1. REST API for Oracle Private Cloud Appliance Compute Enclave
  2. Tasks
  3. Identity
  4. Dynamic Groups

CreateDynamicGroup

post

/20160918/dynamicGroups

Create a new dynamic group in your tenancy. Specify the OCID of your tenancy for the compartment OCID in the request.

Specify a name for the dynamic group, which must be unique across all dynamic groups and all other groups in your tenancy (such as user groups) and cannot be changed. Use this name or the OCID to write policies for the dynamic group. For more information about policies, see "Managing Policies" (https://docs.oracle.com/en/engineered-systems/private-cloud-appliance/3.0-latest/user/user-usr-manage-policies.html).

You must specify a description for the dynamic group, although it can be an empty string.

After you send your request, the lifecycleState of the new dynamic group will temporarily be CREATING. Before using the the group, make sure its lifecycleState has changed to ACTIVE.

Request

Supported Media Types
Header Parameters
  • Minimum Length: 1
    Maximum Length: 64
    A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (for example, if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected).
Body ()
Request object for creating a new dynamic group.
Root Schema : CreateDynamicGroupDetails
Type: object
Properties for creating a dynamic group.
Show Source
  • The OCID of the tenancy containing the group.
  • definedTags
    Additional Properties Allowed: additionalProperties
    Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"Operations": {"CostCenter": "42"}}
  • Minimum Length: 1
    Maximum Length: 400
    The description you assign to the group during creation. Does not need to be unique, and it is changeable. (For tenancies that support identity domains) You can have an empty description.
  • freeformTags
    Additional Properties Allowed: additionalProperties
    Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. Example: {"Department": "Finance"}
  • Minimum Length: 1
    The matching rule to dynamically match an instance certificate to this dynamic group. For rule syntax, see "Managing Dynamic Groups" (https://docs.oracle.com/en/engineered-systems/private-cloud-appliance/3.0-latest/user/user-usr-manage-dynamic-groups.html#usr-dynamic-group-create__dynamic-group-matching-rules).
  • Minimum Length: 1
    Maximum Length: 100
    The name you assign to the group during creation. The name must be unique across all groups in the tenancy and cannot be changed.
Nested Schema : definedTags
Type: object
Additional Properties Allowed
Show Source
Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"Operations": {"CostCenter": "42"}}
Nested Schema : freeformTags
Type: object
Additional Properties Allowed
Show Source
Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. Example: {"Department": "Finance"}
Nested Schema : additionalProperties
Type: object
Additional Properties Allowed
Show Source
Key-value pair representing a defined tag key and value, scoped to a namespace. Example: {"CostCenter": "42"}
Nested Schema : additionalProperties
Type: object
The value of the tag. Only the String type is supported.
Back to Top

Response

Supported Media Types

200 Response

The dynamic group is being created.
Headers
  • For optimistic concurrency control. See if-match.
  • Unique Oracle-assigned identifier for the request. Provide this request OCID if you need to contact Oracle about this request.
Body ()
Root Schema : DynamicGroup
Type: object
A dynamic group defines a matching rule. Every bare metal or virtual machine instance is deployed with an instance certificate. The certificate contains metadata about the instance. This includes the instance OCID and the compartment OCID, along with a few other optional properties. When an API call is made using this instance certificate as the authenticator, the certificate can be matched to one or multiple dynamic groups. The instance can then get access to the API based on the permissions granted in policies written for the dynamic groups. This works like regular user/group membership. But in that case, the membership is a static relationship, whereas in a dynamic group, the membership of an instance certificate to a dynamic group is determined during runtime. For more information, see "Managing Dynamic Groups" (https://docs.oracle.com/en/engineered-systems/private-cloud-appliance/3.0-latest/user/user-usr-manage-dynamic-groups.html#usr-dynamic-group-create). Avoid entering confidential information when you supply string values using the API.
Show Source
  • The OCID of the tenancy containing the group.
  • definedTags
    Additional Properties Allowed: additionalProperties
    Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"Operations": {"CostCenter": "42"}}
  • Minimum Length: 1
    Maximum Length: 400
    The description you assign to the group. Does not need to be unique, and it is changeable. (For tenancies that support identity domains) You can have an empty description.
  • freeformTags
    Additional Properties Allowed: additionalProperties
    Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. Example: {"Department": "Finance"}
  • The OCID of the group.
  • The detailed status of INACTIVE lifecycleState.
  • Minimum Length: 1
    Maximum Length: 64
    Allowed Values: [ "CREATING", "ACTIVE", "INACTIVE", "DELETING", "DELETED" ]
    The group's current state. After creating a group, make sure its lifecycleState changes from CREATING to ACTIVE before using it.
  • Minimum Length: 1
    A rule string that defines which instance certificates will be matched. For syntax, see "Managing Dynamic Groups" (https://docs.oracle.com/en/engineered-systems/private-cloud-appliance/3.0-latest/user/user-usr-manage-dynamic-groups.html#usr-dynamic-group-create__dynamic-group-matching-rules).
  • Minimum Length: 1
    Maximum Length: 100
    The name you assign to the group during creation. The name must be unique across all groups in the tenancy and cannot be changed.
  • Date and time the group was created, in the format defined by RFC3339. Example: 2016-08-25T21:10:29.600Z
Nested Schema : definedTags
Type: object
Additional Properties Allowed
Show Source
Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"Operations": {"CostCenter": "42"}}
Nested Schema : freeformTags
Type: object
Additional Properties Allowed
Show Source
Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. Example: {"Department": "Finance"}
Nested Schema : additionalProperties
Type: object
Additional Properties Allowed
Show Source
Key-value pair representing a defined tag key and value, scoped to a namespace. Example: {"CostCenter": "42"}
Nested Schema : additionalProperties
Type: object
The value of the tag. Only the String type is supported.
Example Response (application-json)
{   "id": "ocid1.group.aaaaaaaavpexampleuniqueID",   "compartmentId": "ocid1.tenancy.aaaaaaaaba3pvexampleuniqueID",   "name": "DevCompartmentDynamicGroup",   "description": "Dynamic group for dev compartment",   "matchingRule": "instance.compartment.id=ocid1.compartment.aaaaaaaayd6exampleuniqueID",   "lifecycleState": "ACTIVE",   "timeCreated": "2016-11-18T22:01:40.936Z" }

400 Response

Bad Request
Headers
  • Unique Oracle-assigned identifier for the request. Provide this request OCID if you need to contact Oracle about this request.
Body ()
Root Schema : Error
Type: object
The properties that define an error.
Show Source

401 Response

Unauthorized
Headers
  • Unique Oracle-assigned identifier for the request. Provide this request OCID if you need to contact Oracle about this request.
Body ()
Root Schema : Error
Type: object
The properties that define an error.
Show Source

403 Response

Forbidden
Headers
  • Unique Oracle-assigned identifier for the request. Provide this request OCID if you need to contact Oracle about this request.
Body ()
Root Schema : Error
Type: object
The properties that define an error.
Show Source

404 Response

Not Found
Headers
  • Unique Oracle-assigned identifier for the request. Provide this request OCID if you need to contact Oracle about this request.
Body ()
Root Schema : Error
Type: object
The properties that define an error.
Show Source

409 Response

Conflict
Headers
  • Unique Oracle-assigned identifier for the request. Provide this request OCID if you need to contact Oracle about this request.
Body ()
Root Schema : Error
Type: object
The properties that define an error.
Show Source

429 Response

Too Many Requests
Headers
  • Unique Oracle-assigned identifier for the request. Provide this request OCID if you need to contact Oracle about this request.
Body ()
Root Schema : Error
Type: object
The properties that define an error.
Show Source

500 Response

Internal Server Error
Headers
  • Unique Oracle-assigned identifier for the request. Provide this request OCID if you need to contact Oracle about this request.
Body ()
Root Schema : Error
Type: object
The properties that define an error.
Show Source

Default Response

An error has occurred.
Headers
  • Unique Oracle-assigned identifier for the request. Provide this request OCID if you need to contact Oracle about this request.
Body ()
Root Schema : Error
Type: object
The properties that define an error.
Show Source
Back to Top