oracle
diff --git a/‎docs/examples/identity/user.tf‎
Lines changed: 45 additions & 16 deletions b/‎docs/examples/identity/user.tf‎
Lines changed: 45 additions & 16 deletions
diff --git a/‎docs/identity/customer_secret_keys.md‎
Lines changed: 85 additions & 0 deletions b/‎docs/identity/customer_secret_keys.md‎
Lines changed: 85 additions & 0 deletions
diff --git a/‎docs/identity/users.md‎
Lines changed: 2 additions & 2 deletions b/‎docs/identity/users.md‎
Lines changed: 2 additions & 2 deletions
@@ -1,20 +1,39 @@
 /*
- * This example file shows how to create a user, add an api key, and output their password. 
+ * This example file shows how to create a user, add an api key, define swift keys and customer secret keys.
  */
 
 resource "oci_identity_user" "user1" {
   name = "tf-example-user"
   description = "user created by terraform"
 }
 
+data "oci_identity_users" "users1" {
+  compartment_id = "${oci_identity_user.user1.compartment_id}"
+  filter {
+    name = "name"
+    values = ["tf-example-user"]
+  }
+}
+
+output "users1" {
+  value = "${data.oci_identity_users.users1.users}"
+}
+
+
 resource "oci_identity_ui_password" "password1" {
   user_id = "${oci_identity_user.user1.id}"
 }
 
+output "user-password" {
+  sensitive = false
+  value = "${oci_identity_ui_password.password1.password}"
+}
+
+
 resource "oci_identity_api_key" "api-key1" {
   user_id = "${oci_identity_user.user1.id}"
-  key_value = 
-<<EOF
+  key_value =
+  <<EOF
 -----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBLQAGmKJ7tpfzYJyqLG
 ZDwHL51+d6T8Z00BnP9CFfzxZZZ48PcYSUHuTyCM8mR5JqYLyH6C8tZ/DKqwxUnc
@@ -27,23 +46,33 @@ fwIDAQAB
 EOF
 }
 
-data "oci_identity_users" "users1" {
-  compartment_id = "${oci_identity_user.user1.compartment_id}"
-  filter {
-    name = "name"
-    values = ["tf-example-user"]
-  }
+output "user-api-key" {
+  value = "${oci_identity_api_key.api-key1.key_value}"
 }
 
-output "users1" {
-  value = "${data.oci_identity_users.users1.users}"
+
+resource "oci_identity_swift_password" "swift-password1" {
+  user_id = "${oci_identity_user.user1.id}"
+  description = "user swift password created by terraform"
 }
 
-output "user-password" {
-  sensitive = false
-  value = "${oci_identity_ui_password.password1.password}"
+output "swift-password" {
+  value = "${oci_identity_swift_password.swift-password1.customer_secret_keys.password}"
 }
 
-output "user-api-key" {
-  value = "${oci_identity_api_key.api-key1.key_value}"
+
+resource "oci_identity_customer_secret_key" "customer-secret-key1" {
+  user_id = "${oci_identity_user.user1.id}"
+  display_name = "tf-example-customer-secret-key"
+}
+
+data "oci_identity_customer_secret_keys" "customer-secret-keys1" {
+  user_id = "${oci_identity_user.user1.id}"
+}
+
+output "customer-secret-key" {
+  value = [
+    "${oci_identity_customer_secret_key.customer-secret-key1.key}",
+    "${data.oci_identity_customer_secret_keys.customer-secret-keys1.customer_secret_keys}"
+  ]
 }
@@ -0,0 +1,85 @@
+# oci_identity_customer_secret_key
+
+## CustomerSecretKey Resource
+
+### CustomerSecretKey Reference
+
+The following attributes are exported:
+
+* `display_name` - The displayName you assign to the secret key. Does not have to be unique, and it's changeable.
+* `id` - The OCID of the secret key.
+* `inactive_state` - The detailed status of INACTIVE lifecycleState.
+* `key` - The secret key.
+* `state` - The secret key's current state. After creating a secret key, make sure its `lifecycleState` changes from CREATING to ACTIVE before using it. 
+* `time_created` - Date and time the `CustomerSecretKey` object was created, in the format defined by RFC3339.  Example: `2016-08-25T21:10:29.600Z` 
+* `time_expires` - Date and time when this password will expire, in the format defined by RFC3339. Null if it never expires.  Example: `2016-08-25T21:10:29.600Z` 
+* `user_id` - The OCID of the user the password belongs to.
+
+
+
+### Create Operation
+Creates a new secret key for the specified user. Secret keys are used for authentication with the Object Storage Service's Amazon S3
+compatible API. For information, see
+[Managing User Credentials](https://docs.us-phoenix-1.oraclecloud.com/Content/Identity/Tasks/managingcredentials.htm).
+
+You must specify a *description* for the secret key (although it can be an empty string). It does not
+have to be unique, and you can change it anytime with
+[UpdateCustomerSecretKey](https://docs.us-phoenix-1.oraclecloud.com/api/#/en/identity/20160918/CustomerSecretKeySummary/UpdateCustomerSecretKey).
+
+Every user has permission to create a secret key for *their own user ID*. An administrator in your organization
+does not need to write a policy to give users this ability. To compare, administrators who have permission to the
+tenancy can use this operation to create a secret key for any user, including themselves.
+
+
+The following arguments are supported:
+
+* `display_name` - (Required) The name you assign to the secret key during creation. Does not have to be unique, and it's changeable. 
+* `user_id` - (Required) The OCID of the user.
+
+
+### Update Operation
+
+
+The following arguments support updates:
+* `display_name` - The name you assign to the secret key during creation. Does not have to be unique, and it's changeable.
+
+** IMPORTANT **
+Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
+
+### Example Usage
+
+```
+resource "oci_identity_customer_secret_key" "test_customer_secret_key" {
+	#Required
+	display_name = "${var.customer_secret_key_display_name}"
+	user_id = "${oci_identity_user.test_user.id}"
+}
+```
+
+# oci_identity_customer_secret_keys
+
+## CustomerSecretKey DataSource
+
+Gets a list of customer_secret_keys.
+
+### List Operation
+Lists the secret keys for the specified user. The returned object contains the secret key's OCID, but not
+the secret key itself. The actual secret key is returned only upon creation.
+
+The following arguments are supported:
+
+* `user_id` - (Required) The OCID of the user.
+
+
+The following attributes are exported:
+
+* `customer_secret_keys` - The list of customer_secret_keys.
+
+### Example Usage
+
+```
+data "oci_identity_customer_secret_keys" "test_customer_secret_keys" {
+	#Required
+	user_id = "${oci_identity_user.test_user.id}"
+}
+```
@@ -76,7 +76,7 @@ Any change to a property that does not support update will force the destruction
 ```
 resource "oci_identity_user" "test_user" {
 	#Required
-	compartment_id = "${var.compartment_id}"
+	compartment_id = "${var.tenancy_ocid}"
 	description = "${var.user_description}"
 	name = "${var.user_name}"
 }
@@ -107,6 +107,6 @@ The following attributes are exported:
 ```
 data "oci_identity_users" "test_users" {
 	#Required
-	compartment_id = "${var.compartment_id}"
+	compartment_id = "${var.tenancy_ocid}"
 }
 ```