1. Packages
  2. Oracle Cloud Infrastructure
  3. API Docs
  4. Identity
  5. User
Oracle Cloud Infrastructure v2.3.0 published on Wednesday, Jul 17, 2024 by Pulumi

oci.Identity.User

Explore with Pulumi AI

oci logo
Oracle Cloud Infrastructure v2.3.0 published on Wednesday, Jul 17, 2024 by Pulumi

    This resource provides the User resource in Oracle Cloud Infrastructure Identity service.

    Creates a new user in your tenancy. For conceptual information about users, your tenancy, and other IAM Service components, see Overview of the IAM Service.

    You must specify your tenancy’s OCID as the compartment ID in the request object (remember that the tenancy is simply the root compartment). Notice that IAM resources (users, groups, compartments, and some policies) reside within the tenancy itself, unlike cloud resources such as compute instances, which typically reside within compartments inside the tenancy. For information about OCIDs, see Resource Identifiers.

    You must also specify a name for the user, which must be unique across all users in your tenancy and cannot be changed. Allowed characters: No spaces. Only letters, numerals, hyphens, periods, underscores, +, and @. If you specify a name that’s already in use, you’ll get a 409 error. This name will be the user’s login to the Console. You might want to pick a name that your company’s own identity system (e.g., Active Directory, LDAP, etc.) already uses. If you delete a user and then create a new user with the same name, they’ll be considered different users because they have different OCIDs.

    You must also specify a description for the user (although it can be an empty string). It does not have to be unique, and you can change it anytime with UpdateUser. You can use the field to provide the user’s full name, a description, a nickname, or other information to generally identify the user. A new user has no permissions until you place the user in one or more groups (see AddUserToGroup). If the user needs to access the Console, you need to provide the user a password (see CreateOrResetUIPassword). If the user needs to access the Oracle Cloud Infrastructure REST API, you need to upload a public API signing key for that user (see Required Keys and OCIDs and also UploadApiKey).

    Important: Make sure to inform the new user which compartment(s) they have access to.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as oci from "@pulumi/oci";
    
    const testUser = new oci.identity.User("test_user", {
        compartmentId: tenancyOcid,
        description: userDescription,
        name: userName,
        definedTags: {
            "Operations.CostCenter": "42",
        },
        email: userEmail,
        freeformTags: {
            Department: "Finance",
        },
    });
    
    import pulumi
    import pulumi_oci as oci
    
    test_user = oci.identity.User("test_user",
        compartment_id=tenancy_ocid,
        description=user_description,
        name=user_name,
        defined_tags={
            "Operations.CostCenter": "42",
        },
        email=user_email,
        freeform_tags={
            "Department": "Finance",
        })
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-oci/sdk/v2/go/oci/Identity"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := Identity.NewUser(ctx, "test_user", &Identity.UserArgs{
    			CompartmentId: pulumi.Any(tenancyOcid),
    			Description:   pulumi.Any(userDescription),
    			Name:          pulumi.Any(userName),
    			DefinedTags: pulumi.Map{
    				"Operations.CostCenter": pulumi.Any("42"),
    			},
    			Email: pulumi.Any(userEmail),
    			FreeformTags: pulumi.Map{
    				"Department": pulumi.Any("Finance"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Oci = Pulumi.Oci;
    
    return await Deployment.RunAsync(() => 
    {
        var testUser = new Oci.Identity.User("test_user", new()
        {
            CompartmentId = tenancyOcid,
            Description = userDescription,
            Name = userName,
            DefinedTags = 
            {
                { "Operations.CostCenter", "42" },
            },
            Email = userEmail,
            FreeformTags = 
            {
                { "Department", "Finance" },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.oci.Identity.User;
    import com.pulumi.oci.Identity.UserArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var testUser = new User("testUser", UserArgs.builder()
                .compartmentId(tenancyOcid)
                .description(userDescription)
                .name(userName)
                .definedTags(Map.of("Operations.CostCenter", "42"))
                .email(userEmail)
                .freeformTags(Map.of("Department", "Finance"))
                .build());
    
        }
    }
    
    resources:
      testUser:
        type: oci:Identity:User
        name: test_user
        properties:
          compartmentId: ${tenancyOcid}
          description: ${userDescription}
          name: ${userName}
          definedTags:
            Operations.CostCenter: '42'
          email: ${userEmail}
          freeformTags:
            Department: Finance
    

    Create User Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new User(name: string, args: UserArgs, opts?: CustomResourceOptions);
    @overload
    def User(resource_name: str,
             args: UserArgs,
             opts: Optional[ResourceOptions] = None)
    
    @overload
    def User(resource_name: str,
             opts: Optional[ResourceOptions] = None,
             description: Optional[str] = None,
             compartment_id: Optional[str] = None,
             defined_tags: Optional[Mapping[str, Any]] = None,
             email: Optional[str] = None,
             freeform_tags: Optional[Mapping[str, Any]] = None,
             name: Optional[str] = None)
    func NewUser(ctx *Context, name string, args UserArgs, opts ...ResourceOption) (*User, error)
    public User(string name, UserArgs args, CustomResourceOptions? opts = null)
    public User(String name, UserArgs args)
    public User(String name, UserArgs args, CustomResourceOptions options)
    
    type: oci:Identity:User
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args UserArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args UserArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args UserArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args UserArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args UserArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var userResource = new Oci.Identity.User("userResource", new()
    {
        Description = "string",
        CompartmentId = "string",
        DefinedTags = 
        {
            { "string", "any" },
        },
        Email = "string",
        FreeformTags = 
        {
            { "string", "any" },
        },
        Name = "string",
    });
    
    example, err := Identity.NewUser(ctx, "userResource", &Identity.UserArgs{
    	Description:   pulumi.String("string"),
    	CompartmentId: pulumi.String("string"),
    	DefinedTags: pulumi.Map{
    		"string": pulumi.Any("any"),
    	},
    	Email: pulumi.String("string"),
    	FreeformTags: pulumi.Map{
    		"string": pulumi.Any("any"),
    	},
    	Name: pulumi.String("string"),
    })
    
    var userResource = new User("userResource", UserArgs.builder()
        .description("string")
        .compartmentId("string")
        .definedTags(Map.of("string", "any"))
        .email("string")
        .freeformTags(Map.of("string", "any"))
        .name("string")
        .build());
    
    user_resource = oci.identity.User("userResource",
        description="string",
        compartment_id="string",
        defined_tags={
            "string": "any",
        },
        email="string",
        freeform_tags={
            "string": "any",
        },
        name="string")
    
    const userResource = new oci.identity.User("userResource", {
        description: "string",
        compartmentId: "string",
        definedTags: {
            string: "any",
        },
        email: "string",
        freeformTags: {
            string: "any",
        },
        name: "string",
    });
    
    type: oci:Identity:User
    properties:
        compartmentId: string
        definedTags:
            string: any
        description: string
        email: string
        freeformTags:
            string: any
        name: string
    

    User Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The User resource accepts the following input properties:

    Description string
    (Updatable) The description you assign to the user during creation. Does not have to be unique, and it's changeable.
    CompartmentId string
    The OCID of the tenancy containing the user.
    DefinedTags Dictionary<string, object>
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
    Email string
    (Updatable) The email you assign to the user. Has to be unique across the tenancy.
    FreeformTags Dictionary<string, object>
    (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
    Name string

    The name you assign to the user during creation. This is the user's login for the Console. The name must be unique across all users in the tenancy and cannot be changed.

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    Description string
    (Updatable) The description you assign to the user during creation. Does not have to be unique, and it's changeable.
    CompartmentId string
    The OCID of the tenancy containing the user.
    DefinedTags map[string]interface{}
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
    Email string
    (Updatable) The email you assign to the user. Has to be unique across the tenancy.
    FreeformTags map[string]interface{}
    (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
    Name string

    The name you assign to the user during creation. This is the user's login for the Console. The name must be unique across all users in the tenancy and cannot be changed.

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    description String
    (Updatable) The description you assign to the user during creation. Does not have to be unique, and it's changeable.
    compartmentId String
    The OCID of the tenancy containing the user.
    definedTags Map<String,Object>
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
    email String
    (Updatable) The email you assign to the user. Has to be unique across the tenancy.
    freeformTags Map<String,Object>
    (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
    name String

    The name you assign to the user during creation. This is the user's login for the Console. The name must be unique across all users in the tenancy and cannot be changed.

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    description string
    (Updatable) The description you assign to the user during creation. Does not have to be unique, and it's changeable.
    compartmentId string
    The OCID of the tenancy containing the user.
    definedTags {[key: string]: any}
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
    email string
    (Updatable) The email you assign to the user. Has to be unique across the tenancy.
    freeformTags {[key: string]: any}
    (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
    name string

    The name you assign to the user during creation. This is the user's login for the Console. The name must be unique across all users in the tenancy and cannot be changed.

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    description str
    (Updatable) The description you assign to the user during creation. Does not have to be unique, and it's changeable.
    compartment_id str
    The OCID of the tenancy containing the user.
    defined_tags Mapping[str, Any]
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
    email str
    (Updatable) The email you assign to the user. Has to be unique across the tenancy.
    freeform_tags Mapping[str, Any]
    (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
    name str

    The name you assign to the user during creation. This is the user's login for the Console. The name must be unique across all users in the tenancy and cannot be changed.

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    description String
    (Updatable) The description you assign to the user during creation. Does not have to be unique, and it's changeable.
    compartmentId String
    The OCID of the tenancy containing the user.
    definedTags Map<Any>
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
    email String
    (Updatable) The email you assign to the user. Has to be unique across the tenancy.
    freeformTags Map<Any>
    (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
    name String

    The name you assign to the user during creation. This is the user's login for the Console. The name must be unique across all users in the tenancy and cannot be changed.

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    Outputs

    All input properties are implicitly available as output properties. Additionally, the User resource produces the following output properties:

    Capabilities List<UserCapability>
    Properties indicating how the user is allowed to authenticate.
    DbUserName string
    DB username of the DB credential. Has to be unique across the tenancy.
    EmailVerified bool
    Whether the email address has been validated.
    ExternalIdentifier string
    Identifier of the user in the identity provider
    Id string
    The provider-assigned unique ID for this managed resource.
    IdentityProviderId string
    The OCID of the IdentityProvider this user belongs to.
    InactiveState string
    Returned only if the user's lifecycleState is INACTIVE. A 16-bit value showing the reason why the user is inactive:

    • bit 0: SUSPENDED (reserved for future use)
    • bit 1: DISABLED (reserved for future use)
    • bit 2: BLOCKED (the user has exceeded the maximum number of failed login attempts for the Console)
    LastSuccessfulLoginTime string
    The date and time of when the user most recently logged in the format defined by RFC3339 (ex. 2016-08-25T21:10:29.600Z). If there is no login history, this field is null.
    PreviousSuccessfulLoginTime string
    The date and time of when the user most recently logged in the format defined by RFC3339 (ex. 2016-08-25T21:10:29.600Z). If there is no login history, this field is null.
    State string
    The user's current state.
    TimeCreated string
    Date and time the user was created, in the format defined by RFC3339. Example: 2016-08-25T21:10:29.600Z
    Capabilities []UserCapability
    Properties indicating how the user is allowed to authenticate.
    DbUserName string
    DB username of the DB credential. Has to be unique across the tenancy.
    EmailVerified bool
    Whether the email address has been validated.
    ExternalIdentifier string
    Identifier of the user in the identity provider
    Id string
    The provider-assigned unique ID for this managed resource.
    IdentityProviderId string
    The OCID of the IdentityProvider this user belongs to.
    InactiveState string
    Returned only if the user's lifecycleState is INACTIVE. A 16-bit value showing the reason why the user is inactive:

    • bit 0: SUSPENDED (reserved for future use)
    • bit 1: DISABLED (reserved for future use)
    • bit 2: BLOCKED (the user has exceeded the maximum number of failed login attempts for the Console)
    LastSuccessfulLoginTime string
    The date and time of when the user most recently logged in the format defined by RFC3339 (ex. 2016-08-25T21:10:29.600Z). If there is no login history, this field is null.
    PreviousSuccessfulLoginTime string
    The date and time of when the user most recently logged in the format defined by RFC3339 (ex. 2016-08-25T21:10:29.600Z). If there is no login history, this field is null.
    State string
    The user's current state.
    TimeCreated string
    Date and time the user was created, in the format defined by RFC3339. Example: 2016-08-25T21:10:29.600Z
    capabilities List<UserCapability>
    Properties indicating how the user is allowed to authenticate.
    dbUserName String
    DB username of the DB credential. Has to be unique across the tenancy.
    emailVerified Boolean
    Whether the email address has been validated.
    externalIdentifier String
    Identifier of the user in the identity provider
    id String
    The provider-assigned unique ID for this managed resource.
    identityProviderId String
    The OCID of the IdentityProvider this user belongs to.
    inactiveState String
    Returned only if the user's lifecycleState is INACTIVE. A 16-bit value showing the reason why the user is inactive:

    • bit 0: SUSPENDED (reserved for future use)
    • bit 1: DISABLED (reserved for future use)
    • bit 2: BLOCKED (the user has exceeded the maximum number of failed login attempts for the Console)
    lastSuccessfulLoginTime String
    The date and time of when the user most recently logged in the format defined by RFC3339 (ex. 2016-08-25T21:10:29.600Z). If there is no login history, this field is null.
    previousSuccessfulLoginTime String
    The date and time of when the user most recently logged in the format defined by RFC3339 (ex. 2016-08-25T21:10:29.600Z). If there is no login history, this field is null.
    state String
    The user's current state.
    timeCreated String
    Date and time the user was created, in the format defined by RFC3339. Example: 2016-08-25T21:10:29.600Z
    capabilities UserCapability[]
    Properties indicating how the user is allowed to authenticate.
    dbUserName string
    DB username of the DB credential. Has to be unique across the tenancy.
    emailVerified boolean
    Whether the email address has been validated.
    externalIdentifier string
    Identifier of the user in the identity provider
    id string
    The provider-assigned unique ID for this managed resource.
    identityProviderId string
    The OCID of the IdentityProvider this user belongs to.
    inactiveState string
    Returned only if the user's lifecycleState is INACTIVE. A 16-bit value showing the reason why the user is inactive:

    • bit 0: SUSPENDED (reserved for future use)
    • bit 1: DISABLED (reserved for future use)
    • bit 2: BLOCKED (the user has exceeded the maximum number of failed login attempts for the Console)
    lastSuccessfulLoginTime string
    The date and time of when the user most recently logged in the format defined by RFC3339 (ex. 2016-08-25T21:10:29.600Z). If there is no login history, this field is null.
    previousSuccessfulLoginTime string
    The date and time of when the user most recently logged in the format defined by RFC3339 (ex. 2016-08-25T21:10:29.600Z). If there is no login history, this field is null.
    state string
    The user's current state.
    timeCreated string
    Date and time the user was created, in the format defined by RFC3339. Example: 2016-08-25T21:10:29.600Z
    capabilities Sequence[identity.UserCapability]
    Properties indicating how the user is allowed to authenticate.
    db_user_name str
    DB username of the DB credential. Has to be unique across the tenancy.
    email_verified bool
    Whether the email address has been validated.
    external_identifier str
    Identifier of the user in the identity provider
    id str
    The provider-assigned unique ID for this managed resource.
    identity_provider_id str
    The OCID of the IdentityProvider this user belongs to.
    inactive_state str
    Returned only if the user's lifecycleState is INACTIVE. A 16-bit value showing the reason why the user is inactive:

    • bit 0: SUSPENDED (reserved for future use)
    • bit 1: DISABLED (reserved for future use)
    • bit 2: BLOCKED (the user has exceeded the maximum number of failed login attempts for the Console)
    last_successful_login_time str
    The date and time of when the user most recently logged in the format defined by RFC3339 (ex. 2016-08-25T21:10:29.600Z). If there is no login history, this field is null.
    previous_successful_login_time str
    The date and time of when the user most recently logged in the format defined by RFC3339 (ex. 2016-08-25T21:10:29.600Z). If there is no login history, this field is null.
    state str
    The user's current state.
    time_created str
    Date and time the user was created, in the format defined by RFC3339. Example: 2016-08-25T21:10:29.600Z
    capabilities List<Property Map>
    Properties indicating how the user is allowed to authenticate.
    dbUserName String
    DB username of the DB credential. Has to be unique across the tenancy.
    emailVerified Boolean
    Whether the email address has been validated.
    externalIdentifier String
    Identifier of the user in the identity provider
    id String
    The provider-assigned unique ID for this managed resource.
    identityProviderId String
    The OCID of the IdentityProvider this user belongs to.
    inactiveState String
    Returned only if the user's lifecycleState is INACTIVE. A 16-bit value showing the reason why the user is inactive:

    • bit 0: SUSPENDED (reserved for future use)
    • bit 1: DISABLED (reserved for future use)
    • bit 2: BLOCKED (the user has exceeded the maximum number of failed login attempts for the Console)
    lastSuccessfulLoginTime String
    The date and time of when the user most recently logged in the format defined by RFC3339 (ex. 2016-08-25T21:10:29.600Z). If there is no login history, this field is null.
    previousSuccessfulLoginTime String
    The date and time of when the user most recently logged in the format defined by RFC3339 (ex. 2016-08-25T21:10:29.600Z). If there is no login history, this field is null.
    state String
    The user's current state.
    timeCreated String
    Date and time the user was created, in the format defined by RFC3339. Example: 2016-08-25T21:10:29.600Z

    Look up Existing User Resource

    Get an existing User resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: UserState, opts?: CustomResourceOptions): User
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            capabilities: Optional[Sequence[_identity.UserCapabilityArgs]] = None,
            compartment_id: Optional[str] = None,
            db_user_name: Optional[str] = None,
            defined_tags: Optional[Mapping[str, Any]] = None,
            description: Optional[str] = None,
            email: Optional[str] = None,
            email_verified: Optional[bool] = None,
            external_identifier: Optional[str] = None,
            freeform_tags: Optional[Mapping[str, Any]] = None,
            identity_provider_id: Optional[str] = None,
            inactive_state: Optional[str] = None,
            last_successful_login_time: Optional[str] = None,
            name: Optional[str] = None,
            previous_successful_login_time: Optional[str] = None,
            state: Optional[str] = None,
            time_created: Optional[str] = None) -> User
    func GetUser(ctx *Context, name string, id IDInput, state *UserState, opts ...ResourceOption) (*User, error)
    public static User Get(string name, Input<string> id, UserState? state, CustomResourceOptions? opts = null)
    public static User get(String name, Output<String> id, UserState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Capabilities List<UserCapability>
    Properties indicating how the user is allowed to authenticate.
    CompartmentId string
    The OCID of the tenancy containing the user.
    DbUserName string
    DB username of the DB credential. Has to be unique across the tenancy.
    DefinedTags Dictionary<string, object>
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
    Description string
    (Updatable) The description you assign to the user during creation. Does not have to be unique, and it's changeable.
    Email string
    (Updatable) The email you assign to the user. Has to be unique across the tenancy.
    EmailVerified bool
    Whether the email address has been validated.
    ExternalIdentifier string
    Identifier of the user in the identity provider
    FreeformTags Dictionary<string, object>
    (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
    IdentityProviderId string
    The OCID of the IdentityProvider this user belongs to.
    InactiveState string
    Returned only if the user's lifecycleState is INACTIVE. A 16-bit value showing the reason why the user is inactive:

    • bit 0: SUSPENDED (reserved for future use)
    • bit 1: DISABLED (reserved for future use)
    • bit 2: BLOCKED (the user has exceeded the maximum number of failed login attempts for the Console)
    LastSuccessfulLoginTime string
    The date and time of when the user most recently logged in the format defined by RFC3339 (ex. 2016-08-25T21:10:29.600Z). If there is no login history, this field is null.
    Name string

    The name you assign to the user during creation. This is the user's login for the Console. The name must be unique across all users in the tenancy and cannot be changed.

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    PreviousSuccessfulLoginTime string
    The date and time of when the user most recently logged in the format defined by RFC3339 (ex. 2016-08-25T21:10:29.600Z). If there is no login history, this field is null.
    State string
    The user's current state.
    TimeCreated string
    Date and time the user was created, in the format defined by RFC3339. Example: 2016-08-25T21:10:29.600Z
    Capabilities []UserCapabilityArgs
    Properties indicating how the user is allowed to authenticate.
    CompartmentId string
    The OCID of the tenancy containing the user.
    DbUserName string
    DB username of the DB credential. Has to be unique across the tenancy.
    DefinedTags map[string]interface{}
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
    Description string
    (Updatable) The description you assign to the user during creation. Does not have to be unique, and it's changeable.
    Email string
    (Updatable) The email you assign to the user. Has to be unique across the tenancy.
    EmailVerified bool
    Whether the email address has been validated.
    ExternalIdentifier string
    Identifier of the user in the identity provider
    FreeformTags map[string]interface{}
    (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
    IdentityProviderId string
    The OCID of the IdentityProvider this user belongs to.
    InactiveState string
    Returned only if the user's lifecycleState is INACTIVE. A 16-bit value showing the reason why the user is inactive:

    • bit 0: SUSPENDED (reserved for future use)
    • bit 1: DISABLED (reserved for future use)
    • bit 2: BLOCKED (the user has exceeded the maximum number of failed login attempts for the Console)
    LastSuccessfulLoginTime string
    The date and time of when the user most recently logged in the format defined by RFC3339 (ex. 2016-08-25T21:10:29.600Z). If there is no login history, this field is null.
    Name string

    The name you assign to the user during creation. This is the user's login for the Console. The name must be unique across all users in the tenancy and cannot be changed.

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    PreviousSuccessfulLoginTime string
    The date and time of when the user most recently logged in the format defined by RFC3339 (ex. 2016-08-25T21:10:29.600Z). If there is no login history, this field is null.
    State string
    The user's current state.
    TimeCreated string
    Date and time the user was created, in the format defined by RFC3339. Example: 2016-08-25T21:10:29.600Z
    capabilities List<UserCapability>
    Properties indicating how the user is allowed to authenticate.
    compartmentId String
    The OCID of the tenancy containing the user.
    dbUserName String
    DB username of the DB credential. Has to be unique across the tenancy.
    definedTags Map<String,Object>
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
    description String
    (Updatable) The description you assign to the user during creation. Does not have to be unique, and it's changeable.
    email String
    (Updatable) The email you assign to the user. Has to be unique across the tenancy.
    emailVerified Boolean
    Whether the email address has been validated.
    externalIdentifier String
    Identifier of the user in the identity provider
    freeformTags Map<String,Object>
    (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
    identityProviderId String
    The OCID of the IdentityProvider this user belongs to.
    inactiveState String
    Returned only if the user's lifecycleState is INACTIVE. A 16-bit value showing the reason why the user is inactive:

    • bit 0: SUSPENDED (reserved for future use)
    • bit 1: DISABLED (reserved for future use)
    • bit 2: BLOCKED (the user has exceeded the maximum number of failed login attempts for the Console)
    lastSuccessfulLoginTime String
    The date and time of when the user most recently logged in the format defined by RFC3339 (ex. 2016-08-25T21:10:29.600Z). If there is no login history, this field is null.
    name String

    The name you assign to the user during creation. This is the user's login for the Console. The name must be unique across all users in the tenancy and cannot be changed.

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    previousSuccessfulLoginTime String
    The date and time of when the user most recently logged in the format defined by RFC3339 (ex. 2016-08-25T21:10:29.600Z). If there is no login history, this field is null.
    state String
    The user's current state.
    timeCreated String
    Date and time the user was created, in the format defined by RFC3339. Example: 2016-08-25T21:10:29.600Z
    capabilities UserCapability[]
    Properties indicating how the user is allowed to authenticate.
    compartmentId string
    The OCID of the tenancy containing the user.
    dbUserName string
    DB username of the DB credential. Has to be unique across the tenancy.
    definedTags {[key: string]: any}
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
    description string
    (Updatable) The description you assign to the user during creation. Does not have to be unique, and it's changeable.
    email string
    (Updatable) The email you assign to the user. Has to be unique across the tenancy.
    emailVerified boolean
    Whether the email address has been validated.
    externalIdentifier string
    Identifier of the user in the identity provider
    freeformTags {[key: string]: any}
    (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
    identityProviderId string
    The OCID of the IdentityProvider this user belongs to.
    inactiveState string
    Returned only if the user's lifecycleState is INACTIVE. A 16-bit value showing the reason why the user is inactive:

    • bit 0: SUSPENDED (reserved for future use)
    • bit 1: DISABLED (reserved for future use)
    • bit 2: BLOCKED (the user has exceeded the maximum number of failed login attempts for the Console)
    lastSuccessfulLoginTime string
    The date and time of when the user most recently logged in the format defined by RFC3339 (ex. 2016-08-25T21:10:29.600Z). If there is no login history, this field is null.
    name string

    The name you assign to the user during creation. This is the user's login for the Console. The name must be unique across all users in the tenancy and cannot be changed.

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    previousSuccessfulLoginTime string
    The date and time of when the user most recently logged in the format defined by RFC3339 (ex. 2016-08-25T21:10:29.600Z). If there is no login history, this field is null.
    state string
    The user's current state.
    timeCreated string
    Date and time the user was created, in the format defined by RFC3339. Example: 2016-08-25T21:10:29.600Z
    capabilities Sequence[identity.UserCapabilityArgs]
    Properties indicating how the user is allowed to authenticate.
    compartment_id str
    The OCID of the tenancy containing the user.
    db_user_name str
    DB username of the DB credential. Has to be unique across the tenancy.
    defined_tags Mapping[str, Any]
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
    description str
    (Updatable) The description you assign to the user during creation. Does not have to be unique, and it's changeable.
    email str
    (Updatable) The email you assign to the user. Has to be unique across the tenancy.
    email_verified bool
    Whether the email address has been validated.
    external_identifier str
    Identifier of the user in the identity provider
    freeform_tags Mapping[str, Any]
    (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
    identity_provider_id str
    The OCID of the IdentityProvider this user belongs to.
    inactive_state str
    Returned only if the user's lifecycleState is INACTIVE. A 16-bit value showing the reason why the user is inactive:

    • bit 0: SUSPENDED (reserved for future use)
    • bit 1: DISABLED (reserved for future use)
    • bit 2: BLOCKED (the user has exceeded the maximum number of failed login attempts for the Console)
    last_successful_login_time str
    The date and time of when the user most recently logged in the format defined by RFC3339 (ex. 2016-08-25T21:10:29.600Z). If there is no login history, this field is null.
    name str

    The name you assign to the user during creation. This is the user's login for the Console. The name must be unique across all users in the tenancy and cannot be changed.

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    previous_successful_login_time str
    The date and time of when the user most recently logged in the format defined by RFC3339 (ex. 2016-08-25T21:10:29.600Z). If there is no login history, this field is null.
    state str
    The user's current state.
    time_created str
    Date and time the user was created, in the format defined by RFC3339. Example: 2016-08-25T21:10:29.600Z
    capabilities List<Property Map>
    Properties indicating how the user is allowed to authenticate.
    compartmentId String
    The OCID of the tenancy containing the user.
    dbUserName String
    DB username of the DB credential. Has to be unique across the tenancy.
    definedTags Map<Any>
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
    description String
    (Updatable) The description you assign to the user during creation. Does not have to be unique, and it's changeable.
    email String
    (Updatable) The email you assign to the user. Has to be unique across the tenancy.
    emailVerified Boolean
    Whether the email address has been validated.
    externalIdentifier String
    Identifier of the user in the identity provider
    freeformTags Map<Any>
    (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
    identityProviderId String
    The OCID of the IdentityProvider this user belongs to.
    inactiveState String
    Returned only if the user's lifecycleState is INACTIVE. A 16-bit value showing the reason why the user is inactive:

    • bit 0: SUSPENDED (reserved for future use)
    • bit 1: DISABLED (reserved for future use)
    • bit 2: BLOCKED (the user has exceeded the maximum number of failed login attempts for the Console)
    lastSuccessfulLoginTime String
    The date and time of when the user most recently logged in the format defined by RFC3339 (ex. 2016-08-25T21:10:29.600Z). If there is no login history, this field is null.
    name String

    The name you assign to the user during creation. This is the user's login for the Console. The name must be unique across all users in the tenancy and cannot be changed.

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    previousSuccessfulLoginTime String
    The date and time of when the user most recently logged in the format defined by RFC3339 (ex. 2016-08-25T21:10:29.600Z). If there is no login history, this field is null.
    state String
    The user's current state.
    timeCreated String
    Date and time the user was created, in the format defined by RFC3339. Example: 2016-08-25T21:10:29.600Z

    Supporting Types

    UserCapability, UserCapabilityArgs

    CanUseApiKeys bool
    Indicates if the user can use API keys.
    CanUseAuthTokens bool
    Indicates if the user can use SWIFT passwords / auth tokens.
    CanUseConsolePassword bool
    Indicates if the user can log in to the console.
    CanUseCustomerSecretKeys bool
    Indicates if the user can use SigV4 symmetric keys.
    CanUseDbCredentials bool
    Indicates if the user can use DB passwords.
    CanUseOauth2clientCredentials bool
    Indicates if the user can use OAuth2 credentials and tokens.
    CanUseSmtpCredentials bool
    Indicates if the user can use SMTP passwords.
    CanUseApiKeys bool
    Indicates if the user can use API keys.
    CanUseAuthTokens bool
    Indicates if the user can use SWIFT passwords / auth tokens.
    CanUseConsolePassword bool
    Indicates if the user can log in to the console.
    CanUseCustomerSecretKeys bool
    Indicates if the user can use SigV4 symmetric keys.
    CanUseDbCredentials bool
    Indicates if the user can use DB passwords.
    CanUseOauth2clientCredentials bool
    Indicates if the user can use OAuth2 credentials and tokens.
    CanUseSmtpCredentials bool
    Indicates if the user can use SMTP passwords.
    canUseApiKeys Boolean
    Indicates if the user can use API keys.
    canUseAuthTokens Boolean
    Indicates if the user can use SWIFT passwords / auth tokens.
    canUseConsolePassword Boolean
    Indicates if the user can log in to the console.
    canUseCustomerSecretKeys Boolean
    Indicates if the user can use SigV4 symmetric keys.
    canUseDbCredentials Boolean
    Indicates if the user can use DB passwords.
    canUseOauth2clientCredentials Boolean
    Indicates if the user can use OAuth2 credentials and tokens.
    canUseSmtpCredentials Boolean
    Indicates if the user can use SMTP passwords.
    canUseApiKeys boolean
    Indicates if the user can use API keys.
    canUseAuthTokens boolean
    Indicates if the user can use SWIFT passwords / auth tokens.
    canUseConsolePassword boolean
    Indicates if the user can log in to the console.
    canUseCustomerSecretKeys boolean
    Indicates if the user can use SigV4 symmetric keys.
    canUseDbCredentials boolean
    Indicates if the user can use DB passwords.
    canUseOauth2clientCredentials boolean
    Indicates if the user can use OAuth2 credentials and tokens.
    canUseSmtpCredentials boolean
    Indicates if the user can use SMTP passwords.
    can_use_api_keys bool
    Indicates if the user can use API keys.
    can_use_auth_tokens bool
    Indicates if the user can use SWIFT passwords / auth tokens.
    can_use_console_password bool
    Indicates if the user can log in to the console.
    can_use_customer_secret_keys bool
    Indicates if the user can use SigV4 symmetric keys.
    can_use_db_credentials bool
    Indicates if the user can use DB passwords.
    can_use_oauth2client_credentials bool
    Indicates if the user can use OAuth2 credentials and tokens.
    can_use_smtp_credentials bool
    Indicates if the user can use SMTP passwords.
    canUseApiKeys Boolean
    Indicates if the user can use API keys.
    canUseAuthTokens Boolean
    Indicates if the user can use SWIFT passwords / auth tokens.
    canUseConsolePassword Boolean
    Indicates if the user can log in to the console.
    canUseCustomerSecretKeys Boolean
    Indicates if the user can use SigV4 symmetric keys.
    canUseDbCredentials Boolean
    Indicates if the user can use DB passwords.
    canUseOauth2clientCredentials Boolean
    Indicates if the user can use OAuth2 credentials and tokens.
    canUseSmtpCredentials Boolean
    Indicates if the user can use SMTP passwords.

    Import

    Users can be imported using the id, e.g.

    $ pulumi import oci:Identity/user:User test_user "id"
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    oci pulumi/pulumi-oci
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the oci Terraform Provider.
    oci logo
    Oracle Cloud Infrastructure v2.3.0 published on Wednesday, Jul 17, 2024 by Pulumi