Blocking Access to External keys
Use the post /v1/cckm/oci/keys/{id}/block
API to block access to the encrypt, decrypt, and get metadata requests to an external key. This API is only applicable to the external keys.
Syntax
curl -k 'https://127.0.0.1/api/v1/cckm/oci/keys/2ecd5bf8-a0a5-45ca-a7dc-8ab90e739b8f/block' -X POST -H 'Authorization: Bearer AUTHTOKEN' -H 'accept: application/json' --compressed
Here, {id}
is the resource ID of the external key on the CipherTrust Manager.
Request Parameters
Parameter | Type | Description |
---|---|---|
AUTHTOKEN | string | Authentication token. |
Example Request
curl -k 'https://127.0.0.1/api/v1/cckm/oci/keys/2ecd5bf8-a0a5-45ca-a7dc-8ab90e739b8f/block' -X POST -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJlNWI5NDAyZS1hYzQzLTRhNmMtODZmYS04OWE3ZDgwNDE4OWMiLCJzdWIiOiJsb2NhbHw2M2U5Zjc5NS0yMmQ3LTRlZTAtOTViOC0yYTc2NzNmZjc5N2QiLCJpc3MiOiJreWxvIiwiYWNjIjoia3lsbyIsInByZWZlcnJlZF91c2VybmFtZSI6ImFkbWluIiwiY3VzdCI6eyJkb21haW5faWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJncm91cHMiOlsiYWRtaW4iXSwic2lkIjoiZmZhZWQwYjQtNGE4Yi00Y2MzLWJiZjUtOGQwZjQ4ZGQ5MjkyIiwiem9uZV9pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCJ9LCJqd3RpZCI6ImFlZjYyOWIyLWI0NTYtNGZjYi1hNTg1LTE4NWIxYTk1ODllZiIsImlhdCI6MTY2NzM4NzAwMiwiZXhwIjoxNjY3Mzg3MzAyfQ.Z_jYAEVooRZR7bFArM-xkwyO8G3ejKLVrFTBSdwQS7c' -H 'accept: application/json' --compressed
Example Response
{
"id": "0aa6a6dd-6ca2-47ae-92f1-cc4c75287597",
"uri": "kylo:kylo:cckm:oci-key:oci-key-name-0aa6a6dd-6ca2-47ae-92f1-cc4c75287597",
"account": "kylo:kylo:admin:accounts:kylo",
"createdAt": "2022-10-20T10:16:27.258106Z",
"updatedAt": "2022-10-21T10:27:15.373651Z",
"cloud_name": "oci",
"cckm_vault_id": "da244ff5-d7f2-431a-b252-a451f77184eb",
"tenancy": "gemaltoproductdev",
"compartment_name": "gemaltoproductdev",
"key_material_origin": "external-CCKM",
"gone": false,
"oci_params": {
"compartment_id": "ocid1.tenancy.oc1..aaaaaaaadixb52q2mvlsn634ql5aaal6hb2vg7audpd4d4mcf5zluymff6sq",
"algorithm": "AES",
"length": 256
},
"local_hyok_key_params": {
"name": "OCI_Key_Name",
"local_key_store_id": "75749794-1d8a-4727-8997-efb012f77db9",
"local_hyok_key_id": "37488e8c-a9a0-4c81-a880-cb783c3513ec",
"local_hyok_key_version_id": "82164f4a-6e1f-4c3d-9c5f-bea5e24ad3fe",
"linked_state": false,
"blocked": true,
"policy": null
}
}
Response Codes
Response Code | Description |
---|---|
2xx | Success |
4xx | Client errors |
5xx | Server errors |
Refer to HTTP status codes for details.