|
| 1 | +# oci_identity_dynamic_group |
| 2 | + |
| 3 | +## DynamicGroup Resource |
| 4 | + |
| 5 | +### DynamicGroup Reference |
| 6 | + |
| 7 | +The following attributes are exported: |
| 8 | + |
| 9 | +* `compartment_id` - The OCID of the tenancy containing the group. |
| 10 | +* `description` - The description you assign to the group. Does not have to be unique, and it's changeable. |
| 11 | +* `id` - The OCID of the group. |
| 12 | +* `inactive_state` - The detailed status of INACTIVE lifecycleState. |
| 13 | +* `matching_rule` - A rule string that defines which instance certificates will be matched. For syntax, see [Managing Dynamic Groups](https://docs.us-phoenix-1.oraclecloud.com/Content/Identity/Tasks/managingdynamicgroups.htm). |
| 14 | +* `name` - The name you assign to the group during creation. The name must be unique across all groups in the tenancy and cannot be changed. |
| 15 | +* `state` - The group's current state. After creating a group, make sure its `lifecycleState` changes from CREATING to ACTIVE before using it. |
| 16 | +* `time_created` - Date and time the group was created, in the format defined by RFC3339. Example: `2016-08-25T21:10:29.600Z` |
| 17 | + |
| 18 | + |
| 19 | + |
| 20 | +### Create Operation |
| 21 | +Creates a new dynamic group in your tenancy. |
| 22 | + |
| 23 | +You must specify your tenancy's OCID as the compartment ID in the request object (remember that the tenancy |
| 24 | +is simply the root compartment). Notice that IAM resources (users, groups, compartments, and some policies) |
| 25 | +reside within the tenancy itself, unlike cloud resources such as compute instances, which typically |
| 26 | +reside within compartments inside the tenancy. For information about OCIDs, see |
| 27 | +[Resource Identifiers](https://docs.us-phoenix-1.oraclecloud.com/Content/General/Concepts/identifiers.htm). |
| 28 | + |
| 29 | +You must also specify a *name* for the dynamic group, which must be unique across all dynamic groups in your |
| 30 | +tenancy, and cannot be changed. Note that this name has to be also unique accross all groups in your tenancy. |
| 31 | +You can use this name or the OCID when writing policies that apply to the dynamic group. For more information |
| 32 | +about policies, see [How Policies Work](https://docs.us-phoenix-1.oraclecloud.com/Content/Identity/Concepts/policies.htm). |
| 33 | + |
| 34 | +You must also specify a *description* for the dynamic group (although it can be an empty string). It does not |
| 35 | +have to be unique, and you can change it anytime with [UpdateDynamicGroup](https://docs.us-phoenix-1.oraclecloud.com/api/#/en/identity/20160918/DynamicGroup/UpdateDynamicGroup). |
| 36 | + |
| 37 | +After you send your request, the new object's `lifecycleState` will temporarily be CREATING. Before using the |
| 38 | +object, first make sure its `lifecycleState` has changed to ACTIVE. |
| 39 | + |
| 40 | + |
| 41 | +The following arguments are supported: |
| 42 | + |
| 43 | +* `compartment_id` - (Required) The OCID of the tenancy containing the group. |
| 44 | +* `description` - (Required) The description you assign to the group during creation. Does not have to be unique, and it's changeable. |
| 45 | +* `matching_rule` - (Required) The matching rule to dynamically match an instance certificate to this dynamic group. For rule syntax, see [Managing Dynamic Groups](https://docs.us-phoenix-1.oraclecloud.com/Content/Identity/Tasks/managingdynamicgroups.htm). |
| 46 | +* `name` - (Required) The name you assign to the group during creation. The name must be unique across all groups in the tenancy and cannot be changed. |
| 47 | + |
| 48 | + |
| 49 | +### Update Operation |
| 50 | +Updates the specified dynamic group. |
| 51 | + |
| 52 | +The following arguments support updates: |
| 53 | +* `description` - The description you assign to the group during creation. Does not have to be unique, and it's changeable. |
| 54 | +* `matching_rule` - The matching rule to dynamically match an instance certificate to this dynamic group. For rule syntax, see [Managing Dynamic Groups](https://docs.us-phoenix-1.oraclecloud.com/Content/Identity/Tasks/managingdynamicgroups.htm). |
| 55 | + |
| 56 | + |
| 57 | +** IMPORTANT ** |
| 58 | +Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values |
| 59 | + |
| 60 | +### Example Usage |
| 61 | + |
| 62 | +```hcl |
| 63 | +resource "oci_identity_dynamic_group" "test_dynamic_group" { |
| 64 | + #Required |
| 65 | + compartment_id = "${var.compartment_id}" |
| 66 | + description = "${var.dynamic_group_description}" |
| 67 | + matching_rule = "${var.dynamic_group_matching_rule}" |
| 68 | + name = "${var.dynamic_group_name}" |
| 69 | +} |
| 70 | +``` |
| 71 | + |
| 72 | +# oci_identity_dynamic_groups |
| 73 | + |
| 74 | +## DynamicGroup DataSource |
| 75 | + |
| 76 | +Gets a list of dynamic_groups. |
| 77 | + |
| 78 | +### List Operation |
| 79 | +Lists the dynamic groups in your tenancy. You must specify your tenancy's OCID as the value for |
| 80 | +the compartment ID (remember that the tenancy is simply the root compartment). |
| 81 | +See [Where to Get the Tenancy's OCID and User's OCID](https://docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm#five). |
| 82 | + |
| 83 | +The following arguments are supported: |
| 84 | + |
| 85 | +* `compartment_id` - (Required) The OCID of the compartment (remember that the tenancy is simply the root compartment). |
| 86 | + |
| 87 | + |
| 88 | +The following attributes are exported: |
| 89 | + |
| 90 | +* `dynamic_groups` - The list of dynamic_groups. |
| 91 | + |
| 92 | +### Example Usage |
| 93 | + |
| 94 | +```hcl |
| 95 | +data "oci_identity_dynamic_groups" "test_dynamic_groups" { |
| 96 | + #Required |
| 97 | + compartment_id = "${var.compartment_id}" |
| 98 | +} |
| 99 | +``` |
0 commit comments