Docs Home
Oracle Cloud Infrastructure v2.29.0 published on Wednesday, Apr 9, 2025 by Pulumi
oci.Kms.Vault
Explore with Pulumi AI
This resource provides the Vault resource in Oracle Cloud Infrastructure Kms service.
Creates a new vault. The type of vault you create determines key placement, pricing, and available options. Options include storage isolation, a dedicated service endpoint instead of a shared service endpoint for API calls, and either a dedicated hardware security module (HSM) or a multitenant HSM.
As a provisioning operation, this call is subject to a Key Management limit that applies to the total number of requests across all provisioning write operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of provisioning write operations exceeds 10 requests per second for a given tenancy.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";
const testVault = new oci.kms.Vault("test_vault", {
compartmentId: compartmentId,
displayName: vaultDisplayName,
vaultType: vaultVaultType,
definedTags: {
"Operations.CostCenter": "42",
},
externalKeyManagerMetadata: {
externalVaultEndpointUrl: vaultExternalKeyManagerMetadataExternalVaultEndpointUrl,
oauthMetadata: {
clientAppId: testClientApp.id,
clientAppSecret: vaultExternalKeyManagerMetadataOauthMetadataClientAppSecret,
idcsAccountNameUrl: vaultExternalKeyManagerMetadataOauthMetadataIdcsAccountNameUrl,
},
privateEndpointId: testPrivateEndpoint.id,
},
freeformTags: {
Department: "Finance",
},
});
import pulumi
import pulumi_oci as oci
test_vault = oci.kms.Vault("test_vault",
compartment_id=compartment_id,
display_name=vault_display_name,
vault_type=vault_vault_type,
defined_tags={
"Operations.CostCenter": "42",
},
external_key_manager_metadata={
"external_vault_endpoint_url": vault_external_key_manager_metadata_external_vault_endpoint_url,
"oauth_metadata": {
"client_app_id": test_client_app["id"],
"client_app_secret": vault_external_key_manager_metadata_oauth_metadata_client_app_secret,
"idcs_account_name_url": vault_external_key_manager_metadata_oauth_metadata_idcs_account_name_url,
},
"private_endpoint_id": test_private_endpoint["id"],
},
freeform_tags={
"Department": "Finance",
})
package main
import (
"github.com/pulumi/pulumi-oci/sdk/v2/go/oci/kms"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := kms.NewVault(ctx, "test_vault", &kms.VaultArgs{
CompartmentId: pulumi.Any(compartmentId),
DisplayName: pulumi.Any(vaultDisplayName),
VaultType: pulumi.Any(vaultVaultType),
DefinedTags: pulumi.StringMap{
"Operations.CostCenter": pulumi.String("42"),
},
ExternalKeyManagerMetadata: &kms.VaultExternalKeyManagerMetadataArgs{
ExternalVaultEndpointUrl: pulumi.Any(vaultExternalKeyManagerMetadataExternalVaultEndpointUrl),
OauthMetadata: &kms.VaultExternalKeyManagerMetadataOauthMetadataArgs{
ClientAppId: pulumi.Any(testClientApp.Id),
ClientAppSecret: pulumi.Any(vaultExternalKeyManagerMetadataOauthMetadataClientAppSecret),
IdcsAccountNameUrl: pulumi.Any(vaultExternalKeyManagerMetadataOauthMetadataIdcsAccountNameUrl),
},
PrivateEndpointId: pulumi.Any(testPrivateEndpoint.Id),
},
FreeformTags: pulumi.StringMap{
"Department": pulumi.String("Finance"),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Oci = Pulumi.Oci;
return await Deployment.RunAsync(() =>
{
var testVault = new Oci.Kms.Vault("test_vault", new()
{
CompartmentId = compartmentId,
DisplayName = vaultDisplayName,
VaultType = vaultVaultType,
DefinedTags =
{
{ "Operations.CostCenter", "42" },
},
ExternalKeyManagerMetadata = new Oci.Kms.Inputs.VaultExternalKeyManagerMetadataArgs
{
ExternalVaultEndpointUrl = vaultExternalKeyManagerMetadataExternalVaultEndpointUrl,
OauthMetadata = new Oci.Kms.Inputs.VaultExternalKeyManagerMetadataOauthMetadataArgs
{
ClientAppId = testClientApp.Id,
ClientAppSecret = vaultExternalKeyManagerMetadataOauthMetadataClientAppSecret,
IdcsAccountNameUrl = vaultExternalKeyManagerMetadataOauthMetadataIdcsAccountNameUrl,
},
PrivateEndpointId = testPrivateEndpoint.Id,
},
FreeformTags =
{
{ "Department", "Finance" },
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.Kms.Vault;
import com.pulumi.oci.Kms.VaultArgs;
import com.pulumi.oci.Kms.inputs.VaultExternalKeyManagerMetadataArgs;
import com.pulumi.oci.Kms.inputs.VaultExternalKeyManagerMetadataOauthMetadataArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var testVault = new Vault("testVault", VaultArgs.builder()
.compartmentId(compartmentId)
.displayName(vaultDisplayName)
.vaultType(vaultVaultType)
.definedTags(Map.of("Operations.CostCenter", "42"))
.externalKeyManagerMetadata(VaultExternalKeyManagerMetadataArgs.builder()
.externalVaultEndpointUrl(vaultExternalKeyManagerMetadataExternalVaultEndpointUrl)
.oauthMetadata(VaultExternalKeyManagerMetadataOauthMetadataArgs.builder()
.clientAppId(testClientApp.id())
.clientAppSecret(vaultExternalKeyManagerMetadataOauthMetadataClientAppSecret)
.idcsAccountNameUrl(vaultExternalKeyManagerMetadataOauthMetadataIdcsAccountNameUrl)
.build())
.privateEndpointId(testPrivateEndpoint.id())
.build())
.freeformTags(Map.of("Department", "Finance"))
.build());
}
}
resources:
testVault:
type: oci:Kms:Vault
name: test_vault
properties:
compartmentId: ${compartmentId}
displayName: ${vaultDisplayName}
vaultType: ${vaultVaultType}
definedTags:
Operations.CostCenter: '42'
externalKeyManagerMetadata:
externalVaultEndpointUrl: ${vaultExternalKeyManagerMetadataExternalVaultEndpointUrl}
oauthMetadata:
clientAppId: ${testClientApp.id}
clientAppSecret: ${vaultExternalKeyManagerMetadataOauthMetadataClientAppSecret}
idcsAccountNameUrl: ${vaultExternalKeyManagerMetadataOauthMetadataIdcsAccountNameUrl}
privateEndpointId: ${testPrivateEndpoint.id}
freeformTags:
Department: Finance
Create Vault Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Vault(name: string, args: VaultArgs, opts?: CustomResourceOptions);@overload
def Vault(resource_name: str,
args: VaultArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Vault(resource_name: str,
opts: Optional[ResourceOptions] = None,
compartment_id: Optional[str] = None,
display_name: Optional[str] = None,
vault_type: Optional[str] = None,
defined_tags: Optional[Mapping[str, str]] = None,
external_key_manager_metadata: Optional[_kms.VaultExternalKeyManagerMetadataArgs] = None,
freeform_tags: Optional[Mapping[str, str]] = None,
restore_from_file: Optional[_kms.VaultRestoreFromFileArgs] = None,
restore_from_object_store: Optional[_kms.VaultRestoreFromObjectStoreArgs] = None,
restore_trigger: Optional[bool] = None,
time_of_deletion: Optional[str] = None)func NewVault(ctx *Context, name string, args VaultArgs, opts ...ResourceOption) (*Vault, error)public Vault(string name, VaultArgs args, CustomResourceOptions? opts = null)type: oci:Kms:Vault
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name
This property is required. string - The unique name of the resource.
- args
This property is required. VaultArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name
This property is required. str - The unique name of the resource.
- args
This property is required. VaultArgs - The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. VaultArgs - The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. VaultArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name
This property is required. String - The unique name of the resource.
- args
This property is required. VaultArgs - The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var vaultResource = new Oci.Kms.Vault("vaultResource", new()
{
CompartmentId = "string",
DisplayName = "string",
VaultType = "string",
DefinedTags =
{
{ "string", "string" },
},
ExternalKeyManagerMetadata = new Oci.Kms.Inputs.VaultExternalKeyManagerMetadataArgs
{
ExternalVaultEndpointUrl = "string",
OauthMetadata = new Oci.Kms.Inputs.VaultExternalKeyManagerMetadataOauthMetadataArgs
{
ClientAppId = "string",
ClientAppSecret = "string",
IdcsAccountNameUrl = "string",
},
PrivateEndpointId = "string",
},
FreeformTags =
{
{ "string", "string" },
},
RestoreFromFile = new Oci.Kms.Inputs.VaultRestoreFromFileArgs
{
ContentLength = "string",
RestoreVaultFromFileDetails = "string",
ContentMd5 = "string",
},
RestoreFromObjectStore = new Oci.Kms.Inputs.VaultRestoreFromObjectStoreArgs
{
Destination = "string",
Bucket = "string",
Namespace = "string",
Object = "string",
Uri = "string",
},
RestoreTrigger = false,
TimeOfDeletion = "string",
});
example, err := Kms.NewVault(ctx, "vaultResource", &Kms.VaultArgs{
CompartmentId: pulumi.String("string"),
DisplayName: pulumi.String("string"),
VaultType: pulumi.String("string"),
DefinedTags: pulumi.StringMap{
"string": pulumi.String("string"),
},
ExternalKeyManagerMetadata: &kms.VaultExternalKeyManagerMetadataArgs{
ExternalVaultEndpointUrl: pulumi.String("string"),
OauthMetadata: &kms.VaultExternalKeyManagerMetadataOauthMetadataArgs{
ClientAppId: pulumi.String("string"),
ClientAppSecret: pulumi.String("string"),
IdcsAccountNameUrl: pulumi.String("string"),
},
PrivateEndpointId: pulumi.String("string"),
},
FreeformTags: pulumi.StringMap{
"string": pulumi.String("string"),
},
RestoreFromFile: &kms.VaultRestoreFromFileArgs{
ContentLength: pulumi.String("string"),
RestoreVaultFromFileDetails: pulumi.String("string"),
ContentMd5: pulumi.String("string"),
},
RestoreFromObjectStore: &kms.VaultRestoreFromObjectStoreArgs{
Destination: pulumi.String("string"),
Bucket: pulumi.String("string"),
Namespace: pulumi.String("string"),
Object: pulumi.String("string"),
Uri: pulumi.String("string"),
},
RestoreTrigger: pulumi.Bool(false),
TimeOfDeletion: pulumi.String("string"),
})
var vaultResource = new Vault("vaultResource", VaultArgs.builder()
.compartmentId("string")
.displayName("string")
.vaultType("string")
.definedTags(Map.of("string", "string"))
.externalKeyManagerMetadata(VaultExternalKeyManagerMetadataArgs.builder()
.externalVaultEndpointUrl("string")
.oauthMetadata(VaultExternalKeyManagerMetadataOauthMetadataArgs.builder()
.clientAppId("string")
.clientAppSecret("string")
.idcsAccountNameUrl("string")
.build())
.privateEndpointId("string")
.build())
.freeformTags(Map.of("string", "string"))
.restoreFromFile(VaultRestoreFromFileArgs.builder()
.contentLength("string")
.restoreVaultFromFileDetails("string")
.contentMd5("string")
.build())
.restoreFromObjectStore(VaultRestoreFromObjectStoreArgs.builder()
.destination("string")
.bucket("string")
.namespace("string")
.object("string")
.uri("string")
.build())
.restoreTrigger(false)
.timeOfDeletion("string")
.build());
vault_resource = oci.kms.Vault("vaultResource",
compartment_id="string",
display_name="string",
vault_type="string",
defined_tags={
"string": "string",
},
external_key_manager_metadata={
"external_vault_endpoint_url": "string",
"oauth_metadata": {
"client_app_id": "string",
"client_app_secret": "string",
"idcs_account_name_url": "string",
},
"private_endpoint_id": "string",
},
freeform_tags={
"string": "string",
},
restore_from_file={
"content_length": "string",
"restore_vault_from_file_details": "string",
"content_md5": "string",
},
restore_from_object_store={
"destination": "string",
"bucket": "string",
"namespace": "string",
"object": "string",
"uri": "string",
},
restore_trigger=False,
time_of_deletion="string")
const vaultResource = new oci.kms.Vault("vaultResource", {
compartmentId: "string",
displayName: "string",
vaultType: "string",
definedTags: {
string: "string",
},
externalKeyManagerMetadata: {
externalVaultEndpointUrl: "string",
oauthMetadata: {
clientAppId: "string",
clientAppSecret: "string",
idcsAccountNameUrl: "string",
},
privateEndpointId: "string",
},
freeformTags: {
string: "string",
},
restoreFromFile: {
contentLength: "string",
restoreVaultFromFileDetails: "string",
contentMd5: "string",
},
restoreFromObjectStore: {
destination: "string",
bucket: "string",
namespace: "string",
object: "string",
uri: "string",
},
restoreTrigger: false,
timeOfDeletion: "string",
});
type: oci:Kms:Vault
properties:
compartmentId: string
definedTags:
string: string
displayName: string
externalKeyManagerMetadata:
externalVaultEndpointUrl: string
oauthMetadata:
clientAppId: string
clientAppSecret: string
idcsAccountNameUrl: string
privateEndpointId: string
freeformTags:
string: string
restoreFromFile:
contentLength: string
contentMd5: string
restoreVaultFromFileDetails: string
restoreFromObjectStore:
bucket: string
destination: string
namespace: string
object: string
uri: string
restoreTrigger: false
timeOfDeletion: string
vaultType: string
Vault Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Vault resource accepts the following input properties:
- Compartment
Id This property is required. string - (Updatable) The OCID of the compartment where you want to create this vault.
- Display
Name This property is required. string - (Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.
- Vault
Type stringThis property is required. 
Changes to this property will trigger replacement. - The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.
- Dictionary<string, string>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"} - External
Key Manager Metadata External Key Manager Metadata - Metadata required for accessing External Key manager
- Dictionary<string, string>
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"} - Restore
From VaultFile Restore From File - (Updatable) Details where vault was backed up.
- Restore
From VaultObject Store Restore From Object Store - (Updatable) Details where vault was backed up
- Restore
Trigger bool - Time
Of stringDeletion (Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- Compartment
Id This property is required. string - (Updatable) The OCID of the compartment where you want to create this vault.
- Display
Name This property is required. string - (Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.
- Vault
Type stringThis property is required. Changes to this property will trigger replacement. - The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.
- map[string]string
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"} - External
Key Manager Metadata External Key Manager Metadata Args - Metadata required for accessing External Key manager
- map[string]string
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"} - Restore
From VaultFile Restore From File Args - (Updatable) Details where vault was backed up.
- Restore
From VaultObject Store Restore From Object Store Args - (Updatable) Details where vault was backed up
- Restore
Trigger bool - Time
Of stringDeletion (Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- compartment
Id This property is required. String - (Updatable) The OCID of the compartment where you want to create this vault.
- display
Name This property is required. String - (Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.
- vault
Type StringThis property is required. Changes to this property will trigger replacement. - The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.
- Map<String,String>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"} - external
Key Manager Metadata External Key Manager Metadata - Metadata required for accessing External Key manager
- Map<String,String>
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"} - restore
From VaultFile Restore From File - (Updatable) Details where vault was backed up.
- restore
From VaultObject Store Restore From Object Store - (Updatable) Details where vault was backed up
- restore
Trigger Boolean - time
Of StringDeletion (Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- compartment
Id This property is required. string - (Updatable) The OCID of the compartment where you want to create this vault.
- display
Name This property is required. string - (Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.
- vault
Type stringThis property is required. Changes to this property will trigger replacement. - The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.
- {[key: string]: string}
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"} - external
Key Manager Metadata External Key Manager Metadata - Metadata required for accessing External Key manager
- {[key: string]: string}
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"} - restore
From VaultFile Restore From File - (Updatable) Details where vault was backed up.
- restore
From VaultObject Store Restore From Object Store - (Updatable) Details where vault was backed up
- restore
Trigger boolean - time
Of stringDeletion (Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- compartment_
id This property is required. str - (Updatable) The OCID of the compartment where you want to create this vault.
- display_
name This property is required. str - (Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.
- vault_
type strThis property is required. Changes to this property will trigger replacement. - The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.
- Mapping[str, str]
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"} - external_
key_ manager_ metadata Vault External Key Manager Metadata Args - Metadata required for accessing External Key manager
- Mapping[str, str]
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"} - restore_
from_ kms.file Vault Restore From File Args - (Updatable) Details where vault was backed up.
- restore_
from_ kms.object_ store Vault Restore From Object Store Args - (Updatable) Details where vault was backed up
- restore_
trigger bool - time_
of_ strdeletion (Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- compartment
Id This property is required. String - (Updatable) The OCID of the compartment where you want to create this vault.
- display
Name This property is required. String - (Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.
- vault
Type StringThis property is required. Changes to this property will trigger replacement. - The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.
- Map<String>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"} - external
Key Manager Metadata - Metadata required for accessing External Key manager
- Map<String>
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"} - restore
From Property MapFile - (Updatable) Details where vault was backed up.
- restore
From Property MapObject Store - (Updatable) Details where vault was backed up
- restore
Trigger Boolean - time
Of StringDeletion (Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
Outputs
All input properties are implicitly available as output properties. Additionally, the Vault resource produces the following output properties:
- Crypto
Endpoint string - The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.
- External
Key List<VaultManager Metadata Summaries External Key Manager Metadata Summary> - Summary about metadata of external key manager to be returned to the customer as a response.
- Id string
- The provider-assigned unique ID for this managed resource.
- Is
Primary bool - A Boolean value that indicates whether the Vault is primary Vault or replica Vault.
- Is
Vault boolReplicable - A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.
- Management
Endpoint string - The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.
- Replica
Details List<VaultReplica Detail> - Vault replica details
- Restored
From stringVault Id - The OCID of the vault from which this vault was restored, if it was restored from a backup file. If you restore a vault to the same region, the vault retains the same OCID that it had when you backed up the vault.
- State string
- The vault's current lifecycle state. Example:
DELETED - Time
Created string - The date and time this vault was created, expressed in RFC 3339 timestamp format. Example:
2018-04-03T21:10:29.600Z
- Crypto
Endpoint string - The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.
- External
Key []VaultManager Metadata Summaries External Key Manager Metadata Summary - Summary about metadata of external key manager to be returned to the customer as a response.
- Id string
- The provider-assigned unique ID for this managed resource.
- Is
Primary bool - A Boolean value that indicates whether the Vault is primary Vault or replica Vault.
- Is
Vault boolReplicable - A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.
- Management
Endpoint string - The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.
- Replica
Details []VaultReplica Detail - Vault replica details
- Restored
From stringVault Id - The OCID of the vault from which this vault was restored, if it was restored from a backup file. If you restore a vault to the same region, the vault retains the same OCID that it had when you backed up the vault.
- State string
- The vault's current lifecycle state. Example:
DELETED - Time
Created string - The date and time this vault was created, expressed in RFC 3339 timestamp format. Example:
2018-04-03T21:10:29.600Z
- crypto
Endpoint String - The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.
- external
Key List<VaultManager Metadata Summaries External Key Manager Metadata Summary> - Summary about metadata of external key manager to be returned to the customer as a response.
- id String
- The provider-assigned unique ID for this managed resource.
- is
Primary Boolean - A Boolean value that indicates whether the Vault is primary Vault or replica Vault.
- is
Vault BooleanReplicable - A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.
- management
Endpoint String - The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.
- replica
Details List<VaultReplica Detail> - Vault replica details
- restored
From StringVault Id - The OCID of the vault from which this vault was restored, if it was restored from a backup file. If you restore a vault to the same region, the vault retains the same OCID that it had when you backed up the vault.
- state String
- The vault's current lifecycle state. Example:
DELETED - time
Created String - The date and time this vault was created, expressed in RFC 3339 timestamp format. Example:
2018-04-03T21:10:29.600Z
- crypto
Endpoint string - The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.
- external
Key VaultManager Metadata Summaries External Key Manager Metadata Summary[] - Summary about metadata of external key manager to be returned to the customer as a response.
- id string
- The provider-assigned unique ID for this managed resource.
- is
Primary boolean - A Boolean value that indicates whether the Vault is primary Vault or replica Vault.
- is
Vault booleanReplicable - A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.
- management
Endpoint string - The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.
- replica
Details VaultReplica Detail[] - Vault replica details
- restored
From stringVault Id - The OCID of the vault from which this vault was restored, if it was restored from a backup file. If you restore a vault to the same region, the vault retains the same OCID that it had when you backed up the vault.
- state string
- The vault's current lifecycle state. Example:
DELETED - time
Created string - The date and time this vault was created, expressed in RFC 3339 timestamp format. Example:
2018-04-03T21:10:29.600Z
- crypto_
endpoint str - The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.
- external_
key_ Sequence[kms.manager_ metadata_ summaries Vault External Key Manager Metadata Summary] - Summary about metadata of external key manager to be returned to the customer as a response.
- id str
- The provider-assigned unique ID for this managed resource.
- is_
primary bool - A Boolean value that indicates whether the Vault is primary Vault or replica Vault.
- is_
vault_ boolreplicable - A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.
- management_
endpoint str - The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.
- replica_
details Sequence[kms.Vault Replica Detail] - Vault replica details
- restored_
from_ strvault_ id - The OCID of the vault from which this vault was restored, if it was restored from a backup file. If you restore a vault to the same region, the vault retains the same OCID that it had when you backed up the vault.
- state str
- The vault's current lifecycle state. Example:
DELETED - time_
created str - The date and time this vault was created, expressed in RFC 3339 timestamp format. Example:
2018-04-03T21:10:29.600Z
- crypto
Endpoint String - The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.
- external
Key List<Property Map>Manager Metadata Summaries - Summary about metadata of external key manager to be returned to the customer as a response.
- id String
- The provider-assigned unique ID for this managed resource.
- is
Primary Boolean - A Boolean value that indicates whether the Vault is primary Vault or replica Vault.
- is
Vault BooleanReplicable - A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.
- management
Endpoint String - The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.
- replica
Details List<Property Map> - Vault replica details
- restored
From StringVault Id - The OCID of the vault from which this vault was restored, if it was restored from a backup file. If you restore a vault to the same region, the vault retains the same OCID that it had when you backed up the vault.
- state String
- The vault's current lifecycle state. Example:
DELETED - time
Created String - The date and time this vault was created, expressed in RFC 3339 timestamp format. Example:
2018-04-03T21:10:29.600Z
Look up Existing Vault Resource
Get an existing Vault resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: VaultState, opts?: CustomResourceOptions): Vault@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
compartment_id: Optional[str] = None,
crypto_endpoint: Optional[str] = None,
defined_tags: Optional[Mapping[str, str]] = None,
display_name: Optional[str] = None,
external_key_manager_metadata: Optional[_kms.VaultExternalKeyManagerMetadataArgs] = None,
external_key_manager_metadata_summaries: Optional[Sequence[_kms.VaultExternalKeyManagerMetadataSummaryArgs]] = None,
freeform_tags: Optional[Mapping[str, str]] = None,
is_primary: Optional[bool] = None,
is_vault_replicable: Optional[bool] = None,
management_endpoint: Optional[str] = None,
replica_details: Optional[Sequence[_kms.VaultReplicaDetailArgs]] = None,
restore_from_file: Optional[_kms.VaultRestoreFromFileArgs] = None,
restore_from_object_store: Optional[_kms.VaultRestoreFromObjectStoreArgs] = None,
restore_trigger: Optional[bool] = None,
restored_from_vault_id: Optional[str] = None,
state: Optional[str] = None,
time_created: Optional[str] = None,
time_of_deletion: Optional[str] = None,
vault_type: Optional[str] = None) -> Vaultfunc GetVault(ctx *Context, name string, id IDInput, state *VaultState, opts ...ResourceOption) (*Vault, error)public static Vault Get(string name, Input<string> id, VaultState? state, CustomResourceOptions? opts = null)public static Vault get(String name, Output<String> id, VaultState state, CustomResourceOptions options)resources: _: type: oci:Kms:Vault get: id: ${id}- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
The following state arguments are supported:
- Compartment
Id string - (Updatable) The OCID of the compartment where you want to create this vault.
- Crypto
Endpoint string - The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.
- Dictionary<string, string>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"} - Display
Name string - (Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.
- External
Key Manager Metadata External Key Manager Metadata - Metadata required for accessing External Key manager
- External
Key List<VaultManager Metadata Summaries External Key Manager Metadata Summary> - Summary about metadata of external key manager to be returned to the customer as a response.
- Dictionary<string, string>
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"} - Is
Primary bool - A Boolean value that indicates whether the Vault is primary Vault or replica Vault.
- Is
Vault boolReplicable - A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.
- Management
Endpoint string - The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.
- Replica
Details List<VaultReplica Detail> - Vault replica details
- Restore
From VaultFile Restore From File - (Updatable) Details where vault was backed up.
- Restore
From VaultObject Store Restore From Object Store - (Updatable) Details where vault was backed up
- Restore
Trigger bool - Restored
From stringVault Id - The OCID of the vault from which this vault was restored, if it was restored from a backup file. If you restore a vault to the same region, the vault retains the same OCID that it had when you backed up the vault.
- State string
- The vault's current lifecycle state. Example:
DELETED - Time
Created string - The date and time this vault was created, expressed in RFC 3339 timestamp format. Example:
2018-04-03T21:10:29.600Z - Time
Of stringDeletion (Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- Vault
Type - The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.
- Compartment
Id string - (Updatable) The OCID of the compartment where you want to create this vault.
- Crypto
Endpoint string - The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.
- map[string]string
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"} - Display
Name string - (Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.
- External
Key Manager Metadata External Key Manager Metadata Args - Metadata required for accessing External Key manager
- External
Key []VaultManager Metadata Summaries External Key Manager Metadata Summary Args - Summary about metadata of external key manager to be returned to the customer as a response.
- map[string]string
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"} - Is
Primary bool - A Boolean value that indicates whether the Vault is primary Vault or replica Vault.
- Is
Vault boolReplicable - A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.
- Management
Endpoint string - The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.
- Replica
Details []VaultReplica Detail Args - Vault replica details
- Restore
From VaultFile Restore From File Args - (Updatable) Details where vault was backed up.
- Restore
From VaultObject Store Restore From Object Store Args - (Updatable) Details where vault was backed up
- Restore
Trigger bool - Restored
From stringVault Id - The OCID of the vault from which this vault was restored, if it was restored from a backup file. If you restore a vault to the same region, the vault retains the same OCID that it had when you backed up the vault.
- State string
- The vault's current lifecycle state. Example:
DELETED - Time
Created string - The date and time this vault was created, expressed in RFC 3339 timestamp format. Example:
2018-04-03T21:10:29.600Z - Time
Of stringDeletion (Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- Vault
Type - The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.
- compartment
Id String - (Updatable) The OCID of the compartment where you want to create this vault.
- crypto
Endpoint String - The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.
- Map<String,String>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"} - display
Name String - (Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.
- external
Key Manager Metadata External Key Manager Metadata - Metadata required for accessing External Key manager
- external
Key List<VaultManager Metadata Summaries External Key Manager Metadata Summary> - Summary about metadata of external key manager to be returned to the customer as a response.
- Map<String,String>
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"} - is
Primary Boolean - A Boolean value that indicates whether the Vault is primary Vault or replica Vault.
- is
Vault BooleanReplicable - A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.
- management
Endpoint String - The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.
- replica
Details List<VaultReplica Detail> - Vault replica details
- restore
From VaultFile Restore From File - (Updatable) Details where vault was backed up.
- restore
From VaultObject Store Restore From Object Store - (Updatable) Details where vault was backed up
- restore
Trigger Boolean - restored
From StringVault Id - The OCID of the vault from which this vault was restored, if it was restored from a backup file. If you restore a vault to the same region, the vault retains the same OCID that it had when you backed up the vault.
- state String
- The vault's current lifecycle state. Example:
DELETED - time
Created String - The date and time this vault was created, expressed in RFC 3339 timestamp format. Example:
2018-04-03T21:10:29.600Z - time
Of StringDeletion (Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- vault
Type - The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.
- compartment
Id string - (Updatable) The OCID of the compartment where you want to create this vault.
- crypto
Endpoint string - The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.
- {[key: string]: string}
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"} - display
Name string - (Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.
- external
Key Manager Metadata External Key Manager Metadata - Metadata required for accessing External Key manager
- external
Key VaultManager Metadata Summaries External Key Manager Metadata Summary[] - Summary about metadata of external key manager to be returned to the customer as a response.
- {[key: string]: string}
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"} - is
Primary boolean - A Boolean value that indicates whether the Vault is primary Vault or replica Vault.
- is
Vault booleanReplicable - A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.
- management
Endpoint string - The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.
- replica
Details VaultReplica Detail[] - Vault replica details
- restore
From VaultFile Restore From File - (Updatable) Details where vault was backed up.
- restore
From VaultObject Store Restore From Object Store - (Updatable) Details where vault was backed up
- restore
Trigger boolean - restored
From stringVault Id - The OCID of the vault from which this vault was restored, if it was restored from a backup file. If you restore a vault to the same region, the vault retains the same OCID that it had when you backed up the vault.
- state string
- The vault's current lifecycle state. Example:
DELETED - time
Created string - The date and time this vault was created, expressed in RFC 3339 timestamp format. Example:
2018-04-03T21:10:29.600Z - time
Of stringDeletion (Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- vault
Type - The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.
- compartment_
id str - (Updatable) The OCID of the compartment where you want to create this vault.
- crypto_
endpoint str - The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.
- Mapping[str, str]
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"} - display_
name str - (Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.
- external_
key_ manager_ metadata Vault External Key Manager Metadata Args - Metadata required for accessing External Key manager
- external_
key_ Sequence[kms.manager_ metadata_ summaries Vault External Key Manager Metadata Summary Args] - Summary about metadata of external key manager to be returned to the customer as a response.
- Mapping[str, str]
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"} - is_
primary bool - A Boolean value that indicates whether the Vault is primary Vault or replica Vault.
- is_
vault_ boolreplicable - A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.
- management_
endpoint str - The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.
- replica_
details Sequence[kms.Vault Replica Detail Args] - Vault replica details
- restore_
from_ kms.file Vault Restore From File Args - (Updatable) Details where vault was backed up.
- restore_
from_ kms.object_ store Vault Restore From Object Store Args - (Updatable) Details where vault was backed up
- restore_
trigger bool - restored_
from_ strvault_ id - The OCID of the vault from which this vault was restored, if it was restored from a backup file. If you restore a vault to the same region, the vault retains the same OCID that it had when you backed up the vault.
- state str
- The vault's current lifecycle state. Example:
DELETED - time_
created str - The date and time this vault was created, expressed in RFC 3339 timestamp format. Example:
2018-04-03T21:10:29.600Z - time_
of_ strdeletion (Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- vault_
type - The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.
- compartment
Id String - (Updatable) The OCID of the compartment where you want to create this vault.
- crypto
Endpoint String - The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.
- Map<String>
- (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:
{"Operations.CostCenter": "42"} - display
Name String - (Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.
- external
Key Manager Metadata - Metadata required for accessing External Key manager
- external
Key List<Property Map>Manager Metadata Summaries - Summary about metadata of external key manager to be returned to the customer as a response.
- Map<String>
- (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:
{"Department": "Finance"} - is
Primary Boolean - A Boolean value that indicates whether the Vault is primary Vault or replica Vault.
- is
Vault BooleanReplicable - A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.
- management
Endpoint String - The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.
- replica
Details List<Property Map> - Vault replica details
- restore
From Property MapFile - (Updatable) Details where vault was backed up.
- restore
From Property MapObject Store - (Updatable) Details where vault was backed up
- restore
Trigger Boolean - restored
From StringVault Id - The OCID of the vault from which this vault was restored, if it was restored from a backup file. If you restore a vault to the same region, the vault retains the same OCID that it had when you backed up the vault.
- state String
- The vault's current lifecycle state. Example:
DELETED - time
Created String - The date and time this vault was created, expressed in RFC 3339 timestamp format. Example:
2018-04-03T21:10:29.600Z - time
Of StringDeletion (Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example:
2019-04-03T21:10:29.600Z** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- vault
Type - The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.
Supporting Types
VaultExternalKeyManagerMetadata, VaultExternalKeyManagerMetadataArgs
, VaultExternalKeyManagerMetadataArgs
- External
Vault Endpoint Url stringThis property is required. Changes to this property will trigger replacement. - URI of the vault on external key manager.
- Oauth
Metadata VaultThis property is required. Changes to this property will trigger replacement.External Key Manager Metadata Oauth Metadata - Authorization details required to get access token from IDP for accessing protected resources.
- Private
Endpoint Id stringThis property is required. Changes to this property will trigger replacement. - OCID of private endpoint created by customer.
- External
Vault Endpoint Url stringThis property is required. Changes to this property will trigger replacement. - URI of the vault on external key manager.
- Oauth
Metadata VaultThis property is required. Changes to this property will trigger replacement.External Key Manager Metadata Oauth Metadata - Authorization details required to get access token from IDP for accessing protected resources.
- Private
Endpoint Id stringThis property is required. Changes to this property will trigger replacement. - OCID of private endpoint created by customer.
- external
Vault Endpoint Url StringThis property is required. Changes to this property will trigger replacement. - URI of the vault on external key manager.
- oauth
Metadata VaultThis property is required. Changes to this property will trigger replacement.External Key Manager Metadata Oauth Metadata - Authorization details required to get access token from IDP for accessing protected resources.
- private
Endpoint Id StringThis property is required. Changes to this property will trigger replacement. - OCID of private endpoint created by customer.
- external
Vault Endpoint Url stringThis property is required. Changes to this property will trigger replacement. - URI of the vault on external key manager.
- oauth
Metadata VaultThis property is required. Changes to this property will trigger replacement.External Key Manager Metadata Oauth Metadata - Authorization details required to get access token from IDP for accessing protected resources.
- private
Endpoint Id stringThis property is required. Changes to this property will trigger replacement. - OCID of private endpoint created by customer.
- external_
vault_ endpoint_ url strThis property is required. Changes to this property will trigger replacement. - URI of the vault on external key manager.
- oauth_
metadata kms.This property is required. Changes to this property will trigger replacement.Vault External Key Manager Metadata Oauth Metadata - Authorization details required to get access token from IDP for accessing protected resources.
- private_
endpoint_ id strThis property is required. Changes to this property will trigger replacement. - OCID of private endpoint created by customer.
- external
Vault Endpoint Url StringThis property is required. Changes to this property will trigger replacement. - URI of the vault on external key manager.
- oauth
Metadata Property MapThis property is required. Changes to this property will trigger replacement. - Authorization details required to get access token from IDP for accessing protected resources.
- private
Endpoint Id StringThis property is required. Changes to this property will trigger replacement. - OCID of private endpoint created by customer.
VaultExternalKeyManagerMetadataOauthMetadata, VaultExternalKeyManagerMetadataOauthMetadataArgs
, VaultExternalKeyManagerMetadataOauthMetadataArgs
- Client
App Id stringThis property is required. Changes to this property will trigger replacement. - ID of the client app created in IDP.
- Client
App Secret stringThis property is required. Changes to this property will trigger replacement. - Secret of the client app created in IDP.
- Idcs
Account Name Url stringThis property is required. Changes to this property will trigger replacement. - Base URL of the IDCS account where confidential client app is created.
- Client
App Id stringThis property is required. Changes to this property will trigger replacement. - ID of the client app created in IDP.
- Client
App Secret stringThis property is required. Changes to this property will trigger replacement. - Secret of the client app created in IDP.
- Idcs
Account Name Url stringThis property is required. Changes to this property will trigger replacement. - Base URL of the IDCS account where confidential client app is created.
- client
App Id StringThis property is required. Changes to this property will trigger replacement. - ID of the client app created in IDP.
- client
App Secret StringThis property is required. Changes to this property will trigger replacement. - Secret of the client app created in IDP.
- idcs
Account Name Url StringThis property is required. Changes to this property will trigger replacement. - Base URL of the IDCS account where confidential client app is created.
- client
App Id stringThis property is required. Changes to this property will trigger replacement. - ID of the client app created in IDP.
- client
App Secret stringThis property is required. Changes to this property will trigger replacement. - Secret of the client app created in IDP.
- idcs
Account Name Url stringThis property is required. Changes to this property will trigger replacement. - Base URL of the IDCS account where confidential client app is created.
- client_
app_ id strThis property is required. Changes to this property will trigger replacement. - ID of the client app created in IDP.
- client_
app_ secret strThis property is required. Changes to this property will trigger replacement. - Secret of the client app created in IDP.
- idcs_
account_ name_ url strThis property is required. Changes to this property will trigger replacement. - Base URL of the IDCS account where confidential client app is created.
- client
App Id StringThis property is required. Changes to this property will trigger replacement. - ID of the client app created in IDP.
- client
App Secret StringThis property is required. Changes to this property will trigger replacement. - Secret of the client app created in IDP.
- idcs
Account Name Url StringThis property is required. Changes to this property will trigger replacement. - Base URL of the IDCS account where confidential client app is created.
VaultExternalKeyManagerMetadataSummary, VaultExternalKeyManagerMetadataSummaryArgs
, VaultExternalKeyManagerMetadataSummaryArgs
- External
Vault stringEndpoint Url - URL of the vault on external key manager.
- Oauth
Metadata List<VaultSummaries External Key Manager Metadata Summary Oauth Metadata Summary> - Summary about authorization to be returned to the customer as a response.
- Private
Endpoint stringId - OCID of the private endpoint.
- Vendor string
- Vendor of the external key manager.
- External
Vault stringEndpoint Url - URL of the vault on external key manager.
- Oauth
Metadata []VaultSummaries External Key Manager Metadata Summary Oauth Metadata Summary - Summary about authorization to be returned to the customer as a response.
- Private
Endpoint stringId - OCID of the private endpoint.
- Vendor string
- Vendor of the external key manager.
- external
Vault StringEndpoint Url - URL of the vault on external key manager.
- oauth
Metadata List<VaultSummaries External Key Manager Metadata Summary Oauth Metadata Summary> - Summary about authorization to be returned to the customer as a response.
- private
Endpoint StringId - OCID of the private endpoint.
- vendor String
- Vendor of the external key manager.
- external
Vault stringEndpoint Url - URL of the vault on external key manager.
- oauth
Metadata VaultSummaries External Key Manager Metadata Summary Oauth Metadata Summary[] - Summary about authorization to be returned to the customer as a response.
- private
Endpoint stringId - OCID of the private endpoint.
- vendor string
- Vendor of the external key manager.
- external_
vault_ strendpoint_ url - URL of the vault on external key manager.
- oauth_
metadata_ Sequence[kms.summaries Vault External Key Manager Metadata Summary Oauth Metadata Summary] - Summary about authorization to be returned to the customer as a response.
- private_
endpoint_ strid - OCID of the private endpoint.
- vendor str
- Vendor of the external key manager.
- external
Vault StringEndpoint Url - URL of the vault on external key manager.
- oauth
Metadata List<Property Map>Summaries - Summary about authorization to be returned to the customer as a response.
- private
Endpoint StringId - OCID of the private endpoint.
- vendor String
- Vendor of the external key manager.
VaultExternalKeyManagerMetadataSummaryOauthMetadataSummary, VaultExternalKeyManagerMetadataSummaryOauthMetadataSummaryArgs
, VaultExternalKeyManagerMetadataSummaryOauthMetadataSummaryArgs
- Client
App stringId - ID of the client app created in IDP.
- Idcs
Account stringName Url - Base URL of the IDCS account where confidential client app is created.
- Client
App stringId - ID of the client app created in IDP.
- Idcs
Account stringName Url - Base URL of the IDCS account where confidential client app is created.
- client
App StringId - ID of the client app created in IDP.
- idcs
Account StringName Url - Base URL of the IDCS account where confidential client app is created.
- client
App stringId - ID of the client app created in IDP.
- idcs
Account stringName Url - Base URL of the IDCS account where confidential client app is created.
- client_
app_ strid - ID of the client app created in IDP.
- idcs_
account_ strname_ url - Base URL of the IDCS account where confidential client app is created.
- client
App StringId - ID of the client app created in IDP.
- idcs
Account StringName Url - Base URL of the IDCS account where confidential client app is created.
VaultReplicaDetail, VaultReplicaDetailArgs
, VaultReplicaDetailArgs
- Replication
Id string - ReplicationId associated with a vault operation
- Replication
Id string - ReplicationId associated with a vault operation
- replication
Id String - ReplicationId associated with a vault operation
- replication
Id string - ReplicationId associated with a vault operation
- replication_
id str - ReplicationId associated with a vault operation
- replication
Id String - ReplicationId associated with a vault operation
VaultRestoreFromFile, VaultRestoreFromFileArgs
, VaultRestoreFromFileArgs
- Content
Length This property is required. string - content length of vault's backup binary file
- Restore
Vault From File Details This property is required. string - Vault backup file content
- Content
Md5 string - (Updatable) content md5 hashed value of vault's backup file
- Content
Length This property is required. string - content length of vault's backup binary file
- Restore
Vault From File Details This property is required. string - Vault backup file content
- Content
Md5 string - (Updatable) content md5 hashed value of vault's backup file
- content
Length This property is required. String - content length of vault's backup binary file
- restore
Vault From File Details This property is required. String - Vault backup file content
- content
Md5 String - (Updatable) content md5 hashed value of vault's backup file
- content
Length This property is required. string - content length of vault's backup binary file
- restore
Vault From File Details This property is required. string - Vault backup file content
- content
Md5 string - (Updatable) content md5 hashed value of vault's backup file
- content_
length This property is required. str - content length of vault's backup binary file
- restore_
vault_ from_ file_ details This property is required. str - Vault backup file content
- content_
md5 str - (Updatable) content md5 hashed value of vault's backup file
- content
Length This property is required. String - content length of vault's backup binary file
- restore
Vault From File Details This property is required. String - Vault backup file content
- content
Md5 String - (Updatable) content md5 hashed value of vault's backup file
VaultRestoreFromObjectStore, VaultRestoreFromObjectStoreArgs
, VaultRestoreFromObjectStoreArgs
- Destination
This property is required. string - (Updatable) Type of backup to restore from. Values of "BUCKET", "PRE_AUTHENTICATED_REQUEST_URI" are supported
- Bucket string
- (Updatable) Name of the bucket where vault was backed up
- Namespace string
- (Updatable) Namespace of the bucket where vault was backed up
- Object string
- (Updatable) Object containing the backup
- Uri string
- (Updatable) Pre-authenticated-request-uri of the backup*
restore_trigger- (Optional) (Updatable) An optional property when flipped triggers restore from restore option provided in config file.
- Destination
This property is required. string - (Updatable) Type of backup to restore from. Values of "BUCKET", "PRE_AUTHENTICATED_REQUEST_URI" are supported
- Bucket string
- (Updatable) Name of the bucket where vault was backed up
- Namespace string
- (Updatable) Namespace of the bucket where vault was backed up
- Object string
- (Updatable) Object containing the backup
- Uri string
- (Updatable) Pre-authenticated-request-uri of the backup*
restore_trigger- (Optional) (Updatable) An optional property when flipped triggers restore from restore option provided in config file.
- destination
This property is required. String - (Updatable) Type of backup to restore from. Values of "BUCKET", "PRE_AUTHENTICATED_REQUEST_URI" are supported
- bucket String
- (Updatable) Name of the bucket where vault was backed up
- namespace String
- (Updatable) Namespace of the bucket where vault was backed up
- object String
- (Updatable) Object containing the backup
- uri String
- (Updatable) Pre-authenticated-request-uri of the backup*
restore_trigger- (Optional) (Updatable) An optional property when flipped triggers restore from restore option provided in config file.
- destination
This property is required. string - (Updatable) Type of backup to restore from. Values of "BUCKET", "PRE_AUTHENTICATED_REQUEST_URI" are supported
- bucket string
- (Updatable) Name of the bucket where vault was backed up
- namespace string
- (Updatable) Namespace of the bucket where vault was backed up
- object string
- (Updatable) Object containing the backup
- uri string
- (Updatable) Pre-authenticated-request-uri of the backup*
restore_trigger- (Optional) (Updatable) An optional property when flipped triggers restore from restore option provided in config file.
- destination
This property is required. str - (Updatable) Type of backup to restore from. Values of "BUCKET", "PRE_AUTHENTICATED_REQUEST_URI" are supported
- bucket str
- (Updatable) Name of the bucket where vault was backed up
- namespace str
- (Updatable) Namespace of the bucket where vault was backed up
- object str
- (Updatable) Object containing the backup
- uri str
- (Updatable) Pre-authenticated-request-uri of the backup*
restore_trigger- (Optional) (Updatable) An optional property when flipped triggers restore from restore option provided in config file.
- destination
This property is required. String - (Updatable) Type of backup to restore from. Values of "BUCKET", "PRE_AUTHENTICATED_REQUEST_URI" are supported
- bucket String
- (Updatable) Name of the bucket where vault was backed up
- namespace String
- (Updatable) Namespace of the bucket where vault was backed up
- object String
- (Updatable) Object containing the backup
- uri String
- (Updatable) Pre-authenticated-request-uri of the backup*
restore_trigger- (Optional) (Updatable) An optional property when flipped triggers restore from restore option provided in config file.
Import
Vaults can be imported using the id, e.g.
$ pulumi import oci:Kms/vault:Vault test_vault "id"
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- oci pulumi/pulumi-oci
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
ociTerraform Provider.