Getting Information About Entities Linked to a Managed Policy

You can get information about entities linked to a managed policy, such as their name, ID, and OUTSCALE Resource Name (ORN). Entities are elements linked to a managed policy such as an account, EIM users, or user groups.

Getting Information About Entities Linked to a Managed Policy Using OSC CLI

The ReadEntitiesLinkedToPolicy command lists all entities (account, users, or user groups) linked to a specific managed policy.

Request sample: Reading all entities linked to a specific policy

$ osc-cli api ReadEntitiesLinkedToPolicy --profile "default" \
    --PolicyOrn "orn:ows:idauth::012345678910:policy/example/example-user-policy" \
    --ResultsPerPage 2

Request sample: Reading only users linked to a specific policy

$ osc-cli api ReadEntitiesLinkedToPolicy --profile "default" \
    --EntitiesType '["USER"]' \
    --PolicyOrn "orn:ows:idauth::012345678910:policy/example/example-user-policy"

This command contains the following attributes that you need to specify:

EntitiesType: (optional) The type of entity linked to the policy (ACCOUNT | USER | GROUP) you want to get information about.
FirstItem: (optional) The item starting the list of entities requested.
PolicyOrn: (optional) The OUTSCALE Resource Name (ORN) of the policy. For more information, see Resource Identifiers.
ResultsPerPage: (optional) The maximum number of items that can be returned in a single response (by default, 100).

The ReadEntitiesLinkedToPolicy command returns the following elements:

PolicyEntities: Information about the policy entities.
- Accounts: undefined
  - Id: The ID of the entity.
  - Name: The name of the entity.
  - Orn: The OUTSCALE Resource Name (ORN) of the entity. For more information, see Resource Identifiers.
- Groups: undefined
  - Id: The ID of the entity.
  - Name: The name of the entity.
  - Orn: The OUTSCALE Resource Name (ORN) of the entity. For more information, see Resource Identifiers.
- HasMoreItems: If true, there are more items to return using the FirstItem parameter in a new request.
- ItemsCount: The number of entities the specified policy is linked to.
- MaxResultsLimit: Indicates maximum results defined for the operation.
- MaxResultsTruncated: If true, indicates whether requested page size is more than allowed.
- Users: undefined
  - Id: The ID of the entity.
  - Name: The name of the entity.
  - Orn: The OUTSCALE Resource Name (ORN) of the entity. For more information, see Resource Identifiers.
ResponseContext: Information about the context of the response.
- RequestId: The ID of the request.

Result sample: Reading all entities linked to a specific policy

{
  "ResponseContext": {
    "RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
  },
  "PolicyEntities": {
    "Users": [
      {
        "Id": "ABCDEFGHIJKLMNOPQRSTUVWXYZ12345",
        "Name": "example-user",
        "Orn": "orn:ows:idauth::012345678910:user/example/user-example"
      }
    ],
    "Groups": [
      {
        "Id": "ug-12345678",
        "Name": "example-usergroup",
        "Orn": "orn:ows:idauth::012345678910:usergroup/example/usergroup-example"
      }
    ],
    "HasMoreItems": true,
    "ItemsCount": 3,
    "MaxResultsLimit": 100,
    "MaxResultsTruncated": false
  }
}

Result sample: Reading only users linked to a specific policy

{
  "ResponseContext": {
    "RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
  },
  "PolicyEntities": {
    "Users": [
      {
        "Id": "ABCDEFGHIJKLMNOPQRSTUVWXYZ12345",
        "Name": "example-user",
        "Orn": "orn:ows:idauth::012345678910:user/example/user-example"
      }
    ]
  }
}