Creating a Boot Volume Encrypted with a Vault key
Learn how to create an encrypted boot volume in OCI using a master encryption key.
This task isn't available in the OCI Console.
Open a command prompt and run
oci bv boot-volume createto create a boot volume that is encrypted with a Vault service master encryption key:oci bv boot-volume create --display-name <volume_name> --compartment-id <target_compartment_id> --size-in-gbs <volume_size> --availability-domain <target_availability_domain> --kms-key-id <target_key_id>For example:
oci bv boot-volume create --display-name EncryptedBlockVolume --compartment-id ocid1.compartment.oc1..example1example25qrlpo4agcmothkbgqgmuz2zzum45ibplooqtabwk3zz --size-in-gbs 50 --availability-domain AAbC:US-ASHBURN-AD-1 --kms-key-id ocid1.key.region1.sea.exampleaaacu2.examplesmtpsuqmoy4m5cvblugmizcoeu2nfc6b3zfaux2lmqz245gezevsqFor a complete list of parameters and values for CLI commands, see KMS CLI Command Reference.
Use the CreateBootVolume API to create a boot volume using a vault key.
For information about using the API and signing requests, see REST API documentation and Security Credentials. For information about SDKs, see SDKs and the CLI.