1. Packages
  2. Oracle Cloud Infrastructure
  3. API Docs
  4. Kms
  5. Vault
Oracle Cloud Infrastructure v2.17.0 published on Friday, Nov 15, 2024 by Pulumi

oci.Kms.Vault

Explore with Pulumi AI

oci logo
Oracle Cloud Infrastructure v2.17.0 published on Friday, Nov 15, 2024 by Pulumi

    This resource provides the Vault resource in Oracle Cloud Infrastructure Kms service.

    Creates a new vault. The type of vault you create determines key placement, pricing, and available options. Options include storage isolation, a dedicated service endpoint instead of a shared service endpoint for API calls, and either a dedicated hardware security module (HSM) or a multitenant HSM.

    As a provisioning operation, this call is subject to a Key Management limit that applies to the total number of requests across all provisioning write operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of provisioning write operations exceeds 10 requests per second for a given tenancy.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as oci from "@pulumi/oci";
    
    const testVault = new oci.kms.Vault("test_vault", {
        compartmentId: compartmentId,
        displayName: vaultDisplayName,
        vaultType: vaultVaultType,
        definedTags: {
            "Operations.CostCenter": "42",
        },
        externalKeyManagerMetadata: {
            externalVaultEndpointUrl: vaultExternalKeyManagerMetadataExternalVaultEndpointUrl,
            oauthMetadata: {
                clientAppId: testClientApp.id,
                clientAppSecret: vaultExternalKeyManagerMetadataOauthMetadataClientAppSecret,
                idcsAccountNameUrl: vaultExternalKeyManagerMetadataOauthMetadataIdcsAccountNameUrl,
            },
            privateEndpointId: testPrivateEndpoint.id,
        },
        freeformTags: {
            Department: "Finance",
        },
    });
    
    import pulumi
    import pulumi_oci as oci
    
    test_vault = oci.kms.Vault("test_vault",
        compartment_id=compartment_id,
        display_name=vault_display_name,
        vault_type=vault_vault_type,
        defined_tags={
            "Operations.CostCenter": "42",
        },
        external_key_manager_metadata={
            "external_vault_endpoint_url": vault_external_key_manager_metadata_external_vault_endpoint_url,
            "oauth_metadata": {
                "client_app_id": test_client_app["id"],
                "client_app_secret": vault_external_key_manager_metadata_oauth_metadata_client_app_secret,
                "idcs_account_name_url": vault_external_key_manager_metadata_oauth_metadata_idcs_account_name_url,
            },
            "private_endpoint_id": test_private_endpoint["id"],
        },
        freeform_tags={
            "Department": "Finance",
        })
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-oci/sdk/v2/go/oci/Kms"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := Kms.NewVault(ctx, "test_vault", &Kms.VaultArgs{
    			CompartmentId: pulumi.Any(compartmentId),
    			DisplayName:   pulumi.Any(vaultDisplayName),
    			VaultType:     pulumi.Any(vaultVaultType),
    			DefinedTags: pulumi.StringMap{
    				"Operations.CostCenter": pulumi.String("42"),
    			},
    			ExternalKeyManagerMetadata: &kms.VaultExternalKeyManagerMetadataArgs{
    				ExternalVaultEndpointUrl: pulumi.Any(vaultExternalKeyManagerMetadataExternalVaultEndpointUrl),
    				OauthMetadata: &kms.VaultExternalKeyManagerMetadataOauthMetadataArgs{
    					ClientAppId:        pulumi.Any(testClientApp.Id),
    					ClientAppSecret:    pulumi.Any(vaultExternalKeyManagerMetadataOauthMetadataClientAppSecret),
    					IdcsAccountNameUrl: pulumi.Any(vaultExternalKeyManagerMetadataOauthMetadataIdcsAccountNameUrl),
    				},
    				PrivateEndpointId: pulumi.Any(testPrivateEndpoint.Id),
    			},
    			FreeformTags: pulumi.StringMap{
    				"Department": pulumi.String("Finance"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Oci = Pulumi.Oci;
    
    return await Deployment.RunAsync(() => 
    {
        var testVault = new Oci.Kms.Vault("test_vault", new()
        {
            CompartmentId = compartmentId,
            DisplayName = vaultDisplayName,
            VaultType = vaultVaultType,
            DefinedTags = 
            {
                { "Operations.CostCenter", "42" },
            },
            ExternalKeyManagerMetadata = new Oci.Kms.Inputs.VaultExternalKeyManagerMetadataArgs
            {
                ExternalVaultEndpointUrl = vaultExternalKeyManagerMetadataExternalVaultEndpointUrl,
                OauthMetadata = new Oci.Kms.Inputs.VaultExternalKeyManagerMetadataOauthMetadataArgs
                {
                    ClientAppId = testClientApp.Id,
                    ClientAppSecret = vaultExternalKeyManagerMetadataOauthMetadataClientAppSecret,
                    IdcsAccountNameUrl = vaultExternalKeyManagerMetadataOauthMetadataIdcsAccountNameUrl,
                },
                PrivateEndpointId = testPrivateEndpoint.Id,
            },
            FreeformTags = 
            {
                { "Department", "Finance" },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.oci.Kms.Vault;
    import com.pulumi.oci.Kms.VaultArgs;
    import com.pulumi.oci.Kms.inputs.VaultExternalKeyManagerMetadataArgs;
    import com.pulumi.oci.Kms.inputs.VaultExternalKeyManagerMetadataOauthMetadataArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var testVault = new Vault("testVault", VaultArgs.builder()
                .compartmentId(compartmentId)
                .displayName(vaultDisplayName)
                .vaultType(vaultVaultType)
                .definedTags(Map.of("Operations.CostCenter", "42"))
                .externalKeyManagerMetadata(VaultExternalKeyManagerMetadataArgs.builder()
                    .externalVaultEndpointUrl(vaultExternalKeyManagerMetadataExternalVaultEndpointUrl)
                    .oauthMetadata(VaultExternalKeyManagerMetadataOauthMetadataArgs.builder()
                        .clientAppId(testClientApp.id())
                        .clientAppSecret(vaultExternalKeyManagerMetadataOauthMetadataClientAppSecret)
                        .idcsAccountNameUrl(vaultExternalKeyManagerMetadataOauthMetadataIdcsAccountNameUrl)
                        .build())
                    .privateEndpointId(testPrivateEndpoint.id())
                    .build())
                .freeformTags(Map.of("Department", "Finance"))
                .build());
    
        }
    }
    
    resources:
      testVault:
        type: oci:Kms:Vault
        name: test_vault
        properties:
          compartmentId: ${compartmentId}
          displayName: ${vaultDisplayName}
          vaultType: ${vaultVaultType}
          definedTags:
            Operations.CostCenter: '42'
          externalKeyManagerMetadata:
            externalVaultEndpointUrl: ${vaultExternalKeyManagerMetadataExternalVaultEndpointUrl}
            oauthMetadata:
              clientAppId: ${testClientApp.id}
              clientAppSecret: ${vaultExternalKeyManagerMetadataOauthMetadataClientAppSecret}
              idcsAccountNameUrl: ${vaultExternalKeyManagerMetadataOauthMetadataIdcsAccountNameUrl}
            privateEndpointId: ${testPrivateEndpoint.id}
          freeformTags:
            Department: Finance
    

    Create Vault Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Vault(name: string, args: VaultArgs, opts?: CustomResourceOptions);
    @overload
    def Vault(resource_name: str,
              args: VaultArgs,
              opts: Optional[ResourceOptions] = None)
    
    @overload
    def Vault(resource_name: str,
              opts: Optional[ResourceOptions] = None,
              compartment_id: Optional[str] = None,
              display_name: Optional[str] = None,
              vault_type: Optional[str] = None,
              defined_tags: Optional[Mapping[str, str]] = None,
              external_key_manager_metadata: Optional[_kms.VaultExternalKeyManagerMetadataArgs] = None,
              freeform_tags: Optional[Mapping[str, str]] = None,
              restore_from_file: Optional[_kms.VaultRestoreFromFileArgs] = None,
              restore_from_object_store: Optional[_kms.VaultRestoreFromObjectStoreArgs] = None,
              restore_trigger: Optional[bool] = None,
              time_of_deletion: Optional[str] = None)
    func NewVault(ctx *Context, name string, args VaultArgs, opts ...ResourceOption) (*Vault, error)
    public Vault(string name, VaultArgs args, CustomResourceOptions? opts = null)
    public Vault(String name, VaultArgs args)
    public Vault(String name, VaultArgs args, CustomResourceOptions options)
    
    type: oci:Kms:Vault
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args VaultArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args VaultArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args VaultArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args VaultArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args VaultArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var vaultResource = new Oci.Kms.Vault("vaultResource", new()
    {
        CompartmentId = "string",
        DisplayName = "string",
        VaultType = "string",
        DefinedTags = 
        {
            { "string", "string" },
        },
        ExternalKeyManagerMetadata = new Oci.Kms.Inputs.VaultExternalKeyManagerMetadataArgs
        {
            ExternalVaultEndpointUrl = "string",
            OauthMetadata = new Oci.Kms.Inputs.VaultExternalKeyManagerMetadataOauthMetadataArgs
            {
                ClientAppId = "string",
                ClientAppSecret = "string",
                IdcsAccountNameUrl = "string",
            },
            PrivateEndpointId = "string",
        },
        FreeformTags = 
        {
            { "string", "string" },
        },
        RestoreFromFile = new Oci.Kms.Inputs.VaultRestoreFromFileArgs
        {
            ContentLength = "string",
            RestoreVaultFromFileDetails = "string",
            ContentMd5 = "string",
        },
        RestoreFromObjectStore = new Oci.Kms.Inputs.VaultRestoreFromObjectStoreArgs
        {
            Destination = "string",
            Bucket = "string",
            Namespace = "string",
            Object = "string",
            Uri = "string",
        },
        RestoreTrigger = false,
        TimeOfDeletion = "string",
    });
    
    example, err := Kms.NewVault(ctx, "vaultResource", &Kms.VaultArgs{
    	CompartmentId: pulumi.String("string"),
    	DisplayName:   pulumi.String("string"),
    	VaultType:     pulumi.String("string"),
    	DefinedTags: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    	ExternalKeyManagerMetadata: &kms.VaultExternalKeyManagerMetadataArgs{
    		ExternalVaultEndpointUrl: pulumi.String("string"),
    		OauthMetadata: &kms.VaultExternalKeyManagerMetadataOauthMetadataArgs{
    			ClientAppId:        pulumi.String("string"),
    			ClientAppSecret:    pulumi.String("string"),
    			IdcsAccountNameUrl: pulumi.String("string"),
    		},
    		PrivateEndpointId: pulumi.String("string"),
    	},
    	FreeformTags: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    	RestoreFromFile: &kms.VaultRestoreFromFileArgs{
    		ContentLength:               pulumi.String("string"),
    		RestoreVaultFromFileDetails: pulumi.String("string"),
    		ContentMd5:                  pulumi.String("string"),
    	},
    	RestoreFromObjectStore: &kms.VaultRestoreFromObjectStoreArgs{
    		Destination: pulumi.String("string"),
    		Bucket:      pulumi.String("string"),
    		Namespace:   pulumi.String("string"),
    		Object:      pulumi.String("string"),
    		Uri:         pulumi.String("string"),
    	},
    	RestoreTrigger: pulumi.Bool(false),
    	TimeOfDeletion: pulumi.String("string"),
    })
    
    var vaultResource = new Vault("vaultResource", VaultArgs.builder()
        .compartmentId("string")
        .displayName("string")
        .vaultType("string")
        .definedTags(Map.of("string", "string"))
        .externalKeyManagerMetadata(VaultExternalKeyManagerMetadataArgs.builder()
            .externalVaultEndpointUrl("string")
            .oauthMetadata(VaultExternalKeyManagerMetadataOauthMetadataArgs.builder()
                .clientAppId("string")
                .clientAppSecret("string")
                .idcsAccountNameUrl("string")
                .build())
            .privateEndpointId("string")
            .build())
        .freeformTags(Map.of("string", "string"))
        .restoreFromFile(VaultRestoreFromFileArgs.builder()
            .contentLength("string")
            .restoreVaultFromFileDetails("string")
            .contentMd5("string")
            .build())
        .restoreFromObjectStore(VaultRestoreFromObjectStoreArgs.builder()
            .destination("string")
            .bucket("string")
            .namespace("string")
            .object("string")
            .uri("string")
            .build())
        .restoreTrigger(false)
        .timeOfDeletion("string")
        .build());
    
    vault_resource = oci.kms.Vault("vaultResource",
        compartment_id="string",
        display_name="string",
        vault_type="string",
        defined_tags={
            "string": "string",
        },
        external_key_manager_metadata={
            "external_vault_endpoint_url": "string",
            "oauth_metadata": {
                "client_app_id": "string",
                "client_app_secret": "string",
                "idcs_account_name_url": "string",
            },
            "private_endpoint_id": "string",
        },
        freeform_tags={
            "string": "string",
        },
        restore_from_file={
            "content_length": "string",
            "restore_vault_from_file_details": "string",
            "content_md5": "string",
        },
        restore_from_object_store={
            "destination": "string",
            "bucket": "string",
            "namespace": "string",
            "object": "string",
            "uri": "string",
        },
        restore_trigger=False,
        time_of_deletion="string")
    
    const vaultResource = new oci.kms.Vault("vaultResource", {
        compartmentId: "string",
        displayName: "string",
        vaultType: "string",
        definedTags: {
            string: "string",
        },
        externalKeyManagerMetadata: {
            externalVaultEndpointUrl: "string",
            oauthMetadata: {
                clientAppId: "string",
                clientAppSecret: "string",
                idcsAccountNameUrl: "string",
            },
            privateEndpointId: "string",
        },
        freeformTags: {
            string: "string",
        },
        restoreFromFile: {
            contentLength: "string",
            restoreVaultFromFileDetails: "string",
            contentMd5: "string",
        },
        restoreFromObjectStore: {
            destination: "string",
            bucket: "string",
            namespace: "string",
            object: "string",
            uri: "string",
        },
        restoreTrigger: false,
        timeOfDeletion: "string",
    });
    
    type: oci:Kms:Vault
    properties:
        compartmentId: string
        definedTags:
            string: string
        displayName: string
        externalKeyManagerMetadata:
            externalVaultEndpointUrl: string
            oauthMetadata:
                clientAppId: string
                clientAppSecret: string
                idcsAccountNameUrl: string
            privateEndpointId: string
        freeformTags:
            string: string
        restoreFromFile:
            contentLength: string
            contentMd5: string
            restoreVaultFromFileDetails: string
        restoreFromObjectStore:
            bucket: string
            destination: string
            namespace: string
            object: string
            uri: string
        restoreTrigger: false
        timeOfDeletion: string
        vaultType: string
    

    Vault Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The Vault resource accepts the following input properties:

    CompartmentId string
    (Updatable) The OCID of the compartment where you want to create this vault.
    DisplayName string
    (Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.
    VaultType string
    The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.
    DefinedTags Dictionary<string, string>
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
    ExternalKeyManagerMetadata VaultExternalKeyManagerMetadata
    Metadata required for accessing External Key manager
    FreeformTags Dictionary<string, string>
    (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
    RestoreFromFile VaultRestoreFromFile
    (Updatable) Details where vault was backed up.
    RestoreFromObjectStore VaultRestoreFromObjectStore
    (Updatable) Details where vault was backed up
    RestoreTrigger bool
    TimeOfDeletion string

    (Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    CompartmentId string
    (Updatable) The OCID of the compartment where you want to create this vault.
    DisplayName string
    (Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.
    VaultType string
    The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.
    DefinedTags map[string]string
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
    ExternalKeyManagerMetadata VaultExternalKeyManagerMetadataArgs
    Metadata required for accessing External Key manager
    FreeformTags map[string]string
    (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
    RestoreFromFile VaultRestoreFromFileArgs
    (Updatable) Details where vault was backed up.
    RestoreFromObjectStore VaultRestoreFromObjectStoreArgs
    (Updatable) Details where vault was backed up
    RestoreTrigger bool
    TimeOfDeletion string

    (Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    compartmentId String
    (Updatable) The OCID of the compartment where you want to create this vault.
    displayName String
    (Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.
    vaultType String
    The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.
    definedTags Map<String,String>
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
    externalKeyManagerMetadata VaultExternalKeyManagerMetadata
    Metadata required for accessing External Key manager
    freeformTags Map<String,String>
    (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
    restoreFromFile VaultRestoreFromFile
    (Updatable) Details where vault was backed up.
    restoreFromObjectStore VaultRestoreFromObjectStore
    (Updatable) Details where vault was backed up
    restoreTrigger Boolean
    timeOfDeletion String

    (Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    compartmentId string
    (Updatable) The OCID of the compartment where you want to create this vault.
    displayName string
    (Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.
    vaultType string
    The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.
    definedTags {[key: string]: string}
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
    externalKeyManagerMetadata VaultExternalKeyManagerMetadata
    Metadata required for accessing External Key manager
    freeformTags {[key: string]: string}
    (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
    restoreFromFile VaultRestoreFromFile
    (Updatable) Details where vault was backed up.
    restoreFromObjectStore VaultRestoreFromObjectStore
    (Updatable) Details where vault was backed up
    restoreTrigger boolean
    timeOfDeletion string

    (Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    compartment_id str
    (Updatable) The OCID of the compartment where you want to create this vault.
    display_name str
    (Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.
    vault_type str
    The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.
    defined_tags Mapping[str, str]
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
    external_key_manager_metadata kms.VaultExternalKeyManagerMetadataArgs
    Metadata required for accessing External Key manager
    freeform_tags Mapping[str, str]
    (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
    restore_from_file kms.VaultRestoreFromFileArgs
    (Updatable) Details where vault was backed up.
    restore_from_object_store kms.VaultRestoreFromObjectStoreArgs
    (Updatable) Details where vault was backed up
    restore_trigger bool
    time_of_deletion str

    (Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    compartmentId String
    (Updatable) The OCID of the compartment where you want to create this vault.
    displayName String
    (Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.
    vaultType String
    The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.
    definedTags Map<String>
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
    externalKeyManagerMetadata Property Map
    Metadata required for accessing External Key manager
    freeformTags Map<String>
    (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
    restoreFromFile Property Map
    (Updatable) Details where vault was backed up.
    restoreFromObjectStore Property Map
    (Updatable) Details where vault was backed up
    restoreTrigger Boolean
    timeOfDeletion String

    (Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Vault resource produces the following output properties:

    CryptoEndpoint string
    The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.
    ExternalKeyManagerMetadataSummaries List<VaultExternalKeyManagerMetadataSummary>
    Summary about metadata of external key manager to be returned to the customer as a response.
    Id string
    The provider-assigned unique ID for this managed resource.
    IsPrimary bool
    A Boolean value that indicates whether the Vault is primary Vault or replica Vault.
    IsVaultReplicable bool
    A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.
    ManagementEndpoint string
    The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.
    ReplicaDetails List<VaultReplicaDetail>
    Vault replica details
    RestoredFromVaultId string
    The OCID of the vault from which this vault was restored, if it was restored from a backup file. If you restore a vault to the same region, the vault retains the same OCID that it had when you backed up the vault.
    State string
    The vault's current lifecycle state. Example: DELETED
    TimeCreated string
    The date and time this vault was created, expressed in RFC 3339 timestamp format. Example: 2018-04-03T21:10:29.600Z
    CryptoEndpoint string
    The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.
    ExternalKeyManagerMetadataSummaries []VaultExternalKeyManagerMetadataSummary
    Summary about metadata of external key manager to be returned to the customer as a response.
    Id string
    The provider-assigned unique ID for this managed resource.
    IsPrimary bool
    A Boolean value that indicates whether the Vault is primary Vault or replica Vault.
    IsVaultReplicable bool
    A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.
    ManagementEndpoint string
    The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.
    ReplicaDetails []VaultReplicaDetail
    Vault replica details
    RestoredFromVaultId string
    The OCID of the vault from which this vault was restored, if it was restored from a backup file. If you restore a vault to the same region, the vault retains the same OCID that it had when you backed up the vault.
    State string
    The vault's current lifecycle state. Example: DELETED
    TimeCreated string
    The date and time this vault was created, expressed in RFC 3339 timestamp format. Example: 2018-04-03T21:10:29.600Z
    cryptoEndpoint String
    The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.
    externalKeyManagerMetadataSummaries List<VaultExternalKeyManagerMetadataSummary>
    Summary about metadata of external key manager to be returned to the customer as a response.
    id String
    The provider-assigned unique ID for this managed resource.
    isPrimary Boolean
    A Boolean value that indicates whether the Vault is primary Vault or replica Vault.
    isVaultReplicable Boolean
    A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.
    managementEndpoint String
    The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.
    replicaDetails List<VaultReplicaDetail>
    Vault replica details
    restoredFromVaultId String
    The OCID of the vault from which this vault was restored, if it was restored from a backup file. If you restore a vault to the same region, the vault retains the same OCID that it had when you backed up the vault.
    state String
    The vault's current lifecycle state. Example: DELETED
    timeCreated String
    The date and time this vault was created, expressed in RFC 3339 timestamp format. Example: 2018-04-03T21:10:29.600Z
    cryptoEndpoint string
    The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.
    externalKeyManagerMetadataSummaries VaultExternalKeyManagerMetadataSummary[]
    Summary about metadata of external key manager to be returned to the customer as a response.
    id string
    The provider-assigned unique ID for this managed resource.
    isPrimary boolean
    A Boolean value that indicates whether the Vault is primary Vault or replica Vault.
    isVaultReplicable boolean
    A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.
    managementEndpoint string
    The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.
    replicaDetails VaultReplicaDetail[]
    Vault replica details
    restoredFromVaultId string
    The OCID of the vault from which this vault was restored, if it was restored from a backup file. If you restore a vault to the same region, the vault retains the same OCID that it had when you backed up the vault.
    state string
    The vault's current lifecycle state. Example: DELETED
    timeCreated string
    The date and time this vault was created, expressed in RFC 3339 timestamp format. Example: 2018-04-03T21:10:29.600Z
    crypto_endpoint str
    The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.
    external_key_manager_metadata_summaries Sequence[kms.VaultExternalKeyManagerMetadataSummary]
    Summary about metadata of external key manager to be returned to the customer as a response.
    id str
    The provider-assigned unique ID for this managed resource.
    is_primary bool
    A Boolean value that indicates whether the Vault is primary Vault or replica Vault.
    is_vault_replicable bool
    A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.
    management_endpoint str
    The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.
    replica_details Sequence[kms.VaultReplicaDetail]
    Vault replica details
    restored_from_vault_id str
    The OCID of the vault from which this vault was restored, if it was restored from a backup file. If you restore a vault to the same region, the vault retains the same OCID that it had when you backed up the vault.
    state str
    The vault's current lifecycle state. Example: DELETED
    time_created str
    The date and time this vault was created, expressed in RFC 3339 timestamp format. Example: 2018-04-03T21:10:29.600Z
    cryptoEndpoint String
    The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.
    externalKeyManagerMetadataSummaries List<Property Map>
    Summary about metadata of external key manager to be returned to the customer as a response.
    id String
    The provider-assigned unique ID for this managed resource.
    isPrimary Boolean
    A Boolean value that indicates whether the Vault is primary Vault or replica Vault.
    isVaultReplicable Boolean
    A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.
    managementEndpoint String
    The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.
    replicaDetails List<Property Map>
    Vault replica details
    restoredFromVaultId String
    The OCID of the vault from which this vault was restored, if it was restored from a backup file. If you restore a vault to the same region, the vault retains the same OCID that it had when you backed up the vault.
    state String
    The vault's current lifecycle state. Example: DELETED
    timeCreated String
    The date and time this vault was created, expressed in RFC 3339 timestamp format. Example: 2018-04-03T21:10:29.600Z

    Look up Existing Vault Resource

    Get an existing Vault resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: VaultState, opts?: CustomResourceOptions): Vault
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            compartment_id: Optional[str] = None,
            crypto_endpoint: Optional[str] = None,
            defined_tags: Optional[Mapping[str, str]] = None,
            display_name: Optional[str] = None,
            external_key_manager_metadata: Optional[_kms.VaultExternalKeyManagerMetadataArgs] = None,
            external_key_manager_metadata_summaries: Optional[Sequence[_kms.VaultExternalKeyManagerMetadataSummaryArgs]] = None,
            freeform_tags: Optional[Mapping[str, str]] = None,
            is_primary: Optional[bool] = None,
            is_vault_replicable: Optional[bool] = None,
            management_endpoint: Optional[str] = None,
            replica_details: Optional[Sequence[_kms.VaultReplicaDetailArgs]] = None,
            restore_from_file: Optional[_kms.VaultRestoreFromFileArgs] = None,
            restore_from_object_store: Optional[_kms.VaultRestoreFromObjectStoreArgs] = None,
            restore_trigger: Optional[bool] = None,
            restored_from_vault_id: Optional[str] = None,
            state: Optional[str] = None,
            time_created: Optional[str] = None,
            time_of_deletion: Optional[str] = None,
            vault_type: Optional[str] = None) -> Vault
    func GetVault(ctx *Context, name string, id IDInput, state *VaultState, opts ...ResourceOption) (*Vault, error)
    public static Vault Get(string name, Input<string> id, VaultState? state, CustomResourceOptions? opts = null)
    public static Vault get(String name, Output<String> id, VaultState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    CompartmentId string
    (Updatable) The OCID of the compartment where you want to create this vault.
    CryptoEndpoint string
    The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.
    DefinedTags Dictionary<string, string>
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
    DisplayName string
    (Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.
    ExternalKeyManagerMetadata VaultExternalKeyManagerMetadata
    Metadata required for accessing External Key manager
    ExternalKeyManagerMetadataSummaries List<VaultExternalKeyManagerMetadataSummary>
    Summary about metadata of external key manager to be returned to the customer as a response.
    FreeformTags Dictionary<string, string>
    (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
    IsPrimary bool
    A Boolean value that indicates whether the Vault is primary Vault or replica Vault.
    IsVaultReplicable bool
    A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.
    ManagementEndpoint string
    The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.
    ReplicaDetails List<VaultReplicaDetail>
    Vault replica details
    RestoreFromFile VaultRestoreFromFile
    (Updatable) Details where vault was backed up.
    RestoreFromObjectStore VaultRestoreFromObjectStore
    (Updatable) Details where vault was backed up
    RestoreTrigger bool
    RestoredFromVaultId string
    The OCID of the vault from which this vault was restored, if it was restored from a backup file. If you restore a vault to the same region, the vault retains the same OCID that it had when you backed up the vault.
    State string
    The vault's current lifecycle state. Example: DELETED
    TimeCreated string
    The date and time this vault was created, expressed in RFC 3339 timestamp format. Example: 2018-04-03T21:10:29.600Z
    TimeOfDeletion string

    (Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    VaultType string
    The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.
    CompartmentId string
    (Updatable) The OCID of the compartment where you want to create this vault.
    CryptoEndpoint string
    The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.
    DefinedTags map[string]string
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
    DisplayName string
    (Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.
    ExternalKeyManagerMetadata VaultExternalKeyManagerMetadataArgs
    Metadata required for accessing External Key manager
    ExternalKeyManagerMetadataSummaries []VaultExternalKeyManagerMetadataSummaryArgs
    Summary about metadata of external key manager to be returned to the customer as a response.
    FreeformTags map[string]string
    (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
    IsPrimary bool
    A Boolean value that indicates whether the Vault is primary Vault or replica Vault.
    IsVaultReplicable bool
    A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.
    ManagementEndpoint string
    The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.
    ReplicaDetails []VaultReplicaDetailArgs
    Vault replica details
    RestoreFromFile VaultRestoreFromFileArgs
    (Updatable) Details where vault was backed up.
    RestoreFromObjectStore VaultRestoreFromObjectStoreArgs
    (Updatable) Details where vault was backed up
    RestoreTrigger bool
    RestoredFromVaultId string
    The OCID of the vault from which this vault was restored, if it was restored from a backup file. If you restore a vault to the same region, the vault retains the same OCID that it had when you backed up the vault.
    State string
    The vault's current lifecycle state. Example: DELETED
    TimeCreated string
    The date and time this vault was created, expressed in RFC 3339 timestamp format. Example: 2018-04-03T21:10:29.600Z
    TimeOfDeletion string

    (Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    VaultType string
    The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.
    compartmentId String
    (Updatable) The OCID of the compartment where you want to create this vault.
    cryptoEndpoint String
    The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.
    definedTags Map<String,String>
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
    displayName String
    (Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.
    externalKeyManagerMetadata VaultExternalKeyManagerMetadata
    Metadata required for accessing External Key manager
    externalKeyManagerMetadataSummaries List<VaultExternalKeyManagerMetadataSummary>
    Summary about metadata of external key manager to be returned to the customer as a response.
    freeformTags Map<String,String>
    (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
    isPrimary Boolean
    A Boolean value that indicates whether the Vault is primary Vault or replica Vault.
    isVaultReplicable Boolean
    A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.
    managementEndpoint String
    The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.
    replicaDetails List<VaultReplicaDetail>
    Vault replica details
    restoreFromFile VaultRestoreFromFile
    (Updatable) Details where vault was backed up.
    restoreFromObjectStore VaultRestoreFromObjectStore
    (Updatable) Details where vault was backed up
    restoreTrigger Boolean
    restoredFromVaultId String
    The OCID of the vault from which this vault was restored, if it was restored from a backup file. If you restore a vault to the same region, the vault retains the same OCID that it had when you backed up the vault.
    state String
    The vault's current lifecycle state. Example: DELETED
    timeCreated String
    The date and time this vault was created, expressed in RFC 3339 timestamp format. Example: 2018-04-03T21:10:29.600Z
    timeOfDeletion String

    (Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    vaultType String
    The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.
    compartmentId string
    (Updatable) The OCID of the compartment where you want to create this vault.
    cryptoEndpoint string
    The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.
    definedTags {[key: string]: string}
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
    displayName string
    (Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.
    externalKeyManagerMetadata VaultExternalKeyManagerMetadata
    Metadata required for accessing External Key manager
    externalKeyManagerMetadataSummaries VaultExternalKeyManagerMetadataSummary[]
    Summary about metadata of external key manager to be returned to the customer as a response.
    freeformTags {[key: string]: string}
    (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
    isPrimary boolean
    A Boolean value that indicates whether the Vault is primary Vault or replica Vault.
    isVaultReplicable boolean
    A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.
    managementEndpoint string
    The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.
    replicaDetails VaultReplicaDetail[]
    Vault replica details
    restoreFromFile VaultRestoreFromFile
    (Updatable) Details where vault was backed up.
    restoreFromObjectStore VaultRestoreFromObjectStore
    (Updatable) Details where vault was backed up
    restoreTrigger boolean
    restoredFromVaultId string
    The OCID of the vault from which this vault was restored, if it was restored from a backup file. If you restore a vault to the same region, the vault retains the same OCID that it had when you backed up the vault.
    state string
    The vault's current lifecycle state. Example: DELETED
    timeCreated string
    The date and time this vault was created, expressed in RFC 3339 timestamp format. Example: 2018-04-03T21:10:29.600Z
    timeOfDeletion string

    (Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    vaultType string
    The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.
    compartment_id str
    (Updatable) The OCID of the compartment where you want to create this vault.
    crypto_endpoint str
    The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.
    defined_tags Mapping[str, str]
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
    display_name str
    (Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.
    external_key_manager_metadata kms.VaultExternalKeyManagerMetadataArgs
    Metadata required for accessing External Key manager
    external_key_manager_metadata_summaries Sequence[kms.VaultExternalKeyManagerMetadataSummaryArgs]
    Summary about metadata of external key manager to be returned to the customer as a response.
    freeform_tags Mapping[str, str]
    (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
    is_primary bool
    A Boolean value that indicates whether the Vault is primary Vault or replica Vault.
    is_vault_replicable bool
    A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.
    management_endpoint str
    The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.
    replica_details Sequence[kms.VaultReplicaDetailArgs]
    Vault replica details
    restore_from_file kms.VaultRestoreFromFileArgs
    (Updatable) Details where vault was backed up.
    restore_from_object_store kms.VaultRestoreFromObjectStoreArgs
    (Updatable) Details where vault was backed up
    restore_trigger bool
    restored_from_vault_id str
    The OCID of the vault from which this vault was restored, if it was restored from a backup file. If you restore a vault to the same region, the vault retains the same OCID that it had when you backed up the vault.
    state str
    The vault's current lifecycle state. Example: DELETED
    time_created str
    The date and time this vault was created, expressed in RFC 3339 timestamp format. Example: 2018-04-03T21:10:29.600Z
    time_of_deletion str

    (Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    vault_type str
    The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.
    compartmentId String
    (Updatable) The OCID of the compartment where you want to create this vault.
    cryptoEndpoint String
    The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.
    definedTags Map<String>
    (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
    displayName String
    (Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.
    externalKeyManagerMetadata Property Map
    Metadata required for accessing External Key manager
    externalKeyManagerMetadataSummaries List<Property Map>
    Summary about metadata of external key manager to be returned to the customer as a response.
    freeformTags Map<String>
    (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
    isPrimary Boolean
    A Boolean value that indicates whether the Vault is primary Vault or replica Vault.
    isVaultReplicable Boolean
    A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.
    managementEndpoint String
    The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.
    replicaDetails List<Property Map>
    Vault replica details
    restoreFromFile Property Map
    (Updatable) Details where vault was backed up.
    restoreFromObjectStore Property Map
    (Updatable) Details where vault was backed up
    restoreTrigger Boolean
    restoredFromVaultId String
    The OCID of the vault from which this vault was restored, if it was restored from a backup file. If you restore a vault to the same region, the vault retains the same OCID that it had when you backed up the vault.
    state String
    The vault's current lifecycle state. Example: DELETED
    timeCreated String
    The date and time this vault was created, expressed in RFC 3339 timestamp format. Example: 2018-04-03T21:10:29.600Z
    timeOfDeletion String

    (Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z

    ** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

    vaultType String
    The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.

    Supporting Types

    VaultExternalKeyManagerMetadata, VaultExternalKeyManagerMetadataArgs

    ExternalVaultEndpointUrl string
    URI of the vault on external key manager.
    OauthMetadata VaultExternalKeyManagerMetadataOauthMetadata
    Authorization details required to get access token from IDP for accessing protected resources.
    PrivateEndpointId string
    OCID of private endpoint created by customer.
    ExternalVaultEndpointUrl string
    URI of the vault on external key manager.
    OauthMetadata VaultExternalKeyManagerMetadataOauthMetadata
    Authorization details required to get access token from IDP for accessing protected resources.
    PrivateEndpointId string
    OCID of private endpoint created by customer.
    externalVaultEndpointUrl String
    URI of the vault on external key manager.
    oauthMetadata VaultExternalKeyManagerMetadataOauthMetadata
    Authorization details required to get access token from IDP for accessing protected resources.
    privateEndpointId String
    OCID of private endpoint created by customer.
    externalVaultEndpointUrl string
    URI of the vault on external key manager.
    oauthMetadata VaultExternalKeyManagerMetadataOauthMetadata
    Authorization details required to get access token from IDP for accessing protected resources.
    privateEndpointId string
    OCID of private endpoint created by customer.
    external_vault_endpoint_url str
    URI of the vault on external key manager.
    oauth_metadata kms.VaultExternalKeyManagerMetadataOauthMetadata
    Authorization details required to get access token from IDP for accessing protected resources.
    private_endpoint_id str
    OCID of private endpoint created by customer.
    externalVaultEndpointUrl String
    URI of the vault on external key manager.
    oauthMetadata Property Map
    Authorization details required to get access token from IDP for accessing protected resources.
    privateEndpointId String
    OCID of private endpoint created by customer.

    VaultExternalKeyManagerMetadataOauthMetadata, VaultExternalKeyManagerMetadataOauthMetadataArgs

    ClientAppId string
    ID of the client app created in IDP.
    ClientAppSecret string
    Secret of the client app created in IDP.
    IdcsAccountNameUrl string
    Base URL of the IDCS account where confidential client app is created.
    ClientAppId string
    ID of the client app created in IDP.
    ClientAppSecret string
    Secret of the client app created in IDP.
    IdcsAccountNameUrl string
    Base URL of the IDCS account where confidential client app is created.
    clientAppId String
    ID of the client app created in IDP.
    clientAppSecret String
    Secret of the client app created in IDP.
    idcsAccountNameUrl String
    Base URL of the IDCS account where confidential client app is created.
    clientAppId string
    ID of the client app created in IDP.
    clientAppSecret string
    Secret of the client app created in IDP.
    idcsAccountNameUrl string
    Base URL of the IDCS account where confidential client app is created.
    client_app_id str
    ID of the client app created in IDP.
    client_app_secret str
    Secret of the client app created in IDP.
    idcs_account_name_url str
    Base URL of the IDCS account where confidential client app is created.
    clientAppId String
    ID of the client app created in IDP.
    clientAppSecret String
    Secret of the client app created in IDP.
    idcsAccountNameUrl String
    Base URL of the IDCS account where confidential client app is created.

    VaultExternalKeyManagerMetadataSummary, VaultExternalKeyManagerMetadataSummaryArgs

    ExternalVaultEndpointUrl string
    URL of the vault on external key manager.
    OauthMetadataSummaries List<VaultExternalKeyManagerMetadataSummaryOauthMetadataSummary>
    Summary about authorization to be returned to the customer as a response.
    PrivateEndpointId string
    OCID of the private endpoint.
    Vendor string
    Vendor of the external key manager.
    ExternalVaultEndpointUrl string
    URL of the vault on external key manager.
    OauthMetadataSummaries []VaultExternalKeyManagerMetadataSummaryOauthMetadataSummary
    Summary about authorization to be returned to the customer as a response.
    PrivateEndpointId string
    OCID of the private endpoint.
    Vendor string
    Vendor of the external key manager.
    externalVaultEndpointUrl String
    URL of the vault on external key manager.
    oauthMetadataSummaries List<VaultExternalKeyManagerMetadataSummaryOauthMetadataSummary>
    Summary about authorization to be returned to the customer as a response.
    privateEndpointId String
    OCID of the private endpoint.
    vendor String
    Vendor of the external key manager.
    externalVaultEndpointUrl string
    URL of the vault on external key manager.
    oauthMetadataSummaries VaultExternalKeyManagerMetadataSummaryOauthMetadataSummary[]
    Summary about authorization to be returned to the customer as a response.
    privateEndpointId string
    OCID of the private endpoint.
    vendor string
    Vendor of the external key manager.
    external_vault_endpoint_url str
    URL of the vault on external key manager.
    oauth_metadata_summaries Sequence[kms.VaultExternalKeyManagerMetadataSummaryOauthMetadataSummary]
    Summary about authorization to be returned to the customer as a response.
    private_endpoint_id str
    OCID of the private endpoint.
    vendor str
    Vendor of the external key manager.
    externalVaultEndpointUrl String
    URL of the vault on external key manager.
    oauthMetadataSummaries List<Property Map>
    Summary about authorization to be returned to the customer as a response.
    privateEndpointId String
    OCID of the private endpoint.
    vendor String
    Vendor of the external key manager.

    VaultExternalKeyManagerMetadataSummaryOauthMetadataSummary, VaultExternalKeyManagerMetadataSummaryOauthMetadataSummaryArgs

    ClientAppId string
    ID of the client app created in IDP.
    IdcsAccountNameUrl string
    Base URL of the IDCS account where confidential client app is created.
    ClientAppId string
    ID of the client app created in IDP.
    IdcsAccountNameUrl string
    Base URL of the IDCS account where confidential client app is created.
    clientAppId String
    ID of the client app created in IDP.
    idcsAccountNameUrl String
    Base URL of the IDCS account where confidential client app is created.
    clientAppId string
    ID of the client app created in IDP.
    idcsAccountNameUrl string
    Base URL of the IDCS account where confidential client app is created.
    client_app_id str
    ID of the client app created in IDP.
    idcs_account_name_url str
    Base URL of the IDCS account where confidential client app is created.
    clientAppId String
    ID of the client app created in IDP.
    idcsAccountNameUrl String
    Base URL of the IDCS account where confidential client app is created.

    VaultReplicaDetail, VaultReplicaDetailArgs

    ReplicationId string
    ReplicationId associated with a vault operation
    ReplicationId string
    ReplicationId associated with a vault operation
    replicationId String
    ReplicationId associated with a vault operation
    replicationId string
    ReplicationId associated with a vault operation
    replication_id str
    ReplicationId associated with a vault operation
    replicationId String
    ReplicationId associated with a vault operation

    VaultRestoreFromFile, VaultRestoreFromFileArgs

    ContentLength string
    content length of vault's backup binary file
    RestoreVaultFromFileDetails string
    Vault backup file content
    ContentMd5 string
    (Updatable) content md5 hashed value of vault's backup file
    ContentLength string
    content length of vault's backup binary file
    RestoreVaultFromFileDetails string
    Vault backup file content
    ContentMd5 string
    (Updatable) content md5 hashed value of vault's backup file
    contentLength String
    content length of vault's backup binary file
    restoreVaultFromFileDetails String
    Vault backup file content
    contentMd5 String
    (Updatable) content md5 hashed value of vault's backup file
    contentLength string
    content length of vault's backup binary file
    restoreVaultFromFileDetails string
    Vault backup file content
    contentMd5 string
    (Updatable) content md5 hashed value of vault's backup file
    content_length str
    content length of vault's backup binary file
    restore_vault_from_file_details str
    Vault backup file content
    content_md5 str
    (Updatable) content md5 hashed value of vault's backup file
    contentLength String
    content length of vault's backup binary file
    restoreVaultFromFileDetails String
    Vault backup file content
    contentMd5 String
    (Updatable) content md5 hashed value of vault's backup file

    VaultRestoreFromObjectStore, VaultRestoreFromObjectStoreArgs

    Destination string
    (Updatable) Type of backup to restore from. Values of "BUCKET", "PRE_AUTHENTICATED_REQUEST_URI" are supported
    Bucket string
    (Updatable) Name of the bucket where vault was backed up
    Namespace string
    (Updatable) Namespace of the bucket where vault was backed up
    Object string
    (Updatable) Object containing the backup
    Uri string
    (Updatable) Pre-authenticated-request-uri of the backup* restore_trigger - (Optional) (Updatable) An optional property when flipped triggers restore from restore option provided in config file.
    Destination string
    (Updatable) Type of backup to restore from. Values of "BUCKET", "PRE_AUTHENTICATED_REQUEST_URI" are supported
    Bucket string
    (Updatable) Name of the bucket where vault was backed up
    Namespace string
    (Updatable) Namespace of the bucket where vault was backed up
    Object string
    (Updatable) Object containing the backup
    Uri string
    (Updatable) Pre-authenticated-request-uri of the backup* restore_trigger - (Optional) (Updatable) An optional property when flipped triggers restore from restore option provided in config file.
    destination String
    (Updatable) Type of backup to restore from. Values of "BUCKET", "PRE_AUTHENTICATED_REQUEST_URI" are supported
    bucket String
    (Updatable) Name of the bucket where vault was backed up
    namespace String
    (Updatable) Namespace of the bucket where vault was backed up
    object String
    (Updatable) Object containing the backup
    uri String
    (Updatable) Pre-authenticated-request-uri of the backup* restore_trigger - (Optional) (Updatable) An optional property when flipped triggers restore from restore option provided in config file.
    destination string
    (Updatable) Type of backup to restore from. Values of "BUCKET", "PRE_AUTHENTICATED_REQUEST_URI" are supported
    bucket string
    (Updatable) Name of the bucket where vault was backed up
    namespace string
    (Updatable) Namespace of the bucket where vault was backed up
    object string
    (Updatable) Object containing the backup
    uri string
    (Updatable) Pre-authenticated-request-uri of the backup* restore_trigger - (Optional) (Updatable) An optional property when flipped triggers restore from restore option provided in config file.
    destination str
    (Updatable) Type of backup to restore from. Values of "BUCKET", "PRE_AUTHENTICATED_REQUEST_URI" are supported
    bucket str
    (Updatable) Name of the bucket where vault was backed up
    namespace str
    (Updatable) Namespace of the bucket where vault was backed up
    object str
    (Updatable) Object containing the backup
    uri str
    (Updatable) Pre-authenticated-request-uri of the backup* restore_trigger - (Optional) (Updatable) An optional property when flipped triggers restore from restore option provided in config file.
    destination String
    (Updatable) Type of backup to restore from. Values of "BUCKET", "PRE_AUTHENTICATED_REQUEST_URI" are supported
    bucket String
    (Updatable) Name of the bucket where vault was backed up
    namespace String
    (Updatable) Namespace of the bucket where vault was backed up
    object String
    (Updatable) Object containing the backup
    uri String
    (Updatable) Pre-authenticated-request-uri of the backup* restore_trigger - (Optional) (Updatable) An optional property when flipped triggers restore from restore option provided in config file.

    Import

    Vaults can be imported using the id, e.g.

    $ pulumi import oci:Kms/vault:Vault test_vault "id"
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    oci pulumi/pulumi-oci
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the oci Terraform Provider.
    oci logo
    Oracle Cloud Infrastructure v2.17.0 published on Friday, Nov 15, 2024 by Pulumi