@ibm-cloud/platform-services

/** * (C) Copyright IBM Corp. 2025. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ /// <reference types="node" /> import { IncomingHttpHeaders, OutgoingHttpHeaders } from 'http'; import { AbortSignal, BaseService, UserOptions } from 'ibm-cloud-sdk-core'; /** * The IAM Identity Service API allows for the management of Account Settings and Identities (Service IDs, ApiKeys). * * API Version: 1.0.0 */ declare class IamIdentityV1 extends BaseService { static DEFAULT_SERVICE_URL: string; static DEFAULT_SERVICE_NAME: string; /************************* * Factory method ************************/ /** * Constructs an instance of IamIdentityV1 with passed in options and external configuration. * * @param {UserOptions} [options] - The parameters to send to the service. * @param {string} [options.serviceName] - The name of the service to configure * @param {Authenticator} [options.authenticator] - The Authenticator object used to authenticate requests to the service * @param {string} [options.serviceUrl] - The base URL for the service * @returns {IamIdentityV1} */ static newInstance(options: UserOptions): IamIdentityV1; /** * Construct a IamIdentityV1 object. * * @param {Object} options - Options for the service. * @param {string} [options.serviceUrl] - The base URL for the service * @param {OutgoingHttpHeaders} [options.headers] - Default headers that shall be included with every request to the service. * @param {Authenticator} options.authenticator - The Authenticator object used to authenticate requests to the service * @constructor * @returns {IamIdentityV1} */ constructor(options: UserOptions); /************************* * serviceIDs ************************/ /** * List service IDs. * * Returns a list of service IDs. Users can manage user API keys for themself, or service ID API keys for service IDs * they have access to. Note: apikey details are only included in the response when creating a Service ID with an api * key. * * @param {Object} [params] - The parameters to send to the service. * @param {string} [params.accountId] - Account ID of the service ID(s) to query. This parameter is required (unless * using a pagetoken). * @param {string} [params.groupId] - Group ID of the service ID(s) to query. If this parameter is not provided the * default group is applied. * @param {string} [params.name] - Name of the service ID(s) to query. Optional.20 items per page. Valid range is 1 to * 100. * @param {number} [params.pagesize] - Optional size of a single page. Default is 20 items per page. Valid range is 1 * to 100. * @param {string} [params.pagetoken] - Optional Prev or Next page token returned from a previous query execution. * Default is start with first page. * @param {string} [params.sort] - Optional sort property, valid values are name, description, created_at and * modified_at. If specified, the items are sorted by the value of this property. * @param {string} [params.order] - Optional sort order, valid values are asc and desc. Default: asc. * @param {boolean} [params.includeHistory] - Defines if the entity history is included in the response. * @param {string} [params.filter] - An optional filter query parameter used to refine the results of the search * operation. For more information see [Filtering list results](#filter-list-results) section. * @param {string} [params.showGroupId] - Defines if the service ID group ID is included in the response. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.ServiceIdList>>} */ listServiceIds(params?: IamIdentityV1.ListServiceIdsParams): Promise<IamIdentityV1.Response<IamIdentityV1.ServiceIdList>>; /** * Create a service ID. * * Creates a service ID for an IBM Cloud account. Users can manage user API keys for themself, or service ID API keys * for service IDs they have access to. * * @param {Object} params - The parameters to send to the service. * @param {string} params.accountId - ID of the account the service ID belongs to. * @param {string} params.name - Name of the Service Id. The name is not checked for uniqueness. Therefore multiple * names with the same value can exist. Access is done via the UUID of the Service Id. * @param {string} [params.groupId] - ID of the group to which the service ID belongs to. If the value is not set, the * service ID is bound to the default group. * @param {string} [params.description] - The optional description of the Service Id. The 'description' property is * only available if a description was provided during a create of a Service Id. * @param {string[]} [params.uniqueInstanceCrns] - Optional list of CRNs (string array) which point to the services * connected to the service ID. * @param {ApiKeyInsideCreateServiceIdRequest} [params.apikey] - Parameters for the API key in the Create service Id * V1 REST request. * @param {string} [params.showGroupId] - Defines if the service ID group ID is included in the response. * @param {string} [params.entityLock] - Indicates if the service ID is locked for further write operations. False by * default. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.ServiceId>>} */ createServiceId(params: IamIdentityV1.CreateServiceIdParams): Promise<IamIdentityV1.Response<IamIdentityV1.ServiceId>>; /** * Get details of a service ID. * * Returns the details of a service ID. Users can manage user API keys for themself, or service ID API keys for * service IDs they have access to. Note: apikey details are only included in the response when creating a Service ID * with an api key. * * @param {Object} params - The parameters to send to the service. * @param {string} params.id - Unique ID of the service ID. * @param {boolean} [params.includeHistory] - Defines if the entity history is included in the response. * @param {boolean} [params.includeActivity] - Defines if the entity's activity is included in the response. * Retrieving activity data is an expensive operation, so only request this when needed. * @param {string} [params.showGroupId] - Defines if the service ID group ID is included in the response. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.ServiceId>>} */ getServiceId(params: IamIdentityV1.GetServiceIdParams): Promise<IamIdentityV1.Response<IamIdentityV1.ServiceId>>; /** * Update service ID. * * Updates properties of a service ID. This does NOT affect existing access tokens. Their token content will stay * unchanged until the access token is refreshed. To update a service ID, pass the property to be modified. To delete * one property's value, pass the property with an empty value "".Users can manage user API keys for themself, or * service ID API keys for service IDs they have access to. Note: apikey details are only included in the response * when creating a Service ID with an apikey. * * @param {Object} params - The parameters to send to the service. * @param {string} params.id - Unique ID of the service ID to be updated. * @param {string} params.ifMatch - Version of the service ID to be updated. Specify the version that you retrieved as * entity_tag (ETag header) when reading the service ID. This value helps identifying parallel usage of this API. Pass * * to indicate to update any version available. This might result in stale updates. * @param {string} [params.name] - The name of the service ID to update. If specified in the request the parameter * must not be empty. The name is not checked for uniqueness. Failure to this will result in an Error condition. * @param {string} [params.description] - The description of the service ID to update. If specified an empty * description will clear the description of the service ID. If an non empty value is provided the service ID will be * updated. * @param {string[]} [params.uniqueInstanceCrns] - List of CRNs which point to the services connected to this service * ID. If specified an empty list will clear all existing unique instance crns of the service ID. * @param {string} [params.showGroupId] - Defines if the service ID group ID is included in the response. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.ServiceId>>} */ updateServiceId(params: IamIdentityV1.UpdateServiceIdParams): Promise<IamIdentityV1.Response<IamIdentityV1.ServiceId>>; /** * Deletes a service ID and associated API keys. * * Deletes a service ID and all API keys associated to it. Before deleting the service ID, all associated API keys are * deleted. In case a Delete Conflict (status code 409) a retry of the request may help as the service ID is only * deleted if the associated API keys were successfully deleted before. Users can manage user API keys for themself, * or service ID API keys for service IDs they have access to. * * @param {Object} params - The parameters to send to the service. * @param {string} params.id - Unique ID of the service ID. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.EmptyObject>>} */ deleteServiceId(params: IamIdentityV1.DeleteServiceIdParams): Promise<IamIdentityV1.Response<IamIdentityV1.EmptyObject>>; /** * Lock the service ID. * * Locks a service ID by ID. Users can manage user API keys for themself, or service ID API keys for service IDs they * have access to. * * @param {Object} params - The parameters to send to the service. * @param {string} params.id - Unique ID of the service ID. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.EmptyObject>>} */ lockServiceId(params: IamIdentityV1.LockServiceIdParams): Promise<IamIdentityV1.Response<IamIdentityV1.EmptyObject>>; /** * Unlock the service ID. * * Unlocks a service ID by ID. Users can manage user API keys for themself, or service ID API keys for service IDs * they have access to. * * @param {Object} params - The parameters to send to the service. * @param {string} params.id - Unique ID of the service ID. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.EmptyObject>>} */ unlockServiceId(params: IamIdentityV1.UnlockServiceIdParams): Promise<IamIdentityV1.Response<IamIdentityV1.EmptyObject>>; /************************* * serviceIDGroups ************************/ /** * List service ID groups. * * Returns a list of all service ID groups for the given account ID. * * @param {Object} [params] - The parameters to send to the service. * @param {string} [params.accountId] - Account ID of the service ID groups to query. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.ServiceIdGroupList>>} */ listServiceIdGroup(params?: IamIdentityV1.ListServiceIdGroupParams): Promise<IamIdentityV1.Response<IamIdentityV1.ServiceIdGroupList>>; /** * Create a service ID group. * * Creates a service ID group for the given account ID. * * @param {Object} params - The parameters to send to the service. * @param {string} params.accountId - ID of the account the service ID group belongs to. * @param {string} params.name - Name of the service ID group. Unique in the account. * @param {string} [params.description] - Description of the service ID group. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.ServiceIdGroup>>} */ createServiceIdGroup(params: IamIdentityV1.CreateServiceIdGroupParams): Promise<IamIdentityV1.Response<IamIdentityV1.ServiceIdGroup>>; /** * Get details of a service ID group. * * Returns the details of a service ID group. * * @param {Object} params - The parameters to send to the service. * @param {string} params.id - Unique ID of the service ID group. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.ServiceIdGroup>>} */ getServiceIdGroup(params: IamIdentityV1.GetServiceIdGroupParams): Promise<IamIdentityV1.Response<IamIdentityV1.ServiceIdGroup>>; /** * Update a service ID group. * * Update a service ID group. * * @param {Object} params - The parameters to send to the service. * @param {string} params.id - Unique ID of the service ID group to be updated. * @param {string} params.ifMatch - Version of the service ID gorup to be updated. Specify the version that you * retrieved when reading service ID group. This value helps identifying parallel usage of this API. Pass * to * indicate to update any version available. This might result in stale updates. * @param {string} params.name - Name of the service ID group. Unique in the account. * @param {string} [params.description] - Description of the service ID group. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.ServiceIdGroup>>} */ updateServiceIdGroup(params: IamIdentityV1.UpdateServiceIdGroupParams): Promise<IamIdentityV1.Response<IamIdentityV1.ServiceIdGroup>>; /** * Delete a service ID group. * * Delete a service ID group. * * @param {Object} params - The parameters to send to the service. * @param {string} params.id - Unique ID of the service ID group. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.EmptyObject>>} */ deleteServiceIdGroup(params: IamIdentityV1.DeleteServiceIdGroupParams): Promise<IamIdentityV1.Response<IamIdentityV1.EmptyObject>>; /************************* * aPIKeys ************************/ /** * Get API keys for a given service or user IAM ID and account ID. * * Returns the list of API key details for a given service or user IAM ID and account ID. Users can manage user API * keys for themself, or service ID API keys for service IDs they have access to. * * @param {Object} [params] - The parameters to send to the service. * @param {string} [params.accountId] - Account ID of the API keys to query. If a service IAM ID is specified in * iam_id then account_id must match the account of the IAM ID. If a user IAM ID is specified in iam_id then then * account_id must match the account of the Authorization token. * @param {string} [params.iamId] - IAM ID of the API keys to be queried. The IAM ID may be that of a user or a * service. For a user IAM ID iam_id must match the Authorization token. * @param {number} [params.pagesize] - Optional size of a single page. Default is 20 items per page. Valid range is 1 * to 100. * @param {string} [params.pagetoken] - Optional Prev or Next page token returned from a previous query execution. * Default is start with first page. * @param {string} [params.scope] - Optional parameter to define the scope of the queried API keys. Can be 'entity' * (default) or 'account'. * @param {string} [params.type] - Optional parameter to filter the type of the queried API keys. Can be 'user' or * 'serviceid'. * @param {string} [params.sort] - Optional sort property, valid values are name, description, created_at and * created_by. If specified, the items are sorted by the value of this property. * @param {string} [params.order] - Optional sort order, valid values are asc and desc. Default: asc. * @param {boolean} [params.includeHistory] - Defines if the entity history is included in the response. * @param {string} [params.filter] - An optional filter query parameter used to refine the results of the search * operation. For more information see [Filtering list results](#filter-list-results) section. * @param {string} [params.groupId] - Optional group ID of the service ID(s) to which the searched API keys are bound. * If this parameter is not provided the default group is applied on service ID API keys. For user API keys this * parameter is ignored as they always belong to the default group. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.ApiKeyList>>} */ listApiKeys(params?: IamIdentityV1.ListApiKeysParams): Promise<IamIdentityV1.Response<IamIdentityV1.ApiKeyList>>; /** * Create an API key. * * Creates an API key for a UserID or service ID. Users can manage user API keys for themself, or service ID API keys * for service IDs they have access to. * * @param {Object} params - The parameters to send to the service. * @param {string} params.name - Name of the API key. The name is not checked for uniqueness. Therefore multiple names * with the same value can exist. Access is done via the UUID of the API key. * @param {string} params.iamId - The iam_id that this API key authenticates. * @param {string} [params.description] - The optional description of the API key. The 'description' property is only * available if a description was provided during a create of an API key. * @param {string} [params.accountId] - The account ID of the API key. * @param {string} [params.apikey] - You can optionally passthrough the API key value for this API key. If passed, a * minimum length validation of 32 characters for that apiKey value is done, i.e. the value can contain any characters * and can even be non-URL safe, but the minimum length requirement must be met. If omitted, the API key management * will create an URL safe opaque API key value. The value of the API key is checked for uniqueness. Ensure enough * variations when passing in this value. * @param {boolean} [params.storeValue] - Send true or false to set whether the API key value is retrievable in the * future by using the Get details of an API key request. If you create an API key for a user, you must specify * `false` or omit the value. We don't allow storing of API keys for users. * @param {boolean} [params.supportSessions] - Defines whether you can manage CLI login sessions for the API key. When * `true`, sessions are created and can be reviewed or revoked. When `false`, no sessions are tracked. To block * access, delete or rotate the API key. Available only for user API keys. * @param {string} [params.actionWhenLeaked] - Defines the action to take when API key is leaked, valid values are * 'none', 'disable' and 'delete'. * @param {string} [params.entityLock] - Indicates if the API key is locked for further write operations. False by * default. * @param {string} [params.entityDisable] - Indicates if the API key is disabled. False by default. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.ApiKey>>} */ createApiKey(params: IamIdentityV1.CreateApiKeyParams): Promise<IamIdentityV1.Response<IamIdentityV1.ApiKey>>; /** * Get details of an API key by its value. * * Returns the details of an API key by its value. Users can manage user API keys for themself, or service ID API keys * for service IDs they have access to. * * @param {Object} [params] - The parameters to send to the service. * @param {string} [params.iamApiKey] - API key value. * @param {boolean} [params.includeHistory] - Defines if the entity history is included in the response. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.ApiKey>>} */ getApiKeysDetails(params?: IamIdentityV1.GetApiKeysDetailsParams): Promise<IamIdentityV1.Response<IamIdentityV1.ApiKey>>; /** * Get details of an API key. * * Returns the details of an API key. Users can manage user API keys for themself, or service ID API keys for service * IDs they have access to. * * @param {Object} params - The parameters to send to the service. * @param {string} params.id - Unique ID of the API key. * @param {boolean} [params.includeHistory] - Defines if the entity history is included in the response. * @param {boolean} [params.includeActivity] - Defines if the entity's activity is included in the response. * Retrieving activity data is an expensive operation, so only request this when needed. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.ApiKey>>} */ getApiKey(params: IamIdentityV1.GetApiKeyParams): Promise<IamIdentityV1.Response<IamIdentityV1.ApiKey>>; /** * Updates an API key. * * Updates properties of an API key. This does NOT affect existing access tokens. Their token content will stay * unchanged until the access token is refreshed. To update an API key, pass the property to be modified. To delete * one property's value, pass the property with an empty value "". Users can manage user API keys for themself, or * service ID API keys for service IDs they have access to. * * @param {Object} params - The parameters to send to the service. * @param {string} params.id - Unique ID of the API key to be updated. * @param {string} params.ifMatch - Version of the API key to be updated. Specify the version that you retrieved when * reading the API key. This value helps identifying parallel usage of this API. Pass * to indicate to update any * version available. This might result in stale updates. * @param {string} [params.name] - The name of the API key to update. If specified in the request the parameter must * not be empty. The name is not checked for uniqueness. Failure to this will result in an Error condition. * @param {string} [params.description] - The description of the API key to update. If specified an empty description * will clear the description of the API key. If a non empty value is provided the API key will be updated. * @param {boolean} [params.supportSessions] - Defines whether you can manage CLI login sessions for the API key. When * `true`, sessions are created and can be reviewed or revoked. When `false`, no sessions are tracked. To block * access, delete or rotate the API key. Available only for user API keys. * @param {string} [params.actionWhenLeaked] - Defines the action to take when API key is leaked, valid values are * 'none', 'disable' and 'delete'. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.ApiKey>>} */ updateApiKey(params: IamIdentityV1.UpdateApiKeyParams): Promise<IamIdentityV1.Response<IamIdentityV1.ApiKey>>; /** * Deletes an API key. * * Deletes an API key. Existing tokens will remain valid until expired. Users can manage user API keys for themself, * or service ID API keys for service IDs they have access to. * * @param {Object} params - The parameters to send to the service. * @param {string} params.id - Unique ID of the API key. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.EmptyObject>>} */ deleteApiKey(params: IamIdentityV1.DeleteApiKeyParams): Promise<IamIdentityV1.Response<IamIdentityV1.EmptyObject>>; /** * Lock the API key. * * Locks an API key by ID. Users can manage user API keys for themself, or service ID API keys for service IDs they * have access to. * * @param {Object} params - The parameters to send to the service. * @param {string} params.id - Unique ID of the API key. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.EmptyObject>>} */ lockApiKey(params: IamIdentityV1.LockApiKeyParams): Promise<IamIdentityV1.Response<IamIdentityV1.EmptyObject>>; /** * Unlock the API key. * * Unlocks an API key by ID. Users can manage user API keys for themself, or service ID API keys for service IDs they * have access to. * * @param {Object} params - The parameters to send to the service. * @param {string} params.id - Unique ID of the API key. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.EmptyObject>>} */ unlockApiKey(params: IamIdentityV1.UnlockApiKeyParams): Promise<IamIdentityV1.Response<IamIdentityV1.EmptyObject>>; /** * Disable the API key. * * Disable an API key. Users can manage user API keys for themself, or service ID API keys for service IDs they have * access to. * * @param {Object} params - The parameters to send to the service. * @param {string} params.id - Unique ID of the API key. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.EmptyObject>>} */ disableApiKey(params: IamIdentityV1.DisableApiKeyParams): Promise<IamIdentityV1.Response<IamIdentityV1.EmptyObject>>; /** * Enable the API key. * * Enable an API key. Users can manage user API keys for themself, or service ID API keys for service IDs they have * access to. * * @param {Object} params - The parameters to send to the service. * @param {string} params.id - Unique ID of the API key. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.EmptyObject>>} */ enableApiKey(params: IamIdentityV1.EnableApiKeyParams): Promise<IamIdentityV1.Response<IamIdentityV1.EmptyObject>>; /************************* * trustedProfiles ************************/ /** * Create a trusted profile. * * Create a trusted profile for a given account ID. * * @param {Object} params - The parameters to send to the service. * @param {string} params.name - Name of the trusted profile. The name is checked for uniqueness. Therefore trusted * profiles with the same names can not exist in the same account. * @param {string} params.accountId - The account ID of the trusted profile. * @param {string} [params.description] - The optional description of the trusted profile. The 'description' property * is only available if a description was provided during creation of trusted profile. * @param {string} [params.email] - The email of the trusted profile. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.TrustedProfile>>} */ createProfile(params: IamIdentityV1.CreateProfileParams): Promise<IamIdentityV1.Response<IamIdentityV1.TrustedProfile>>; /** * List trusted profiles. * * List the trusted profiles in an account. The `account_id` query parameter determines the account from which to * retrieve the list of trusted profiles. * * @param {Object} params - The parameters to send to the service. * @param {string} params.accountId - Account ID to query for trusted profiles. * @param {string} [params.name] - Name of the trusted profile to query. * @param {number} [params.pagesize] - Optional size of a single page. Default is 20 items per page. Valid range is 1 * to 100. * @param {string} [params.sort] - Optional sort property, valid values are name, description, created_at and * modified_at. If specified, the items are sorted by the value of this property. * @param {string} [params.order] - Optional sort order, valid values are asc and desc. Default: asc. * @param {boolean} [params.includeHistory] - Defines if the entity history is included in the response. * @param {string} [params.pagetoken] - Optional Prev or Next page token returned from a previous query execution. * Default is start with first page. * @param {string} [params.filter] - An optional filter query parameter used to refine the results of the search * operation. For more information see [Filtering list results](#filter-list-results) section. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.TrustedProfilesList>>} */ listProfiles(params: IamIdentityV1.ListProfilesParams): Promise<IamIdentityV1.Response<IamIdentityV1.TrustedProfilesList>>; /** * Get a trusted profile. * * Retrieve a trusted profile by its `profile-id`. Only the trusted profile's data is returned (`name`, `description`, * `iam_id`, etc.), not the federated users or compute resources that qualify to apply the trusted profile. * * @param {Object} params - The parameters to send to the service. * @param {string} params.profileId - ID of the trusted profile to get. * @param {boolean} [params.includeActivity] - Defines if the entity's activity is included in the response. * Retrieving activity data is an expensive operation, so only request this when needed. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.TrustedProfile>>} */ getProfile(params: IamIdentityV1.GetProfileParams): Promise<IamIdentityV1.Response<IamIdentityV1.TrustedProfile>>; /** * Update a trusted profile. * * Update the name or description of an existing trusted profile. * * @param {Object} params - The parameters to send to the service. * @param {string} params.profileId - ID of the trusted profile to be updated. * @param {string} params.ifMatch - Version of the trusted profile to be updated. Specify the version that you * retrived when reading list of trusted profiles. This value helps to identify any parallel usage of trusted profile. * Pass * to indicate to update any version available. This might result in stale updates. * @param {string} [params.name] - The name of the trusted profile to update. If specified in the request the * parameter must not be empty. The name is checked for uniqueness. Failure to this will result in an Error condition. * @param {string} [params.description] - The description of the trusted profile to update. If specified an empty * description will clear the description of the trusted profile. If a non empty value is provided the trusted profile * will be updated. * @param {string} [params.email] - The email of the profile to update. If specified an empty email will clear the * email of the profile. If an non empty value is provided the trusted profile will be updated. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.TrustedProfile>>} */ updateProfile(params: IamIdentityV1.UpdateProfileParams): Promise<IamIdentityV1.Response<IamIdentityV1.TrustedProfile>>; /** * Delete a trusted profile. * * Delete a trusted profile. When you delete trusted profile, compute resources and federated users are unlinked from * the profile and can no longer apply the trusted profile identity. * * @param {Object} params - The parameters to send to the service. * @param {string} params.profileId - ID of the trusted profile. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.EmptyObject>>} */ deleteProfile(params: IamIdentityV1.DeleteProfileParams): Promise<IamIdentityV1.Response<IamIdentityV1.EmptyObject>>; /** * Create claim rule for a trusted profile. * * Create a claim rule for a trusted profile. There is a limit of 20 rules per trusted profile. * * @param {Object} params - The parameters to send to the service. * @param {string} params.profileId - ID of the trusted profile to create a claim rule. * @param {string} params.type - Type of the claim rule, either 'Profile-SAML' or 'Profile-CR'. * @param {ProfileClaimRuleConditions[]} params.conditions - Conditions of this claim rule. * @param {ResponseContext} [params.context] - Context with key properties for problem determination. * @param {string} [params.name] - Name of the claim rule to be created or updated. * @param {string} [params.realmName] - The realm name of the Idp this claim rule applies to. This field is required * only if the type is specified as 'Profile-SAML'. * @param {string} [params.crType] - The compute resource type the rule applies to, required only if type is specified * as 'Profile-CR'. Valid values are VSI, IKS_SA, ROKS_SA. * @param {number} [params.expiration] - Session expiration in seconds, only required if type is 'Profile-SAML'. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.ProfileClaimRule>>} */ createClaimRule(params: IamIdentityV1.CreateClaimRuleParams): Promise<IamIdentityV1.Response<IamIdentityV1.ProfileClaimRule>>; /** * List claim rules for a trusted profile. * * Get a list of all claim rules for a trusted profile. The `profile-id` query parameter determines the profile from * which to retrieve the list of claim rules. * * @param {Object} params - The parameters to send to the service. * @param {string} params.profileId - ID of the trusted profile. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.ProfileClaimRuleList>>} */ listClaimRules(params: IamIdentityV1.ListClaimRulesParams): Promise<IamIdentityV1.Response<IamIdentityV1.ProfileClaimRuleList>>; /** * Get a claim rule for a trusted profile. * * A specific claim rule can be fetched for a given trusted profile ID and rule ID. * * @param {Object} params - The parameters to send to the service. * @param {string} params.profileId - ID of the trusted profile. * @param {string} params.ruleId - ID of the claim rule to get. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.ProfileClaimRule>>} */ getClaimRule(params: IamIdentityV1.GetClaimRuleParams): Promise<IamIdentityV1.Response<IamIdentityV1.ProfileClaimRule>>; /** * Update claim rule for a trusted profile. * * Update a specific claim rule for a given trusted profile ID and rule ID. * * @param {Object} params - The parameters to send to the service. * @param {string} params.profileId - ID of the trusted profile. * @param {string} params.ruleId - ID of the claim rule to update. * @param {string} params.ifMatch - Version of the claim rule to be updated. Specify the version that you retrived * when reading list of claim rules. This value helps to identify any parallel usage of claim rule. Pass * to indicate * to update any version available. This might result in stale updates. * @param {string} params.type - Type of the claim rule, either 'Profile-SAML' or 'Profile-CR'. * @param {ProfileClaimRuleConditions[]} params.conditions - Conditions of this claim rule. * @param {ResponseContext} [params.context] - Context with key properties for problem determination. * @param {string} [params.name] - Name of the claim rule to be created or updated. * @param {string} [params.realmName] - The realm name of the Idp this claim rule applies to. This field is required * only if the type is specified as 'Profile-SAML'. * @param {string} [params.crType] - The compute resource type the rule applies to, required only if type is specified * as 'Profile-CR'. Valid values are VSI, IKS_SA, ROKS_SA. * @param {number} [params.expiration] - Session expiration in seconds, only required if type is 'Profile-SAML'. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.ProfileClaimRule>>} */ updateClaimRule(params: IamIdentityV1.UpdateClaimRuleParams): Promise<IamIdentityV1.Response<IamIdentityV1.ProfileClaimRule>>; /** * Delete a claim rule. * * Delete a claim rule. When you delete a claim rule, federated user or compute resources are no longer required to * meet the conditions of the claim rule in order to apply the trusted profile. * * @param {Object} params - The parameters to send to the service. * @param {string} params.profileId - ID of the trusted profile. * @param {string} params.ruleId - ID of the claim rule to delete. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.EmptyObject>>} */ deleteClaimRule(params: IamIdentityV1.DeleteClaimRuleParams): Promise<IamIdentityV1.Response<IamIdentityV1.EmptyObject>>; /** * Create link to a trusted profile. * * Create a direct link between a specific compute resource and a trusted profile, rather than creating conditions * that a compute resource must fulfill to apply a trusted profile. * * @param {Object} params - The parameters to send to the service. * @param {string} params.profileId - ID of the trusted profile. * @param {string} params.crType - The compute resource type. Valid values are VSI, IKS_SA, ROKS_SA. * @param {CreateProfileLinkRequestLink} params.link - Link details. * @param {string} [params.name] - Optional name of the Link. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.ProfileLink>>} */ createLink(params: IamIdentityV1.CreateLinkParams): Promise<IamIdentityV1.Response<IamIdentityV1.ProfileLink>>; /** * List links to a trusted profile. * * Get a list of links to a trusted profile. * * @param {Object} params - The parameters to send to the service. * @param {string} params.profileId - ID of the trusted profile. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.ProfileLinkList>>} */ listLinks(params: IamIdentityV1.ListLinksParams): Promise<IamIdentityV1.Response<IamIdentityV1.ProfileLinkList>>; /** * Delete compute resource link to profile by given parameters. * * Deletes compute resource link of a Trusted Profile matching the given parameters. * * @param {Object} params - The parameters to send to the service. * @param {string} params.profileId - The unique ID of the Trusted Profile. * @param {string} params.type - The compute resource type. Valid values are VSI, BMS, IKS_SA, ROKS_SA, CE. * @param {string} [params.crn] - CRN of the compute resource (IKS/ROKS/VSI/BMS). * @param {string} [params.namespace] - Namespace of the compute resource (IKS/ROKS). * @param {string} [params.name] - Name of the compute resource (IKS/ROKS). * @param {string} [params.componentType] - Component type of the compute resource, only required if type is CE. * @param {string} [params.componentName] - Component name of the compute resource, only required if type is CE. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.EmptyObject>>} */ deleteLinkByParameters(params: IamIdentityV1.DeleteLinkByParametersParams): Promise<IamIdentityV1.Response<IamIdentityV1.EmptyObject>>; /** * Get link to a trusted profile. * * Get a specific link to a trusted profile by `link_id`. * * @param {Object} params - The parameters to send to the service. * @param {string} params.profileId - ID of the trusted profile. * @param {string} params.linkId - ID of the link. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.ProfileLink>>} */ getLink(params: IamIdentityV1.GetLinkParams): Promise<IamIdentityV1.Response<IamIdentityV1.ProfileLink>>; /** * Delete link to a trusted profile. * * Delete a link between a compute resource and a trusted profile. * * @param {Object} params - The parameters to send to the service. * @param {string} params.profileId - ID of the trusted profile. * @param {string} params.linkId - ID of the link. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.EmptyObject>>} */ deleteLink(params: IamIdentityV1.DeleteLinkParams): Promise<IamIdentityV1.Response<IamIdentityV1.EmptyObject>>; /** * Get a list of identities that can assume the trusted profile. * * Get a list of identities that can assume the trusted profile. * * @param {Object} params - The parameters to send to the service. * @param {string} params.profileId - ID of the trusted profile. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.ProfileIdentitiesResponse>>} */ getProfileIdentities(params: IamIdentityV1.GetProfileIdentitiesParams): Promise<IamIdentityV1.Response<IamIdentityV1.ProfileIdentitiesResponse>>; /** * Update the list of identities that can assume the trusted profile. * * Update the list of identities that can assume the trusted profile. * * @param {Object} params - The parameters to send to the service. * @param {string} params.profileId - ID of the trusted profile. * @param {string} params.ifMatch - Entity tag of the Identities to be updated. Specify the tag that you retrieved * when reading the Profile Identities. This value helps identify parallel usage of this API. Pass * to indicate * updating any available version, which may result in stale updates. * @param {ProfileIdentityRequest[]} [params.identities] - List of identities that can assume the trusted profile. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.ProfileIdentitiesResponse>>} */ setProfileIdentities(params: IamIdentityV1.SetProfileIdentitiesParams): Promise<IamIdentityV1.Response<IamIdentityV1.ProfileIdentitiesResponse>>; /** * Add a specific identity that can assume the trusted profile. * * Add a specific identity that can assume the trusted profile. * * **Note:** This API will update the trusted profile itself, thus calling it repeatedly for the same profile can * lead to conflicts responded with HTTP code 409. Make sure to call this API only once in a few seconds for the * same trusted profile. * * @param {Object} params - The parameters to send to the service. * @param {string} params.profileId - ID of the trusted profile. * @param {string} params.identityType - Type of the identity. * @param {string} params.identifier - Identifier of the identity that can assume the trusted profiles. This can be a * user identifier (IAM id), serviceid or crn. Internally it uses account id of the service id for the identifier * 'serviceid' and for the identifier 'crn' it uses account id contained in the CRN. * @param {string} params.type - Type of the identity. * @param {string[]} [params.accounts] - Only valid for the type user. Accounts from which a user can assume the * trusted profile. * @param {string} [params.description] - Description of the identity that can assume the trusted profile. This is * optional field for all the types of identities. When this field is not set for the identity type 'serviceid' then * the description of the service id is used. Description is recommended for the identity type 'crn' E.g. 'Instance * 1234 of IBM Cloud Service project'. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.ProfileIdentityResponse>>} */ setProfileIdentity(params: IamIdentityV1.SetProfileIdentityParams): Promise<IamIdentityV1.Response<IamIdentityV1.ProfileIdentityResponse>>; /** * Get the identity that can assume the trusted profile. * * Get the identity that can assume the trusted profile. * * @param {Object} params - The parameters to send to the service. * @param {string} params.profileId - ID of the trusted profile. * @param {string} params.identityType - Type of the identity. * @param {string} params.identifierId - Identifier of the identity that can assume the trusted profiles. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.ProfileIdentityResponse>>} */ getProfileIdentity(params: IamIdentityV1.GetProfileIdentityParams): Promise<IamIdentityV1.Response<IamIdentityV1.ProfileIdentityResponse>>; /** * Delete the identity that can assume the trusted profile. * * Delete the identity that can assume the trusted profile. * * **Note:** This API will update the trusted profile itself, thus calling it repeatedly for the same profile can * lead to conflicts responded with HTTP code 409. Make sure to call this API only once in a few seconds for the * same trusted profile. * * @param {Object} params - The parameters to send to the service. * @param {string} params.profileId - ID of the trusted profile. * @param {string} params.identityType - Type of the identity. * @param {string} params.identifierId - Identifier of the identity that can assume the trusted profiles. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.EmptyObject>>} */ deleteProfileIdentity(params: IamIdentityV1.DeleteProfileIdentityParams): Promise<IamIdentityV1.Response<IamIdentityV1.EmptyObject>>; /************************* * activities ************************/ /** * Trigger activity report for the account. * * Trigger activity report for the account by specifying the account ID. It can take a few minutes to generate the * report for retrieval. * * @param {Object} params - The parameters to send to the service. * @param {string} params.accountId - ID of the account. * @param {string} [params.type] - Optional report type. The supported value is 'inactive'. List all identities that * have not authenticated within the time indicated by duration. * @param {string} [params.duration] - Optional duration of the report. The supported unit of duration is hours. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<IamIdentityV1.Response<IamIdentityV1.ReportReference>>} */ createReport(params: IamIdentityV1.CreateReportParams): Promise<IamIdentityV1.Response<IamIdentityV1.ReportReference>>; /** * Get activity report for the account. * * Get activity report for the account by specifying the account ID and the reference that is generated by triggering * the report. Reports older than a day are deleted when generating a new report. * * @param {Object} params - The parameters to send to the service. * @param {string} params.accountId - ID of the account. * @param {string} params.reference - Reference for the report to be generated, You can use 'latest' to get the latest * report for the given account.