Restoring a key

Restoring a vault key using the OCI Console and API interfaces.

    1. Open the navigation menu, select Identity & Security, and then select Vault.
    2. Under List Scope, in the Compartment list, click the name of the compartment of the vault that contains the key that you want to restore.
    3. From the list of vaults in the compartment, click the name of the vault. You must choose the same vault where the key was backed up originally. (If needed, also change the list scope to the compartment where the key was at the time of backup.)
    4. Click Master Encryption Keys, and then click Restore Key.
    5. Select a source. You can import a backup from an Existing Object Storage Bucket or a pre-authenticated Object Storage URL that you can write to. You can also Upload a File from your computer or a mapped network location.
    6. Do one of the following, depending on what you chose in the previous step:
      • Select a bucket from the dropdown menu. If needed, you can change the compartment to find a bucket in a different compartment. Then, specify the Backup Name. Avoid entering confidential information.
      • Click Object Storage URL, and then provide a pre-authenticated URL to an object.
    7. When you are finished, click Restore Key.
  • Use the oci kms management key restore command and required parameters to restore a key:

    oci kms management key restore --bucket-name <bucket_name> --from-json <json_input>

    See Advanced JSON Options for information on using JSON input with this command.

    For a complete list of parameters and values for CLI commands, see the CLI Command Reference.

  • Use the RestoreKeyFromFile API to restore a key from a backup file.

    For information about using the API and signing requests, see REST API documentation and Security Credentials. For information about SDKs, see SDKs and the CLI.