Creating an External Key
Use the post /v1/cckm/oci/create-external-key
API to create an external key in an external vault. This API only supports AES-256 keys.
Note
CCKM doesn't support FM-enabled Luna HSM as a key source.
Syntax
Request Parameters
Parameter | Type | Description |
---|---|---|
name | string | Name for the external key. |
vault | string | Resource ID of the external vault on the CipherTrust Manager. The external key will be created in this external vault. |
source_key_tier | string | Tier of the source. Possible options are: • local • hsm-luna (FM-enabled Luna HSM is not supported as a key source) |
source_key_identifier | string | ID of the key that will be uploaded from a key source to the OCI KMS. • If source_key_tier is local , this is the ID of the CipherTrust Manager key to be uploaded.• If source_key_tier is hsm-luna , this is the ID of the Luna HSM key to be uploaded.source_key_identifier is a mandatory parameter. |
policy | string | Rego policy to be associated with the external key. |
Example Request
Example Response
Response Codes
Response Code | Description |
---|---|
2xx | Success |
4xx | Client errors |
5xx | Server errors |
Refer to HTTP status codes for details.