Key Management Vault Functions
Package: DBMS_CLOUD_OCI_KM_KMS_VAULT
BACKUP_VAULT Function
Backs up an encrypted file that contains all the metadata of a vault so that you can restore the vault later. You can backup a vault whether or not it contains keys. This operation only backs up the metadata of the vault, and does not include key metadata.
Syntax
FUNCTION backup_vault (
vault_id varchar2,
if_match varchar2 DEFAULT NULL,
opc_request_id varchar2 DEFAULT NULL,
opc_retry_token varchar2 DEFAULT NULL,
backup_vault_details dbms_cloud_oci_key_management_backup_vault_details_t DEFAULT NULL,
region varchar2 DEFAULT NULL,
endpoint varchar2 DEFAULT NULL,
credential_name varchar2 DEFAULT NULL
) RETURN dbms_cloud_oci_km_kms_vault_backup_vault_response_t;Parameters
| Parameter | Description |
|---|---|
|
|
(required) The OCID of the vault. |
|
|
(optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the `if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource's current etag value. |
|
|
(optional) Unique identifier for the request. If provided, the returned request ID will include this value. Otherwise, a random request ID will be generated by the service. |
|
|
(optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). |
|
|
(optional) BackupVaultDetails |
|
|
(optional) OCI region id. e.g us-phoenix-1 for US West (Phoenix). |
|
|
(optional) The endpoint of the service to call using this function. e.g https://kms.{region}.{secondLevelDomain}.If both endpoint and region are given, then endpoint takes precedence. |
|
|
(optional) The name of the credential for authenticating with the corresponding cloud native API. |
CANCEL_VAULT_DELETION Function
Cancels the scheduled deletion of the specified vault. Canceling a scheduled deletion restores the vault and all keys in it to their respective states from before their scheduled deletion. All keys that were scheduled for deletion prior to vault deletion retain their lifecycle state and time of deletion. As a provisioning operation, this call is subject to a Key Management limit that applies to the total number of requests across all provisioning write operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of provisioning write operations exceeds 10 requests per second for a given tenancy.
Syntax
FUNCTION cancel_vault_deletion (
vault_id varchar2,
if_match varchar2 DEFAULT NULL,
opc_request_id varchar2 DEFAULT NULL,
opc_retry_token varchar2 DEFAULT NULL,
region varchar2 DEFAULT NULL,
endpoint varchar2 DEFAULT NULL,
credential_name varchar2 DEFAULT NULL
) RETURN dbms_cloud_oci_km_kms_vault_cancel_vault_deletion_response_t;Parameters
| Parameter | Description |
|---|---|
|
|
(required) The OCID of the vault. |
|
|
(optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the `if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource's current etag value. |
|
|
(optional) Unique identifier for the request. If provided, the returned request ID will include this value. Otherwise, a random request ID will be generated by the service. |
|
|
(optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). |
|
|
(optional) OCI region id. e.g us-phoenix-1 for US West (Phoenix). |
|
|
(optional) The endpoint of the service to call using this function. e.g https://kms.{region}.{secondLevelDomain}.If both endpoint and region are given, then endpoint takes precedence. |
|
|
(optional) The name of the credential for authenticating with the corresponding cloud native API. |
CHANGE_VAULT_COMPARTMENT Function
Moves a vault into a different compartment within the same tenancy. For information about moving resources between compartments, see Moving Resources to a Different Compartment. When provided, if-match is checked against the ETag values of the resource. As a provisioning operation, this call is subject to a Key Management limit that applies to the total number of requests across all provisioning write operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of provisioning write operations exceeds 10 requests per second for a given tenancy.
Syntax
FUNCTION change_vault_compartment (
vault_id varchar2,
change_vault_compartment_details dbms_cloud_oci_key_management_change_vault_compartment_details_t,
if_match varchar2 DEFAULT NULL,
opc_request_id varchar2 DEFAULT NULL,
opc_retry_token varchar2 DEFAULT NULL,
region varchar2 DEFAULT NULL,
endpoint varchar2 DEFAULT NULL,
credential_name varchar2 DEFAULT NULL
) RETURN dbms_cloud_oci_km_kms_vault_change_vault_compartment_response_t;Parameters
| Parameter | Description |
|---|---|
|
|
(required) The OCID of the vault. |
|
|
(required) ChangeVaultCompartmentDetails |
|
|
(optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the `if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource's current etag value. |
|
|
(optional) Unique identifier for the request. If provided, the returned request ID will include this value. Otherwise, a random request ID will be generated by the service. |
|
|
(optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). |
|
|
(optional) OCI region id. e.g us-phoenix-1 for US West (Phoenix). |
|
|
(optional) The endpoint of the service to call using this function. e.g https://kms.{region}.{secondLevelDomain}.If both endpoint and region are given, then endpoint takes precedence. |
|
|
(optional) The name of the credential for authenticating with the corresponding cloud native API. |
CREATE_VAULT Function
Creates a new vault. The type of vault you create determines key placement, pricing, and available options. Options include storage isolation, a dedicated service endpoint instead of a shared service endpoint for API calls, and either a dedicated hardware security module (HSM) or a multitenant HSM. As a provisioning operation, this call is subject to a Key Management limit that applies to the total number of requests across all provisioning write operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of provisioning write operations exceeds 10 requests per second for a given tenancy.
Syntax
FUNCTION create_vault (
create_vault_details dbms_cloud_oci_key_management_create_vault_details_t,
opc_request_id varchar2 DEFAULT NULL,
opc_retry_token varchar2 DEFAULT NULL,
region varchar2 DEFAULT NULL,
endpoint varchar2 DEFAULT NULL,
credential_name varchar2 DEFAULT NULL
) RETURN dbms_cloud_oci_km_kms_vault_create_vault_response_t;Parameters
| Parameter | Description |
|---|---|
|
|
(required) CreateVaultDetails |
|
|
(optional) Unique identifier for the request. If provided, the returned request ID will include this value. Otherwise, a random request ID will be generated by the service. |
|
|
(optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). |
|
|
(optional) OCI region id. e.g us-phoenix-1 for US West (Phoenix). |
|
|
(optional) The endpoint of the service to call using this function. e.g https://kms.{region}.{secondLevelDomain}.If both endpoint and region are given, then endpoint takes precedence. |
|
|
(optional) The name of the credential for authenticating with the corresponding cloud native API. |
CREATE_VAULT_REPLICA Function
Creates a replica for the vault in another region in the same realm The API is a no-op if called for same region that a vault is already replicated to. 409 if called on a vault that is already replicated to a different region. Users need to delete existing replica first before calling it with a different region. As a provisioning operation, this call is subject to a Key Management limit that applies to the total number of requests across all provisioning write operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of provisioning write operations exceeds 10 requests per second for a given tenancy.
Syntax
FUNCTION create_vault_replica (
vault_id varchar2,
create_vault_replica_details dbms_cloud_oci_key_management_create_vault_replica_details_t,
if_match varchar2 DEFAULT NULL,
opc_request_id varchar2 DEFAULT NULL,
opc_retry_token varchar2 DEFAULT NULL,
region varchar2 DEFAULT NULL,
endpoint varchar2 DEFAULT NULL,
credential_name varchar2 DEFAULT NULL
) RETURN dbms_cloud_oci_km_kms_vault_create_vault_replica_response_t;Parameters
| Parameter | Description |
|---|---|
|
|
(required) The OCID of the vault. |
|
|
(required) CreateVaultReplicaDetails |
|
|
(optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the `if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource's current etag value. |
|
|
(optional) Unique identifier for the request. If provided, the returned request ID will include this value. Otherwise, a random request ID will be generated by the service. |
|
|
(optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). |
|
|
(optional) OCI region id. e.g us-phoenix-1 for US West (Phoenix). |
|
|
(optional) The endpoint of the service to call using this function. e.g https://kms.{region}.{secondLevelDomain}.If both endpoint and region are given, then endpoint takes precedence. |
|
|
(optional) The name of the credential for authenticating with the corresponding cloud native API. |
DELETE_VAULT_REPLICA Function
Deletes a vault replica As a provisioning operation, this call is subject to a Key Management limit that applies to the total number of requests across all provisioning write operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of provisioning write operations exceeds 10 requests per second for a given tenancy.
Syntax
FUNCTION delete_vault_replica (
vault_id varchar2,
delete_vault_replica_details dbms_cloud_oci_key_management_delete_vault_replica_details_t,
if_match varchar2 DEFAULT NULL,
opc_request_id varchar2 DEFAULT NULL,
opc_retry_token varchar2 DEFAULT NULL,
region varchar2 DEFAULT NULL,
endpoint varchar2 DEFAULT NULL,
credential_name varchar2 DEFAULT NULL
) RETURN dbms_cloud_oci_km_kms_vault_delete_vault_replica_response_t;Parameters
| Parameter | Description |
|---|---|
|
|
(required) The OCID of the vault. |
|
|
(required) DeleteVaultReplicaDetails |
|
|
(optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the `if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource's current etag value. |
|
|
(optional) Unique identifier for the request. If provided, the returned request ID will include this value. Otherwise, a random request ID will be generated by the service. |
|
|
(optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). |
|
|
(optional) OCI region id. e.g us-phoenix-1 for US West (Phoenix). |
|
|
(optional) The endpoint of the service to call using this function. e.g https://kms.{region}.{secondLevelDomain}.If both endpoint and region are given, then endpoint takes precedence. |
|
|
(optional) The name of the credential for authenticating with the corresponding cloud native API. |
GET_VAULT Function
Gets the specified vault's configuration information. As a provisioning operation, this call is subject to a Key Management limit that applies to the total number of requests across all provisioning read operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of provisioning read operations exceeds 10 requests per second for a given tenancy.
Syntax
FUNCTION get_vault (
vault_id varchar2,
opc_request_id varchar2 DEFAULT NULL,
region varchar2 DEFAULT NULL,
endpoint varchar2 DEFAULT NULL,
credential_name varchar2 DEFAULT NULL
) RETURN dbms_cloud_oci_km_kms_vault_get_vault_response_t;Parameters
| Parameter | Description |
|---|---|
|
|
(required) The OCID of the vault. |
|
|
(optional) Unique identifier for the request. If provided, the returned request ID will include this value. Otherwise, a random request ID will be generated by the service. |
|
|
(optional) OCI region id. e.g us-phoenix-1 for US West (Phoenix). |
|
|
(optional) The endpoint of the service to call using this function. e.g https://kms.{region}.{secondLevelDomain}.If both endpoint and region are given, then endpoint takes precedence. |
|
|
(optional) The name of the credential for authenticating with the corresponding cloud native API. |
GET_VAULT_USAGE Function
Gets the count of keys and key versions in the specified vault to calculate usage against service limits.
Syntax
FUNCTION get_vault_usage (
vault_id varchar2,
opc_request_id varchar2 DEFAULT NULL,
region varchar2 DEFAULT NULL,
endpoint varchar2 DEFAULT NULL,
credential_name varchar2 DEFAULT NULL
) RETURN dbms_cloud_oci_km_kms_vault_get_vault_usage_response_t;Parameters
| Parameter | Description |
|---|---|
|
|
(required) The OCID of the vault. |
|
|
(optional) Unique identifier for the request. If provided, the returned request ID will include this value. Otherwise, a random request ID will be generated by the service. |
|
|
(optional) OCI region id. e.g us-phoenix-1 for US West (Phoenix). |
|
|
(optional) The endpoint of the service to call using this function. e.g https://kms.{region}.{secondLevelDomain}.If both endpoint and region are given, then endpoint takes precedence. |
|
|
(optional) The name of the credential for authenticating with the corresponding cloud native API. |
LIST_VAULT_REPLICAS Function
Lists the replicas for a vault As a provisioning operation, this call is subject to a Key Management limit that applies to the total number of requests across all provisioning write operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of provisioning write operations exceeds 10 requests per second for a given tenancy.
Syntax
FUNCTION list_vault_replicas (
vault_id varchar2,
if_match varchar2 DEFAULT NULL,
limit number DEFAULT NULL,
page varchar2 DEFAULT NULL,
opc_request_id varchar2 DEFAULT NULL,
opc_retry_token varchar2 DEFAULT NULL,
sort_by varchar2 DEFAULT NULL,
sort_order varchar2 DEFAULT NULL,
region varchar2 DEFAULT NULL,
endpoint varchar2 DEFAULT NULL,
credential_name varchar2 DEFAULT NULL
) RETURN dbms_cloud_oci_km_kms_vault_list_vault_replicas_response_t;Parameters
| Parameter | Description |
|---|---|
|
|
(required) The OCID of the vault. |
|
|
(optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the `if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource's current etag value. |
|
|
(optional) The maximum number of items to return in a paginated \"List\" call. |
|
|
(optional) The value of the `opc-next-page` response header from the previous \"List\" call. |
|
|
(optional) Unique identifier for the request. If provided, the returned request ID will include this value. Otherwise, a random request ID will be generated by the service. |
|
|
(optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). |
|
|
(optional) The field to sort by. You can specify only one sort order. The default order for `TIMECREATED` is descending. The default order for `DISPLAYNAME` is ascending. Allowed values are: 'TIMECREATED', 'DISPLAYNAME' |
|
|
(optional) The sort order to use, either ascending (`ASC`) or descending (`DESC`). Allowed values are: 'ASC', 'DESC' |
|
|
(optional) OCI region id. e.g us-phoenix-1 for US West (Phoenix). |
|
|
(optional) The endpoint of the service to call using this function. e.g https://kms.{region}.{secondLevelDomain}.If both endpoint and region are given, then endpoint takes precedence. |
|
|
(optional) The name of the credential for authenticating with the corresponding cloud native API. |
LIST_VAULTS Function
Lists the vaults in the specified compartment. As a provisioning operation, this call is subject to a Key Management limit that applies to the total number of requests across all provisioning read operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of provisioning read operations exceeds 10 requests per second for a given tenancy.
Syntax
FUNCTION list_vaults (
compartment_id varchar2,
limit number DEFAULT NULL,
page varchar2 DEFAULT NULL,
opc_request_id varchar2 DEFAULT NULL,
sort_by varchar2 DEFAULT NULL,
sort_order varchar2 DEFAULT NULL,
region varchar2 DEFAULT NULL,
endpoint varchar2 DEFAULT NULL,
credential_name varchar2 DEFAULT NULL
) RETURN dbms_cloud_oci_km_kms_vault_list_vaults_response_t;Parameters
| Parameter | Description |
|---|---|
|
|
(required) The OCID of the compartment. |
|
|
(optional) The maximum number of items to return in a paginated \"List\" call. |
|
|
(optional) The value of the `opc-next-page` response header from the previous \"List\" call. |
|
|
(optional) Unique identifier for the request. If provided, the returned request ID will include this value. Otherwise, a random request ID will be generated by the service. |
|
|
(optional) The field to sort by. You can specify only one sort order. The default order for `TIMECREATED` is descending. The default order for `DISPLAYNAME` is ascending. Allowed values are: 'TIMECREATED', 'DISPLAYNAME' |
|
|
(optional) The sort order to use, either ascending (`ASC`) or descending (`DESC`). Allowed values are: 'ASC', 'DESC' |
|
|
(optional) OCI region id. e.g us-phoenix-1 for US West (Phoenix). |
|
|
(optional) The endpoint of the service to call using this function. e.g https://kms.{region}.{secondLevelDomain}.If both endpoint and region are given, then endpoint takes precedence. |
|
|
(optional) The name of the credential for authenticating with the corresponding cloud native API. |
RESTORE_VAULT_FROM_FILE Function
Restores a vault from an encrypted backup file. If a vault with the same OCID already exists, this operation returns a response with a 409 HTTP status error code.
Syntax
FUNCTION restore_vault_from_file (
compartment_id varchar2,
content_length number DEFAULT NULL,
restore_vault_from_file_details blob,
if_match varchar2 DEFAULT NULL,
content_md5 varchar2 DEFAULT NULL,
opc_request_id varchar2 DEFAULT NULL,
opc_retry_token varchar2 DEFAULT NULL,
region varchar2 DEFAULT NULL,
endpoint varchar2 DEFAULT NULL,
credential_name varchar2 DEFAULT NULL
) RETURN dbms_cloud_oci_km_kms_vault_restore_vault_from_file_response_t;Parameters
| Parameter | Description |
|---|---|
|
|
(required) The OCID of the compartment. |
|
|
(optional) The content length of the body. |
|
|
(required) The encrypted backup file to upload to restore the vault. |
|
|
(optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the `if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource's current etag value. |
|
|
(optional) The base64-encoded MD5 hash value of the body, as described in RFC 2616, section 14.15. If the Content-MD5 header is present, Key Management performs an integrity check on the body of the HTTP request by computing the MD5 hash for the body and comparing it to the MD5 hash supplied in the header. If the two hashes don't match, the object is rejected and a response with 400 Unmatched Content MD5 error is returned, along with the message: \"The computed MD5 of the request body (ACTUAL_MD5) does not match the Content-MD5 header (HEADER_MD5).\" |
|
|
(optional) Unique identifier for the request. If provided, the returned request ID will include this value. Otherwise, a random request ID will be generated by the service. |
|
|
(optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). |
|
|
(optional) OCI region id. e.g us-phoenix-1 for US West (Phoenix). |
|
|
(optional) The endpoint of the service to call using this function. e.g https://kms.{region}.{secondLevelDomain}.If both endpoint and region are given, then endpoint takes precedence. |
|
|
(optional) The name of the credential for authenticating with the corresponding cloud native API. |
RESTORE_VAULT_FROM_OBJECT_STORE Function
Restores a vault from an encrypted backup file stored in Oracle Cloud Infrastructure Object Storage. If a vault with the same OCID already exists, this operation returns a response with a 409 HTTP status error code.
Syntax
FUNCTION restore_vault_from_object_store (
compartment_id varchar2,
if_match varchar2 DEFAULT NULL,
opc_request_id varchar2 DEFAULT NULL,
opc_retry_token varchar2 DEFAULT NULL,
restore_vault_from_object_store_details dbms_cloud_oci_key_management_restore_vault_from_object_store_details_t DEFAULT NULL,
region varchar2 DEFAULT NULL,
endpoint varchar2 DEFAULT NULL,
credential_name varchar2 DEFAULT NULL
) RETURN dbms_cloud_oci_km_kms_vault_restore_vault_from_object_store_response_t;Parameters
| Parameter | Description |
|---|---|
|
|
(required) The OCID of the compartment. |
|
|
(optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the `if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource's current etag value. |
|
|
(optional) Unique identifier for the request. If provided, the returned request ID will include this value. Otherwise, a random request ID will be generated by the service. |
|
|
(optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). |
|
|
(optional) RestoreVaultFromObjectStoreDetails |
|
|
(optional) OCI region id. e.g us-phoenix-1 for US West (Phoenix). |
|
|
(optional) The endpoint of the service to call using this function. e.g https://kms.{region}.{secondLevelDomain}.If both endpoint and region are given, then endpoint takes precedence. |
|
|
(optional) The name of the credential for authenticating with the corresponding cloud native API. |
SCHEDULE_VAULT_DELETION Function
Schedules the deletion of the specified vault. This sets the lifecycle state of the vault and all keys in it that are not already scheduled for deletion to `PENDING_DELETION` and then deletes them after the retention period ends. The lifecycle state and time of deletion for keys already scheduled for deletion won't change. If any keys in the vault are scheduled to be deleted after the specified time of deletion for the vault, the call is rejected with the error code 409. As a provisioning operation, this call is subject to a Key Management limit that applies to the total number of requests across all provisioning write operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of provisioning write operations exceeds 10 requests per second for a given tenancy.
Syntax
FUNCTION schedule_vault_deletion (
vault_id varchar2,
schedule_vault_deletion_details dbms_cloud_oci_key_management_schedule_vault_deletion_details_t,
if_match varchar2 DEFAULT NULL,
opc_request_id varchar2 DEFAULT NULL,
opc_retry_token varchar2 DEFAULT NULL,
region varchar2 DEFAULT NULL,
endpoint varchar2 DEFAULT NULL,
credential_name varchar2 DEFAULT NULL
) RETURN dbms_cloud_oci_km_kms_vault_schedule_vault_deletion_response_t;Parameters
| Parameter | Description |
|---|---|
|
|
(required) The OCID of the vault. |
|
|
(required) ScheduleVaultDeletionDetails |
|
|
(optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the `if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource's current etag value. |
|
|
(optional) Unique identifier for the request. If provided, the returned request ID will include this value. Otherwise, a random request ID will be generated by the service. |
|
|
(optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected). |
|
|
(optional) OCI region id. e.g us-phoenix-1 for US West (Phoenix). |
|
|
(optional) The endpoint of the service to call using this function. e.g https://kms.{region}.{secondLevelDomain}.If both endpoint and region are given, then endpoint takes precedence. |
|
|
(optional) The name of the credential for authenticating with the corresponding cloud native API. |
UPDATE_VAULT Function
Updates the properties of a vault. Specifically, you can update the `displayName`, `freeformTags`, and `definedTags` properties. Furthermore, the vault must be in an ACTIVE or CREATING state to be updated. As a provisioning operation, this call is subject to a Key Management limit that applies to the total number of requests across all provisioning write operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of provisioning write operations exceeds 10 requests per second for a given tenancy.
Syntax
FUNCTION update_vault (
vault_id varchar2,
update_vault_details dbms_cloud_oci_key_management_update_vault_details_t,
if_match varchar2 DEFAULT NULL,
opc_request_id varchar2 DEFAULT NULL,
region varchar2 DEFAULT NULL,
endpoint varchar2 DEFAULT NULL,
credential_name varchar2 DEFAULT NULL
) RETURN dbms_cloud_oci_km_kms_vault_update_vault_response_t;Parameters
| Parameter | Description |
|---|---|
|
|
(required) The OCID of the vault. |
|
|
(required) UpdateVaultDetails |
|
|
(optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the `if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource's current etag value. |
|
|
(optional) Unique identifier for the request. If provided, the returned request ID will include this value. Otherwise, a random request ID will be generated by the service. |
|
|
(optional) OCI region id. e.g us-phoenix-1 for US West (Phoenix). |
|
|
(optional) The endpoint of the service to call using this function. e.g https://kms.{region}.{secondLevelDomain}.If both endpoint and region are given, then endpoint takes precedence. |
|
|
(optional) The name of the credential for authenticating with the corresponding cloud native API. |