Oracle Cloud Infrastructure v2.33.0, May 1 25

Oracle Cloud Infrastructure v2.33.0 published on Thursday, May 1, 2025 by Pulumi

oci.Kms.Vault

Explore with Pulumi AI

Oracle Cloud Infrastructure v2.33.0 published on Thursday, May 1, 2025 by Pulumi

As a provisioning operation, this call is subject to a Key Management limit that applies to the total number of requests across all provisioning write operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of provisioning write operations exceeds 10 requests per second for a given tenancy.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";

const testVault = new oci.kms.Vault("test_vault", {
    compartmentId: compartmentId,
    displayName: vaultDisplayName,
    vaultType: vaultVaultType,
    definedTags: {
        "Operations.CostCenter": "42",
    },
    externalKeyManagerMetadata: {
        externalVaultEndpointUrl: vaultExternalKeyManagerMetadataExternalVaultEndpointUrl,
        oauthMetadata: {
            clientAppId: testClientApp.id,
            clientAppSecret: vaultExternalKeyManagerMetadataOauthMetadataClientAppSecret,
            idcsAccountNameUrl: vaultExternalKeyManagerMetadataOauthMetadataIdcsAccountNameUrl,
        },
        privateEndpointId: testPrivateEndpoint.id,
    },
    freeformTags: {
        Department: "Finance",
    },
});

import pulumi
import pulumi_oci as oci

test_vault = oci.kms.Vault("test_vault",
    compartment_id=compartment_id,
    display_name=vault_display_name,
    vault_type=vault_vault_type,
    defined_tags={
        "Operations.CostCenter": "42",
    },
    external_key_manager_metadata={
        "external_vault_endpoint_url": vault_external_key_manager_metadata_external_vault_endpoint_url,
        "oauth_metadata": {
            "client_app_id": test_client_app["id"],
            "client_app_secret": vault_external_key_manager_metadata_oauth_metadata_client_app_secret,
            "idcs_account_name_url": vault_external_key_manager_metadata_oauth_metadata_idcs_account_name_url,
        },
        "private_endpoint_id": test_private_endpoint["id"],
    },
    freeform_tags={
        "Department": "Finance",
    })

package main

import (
	"github.com/pulumi/pulumi-oci/sdk/v2/go/oci/kms"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := kms.NewVault(ctx, "test_vault", &kms.VaultArgs{
			CompartmentId: pulumi.Any(compartmentId),
			DisplayName:   pulumi.Any(vaultDisplayName),
			VaultType:     pulumi.Any(vaultVaultType),
			DefinedTags: pulumi.StringMap{
				"Operations.CostCenter": pulumi.String("42"),
			},
			ExternalKeyManagerMetadata: &kms.VaultExternalKeyManagerMetadataArgs{
				ExternalVaultEndpointUrl: pulumi.Any(vaultExternalKeyManagerMetadataExternalVaultEndpointUrl),
				OauthMetadata: &kms.VaultExternalKeyManagerMetadataOauthMetadataArgs{
					ClientAppId:        pulumi.Any(testClientApp.Id),
					ClientAppSecret:    pulumi.Any(vaultExternalKeyManagerMetadataOauthMetadataClientAppSecret),
					IdcsAccountNameUrl: pulumi.Any(vaultExternalKeyManagerMetadataOauthMetadataIdcsAccountNameUrl),
				},
				PrivateEndpointId: pulumi.Any(testPrivateEndpoint.Id),
			},
			FreeformTags: pulumi.StringMap{
				"Department": pulumi.String("Finance"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Oci = Pulumi.Oci;

return await Deployment.RunAsync(() => 
{
    var testVault = new Oci.Kms.Vault("test_vault", new()
    {
        CompartmentId = compartmentId,
        DisplayName = vaultDisplayName,
        VaultType = vaultVaultType,
        DefinedTags = 
        {
            { "Operations.CostCenter", "42" },
        },
        ExternalKeyManagerMetadata = new Oci.Kms.Inputs.VaultExternalKeyManagerMetadataArgs
        {
            ExternalVaultEndpointUrl = vaultExternalKeyManagerMetadataExternalVaultEndpointUrl,
            OauthMetadata = new Oci.Kms.Inputs.VaultExternalKeyManagerMetadataOauthMetadataArgs
            {
                ClientAppId = testClientApp.Id,
                ClientAppSecret = vaultExternalKeyManagerMetadataOauthMetadataClientAppSecret,
                IdcsAccountNameUrl = vaultExternalKeyManagerMetadataOauthMetadataIdcsAccountNameUrl,
            },
            PrivateEndpointId = testPrivateEndpoint.Id,
        },
        FreeformTags = 
        {
            { "Department", "Finance" },
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.Kms.Vault;
import com.pulumi.oci.Kms.VaultArgs;
import com.pulumi.oci.Kms.inputs.VaultExternalKeyManagerMetadataArgs;
import com.pulumi.oci.Kms.inputs.VaultExternalKeyManagerMetadataOauthMetadataArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var testVault = new Vault("testVault", VaultArgs.builder()
            .compartmentId(compartmentId)
            .displayName(vaultDisplayName)
            .vaultType(vaultVaultType)
            .definedTags(Map.of("Operations.CostCenter", "42"))
            .externalKeyManagerMetadata(VaultExternalKeyManagerMetadataArgs.builder()
                .externalVaultEndpointUrl(vaultExternalKeyManagerMetadataExternalVaultEndpointUrl)
                .oauthMetadata(VaultExternalKeyManagerMetadataOauthMetadataArgs.builder()
                    .clientAppId(testClientApp.id())
                    .clientAppSecret(vaultExternalKeyManagerMetadataOauthMetadataClientAppSecret)
                    .idcsAccountNameUrl(vaultExternalKeyManagerMetadataOauthMetadataIdcsAccountNameUrl)
                    .build())
                .privateEndpointId(testPrivateEndpoint.id())
                .build())
            .freeformTags(Map.of("Department", "Finance"))
            .build());

    }
}

resources:
  testVault:
    type: oci:Kms:Vault
    name: test_vault
    properties:
      compartmentId: ${compartmentId}
      displayName: ${vaultDisplayName}
      vaultType: ${vaultVaultType}
      definedTags:
        Operations.CostCenter: '42'
      externalKeyManagerMetadata:
        externalVaultEndpointUrl: ${vaultExternalKeyManagerMetadataExternalVaultEndpointUrl}
        oauthMetadata:
          clientAppId: ${testClientApp.id}
          clientAppSecret: ${vaultExternalKeyManagerMetadataOauthMetadataClientAppSecret}
          idcsAccountNameUrl: ${vaultExternalKeyManagerMetadataOauthMetadataIdcsAccountNameUrl}
        privateEndpointId: ${testPrivateEndpoint.id}
      freeformTags:
        Department: Finance

Create Vault Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new Vault(name: string, args: VaultArgs, opts?: CustomResourceOptions);

@overload
def Vault(resource_name: str,
          args: VaultArgs,
          opts: Optional[ResourceOptions] = None)

@overload
def Vault(resource_name: str,
          opts: Optional[ResourceOptions] = None,
          compartment_id: Optional[str] = None,
          display_name: Optional[str] = None,
          vault_type: Optional[str] = None,
          defined_tags: Optional[Mapping[str, str]] = None,
          external_key_manager_metadata: Optional[VaultExternalKeyManagerMetadataArgs] = None,
          freeform_tags: Optional[Mapping[str, str]] = None,
          restore_from_file: Optional[VaultRestoreFromFileArgs] = None,
          restore_from_object_store: Optional[VaultRestoreFromObjectStoreArgs] = None,
          restore_trigger: Optional[bool] = None,
          time_of_deletion: Optional[str] = None)

func NewVault(ctx *Context, name string, args VaultArgs, opts ...ResourceOption) (*Vault, error)

public Vault(string name, VaultArgs args, CustomResourceOptions? opts = null)

public Vault(String name, VaultArgs args)
public Vault(String name, VaultArgs args, CustomResourceOptions options)

type: oci:Kms:Vault
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args VaultArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args VaultArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args VaultArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args VaultArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args VaultArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var vaultResource = new Oci.Kms.Vault("vaultResource", new()
{
    CompartmentId = "string",
    DisplayName = "string",
    VaultType = "string",
    DefinedTags = 
    {
        { "string", "string" },
    },
    ExternalKeyManagerMetadata = new Oci.Kms.Inputs.VaultExternalKeyManagerMetadataArgs
    {
        ExternalVaultEndpointUrl = "string",
        OauthMetadata = new Oci.Kms.Inputs.VaultExternalKeyManagerMetadataOauthMetadataArgs
        {
            ClientAppId = "string",
            ClientAppSecret = "string",
            IdcsAccountNameUrl = "string",
        },
        PrivateEndpointId = "string",
    },
    FreeformTags = 
    {
        { "string", "string" },
    },
    RestoreFromFile = new Oci.Kms.Inputs.VaultRestoreFromFileArgs
    {
        ContentLength = "string",
        RestoreVaultFromFileDetails = "string",
        ContentMd5 = "string",
    },
    RestoreFromObjectStore = new Oci.Kms.Inputs.VaultRestoreFromObjectStoreArgs
    {
        Destination = "string",
        Bucket = "string",
        Namespace = "string",
        Object = "string",
        Uri = "string",
    },
    RestoreTrigger = false,
    TimeOfDeletion = "string",
});

example, err := kms.NewVault(ctx, "vaultResource", &kms.VaultArgs{
	CompartmentId: pulumi.String("string"),
	DisplayName:   pulumi.String("string"),
	VaultType:     pulumi.String("string"),
	DefinedTags: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	ExternalKeyManagerMetadata: &kms.VaultExternalKeyManagerMetadataArgs{
		ExternalVaultEndpointUrl: pulumi.String("string"),
		OauthMetadata: &kms.VaultExternalKeyManagerMetadataOauthMetadataArgs{
			ClientAppId:        pulumi.String("string"),
			ClientAppSecret:    pulumi.String("string"),
			IdcsAccountNameUrl: pulumi.String("string"),
		},
		PrivateEndpointId: pulumi.String("string"),
	},
	FreeformTags: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	RestoreFromFile: &kms.VaultRestoreFromFileArgs{
		ContentLength:               pulumi.String("string"),
		RestoreVaultFromFileDetails: pulumi.String("string"),
		ContentMd5:                  pulumi.String("string"),
	},
	RestoreFromObjectStore: &kms.VaultRestoreFromObjectStoreArgs{
		Destination: pulumi.String("string"),
		Bucket:      pulumi.String("string"),
		Namespace:   pulumi.String("string"),
		Object:      pulumi.String("string"),
		Uri:         pulumi.String("string"),
	},
	RestoreTrigger: pulumi.Bool(false),
	TimeOfDeletion: pulumi.String("string"),
})

var vaultResource = new Vault("vaultResource", VaultArgs.builder()
    .compartmentId("string")
    .displayName("string")
    .vaultType("string")
    .definedTags(Map.of("string", "string"))
    .externalKeyManagerMetadata(VaultExternalKeyManagerMetadataArgs.builder()
        .externalVaultEndpointUrl("string")
        .oauthMetadata(VaultExternalKeyManagerMetadataOauthMetadataArgs.builder()
            .clientAppId("string")
            .clientAppSecret("string")
            .idcsAccountNameUrl("string")
            .build())
        .privateEndpointId("string")
        .build())
    .freeformTags(Map.of("string", "string"))
    .restoreFromFile(VaultRestoreFromFileArgs.builder()
        .contentLength("string")
        .restoreVaultFromFileDetails("string")
        .contentMd5("string")
        .build())
    .restoreFromObjectStore(VaultRestoreFromObjectStoreArgs.builder()
        .destination("string")
        .bucket("string")
        .namespace("string")
        .object("string")
        .uri("string")
        .build())
    .restoreTrigger(false)
    .timeOfDeletion("string")
    .build());

vault_resource = oci.kms.Vault("vaultResource",
    compartment_id="string",
    display_name="string",
    vault_type="string",
    defined_tags={
        "string": "string",
    },
    external_key_manager_metadata={
        "external_vault_endpoint_url": "string",
        "oauth_metadata": {
            "client_app_id": "string",
            "client_app_secret": "string",
            "idcs_account_name_url": "string",
        },
        "private_endpoint_id": "string",
    },
    freeform_tags={
        "string": "string",
    },
    restore_from_file={
        "content_length": "string",
        "restore_vault_from_file_details": "string",
        "content_md5": "string",
    },
    restore_from_object_store={
        "destination": "string",
        "bucket": "string",
        "namespace": "string",
        "object": "string",
        "uri": "string",
    },
    restore_trigger=False,
    time_of_deletion="string")

const vaultResource = new oci.kms.Vault("vaultResource", {
    compartmentId: "string",
    displayName: "string",
    vaultType: "string",
    definedTags: {
        string: "string",
    },
    externalKeyManagerMetadata: {
        externalVaultEndpointUrl: "string",
        oauthMetadata: {
            clientAppId: "string",
            clientAppSecret: "string",
            idcsAccountNameUrl: "string",
        },
        privateEndpointId: "string",
    },
    freeformTags: {
        string: "string",
    },
    restoreFromFile: {
        contentLength: "string",
        restoreVaultFromFileDetails: "string",
        contentMd5: "string",
    },
    restoreFromObjectStore: {
        destination: "string",
        bucket: "string",
        namespace: "string",
        object: "string",
        uri: "string",
    },
    restoreTrigger: false,
    timeOfDeletion: "string",
});

type: oci:Kms:Vault
properties:
    compartmentId: string
    definedTags:
        string: string
    displayName: string
    externalKeyManagerMetadata:
        externalVaultEndpointUrl: string
        oauthMetadata:
            clientAppId: string
            clientAppSecret: string
            idcsAccountNameUrl: string
        privateEndpointId: string
    freeformTags:
        string: string
    restoreFromFile:
        contentLength: string
        contentMd5: string
        restoreVaultFromFileDetails: string
    restoreFromObjectStore:
        bucket: string
        destination: string
        namespace: string
        object: string
        uri: string
    restoreTrigger: false
    timeOfDeletion: string
    vaultType: string

Vault Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The Vault resource accepts the following input properties:

CompartmentId string

(Updatable) The OCID of the compartment where you want to create this vault.

DisplayName string

(Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.

VaultType string

The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.

DefinedTags Dictionary<string, string>

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}

ExternalKeyManagerMetadata VaultExternalKeyManagerMetadata

Metadata required for accessing External Key manager

FreeformTags Dictionary<string, string>

(Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}

RestoreFromFile VaultRestoreFromFile

(Updatable) Details where vault was backed up.

RestoreFromObjectStore VaultRestoreFromObjectStore

(Updatable) Details where vault was backed up

RestoreTrigger bool

TimeOfDeletion string

(Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

CompartmentId string

(Updatable) The OCID of the compartment where you want to create this vault.

DisplayName string

(Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.

VaultType string

The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.

DefinedTags map[string]string

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}

ExternalKeyManagerMetadata VaultExternalKeyManagerMetadataArgs

Metadata required for accessing External Key manager

FreeformTags map[string]string

RestoreFromFile VaultRestoreFromFileArgs

(Updatable) Details where vault was backed up.

RestoreFromObjectStore VaultRestoreFromObjectStoreArgs

(Updatable) Details where vault was backed up

RestoreTrigger bool

TimeOfDeletion string

(Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

compartmentId String

(Updatable) The OCID of the compartment where you want to create this vault.

displayName String

(Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.

vaultType String

The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.

definedTags Map<String,String>

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}

externalKeyManagerMetadata VaultExternalKeyManagerMetadata

Metadata required for accessing External Key manager

freeformTags Map<String,String>

restoreFromFile VaultRestoreFromFile

(Updatable) Details where vault was backed up.

restoreFromObjectStore VaultRestoreFromObjectStore

(Updatable) Details where vault was backed up

restoreTrigger Boolean

timeOfDeletion String

(Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

compartmentId string

(Updatable) The OCID of the compartment where you want to create this vault.

displayName string

(Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.

vaultType string

The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.

definedTags {[key: string]: string}

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}

externalKeyManagerMetadata VaultExternalKeyManagerMetadata

Metadata required for accessing External Key manager

freeformTags {[key: string]: string}

restoreFromFile VaultRestoreFromFile

(Updatable) Details where vault was backed up.

restoreFromObjectStore VaultRestoreFromObjectStore

(Updatable) Details where vault was backed up

restoreTrigger boolean

timeOfDeletion string

(Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

compartment_id str

(Updatable) The OCID of the compartment where you want to create this vault.

display_name str

(Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.

vault_type str

The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.

defined_tags Mapping[str, str]

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}

external_key_manager_metadata VaultExternalKeyManagerMetadataArgs

Metadata required for accessing External Key manager

freeform_tags Mapping[str, str]

restore_from_file VaultRestoreFromFileArgs

(Updatable) Details where vault was backed up.

restore_from_object_store VaultRestoreFromObjectStoreArgs

(Updatable) Details where vault was backed up

restore_trigger bool

time_of_deletion str

(Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

compartmentId String

(Updatable) The OCID of the compartment where you want to create this vault.

displayName String

(Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.

vaultType String

The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.

definedTags Map<String>

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}

externalKeyManagerMetadata Property Map

Metadata required for accessing External Key manager

freeformTags Map<String>

restoreFromFile Property Map

(Updatable) Details where vault was backed up.

restoreFromObjectStore Property Map

(Updatable) Details where vault was backed up

restoreTrigger Boolean

timeOfDeletion String

(Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

Outputs

All input properties are implicitly available as output properties. Additionally, the Vault resource produces the following output properties:

CryptoEndpoint string: The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.
ExternalKeyManagerMetadataSummaries List<VaultExternalKeyManagerMetadataSummary>: Summary about metadata of external key manager to be returned to the customer as a response.
Id string: The provider-assigned unique ID for this managed resource.
IsPrimary bool: A Boolean value that indicates whether the Vault is primary Vault or replica Vault.
IsVaultReplicable bool: A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.
ManagementEndpoint string: The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.
ReplicaDetails List<VaultReplicaDetail>: Vault replica details
RestoredFromVaultId string: The OCID of the vault from which this vault was restored, if it was restored from a backup file. If you restore a vault to the same region, the vault retains the same OCID that it had when you backed up the vault.
State string: The vault's current lifecycle state. Example: DELETED
TimeCreated string: The date and time this vault was created, expressed in RFC 3339 timestamp format. Example: 2018-04-03T21:10:29.600Z

CryptoEndpoint string: The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.
ExternalKeyManagerMetadataSummaries []VaultExternalKeyManagerMetadataSummary: Summary about metadata of external key manager to be returned to the customer as a response.
Id string: The provider-assigned unique ID for this managed resource.
IsPrimary bool: A Boolean value that indicates whether the Vault is primary Vault or replica Vault.
IsVaultReplicable bool: A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.
ManagementEndpoint string: The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.
ReplicaDetails []VaultReplicaDetail: Vault replica details
RestoredFromVaultId string: The OCID of the vault from which this vault was restored, if it was restored from a backup file. If you restore a vault to the same region, the vault retains the same OCID that it had when you backed up the vault.
State string: The vault's current lifecycle state. Example: DELETED
TimeCreated string: The date and time this vault was created, expressed in RFC 3339 timestamp format. Example: 2018-04-03T21:10:29.600Z

cryptoEndpoint String: The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.
externalKeyManagerMetadataSummaries List<VaultExternalKeyManagerMetadataSummary>: Summary about metadata of external key manager to be returned to the customer as a response.
id String: The provider-assigned unique ID for this managed resource.
isPrimary Boolean: A Boolean value that indicates whether the Vault is primary Vault or replica Vault.
isVaultReplicable Boolean: A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.
managementEndpoint String: The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.
replicaDetails List<VaultReplicaDetail>: Vault replica details
restoredFromVaultId String: The OCID of the vault from which this vault was restored, if it was restored from a backup file. If you restore a vault to the same region, the vault retains the same OCID that it had when you backed up the vault.
state String: The vault's current lifecycle state. Example: DELETED
timeCreated String: The date and time this vault was created, expressed in RFC 3339 timestamp format. Example: 2018-04-03T21:10:29.600Z

cryptoEndpoint string: The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.
externalKeyManagerMetadataSummaries VaultExternalKeyManagerMetadataSummary[]: Summary about metadata of external key manager to be returned to the customer as a response.
id string: The provider-assigned unique ID for this managed resource.
isPrimary boolean: A Boolean value that indicates whether the Vault is primary Vault or replica Vault.
isVaultReplicable boolean: A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.
managementEndpoint string: The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.
replicaDetails VaultReplicaDetail[]: Vault replica details
restoredFromVaultId string: The OCID of the vault from which this vault was restored, if it was restored from a backup file. If you restore a vault to the same region, the vault retains the same OCID that it had when you backed up the vault.
state string: The vault's current lifecycle state. Example: DELETED
timeCreated string: The date and time this vault was created, expressed in RFC 3339 timestamp format. Example: 2018-04-03T21:10:29.600Z

crypto_endpoint str: The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.
external_key_manager_metadata_summaries Sequence[VaultExternalKeyManagerMetadataSummary]: Summary about metadata of external key manager to be returned to the customer as a response.
id str: The provider-assigned unique ID for this managed resource.
is_primary bool: A Boolean value that indicates whether the Vault is primary Vault or replica Vault.
is_vault_replicable bool: A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.
management_endpoint str: The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.
replica_details Sequence[VaultReplicaDetail]: Vault replica details
restored_from_vault_id str: The OCID of the vault from which this vault was restored, if it was restored from a backup file. If you restore a vault to the same region, the vault retains the same OCID that it had when you backed up the vault.
state str: The vault's current lifecycle state. Example: DELETED
time_created str: The date and time this vault was created, expressed in RFC 3339 timestamp format. Example: 2018-04-03T21:10:29.600Z

cryptoEndpoint String: The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.
externalKeyManagerMetadataSummaries List<Property Map>: Summary about metadata of external key manager to be returned to the customer as a response.
id String: The provider-assigned unique ID for this managed resource.
isPrimary Boolean: A Boolean value that indicates whether the Vault is primary Vault or replica Vault.
isVaultReplicable Boolean: A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.
managementEndpoint String: The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.
replicaDetails List<Property Map>: Vault replica details
restoredFromVaultId String: The OCID of the vault from which this vault was restored, if it was restored from a backup file. If you restore a vault to the same region, the vault retains the same OCID that it had when you backed up the vault.
state String: The vault's current lifecycle state. Example: DELETED
timeCreated String: The date and time this vault was created, expressed in RFC 3339 timestamp format. Example: 2018-04-03T21:10:29.600Z

Look up Existing Vault Resource

Get an existing Vault resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: VaultState, opts?: CustomResourceOptions): Vault

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        compartment_id: Optional[str] = None,
        crypto_endpoint: Optional[str] = None,
        defined_tags: Optional[Mapping[str, str]] = None,
        display_name: Optional[str] = None,
        external_key_manager_metadata: Optional[VaultExternalKeyManagerMetadataArgs] = None,
        external_key_manager_metadata_summaries: Optional[Sequence[VaultExternalKeyManagerMetadataSummaryArgs]] = None,
        freeform_tags: Optional[Mapping[str, str]] = None,
        is_primary: Optional[bool] = None,
        is_vault_replicable: Optional[bool] = None,
        management_endpoint: Optional[str] = None,
        replica_details: Optional[Sequence[VaultReplicaDetailArgs]] = None,
        restore_from_file: Optional[VaultRestoreFromFileArgs] = None,
        restore_from_object_store: Optional[VaultRestoreFromObjectStoreArgs] = None,
        restore_trigger: Optional[bool] = None,
        restored_from_vault_id: Optional[str] = None,
        state: Optional[str] = None,
        time_created: Optional[str] = None,
        time_of_deletion: Optional[str] = None,
        vault_type: Optional[str] = None) -> Vault

func GetVault(ctx *Context, name string, id IDInput, state *VaultState, opts ...ResourceOption) (*Vault, error)

public static Vault Get(string name, Input<string> id, VaultState? state, CustomResourceOptions? opts = null)

public static Vault get(String name, Output<String> id, VaultState state, CustomResourceOptions options)

resources:  _:    type: oci:Kms:Vault    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

CompartmentId string

(Updatable) The OCID of the compartment where you want to create this vault.

CryptoEndpoint string

The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.

DefinedTags Dictionary<string, string>

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}

DisplayName string

(Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.

ExternalKeyManagerMetadata VaultExternalKeyManagerMetadata

Metadata required for accessing External Key manager

ExternalKeyManagerMetadataSummaries List<VaultExternalKeyManagerMetadataSummary>

Summary about metadata of external key manager to be returned to the customer as a response.

FreeformTags Dictionary<string, string>

IsPrimary bool

A Boolean value that indicates whether the Vault is primary Vault or replica Vault.

IsVaultReplicable bool

A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.

ManagementEndpoint string

The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.

ReplicaDetails List<VaultReplicaDetail>

Vault replica details

RestoreFromFile VaultRestoreFromFile

(Updatable) Details where vault was backed up.

RestoreFromObjectStore VaultRestoreFromObjectStore

(Updatable) Details where vault was backed up

RestoreTrigger bool

RestoredFromVaultId string

The OCID of the vault from which this vault was restored, if it was restored from a backup file. If you restore a vault to the same region, the vault retains the same OCID that it had when you backed up the vault.

State string

The vault's current lifecycle state. Example: DELETED

TimeCreated string

The date and time this vault was created, expressed in RFC 3339 timestamp format. Example: 2018-04-03T21:10:29.600Z

TimeOfDeletion string

(Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

VaultType string

The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.

CompartmentId string

(Updatable) The OCID of the compartment where you want to create this vault.

CryptoEndpoint string

The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.

DefinedTags map[string]string

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}

DisplayName string

(Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.

ExternalKeyManagerMetadata VaultExternalKeyManagerMetadataArgs

Metadata required for accessing External Key manager

ExternalKeyManagerMetadataSummaries []VaultExternalKeyManagerMetadataSummaryArgs

Summary about metadata of external key manager to be returned to the customer as a response.

FreeformTags map[string]string

IsPrimary bool

A Boolean value that indicates whether the Vault is primary Vault or replica Vault.

IsVaultReplicable bool

A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.

ManagementEndpoint string

The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.

ReplicaDetails []VaultReplicaDetailArgs

Vault replica details

RestoreFromFile VaultRestoreFromFileArgs

(Updatable) Details where vault was backed up.

RestoreFromObjectStore VaultRestoreFromObjectStoreArgs

(Updatable) Details where vault was backed up

RestoreTrigger bool

RestoredFromVaultId string

State string

The vault's current lifecycle state. Example: DELETED

TimeCreated string

The date and time this vault was created, expressed in RFC 3339 timestamp format. Example: 2018-04-03T21:10:29.600Z

TimeOfDeletion string

(Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

VaultType string

The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.

compartmentId String

(Updatable) The OCID of the compartment where you want to create this vault.

cryptoEndpoint String

The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.

definedTags Map<String,String>

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}

displayName String

(Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.

externalKeyManagerMetadata VaultExternalKeyManagerMetadata

Metadata required for accessing External Key manager

externalKeyManagerMetadataSummaries List<VaultExternalKeyManagerMetadataSummary>

Summary about metadata of external key manager to be returned to the customer as a response.

freeformTags Map<String,String>

isPrimary Boolean

A Boolean value that indicates whether the Vault is primary Vault or replica Vault.

isVaultReplicable Boolean

A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.

managementEndpoint String

The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.

replicaDetails List<VaultReplicaDetail>

Vault replica details

restoreFromFile VaultRestoreFromFile

(Updatable) Details where vault was backed up.

restoreFromObjectStore VaultRestoreFromObjectStore

(Updatable) Details where vault was backed up

restoreTrigger Boolean

restoredFromVaultId String

state String

The vault's current lifecycle state. Example: DELETED

timeCreated String

The date and time this vault was created, expressed in RFC 3339 timestamp format. Example: 2018-04-03T21:10:29.600Z

timeOfDeletion String

(Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

vaultType String

The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.

compartmentId string

(Updatable) The OCID of the compartment where you want to create this vault.

cryptoEndpoint string

The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.

definedTags {[key: string]: string}

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}

displayName string

(Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.

externalKeyManagerMetadata VaultExternalKeyManagerMetadata

Metadata required for accessing External Key manager

externalKeyManagerMetadataSummaries VaultExternalKeyManagerMetadataSummary[]

Summary about metadata of external key manager to be returned to the customer as a response.

freeformTags {[key: string]: string}

isPrimary boolean

A Boolean value that indicates whether the Vault is primary Vault or replica Vault.

isVaultReplicable boolean

A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.

managementEndpoint string

The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.

replicaDetails VaultReplicaDetail[]

Vault replica details

restoreFromFile VaultRestoreFromFile

(Updatable) Details where vault was backed up.

restoreFromObjectStore VaultRestoreFromObjectStore

(Updatable) Details where vault was backed up

restoreTrigger boolean

restoredFromVaultId string

state string

The vault's current lifecycle state. Example: DELETED

timeCreated string

The date and time this vault was created, expressed in RFC 3339 timestamp format. Example: 2018-04-03T21:10:29.600Z

timeOfDeletion string

(Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

vaultType string

The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.

compartment_id str

(Updatable) The OCID of the compartment where you want to create this vault.

crypto_endpoint str

The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.

defined_tags Mapping[str, str]

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}

display_name str

(Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.

external_key_manager_metadata VaultExternalKeyManagerMetadataArgs

Metadata required for accessing External Key manager

external_key_manager_metadata_summaries Sequence[VaultExternalKeyManagerMetadataSummaryArgs]

Summary about metadata of external key manager to be returned to the customer as a response.

freeform_tags Mapping[str, str]

is_primary bool

A Boolean value that indicates whether the Vault is primary Vault or replica Vault.

is_vault_replicable bool

A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.

management_endpoint str

The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.

replica_details Sequence[VaultReplicaDetailArgs]

Vault replica details

restore_from_file VaultRestoreFromFileArgs

(Updatable) Details where vault was backed up.

restore_from_object_store VaultRestoreFromObjectStoreArgs

(Updatable) Details where vault was backed up

restore_trigger bool

restored_from_vault_id str

state str

The vault's current lifecycle state. Example: DELETED

time_created str

The date and time this vault was created, expressed in RFC 3339 timestamp format. Example: 2018-04-03T21:10:29.600Z

time_of_deletion str

(Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

vault_type str

The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.

compartmentId String

(Updatable) The OCID of the compartment where you want to create this vault.

cryptoEndpoint String

The service endpoint to perform cryptographic operations against. Cryptographic operations include Encrypt, Decrypt, and GenerateDataEncryptionKey operations.

definedTags Map<String>

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}

displayName String

(Updatable) A user-friendly name for the vault. It does not have to be unique, and it is changeable. Avoid entering confidential information.

externalKeyManagerMetadata Property Map

Metadata required for accessing External Key manager

externalKeyManagerMetadataSummaries List<Property Map>

Summary about metadata of external key manager to be returned to the customer as a response.

freeformTags Map<String>

isPrimary Boolean

A Boolean value that indicates whether the Vault is primary Vault or replica Vault.

isVaultReplicable Boolean

A Boolean value that indicates whether the Vault has cross region replication capability. Always true for Virtual Private Vaults.

managementEndpoint String

The service endpoint to perform management operations against. Management operations include "Create," "Update," "List," "Get," and "Delete" operations.

replicaDetails List<Property Map>

Vault replica details

restoreFromFile Property Map

(Updatable) Details where vault was backed up.

restoreFromObjectStore Property Map

(Updatable) Details where vault was backed up

restoreTrigger Boolean

restoredFromVaultId String

state String

The vault's current lifecycle state. Example: DELETED

timeCreated String

The date and time this vault was created, expressed in RFC 3339 timestamp format. Example: 2018-04-03T21:10:29.600Z

timeOfDeletion String

(Updatable) An optional property for the deletion time of the vault, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

vaultType String

The type of vault to create. Each type of vault stores the key with different degrees of isolation and has different options and pricing.

Supporting Types

VaultExternalKeyManagerMetadata, VaultExternalKeyManagerMetadataArgs

ExternalVaultEndpointUrl string: URI of the vault on external key manager.
OauthMetadata VaultExternalKeyManagerMetadataOauthMetadata: Authorization details required to get access token from IDP for accessing protected resources.
PrivateEndpointId string: OCID of private endpoint created by customer.

ExternalVaultEndpointUrl string: URI of the vault on external key manager.
OauthMetadata VaultExternalKeyManagerMetadataOauthMetadata: Authorization details required to get access token from IDP for accessing protected resources.
PrivateEndpointId string: OCID of private endpoint created by customer.

externalVaultEndpointUrl String: URI of the vault on external key manager.
oauthMetadata VaultExternalKeyManagerMetadataOauthMetadata: Authorization details required to get access token from IDP for accessing protected resources.
privateEndpointId String: OCID of private endpoint created by customer.

externalVaultEndpointUrl string: URI of the vault on external key manager.
oauthMetadata VaultExternalKeyManagerMetadataOauthMetadata: Authorization details required to get access token from IDP for accessing protected resources.
privateEndpointId string: OCID of private endpoint created by customer.

external_vault_endpoint_url str: URI of the vault on external key manager.
oauth_metadata VaultExternalKeyManagerMetadataOauthMetadata: Authorization details required to get access token from IDP for accessing protected resources.
private_endpoint_id str: OCID of private endpoint created by customer.

externalVaultEndpointUrl String: URI of the vault on external key manager.
oauthMetadata Property Map: Authorization details required to get access token from IDP for accessing protected resources.
privateEndpointId String: OCID of private endpoint created by customer.

VaultExternalKeyManagerMetadataOauthMetadata, VaultExternalKeyManagerMetadataOauthMetadataArgs

ClientAppId string: ID of the client app created in IDP.
ClientAppSecret string: Secret of the client app created in IDP.
IdcsAccountNameUrl string: Base URL of the IDCS account where confidential client app is created.

ClientAppId string: ID of the client app created in IDP.
ClientAppSecret string: Secret of the client app created in IDP.
IdcsAccountNameUrl string: Base URL of the IDCS account where confidential client app is created.

clientAppId String: ID of the client app created in IDP.
clientAppSecret String: Secret of the client app created in IDP.
idcsAccountNameUrl String: Base URL of the IDCS account where confidential client app is created.

clientAppId string: ID of the client app created in IDP.
clientAppSecret string: Secret of the client app created in IDP.
idcsAccountNameUrl string: Base URL of the IDCS account where confidential client app is created.

client_app_id str: ID of the client app created in IDP.
client_app_secret str: Secret of the client app created in IDP.
idcs_account_name_url str: Base URL of the IDCS account where confidential client app is created.

clientAppId String: ID of the client app created in IDP.
clientAppSecret String: Secret of the client app created in IDP.
idcsAccountNameUrl String: Base URL of the IDCS account where confidential client app is created.

VaultExternalKeyManagerMetadataSummary, VaultExternalKeyManagerMetadataSummaryArgs

ExternalVaultEndpointUrl string: URL of the vault on external key manager.
OauthMetadataSummaries List<VaultExternalKeyManagerMetadataSummaryOauthMetadataSummary>: Summary about authorization to be returned to the customer as a response.
PrivateEndpointId string: OCID of the private endpoint.
Vendor string: Vendor of the external key manager.

ExternalVaultEndpointUrl string: URL of the vault on external key manager.
OauthMetadataSummaries []VaultExternalKeyManagerMetadataSummaryOauthMetadataSummary: Summary about authorization to be returned to the customer as a response.
PrivateEndpointId string: OCID of the private endpoint.
Vendor string: Vendor of the external key manager.

externalVaultEndpointUrl String: URL of the vault on external key manager.
oauthMetadataSummaries List<VaultExternalKeyManagerMetadataSummaryOauthMetadataSummary>: Summary about authorization to be returned to the customer as a response.
privateEndpointId String: OCID of the private endpoint.
vendor String: Vendor of the external key manager.

externalVaultEndpointUrl string: URL of the vault on external key manager.
oauthMetadataSummaries VaultExternalKeyManagerMetadataSummaryOauthMetadataSummary[]: Summary about authorization to be returned to the customer as a response.
privateEndpointId string: OCID of the private endpoint.
vendor string: Vendor of the external key manager.

external_vault_endpoint_url str: URL of the vault on external key manager.
oauth_metadata_summaries Sequence[VaultExternalKeyManagerMetadataSummaryOauthMetadataSummary]: Summary about authorization to be returned to the customer as a response.
private_endpoint_id str: OCID of the private endpoint.
vendor str: Vendor of the external key manager.

externalVaultEndpointUrl String: URL of the vault on external key manager.
oauthMetadataSummaries List<Property Map>: Summary about authorization to be returned to the customer as a response.
privateEndpointId String: OCID of the private endpoint.
vendor String: Vendor of the external key manager.

VaultExternalKeyManagerMetadataSummaryOauthMetadataSummary, VaultExternalKeyManagerMetadataSummaryOauthMetadataSummaryArgs

ClientAppId string: ID of the client app created in IDP.
IdcsAccountNameUrl string: Base URL of the IDCS account where confidential client app is created.

ClientAppId string: ID of the client app created in IDP.
IdcsAccountNameUrl string: Base URL of the IDCS account where confidential client app is created.

clientAppId String: ID of the client app created in IDP.
idcsAccountNameUrl String: Base URL of the IDCS account where confidential client app is created.

clientAppId string: ID of the client app created in IDP.
idcsAccountNameUrl string: Base URL of the IDCS account where confidential client app is created.

client_app_id str: ID of the client app created in IDP.
idcs_account_name_url str: Base URL of the IDCS account where confidential client app is created.

clientAppId String: ID of the client app created in IDP.
idcsAccountNameUrl String: Base URL of the IDCS account where confidential client app is created.

VaultReplicaDetail, VaultReplicaDetailArgs

ReplicationId string: ReplicationId associated with a vault operation

ReplicationId string: ReplicationId associated with a vault operation

replicationId String: ReplicationId associated with a vault operation

replicationId string: ReplicationId associated with a vault operation

replication_id str: ReplicationId associated with a vault operation

replicationId String: ReplicationId associated with a vault operation

VaultRestoreFromFile, VaultRestoreFromFileArgs

ContentLength string: content length of vault's backup binary file
RestoreVaultFromFileDetails string: Vault backup file content
ContentMd5 string: (Updatable) content md5 hashed value of vault's backup file

ContentLength string: content length of vault's backup binary file
RestoreVaultFromFileDetails string: Vault backup file content
ContentMd5 string: (Updatable) content md5 hashed value of vault's backup file

contentLength String: content length of vault's backup binary file
restoreVaultFromFileDetails String: Vault backup file content
contentMd5 String: (Updatable) content md5 hashed value of vault's backup file

contentLength string: content length of vault's backup binary file
restoreVaultFromFileDetails string: Vault backup file content
contentMd5 string: (Updatable) content md5 hashed value of vault's backup file

content_length str: content length of vault's backup binary file
restore_vault_from_file_details str: Vault backup file content
content_md5 str: (Updatable) content md5 hashed value of vault's backup file

contentLength String: content length of vault's backup binary file
restoreVaultFromFileDetails String: Vault backup file content
contentMd5 String: (Updatable) content md5 hashed value of vault's backup file

VaultRestoreFromObjectStore, VaultRestoreFromObjectStoreArgs

Destination string: (Updatable) Type of backup to restore from. Values of "BUCKET", "PRE_AUTHENTICATED_REQUEST_URI" are supported
Bucket string: (Updatable) Name of the bucket where vault was backed up
Namespace string: (Updatable) Namespace of the bucket where vault was backed up
Object string: (Updatable) Object containing the backup
Uri string: (Updatable) Pre-authenticated-request-uri of the backup* restore_trigger - (Optional) (Updatable) An optional property when flipped triggers restore from restore option provided in config file.

Destination string: (Updatable) Type of backup to restore from. Values of "BUCKET", "PRE_AUTHENTICATED_REQUEST_URI" are supported
Bucket string: (Updatable) Name of the bucket where vault was backed up
Namespace string: (Updatable) Namespace of the bucket where vault was backed up
Object string: (Updatable) Object containing the backup
Uri string: (Updatable) Pre-authenticated-request-uri of the backup* restore_trigger - (Optional) (Updatable) An optional property when flipped triggers restore from restore option provided in config file.

destination String: (Updatable) Type of backup to restore from. Values of "BUCKET", "PRE_AUTHENTICATED_REQUEST_URI" are supported
bucket String: (Updatable) Name of the bucket where vault was backed up
namespace String: (Updatable) Namespace of the bucket where vault was backed up
object String: (Updatable) Object containing the backup
uri String: (Updatable) Pre-authenticated-request-uri of the backup* restore_trigger - (Optional) (Updatable) An optional property when flipped triggers restore from restore option provided in config file.

destination string: (Updatable) Type of backup to restore from. Values of "BUCKET", "PRE_AUTHENTICATED_REQUEST_URI" are supported
bucket string: (Updatable) Name of the bucket where vault was backed up
namespace string: (Updatable) Namespace of the bucket where vault was backed up
object string: (Updatable) Object containing the backup
uri string: (Updatable) Pre-authenticated-request-uri of the backup* restore_trigger - (Optional) (Updatable) An optional property when flipped triggers restore from restore option provided in config file.

destination str: (Updatable) Type of backup to restore from. Values of "BUCKET", "PRE_AUTHENTICATED_REQUEST_URI" are supported
bucket str: (Updatable) Name of the bucket where vault was backed up
namespace str: (Updatable) Namespace of the bucket where vault was backed up
object str: (Updatable) Object containing the backup
uri str: (Updatable) Pre-authenticated-request-uri of the backup* restore_trigger - (Optional) (Updatable) An optional property when flipped triggers restore from restore option provided in config file.

destination String: (Updatable) Type of backup to restore from. Values of "BUCKET", "PRE_AUTHENTICATED_REQUEST_URI" are supported
bucket String: (Updatable) Name of the bucket where vault was backed up
namespace String: (Updatable) Namespace of the bucket where vault was backed up
object String: (Updatable) Object containing the backup
uri String: (Updatable) Pre-authenticated-request-uri of the backup* restore_trigger - (Optional) (Updatable) An optional property when flipped triggers restore from restore option provided in config file.

Import

Vaults can be imported using the id, e.g.

$ pulumi import oci:Kms/vault:Vault test_vault "id"

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: oci pulumi/pulumi-oci
License: Apache-2.0
Notes: This Pulumi package is based on the oci Terraform Provider.

Oracle Cloud Infrastructure v2.33.0 published on Thursday, May 1, 2025 by Pulumi

pulumi/pulumi-oci

oci.Kms.Vault

On this page

On this page

Example Usage

Create Vault Resource

Constructor syntax

Parameters

Constructor example

Vault Resource Properties

Inputs

Outputs

Look up Existing Vault Resource

Supporting Types

VaultExternalKeyManagerMetadata, VaultExternalKeyManagerMetadataArgs

VaultExternalKeyManagerMetadataOauthMetadata, VaultExternalKeyManagerMetadataOauthMetadataArgs

VaultExternalKeyManagerMetadataSummary, VaultExternalKeyManagerMetadataSummaryArgs

VaultExternalKeyManagerMetadataSummaryOauthMetadataSummary, VaultExternalKeyManagerMetadataSummaryOauthMetadataSummaryArgs

VaultReplicaDetail, VaultReplicaDetailArgs

VaultRestoreFromFile, VaultRestoreFromFileArgs

VaultRestoreFromObjectStore, VaultRestoreFromObjectStoreArgs

Import

Package Details

On this page

On this page