Clients only require a valid config object:
>>> from oci.identity import IdentityClient >>> identity = IdentityClient(config)
CRUD operations and Pagination¶
Let's create a new user and group, and add the user to the group. Then we'll list all users in the tenancy, and finally clean up the user and group we created.
First, we'll need to create a valid config object and service client. If you haven't set up a config file, head over
to the Configuration section to create one. We'll use the default location
and default profile name
DEFAULT to create an Identity client. Since we'll be using the root compartment
(or tenancy) for most operations, let's also extract that from the config object:
>>> import oci >>> config = oci.config.from_file() >>> identity = oci.identity.IdentityClient(config) >>> compartment_id = config["tenancy"]
Next we'll need to populate an instance of the
CreateGroupDetails model with our request, and then send it:
>>> from oci.identity.models import CreateGroupDetails >>> request = CreateGroupDetails() >>> request.compartment_id = compartment_id >>> request.name = "my-test-group" >>> request.description = "Created with the Python SDK" >>> group = identity.create_group(request) >>> print(group.data.id) "id": "ocid1.group.oc1..aaaaaaaaikib..."
Creating a user is very similar:
>>> from oci.identity.models import CreateUserDetails >>> request = CreateUserDetails() >>> request.compartment_id = compartment_id >>> request.name = "my-test-user" >>> request.description = "Created with the Python SDK" >>> user = identity.create_user(request) >>> print(user.data.id) "ocid1.user.oc1..aaaaaaaamkym..."
Using the ids from the
user above, we can add the user to the group:
>>> from oci.identity.models import AddUserToGroupDetails >>> request = AddUserToGroupDetails() >>> request.group_id = group.data.id >>> request.user_id = user.data.id >>> response = identity.add_user_to_group(request) >>> print(response.status) 200
Listing with Pagination¶
List operations use pagination to limit the size of each response. The Python SDK exposes the pagination values through
next_page attributes on each response. For example, listing users in the root
>>> first_page = identity.list_users(compartment_id=compartment_id) >>> len(first_page.data) 100 >>> first_page.has_next_page True >>> first_page.next_page 'AAAAAAAAAAHNo_rjHo6xZPxHLZZ020jMio...'
Even though a response includes a next page, there may not be more results. The last page will return an empty list,
and will not have a
Here's a very simple way to paginate a call:
def paginate(operation, *args, **kwargs): while True: response = operation(*args, **kwargs) for value in response.data: yield value kwargs["page"] = response.next_page if not response.has_next_page: break
To iterate over all users, the call is now:
>>> for user in paginate( ... identity.list_users, ... compartment_id=compartment_id): ... print(user)
paginate function will work for any list call, but will not include the response metadata, such as headers,
HTTP status code, or request id.
Now to clean up the entities we created. Users can't be deleted if they're still part of a group, and groups can't be
deleted if they still have users. So we need to use
identity.remove_user_from_group, which takes a
user_group_membership_id. Because users and groups can have any number of relationships, we'll use
list_user_group_memberships and provide both optional parameters
group_id to constrain the
>>> memberships = identity.list_user_group_memberships( ... compartment_id=compartment_id, ... user_id=user.data.id, ... group_id=group.data.id) # There can never be more than one membership for a unique user/group combination >>> assert len(memberships.data) == 1 >>> membership_id = memberships.data.id
Finally, we can remove the user from the group, and delete both resources. Here we're using
make sure the delete responded with 204:
>>> identity.remove_user_from_group( ... user_group_membership_id=membership_id).status 204 >>> identity.delete_user(user_id=user.data.id).status 204 >>> identity.delete_group(group_id=group.data.id).status 204
Working with Bytes¶
When using object storage, you'll need to provide a namespace, in addition to your compartment id:
>>> object_storage = oci.object_storage.ObjectStorageClient(config) >>> namespace = object_storage.get_namespace().data
To upload an object, we'll create a bucket:
>>> from oci.object_storage.models import CreateBucketDetails >>> request = CreateBucketDetails() >>> request.compartment_id = compartment_id >>> request.name = "MyTestBucket" >>> bucket = object_storage.create_bucket(namespace, request) >>> bucket.data.etag '5281759f-60bb-4b93-8676-f8d141b5f211'
Now we can upload arbitrary bytes:
>>> my_data = b"Hello, World!" >>> obj = object_storage.put_object( ... namespace, ... bucket.data.name, ... "my-object-name", ... my_data)
And to get it back:
>>> same_obj = object_storage.get_object( ... namespace, ... bucket.data.name, ... "my-object-name") ... same_obj.data <Response > ... same_obj.data.content b'Hello, World!'
The Python SDK uses
lowercase_with_underscores for operations and parameters. For example, the
ListApiKeys operation is called with
IdentityClient.list_api_keys and its parameter
userId is translated to