Creating an External vault

Use the post /v1/cckm/oci/create-external-vault API to create an external vault.

Syntax

curl -k 'https://127.0.0.1/api/v1/cckm/oci/create-external-vault' -H 'Authorization: Bearer AUTHTOKEN' -H 'Content-Type: application/json' -H 'accept: application/json' --data-binary $'{\n  "vault_name": <vault_name>,\n  "endpoint_url_hostname": <endpoint_url_hostname>,\n  "compartment_id": <compartment_id>,\n  "issuer_id": <issuer_id>,\n  "client_application_id": <client_application_id>\n}' --compressed

Request Parameters

Parameter	Type	Description
AUTHTOKEN	string	Authentication token.
compartment_id	string	ID of the Oracle compartment.
endpoint_url_hostname	string	IP address of the CipherTrust Manager or Load Balancer. FQDNs are not supported.
endpoint_url_port	integer	Port number for the OCI external vault endpoint URL. Specify the port of the CipherTrust Manager or Load Balancer. The default port is `443`.
issuer_id	string	ID of the issuer.
client_application_id	string	ID of the OCI KMS application as registered on the third-party identity provider.
vault_name	string	Name of the external vault.
connection	string	Name or ID of the Oracle connection on the CipherTrust Manager.
source_key_tier	string	Tier of the source. Specify the type of key source allowed in the vault. Possible option is `local` (CipherTrust Manager). If the `source_key_tier` is not specified, you can create `local` keys in the vault.
policy	string	Rego policy to be associated with the vault.
endpoint_url_port (optional)	integer	Port-Number for the OCI external vault endpoint URL. The default port is 443.
partition_id (optional)	string	Partition ID of the Luna slot. It is required, if 'hsm-luna' is selected as source_key_tier.
tenancy (optional)	string	Name of the OCI tenancy. It is required, if the connection is not provided.

Example Request

curl -k 'https://52.86.120.81/api/v1/cckm/oci/create-external-vault' -H 'Authorization: Bearer AUTHTOKEN' -H 'Content-Type: application/json' -H 'accept: application/json' --data-binary $'{\n  "vault_name": "oci-external-vault-one",\n  "endpoint_url_hostname": "localhost",\n  "compartment_id": "ocid1.tenancy.oc1..aaaaaaaadixb52q2mvlsn634ql5aaal6hb2vg7audgd4dt4mcf6zluymff6sq",\n  "issuer_id": "95e0d83c-c408-42c7-b3f2-c86cd6bcda51",\n  "client_application_id": "kco-5e0d83c-c408-42c7-b3f2-c86cd6bcda56"\n}' --compressed

Example Response

{
    "id": "37900289-47cf-4172-91c5-7ea6cb87c4b7",
    "uri": "kylo:kylo:cckm:oci-vault:37900289-47cf-4172-91c5-7ea6cb87c4b7",
    "account": "kylo:kylo:admin:accounts:kylo",
    "createdAt": "2022-06-27T08:50:28.011605208Z",
    "updatedAt": "0001-01-01T00:00:00Z",
    "vault_name": "oci-external-vault-one",
    "connection": "oci-connection",
    "endpoint_url_hostname": "localhost",
    "compartment_id": "ocid1.tenancy.oc1..aaaaaaaadixb52q2mvlsn634ql5aaal6hb2vg7audgd4dt4mcf6zluymff6sq",
    "issuer_id": "95e0d83c-c408-42c7-b3f2-c86cd6bcda51",
    "client_application_id": "kco-5e0d83c-c408-42c7-b3f2-c86cd6bcda56",
    "time_created": "2022-02-28T23:18:12.263Z",
    "compartment_name": "tenancy",
    "endpoint_url": "https://localhost/api/v1/cckm/oci/external-vaults/65e0d83c-c408-42c7-b3f2-c86cd6bcda51",
    "local_key_store_id": "65e0d83c-c408-42c7-b3f2-c86cd6bcda51",
    "linked_state": false,
    "cloud_name": "oci",
    "external_vault_type": "local",
    "tenancy": "tenancy"
}

Response Codes

Response Code	Description
2xx	Success
4xx	Client errors
5xx	Server errors

Refer to HTTP status codes for details.

Creating an External vault

Syntax

Request Parameters

Example Request

Example Response

Response Codes

On this page

Suggest A Change