I am using the Python script given here to get all resources for a user. I was able to run it using the Tenancy user (which is not advisable) but not a test user created with admin permissions. This admin user already has the permission for API keys generation. But when I use the key in the config, it gives below error:
'target_service': 'identity', 'status': 404, 'code': 'NotAuthorizedOrNotFound'
Code where it fails (Line 177):
user = identity.get_user(config["user"]).data
Is there a Rule or Policy to be applied to the new user for enabling API access?
Update: I created another user in the DEFAULT domain and added it to default 'Administrators' group and it worked. But still not able to make it work using a test-domain admin user.
MY OCI INFRA:
Compartments(2) - ROOT, C2.
ROOT- domains(2) -> Default, test-domain.
C2- domains(1) -> Default.
Default- users(2) -> tenancyUser, defaultadmin
test-domain- users(1) -> testadmin
and other resources...
The issue is that the script calls
oci.identity.IdentityClient.get_user(<user_ocid>)which is ONLY for Default domain users.Other domain users can call and use
oci.identity_domains.IdentityDomainsClient.get_user(<user_ocid>)to get the user data.