Creating a Vault

Create a vault.

• Console
• CLI
• API

• 1. Open the navigation menu, click Identity & Security, and then click Vault.
  2. Under List scope, select the compartment in which you want to create the vault.
  3. Click Create Vault.
  4. In the Create Vault dialog box, provide the following details:
     • If needed, select a different compartment in which you want to create the vault.
     • Enter a name for the vault.
     • Select Make it virtual private vault if you want a dedicated partition in a hardware security module (HSM).
       Note
       
       You cannot change the vault type after the vault is created.
  5. Click Show advanced options to add tags to the vault.
  6. If you have permissions to create a resource, then you also have permissions to apply free-form tags to that resource. To apply a defined tag, you must have permissions to use the tag namespace. For more information about tagging, see Resource Tags. If you're not sure whether to apply tags, skip this option (you can apply tags later) or ask your administrator.
  7. Choose one of the following options:
     • Click Create Vault.
     • Click Save as stack to save the resource definition as a Terraform configuration. For more information about saving stacks from resource definitions, see Creating a Stack from a Resource Creation Page.

• Open a command prompt and run oci kms management vault create to create a new vault:

  Note
  
  You cannot change the vault type after the vault is created.

  oci kms management vault create --compartment-id  <vault_name> 

  For example:

  
  oci kms management vault create vault-1

  For a complete list of parameters and values for CLI commands, see KMS CLI Command Reference.

• Run the CreateVault operation that uses the KMSVAULT API endpoint.

  Note
  
  Each region uses the KMSVAULT API endpoint for create, update, and list operations for vault. This endpoint is referred to as the control plane URL or secret management endpoint. Each region also has a unique endpoint for operations related to retrieving vault. This endpoint is known as the data plane URL or the secret retrieval endpoint. For regional endpoints, see the API Documentation.

  For information about using the API and signing requests, see REST API documentation and Security Credentials. For information about SDKs, see SDKs and the CLI.