-services-go-sdk/iamidentityv1 ``` View on GitHub [https://github.com/IBM/platform-services-go-sdk](https://github.com/IBM/platform-services-go-sdk) Installing the Node SDK ```bash npm install @ibm-cloud/platform-services ``` View on GitHub [https://github.com/IBM/platform-services-node-sdk](https://github.com/IBM/platform-services-node-sdk) Installing the Python SDK ```bash pip install --upgrade \"ibm-platform-services\" ``` View on GitHub [https://github.com/IBM/platform-services-python-sdk](https://github.com/IBM/platform-services-python-sdk) The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). The examples that are provided on this page demonstrate how to use IAM Identity Service For more information and detailed examples, check out the [IBM Cloud SDK Common project on GitHub](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md). ## Endpoint URLs The IAM Identity Services API uses the following public global endpoint URL. When you call the API, add the path for each method to form the complete API endpoint for your requests. ```bash https://iam.cloud.ibm.com ``` Virtual private cloud (VPC) based access requires a virtual private endpoint gateway (VPE gateway). For more information , see [Creating an endpoint gateway](https://cloud.ibm.com/docs/vpc?topic=vpc-ordering-endpoint-gateway). * Private endpoint URL for VPC infrastructure: `https://private.iam.cloud.ibm.com`. VPE gateway creation is supported in all datacenters (see https://cloud.ibm.com/docs/overview?topic=overview-locations#regions). If you enabled service endpoints in your account, you can send API requests over the IBM Cloud® private network at the following base endpoint URLs. For more information, see [Enabling VRF and service endpoints](https://cloud.ibm.com/docs/account?topic=account-vrf-service-endpoint). * Private endpoint URLs for classic infrastructure. Supported URLs: * Sydney: `https://private.au-syd.iam.cloud.ibm.com` * Sao Paulo: `https://private.br-sao.iam.cloud.ibm.com` * Montreal: `https://private.ca-mon.iam.cloud.ibm.com` * Toronto: `https://private.ca-tor.iam.cloud.ibm.com` * Frankfurt DC: `https://private.eu-de.iam.cloud.ibm.com` * London: `https://private.eu-gb.iam.cloud.ibm.com` * Madrid: `https://private.eu-es.iam.cloud.ibm.com` * Tokyo: `https://private.jp-tok.iam.cloud.ibm.com` * Osaka: `https://private.jp-osa.iam.cloud.ibm.com` * Washington DC: `https://private.us-east.iam.cloud.ibm.com` * Dallas: `https://private.us-south.iam.cloud.ibm.com` IAM is a global service and deployed to multiple MZRs world wide. IAM can be reached from all locations using the public global endpoint or using one of the private endpoints. Each request is sent to the closest region related to the client that invokes the call to IAM. Example API request ```bash curl -u \"apikey:{apikey}\" -X {request_method} \"https://iam.cloud.ibm.com/{method_endpoint}\" ``` Replace `{apikey}`, `{request_method}`, and `{method_endpoint}` in this example with the values for your particular API call. ## Authentication Authorization to the Identity Services REST API is enforced by using an IBM Cloud Identity and Access Management (IAM) access token. The token is used to determine the actions that a user or service ID has access to when they use the API. You can generate an access token by first [creating an API key](https://cloud.ibm.com/docs/account?topic=account-iamtoken_from_apikey) and then exchanging your API key for an IBM Cloud IAM token. Don't have an API key? Try running `ibmcloud iam oauth-tokens` in the [IBM Cloud Shell](https://cloud.ibm.com/shell) to quickly generate a personal access token. When you use the SDK, configure an IAM authenticator with the IAM API key. The authenticator automatically obtains the IAM access token for the API key and includes it with each request. You can construct an authenticator in either of two ways: - Programmatically by constructing an IAM authenticator instance and supplying your IAM API key - By defining the API key in external configuration properties and then using the SDK authenticator factory to construct an IAM authenticator that uses the configured IAM API key In this example of using external configuration properties, an IAM authenticator instance is created with the configured API key, and then the service client is constructed with this authenticator instance and the configured service URL. For more information, see the Authentication section of the [IBM Cloud SDK Common](https://github.com/IBM/ibm-cloud-sdk-common/blob/main/README.md) documentation. To call each method, you'll need to be assigned a role that includes the required IAM actions. Each method lists the associated action. For more information about IAM actions and how they map to roles, see [IAM Identity service](https://cloud.ibm.com/docs/account?topic=account-account-services#identity-service-account-management). To retrieve your access token: ```bash curl -X POST \\ \"https://iam.cloud.ibm.com/identity/token\" \\ --header 'Content-Type: application/x-www-form-urlencoded' \\ --header 'Accept: application/json' \\ --data-urlencode 'grant_type=urn:ibm:params:oauth:grant-type:apikey' \\ --data-urlencode 'apikey=<API_KEY>' ``` Replace `<API_KEY>` with your IAM API key. Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```go import { \"github.com/IBM/platform-services-go-sdk/iamidentityv1\" } ... serviceClientOptions := &iamidentityv1.IamIdentityV1Options{} serviceClient, err := iamidentityv1.NewIamIdentityV1UsingExternalConfig(serviceClientOptions) ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```java import com.ibm.cloud.platform_services.iam_identity.v1.IamIdentity; ... IamIdentity serviceClient = IamIdentity.newInstance(); ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```javascript const IamIdentityV1 = require('@ibm-cloud/platform-services/iam-identity/v1'); ... const serviceClient = IamIdentityV1.newInstance({}); ``` Setting client options through external configuration Example environment variables, where `<SERVICE_URL>` is the endpoint URL and `<API_KEY>` is your IAM API key ```sh export IAM_IDENTITY_URL=<SERVICE_URL> export IAM_IDENTITY_AUTHTYPE=iam export IAM_IDENTITY_APIKEY=<API_KEY> ``` Example of constructing the service client ```python from ibm_platform_services import IamIdentityV1 ... service_client = IamIdentityV1.new_instance() ``` You authenticate to the API by using Cloud Identity and Access Management (IAM). You can pass either a bearer token in an authorization header or an [API key](https://cloud.ibm.com/docs/account?topic=account-manapikey). The SDK provides initialization methods for each form of authentication. - Use the API key to have the SDK manage the lifecycle of the access token. The SDK requests an access token, ensures that the access token is valid, includes the access token in each outgoing request, and refreshes it when it expires. - Use the access token to manage the lifecycle yourself. Keep in mind that access tokens are valid for 1 hour, so you must refresh them regularly to maintain access. For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). For more information, see [IAM authentication with the SDK](https://github.com/IBM/ibm-cloud-sdk-common/blob/master/README.md#authentication). ## Auditing You can monitor API activity within your account by using the IBM Cloud Logs service. Whenever an API method is called, an event is generated that you can then track and audit from within IBM Cloud Logs. The specific event type is listed for each individual method. If an event is tracked for a method, you can find it listed with the method. For more information about how to track IAM activity, see [Activity tracking events for IAM](https://cloud.ibm.com/docs/account?topic=account-at_events_iam). ## Error handling The IAM Token Service uses standard HTTP response codes to indicate whether a method completed successfully. A `200` response always indicates success. A `400` type response indicates that a parameter validation failed and can occur if required parameters are missing or if any parameter values are invalid. A `401` or `403` response indicates that the incoming request did not contain valid authentication information. A `500` type response indicates an internal server error that is seen in an unexpected error situation. The Identity Services REST APIs return standard HTTP status codes to indicate the success or failure of a request. The format of the response is represented in JSON as follows: ```json { \"trace\": \"9daee671-916a-4678-850b-10b911f0236d\", \"errors\": [ { \"code\": \"invalid_access_token\", \"message\": \"The provided access token provided is invalid.\" } ] \"status_code\": 401 } ``` If an operation cannot be fulfilled, an appropriate 400 or 500 series HTTP response is returned from the server. The operations that are defined in the `Reference` section describe example errors that might be returned from a failed request. All responses from the Identity Services REST API are in JSON format. The following table show the potential error codes the API might return. | HTTP Error Code | Description | Recovery | |-----------------|-------------|----------| | `200` | Success | The request was successful. | | `201` | Created | The resource was successfully created. | | `204` | No Content | The request was successful. No response body is provided. | | `400` | Bad Request | The input parameters in the request body are either incomplete or in the wrong format. Be sure to include all required parameters in your request. | | `401` | Unauthorized | You are not authorized to make this request. The token is either missing or expired. Get a new valid token and try again. | | `403` | Forbidden | The supplied authentication is not authorized to perform the operation. If this error persists, contact the account owner to check your permissions. | | `404` | Not Found | The requested resource can't be found. | | `409` | Conflict | The entity is already in the requested state. | | `429` | Too Many Requests | Too many requests have been made within a time window. Wait before calling the API again. | | `500` | Internal error | Error that is seen in an unexpected error situation. | ## Additional headers Some additional headers might be required to make successful requests to the API. Those additional headers are: An optional transaction ID can be passed to your request, which can be useful for tracking calls through multiple services using one identifier. The header key must be set to `Transaction-Id` and the value is anything that you choose. If there is not a transaction ID that is passed in, then one is generated randomly. ## API Parameters Some API parameter have additional details that need to be considered while using it in a request. Those API parameters are as follow: ### Filtering list results When listing service IDs, trusted profiles or API keys you can filter the result set by providing an optional `filter` parameter. The exact syntax of this parameter is described below. Query syntax will follow the SCIM query syntax with reduced operator support. The value must be URL encoded. Only the following operators are supported. * Supported attribute operators- - `sw` - starts with - `sw_ci` - starts with ingnore case - non SCIM standard - `ew` - ends with - `ew_ci` - ends with ingnore case - non SCIM standard - `co` - contains - `co_ci` - contains ingnore case - non SCIM standard * Supported operators- - `and` - `or` * Grouping operators- - `()` * Data Values -`Text` * Sample - `name co \"Foo\" and description sw \"Bar\"`
5
+
6
+ The version of the OpenAPI document: 1.0.0
7
+
8
+ Generated by: https://openapi-generator.tech
9
+ Generator version: 7.23.0
10
+
11
+ =end
12
+
13
+ require 'date'
14
+ require 'time'
15
+
16
+ module IbmCloudIam
17
+ # Body parameters for created resource
18
+ class TemplateAssignmentResource < ApiModelBase
19
+ # Id of the created resource
20
+ attr_accessor :id
21
+
22
+ # Attribute mapping from ruby-style variable name to JSON key.
23
+ def self.attribute_map
24
+ {
25
+ :'id' => :'id'
26
+ }
27
+ end
28
+
29
+ # Returns attribute mapping this model knows about
30
+ def self.acceptable_attribute_map
31
+ attribute_map
32
+ end
33
+
34
+ # Returns all the JSON keys this model knows about
35
+ def self.acceptable_attributes
36
+ acceptable_attribute_map.values
37
+ end
38
+
39
+ # Attribute type mapping.
40
+ def self.openapi_types
41
+ {
42
+ :'id' => :'String'
43
+ }
44
+ end
45
+
46
+ # List of attributes with nullable: true
47
+ def self.openapi_nullable
48
+ Set.new([
49
+ ])
50
+ end
51
+
52
+ # Initializes the object
53
+ # @param [Hash] attributes Model attributes in the form of hash
54
+ def initialize(attributes = {})
55
+ if (!attributes.is_a?(Hash))
56
+ fail ArgumentError, "The input argument (attributes) must be a hash in `IbmCloudIam::TemplateAssignmentResource` initialize method"
57
+ end
58
+
59
+ # check to see if the attribute exists and convert string to symbol for hash key
60
+ acceptable_attribute_map = self.class.acceptable_attribute_map
61
+ attributes = attributes.each_with_object({}) { |(k, v), h|
62
+ if (!acceptable_attribute_map.key?(k.to_sym))
63
+ fail ArgumentError, "`#{k}` is not a valid attribute in `IbmCloudIam::TemplateAssignmentResource`. Please check the name to make sure it's valid. List of attributes: " + acceptable_attribute_map.keys.inspect
64
+ end
65
+ h[k.to_sym] = v
66
+ }
67
+
68
+ if attributes.key?(:'id')
69
+ self.id = attributes[:'id']
70
+ end
71
+ end
72
+
73
+ # Show invalid properties with the reasons. Usually used together with valid?
74
+ # @return Array for valid properties with the reasons
75
+ def list_invalid_properties
76
+ warn '[DEPRECATED] the `list_invalid_properties` method is obsolete'
77
+ invalid_properties = Array.new
78
+ invalid_properties
79
+ end
80
+
81
+ # Check to see if the all the properties in the model are valid
82
+ # @return true if the model is valid
83
+ def valid?
84
+ warn '[DEPRECATED] the `valid?` method is obsolete'
85
+ true
86
+ end
87
+
88
+ # Checks equality by comparing each attribute.
89
+ # @param [Object] Object to be compared
90
+ def ==(o)
91
+ return true if self.equal?(o)
92
+ self.class == o.class &&
93
+ id == o.id
94
+ end
95
+
96
+ # @see the `==` method
97
+ # @param [Object] Object to be compared
98
+ def eql?(o)
99
+ self == o
100
+ end
101
+
102
+ # Calculates hash code according to all attributes.
103
+ # @return [Integer] Hash code
104
+ def hash
105
+ [id].hash
106
+ end
107
+
108
+ # Builds the object from hash
109
+ # @param [Hash] attributes Model attributes in the form of hash
110
+ # @return [Object] Returns the model itself
111
+ def self.build_from_hash(attributes)
112
+ return nil unless attributes.is_a?(Hash)
113
+ attributes = attributes.transform_keys(&:to_sym)
114
+ transformed_hash = {}
115
+ openapi_types.each_pair do |key, type|
116
+ if attributes.key?(attribute_map[key]) && attributes[attribute_map[key]].nil?
117
+ transformed_hash["#{key}"] = nil
118
+ elsif type =~ /\AArray<(.*)>/i
119
+ # check to ensure the input is an array given that the attribute
120
+ # is documented as an array but the input is not
121
+ if attributes[attribute_map[key]].is_a?(Array)
122
+ transformed_hash["#{key}"] = attributes[attribute_map[key]].map { |v| _deserialize($1, v) }
123
+ end
124
+ elsif !attributes[attribute_map[key]].nil?
125
+ transformed_hash["#{key}"] = _deserialize(type, attributes[attribute_map[key]])
126
+ end
127
+ end
128
+ new(transformed_hash)
129
+ end
130
+
131
+ # Returns the object in the form of hash
132
+ # @return [Hash] Returns the object in the form of hash
133
+ def to_hash
134
+ hash = {}
135
+ self.class.attribute_map.each_pair do |attr, param|
136
+ value = self.send(attr)
137
+ if value.nil?
138
+ is_nullable = self.class.openapi_nullable.include?(attr)
139
+ next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}"))
140
+ end
141
+
142
+ hash[param] = _to_hash(value)
143
+ end
144
+ hash
145
+ end
146
+
147
+ end
148
+
149
+ end