Enabling a Vault Key
Enable a vault's master encryption key.
- Open the navigation menu, select Identity & Security, and then select Vault.
- Under List scope, select a compartment that contains the vault that has the key you want to enable.
- On the Vaults page, click the name of the vault to open its details page.
- Under Resources, click Master Encryption Keys and then click the name of the key to open its details page.
- Click Enable.
Open a command prompt and run
oci kms management key enable
to enable a key:oci kms management key enable --key-id <target_key_id> --endpoint <control_plane_url>
For example:
oci kms management key enable --key-id ocid1.key.region1.sea.exampleaaacu2.examplesmtpsuqmoy4m5cvblugmizcoeu2nfc6b3zfaux2lmqz245gezevsq --endpoint https://exampleaaacu2-management.kms.us-ashburn-1.oraclecloud.com
For a complete list of parameters and values for CLI commands, see KMS CLI Command Reference.
Run the EnableKey operation to enable the vault key using the KMSMANAGMENT endpoint.
Note
Each region uses the KMSMANAGMENT endpoint for managing keys. This endpoint is referred to as the control plane URL or vault management endpoint. For regional endpoints, see the API Documentation.