Vaults Functions

Package: DBMS_CLOUD_OCI_VT_VAULTS

CANCEL_SECRET_DELETION Function

Cancels the pending deletion of the specified secret. Canceling a scheduled deletion restores the secret's lifecycle state to what it was before you scheduled the secret for deletion.

Syntax

FUNCTION cancel_secret_deletion (
  secret_id varchar2,
  if_match varchar2 DEFAULT NULL,
  opc_request_id varchar2 DEFAULT NULL,
  region varchar2 DEFAULT NULL, 
  endpoint varchar2 DEFAULT NULL,
  credential_name varchar2 DEFAULT NULL
) RETURN dbms_cloud_oci_vt_vaults_cancel_secret_deletion_response_t;

Parameters

Parameter	Description
`secret_id`	(required) The OCID of the secret.
`if_match`	(optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the `if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource's current etag value.
`opc_request_id`	(optional) Unique identifier for the request. If provided, the returned request ID will include this value. Otherwise, a random request ID will be generated by the service.
`region`	(optional) OCI region id. e.g us-phoenix-1 for US West (Phoenix).
`endpoint`	(optional) The endpoint of the service to call using this function. e.g https://vaults.{region}.oci.{secondLevelDomain}.If both endpoint and region are given, then endpoint takes precedence.
`credential_name`	(optional) The name of the credential for authenticating with the corresponding cloud native API.

CANCEL_SECRET_VERSION_DELETION Function

Cancels the scheduled deletion of a secret version.

Syntax

FUNCTION cancel_secret_version_deletion (
  secret_id varchar2,
  secret_version_number number,
  if_match varchar2 DEFAULT NULL,
  opc_request_id varchar2 DEFAULT NULL,
  region varchar2 DEFAULT NULL, 
  endpoint varchar2 DEFAULT NULL,
  credential_name varchar2 DEFAULT NULL
) RETURN dbms_cloud_oci_vt_vaults_cancel_secret_version_deletion_response_t;

Parameters

Parameter	Description
`secret_id`	(required) The OCID of the secret.
`secret_version_number`	(required) The version number of the secret.
`if_match`	(optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the `if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource's current etag value.
`opc_request_id`	(optional) Unique identifier for the request. If provided, the returned request ID will include this value. Otherwise, a random request ID will be generated by the service.
`region`	(optional) OCI region id. e.g us-phoenix-1 for US West (Phoenix).
`endpoint`	(optional) The endpoint of the service to call using this function. e.g https://vaults.{region}.oci.{secondLevelDomain}.If both endpoint and region are given, then endpoint takes precedence.
`credential_name`	(optional) The name of the credential for authenticating with the corresponding cloud native API.

CHANGE_SECRET_COMPARTMENT Function

Moves a secret into a different compartment within the same tenancy. For information about moving resources between compartments, see Moving Resources to a Different Compartment. When provided, if-match is checked against the ETag values of the secret.

Syntax

FUNCTION change_secret_compartment (
  secret_id varchar2,
  change_secret_compartment_details dbms_cloud_oci_vault_change_secret_compartment_details_t,
  if_match varchar2 DEFAULT NULL,
  opc_request_id varchar2 DEFAULT NULL,
  opc_retry_token varchar2 DEFAULT NULL,
  region varchar2 DEFAULT NULL, 
  endpoint varchar2 DEFAULT NULL,
  credential_name varchar2 DEFAULT NULL
) RETURN dbms_cloud_oci_vt_vaults_change_secret_compartment_response_t;

Parameters

Parameter	Description
`secret_id`	(required) The OCID of the secret.
`change_secret_compartment_details`	(required) The updated compartment details.
`if_match`	(optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the `if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource's current etag value.
`opc_request_id`	(optional) Unique identifier for the request. If provided, the returned request ID will include this value. Otherwise, a random request ID will be generated by the service.
`opc_retry_token`	(optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected).
`region`	(optional) OCI region id. e.g us-phoenix-1 for US West (Phoenix).
`endpoint`	(optional) The endpoint of the service to call using this function. e.g https://vaults.{region}.oci.{secondLevelDomain}.If both endpoint and region are given, then endpoint takes precedence.
`credential_name`	(optional) The name of the credential for authenticating with the corresponding cloud native API.

CREATE_SECRET Function

Creates a new secret according to the details of the request. This operation is not supported by the Oracle Cloud Infrastructure Terraform Provider.

Syntax

FUNCTION create_secret (
  create_secret_details dbms_cloud_oci_vault_create_secret_details_t,
  opc_request_id varchar2 DEFAULT NULL,
  opc_retry_token varchar2 DEFAULT NULL,
  region varchar2 DEFAULT NULL, 
  endpoint varchar2 DEFAULT NULL,
  credential_name varchar2 DEFAULT NULL
) RETURN dbms_cloud_oci_vt_vaults_create_secret_response_t;

Parameters

Parameter	Description
`create_secret_details`	(required) Request to create a new secret.
`opc_request_id`	(optional) Unique identifier for the request. If provided, the returned request ID will include this value. Otherwise, a random request ID will be generated by the service.
`opc_retry_token`	(optional) A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (e.g., if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected).
`region`	(optional) OCI region id. e.g us-phoenix-1 for US West (Phoenix).
`endpoint`	(optional) The endpoint of the service to call using this function. e.g https://vaults.{region}.oci.{secondLevelDomain}.If both endpoint and region are given, then endpoint takes precedence.
`credential_name`	(optional) The name of the credential for authenticating with the corresponding cloud native API.

GET_SECRET Function

Gets information about the specified secret.

Syntax

FUNCTION get_secret (
  secret_id varchar2,
  opc_request_id varchar2 DEFAULT NULL,
  region varchar2 DEFAULT NULL, 
  endpoint varchar2 DEFAULT NULL,
  credential_name varchar2 DEFAULT NULL
) RETURN dbms_cloud_oci_vt_vaults_get_secret_response_t;

Parameters

Parameter	Description
`secret_id`	(required) The OCID of the secret.
`opc_request_id`	(optional) Unique identifier for the request. If provided, the returned request ID will include this value. Otherwise, a random request ID will be generated by the service.
`region`	(optional) OCI region id. e.g us-phoenix-1 for US West (Phoenix).
`endpoint`	(optional) The endpoint of the service to call using this function. e.g https://vaults.{region}.oci.{secondLevelDomain}.If both endpoint and region are given, then endpoint takes precedence.
`credential_name`	(optional) The name of the credential for authenticating with the corresponding cloud native API.

GET_SECRET_VERSION Function

Gets information about the specified version of a secret.

Syntax

FUNCTION get_secret_version (
  secret_id varchar2,
  secret_version_number number,
  opc_request_id varchar2 DEFAULT NULL,
  region varchar2 DEFAULT NULL, 
  endpoint varchar2 DEFAULT NULL,
  credential_name varchar2 DEFAULT NULL
) RETURN dbms_cloud_oci_vt_vaults_get_secret_version_response_t;

Parameters

Parameter	Description
`secret_id`	(required) The OCID of the secret.
`secret_version_number`	(required) The version number of the secret.
`opc_request_id`	(optional) Unique identifier for the request. If provided, the returned request ID will include this value. Otherwise, a random request ID will be generated by the service.
`region`	(optional) OCI region id. e.g us-phoenix-1 for US West (Phoenix).
`endpoint`	(optional) The endpoint of the service to call using this function. e.g https://vaults.{region}.oci.{secondLevelDomain}.If both endpoint and region are given, then endpoint takes precedence.
`credential_name`	(optional) The name of the credential for authenticating with the corresponding cloud native API.

LIST_SECRET_VERSIONS Function

Lists all secret versions for the specified secret.

Syntax

FUNCTION list_secret_versions (
  secret_id varchar2,
  limit number DEFAULT NULL,
  page varchar2 DEFAULT NULL,
  opc_request_id varchar2 DEFAULT NULL,
  sort_by varchar2 DEFAULT NULL,
  sort_order varchar2 DEFAULT NULL,
  region varchar2 DEFAULT NULL, 
  endpoint varchar2 DEFAULT NULL,
  credential_name varchar2 DEFAULT NULL
) RETURN dbms_cloud_oci_vt_vaults_list_secret_versions_response_t;

Parameters

Parameter	Description
`secret_id`	(required) The OCID of the secret.
`limit`	(optional) The maximum number of items to return in a paginated \"List\" call.
`page`	(optional) The value of the `opc-next-page` response header from the previous \"List\" call.
`opc_request_id`	(optional) Unique identifier for the request. If provided, the returned request ID will include this value. Otherwise, a random request ID will be generated by the service.
`sort_by`	(optional) The field to sort by. Only one sort order may be provided. Time created is default ordered as descending. Display name is default ordered as ascending. Allowed values are: 'VERSION_NUMBER'
`sort_order`	(optional) The sort order to use, either ascending (`ASC`) or descending (`DESC`). Allowed values are: 'ASC', 'DESC'
`region`	(optional) OCI region id. e.g us-phoenix-1 for US West (Phoenix).
`endpoint`	(optional) The endpoint of the service to call using this function. e.g https://vaults.{region}.oci.{secondLevelDomain}.If both endpoint and region are given, then endpoint takes precedence.
`credential_name`	(optional) The name of the credential for authenticating with the corresponding cloud native API.

LIST_SECRETS Function

Lists all secrets in the specified vault and compartment.

Syntax

FUNCTION list_secrets (
  compartment_id varchar2,
  name varchar2 DEFAULT NULL,
  limit number DEFAULT NULL,
  page varchar2 DEFAULT NULL,
  opc_request_id varchar2 DEFAULT NULL,
  sort_by varchar2 DEFAULT NULL,
  sort_order varchar2 DEFAULT NULL,
  vault_id varchar2 DEFAULT NULL,
  lifecycle_state varchar2 DEFAULT NULL,
  region varchar2 DEFAULT NULL, 
  endpoint varchar2 DEFAULT NULL,
  credential_name varchar2 DEFAULT NULL
) RETURN dbms_cloud_oci_vt_vaults_list_secrets_response_t;

Parameters

Parameter	Description
`compartment_id`	(required) The OCID of the compartment.
`name`	(optional) The secret name.
`limit`	(optional) The maximum number of items to return in a paginated \"List\" call.
`page`	(optional) The value of the `opc-next-page` response header from the previous \"List\" call.
`opc_request_id`	(optional) Unique identifier for the request. If provided, the returned request ID will include this value. Otherwise, a random request ID will be generated by the service.
`sort_by`	(optional) The field to sort by. You can specify only one sort order. The default order for `TIMECREATED` is descending. The default order for `NAME` is ascending. Allowed values are: 'TIMECREATED', 'NAME'
`sort_order`	(optional) The sort order to use, either ascending (`ASC`) or descending (`DESC`). Allowed values are: 'ASC', 'DESC'
`vault_id`	(optional) The OCID of the vault.
`lifecycle_state`	(optional) A filter that returns only resources that match the specified lifecycle state. The state value is case-insensitive.
`region`	(optional) OCI region id. e.g us-phoenix-1 for US West (Phoenix).
`endpoint`	(optional) The endpoint of the service to call using this function. e.g https://vaults.{region}.oci.{secondLevelDomain}.If both endpoint and region are given, then endpoint takes precedence.
`credential_name`	(optional) The name of the credential for authenticating with the corresponding cloud native API.

SCHEDULE_SECRET_DELETION Function

Schedules the deletion of the specified secret. This sets the lifecycle state of the secret to `PENDING_DELETION` and then deletes it after the specified retention period ends.

Syntax

FUNCTION schedule_secret_deletion (
  secret_id varchar2,
  schedule_secret_deletion_details dbms_cloud_oci_vault_schedule_secret_deletion_details_t,
  if_match varchar2 DEFAULT NULL,
  opc_request_id varchar2 DEFAULT NULL,
  region varchar2 DEFAULT NULL, 
  endpoint varchar2 DEFAULT NULL,
  credential_name varchar2 DEFAULT NULL
) RETURN dbms_cloud_oci_vt_vaults_schedule_secret_deletion_response_t;

Parameters

Parameter	Description
`secret_id`	(required) The OCID of the secret.
`schedule_secret_deletion_details`	(required) Request to schedule the deletion of a secret.
`if_match`	(optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the `if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource's current etag value.
`opc_request_id`	(optional) Unique identifier for the request. If provided, the returned request ID will include this value. Otherwise, a random request ID will be generated by the service.
`region`	(optional) OCI region id. e.g us-phoenix-1 for US West (Phoenix).
`endpoint`	(optional) The endpoint of the service to call using this function. e.g https://vaults.{region}.oci.{secondLevelDomain}.If both endpoint and region are given, then endpoint takes precedence.
`credential_name`	(optional) The name of the credential for authenticating with the corresponding cloud native API.

SCHEDULE_SECRET_VERSION_DELETION Function

Schedules the deletion of the specified secret version. This deletes it after the specified retention period ends. You can only delete a secret version if the secret version rotation state is marked as `DEPRECATED`.

Syntax

FUNCTION schedule_secret_version_deletion (
  secret_id varchar2,
  secret_version_number number,
  schedule_secret_version_deletion_details dbms_cloud_oci_vault_schedule_secret_version_deletion_details_t,
  if_match varchar2 DEFAULT NULL,
  opc_request_id varchar2 DEFAULT NULL,
  region varchar2 DEFAULT NULL, 
  endpoint varchar2 DEFAULT NULL,
  credential_name varchar2 DEFAULT NULL
) RETURN dbms_cloud_oci_vt_vaults_schedule_secret_version_deletion_response_t;

Parameters

Parameter	Description
`secret_id`	(required) The OCID of the secret.
`secret_version_number`	(required) The version number of the secret.
`schedule_secret_version_deletion_details`	(required) Request to delete a secret version.
`if_match`	(optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the `if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource's current etag value.
`opc_request_id`	(optional) Unique identifier for the request. If provided, the returned request ID will include this value. Otherwise, a random request ID will be generated by the service.
`region`	(optional) OCI region id. e.g us-phoenix-1 for US West (Phoenix).
`endpoint`	(optional) The endpoint of the service to call using this function. e.g https://vaults.{region}.oci.{secondLevelDomain}.If both endpoint and region are given, then endpoint takes precedence.
`credential_name`	(optional) The name of the credential for authenticating with the corresponding cloud native API.

UPDATE_SECRET Function

Updates the properties of a secret. Specifically, you can update the version number of the secret to make that version number the current version. You can also update a secret's description, its free-form or defined tags, rules and the secret contents. Updating the secret content automatically creates a new secret version. You cannot, however, update the current secret version number, secret contents, and secret rules at the same time. Furthermore, the secret must in an `ACTIVE` lifecycle state to be updated. This operation is not supported by the Oracle Cloud Infrastructure Terraform Provider.

Syntax

FUNCTION update_secret (
  secret_id varchar2,
  update_secret_details dbms_cloud_oci_vault_update_secret_details_t,
  if_match varchar2 DEFAULT NULL,
  opc_request_id varchar2 DEFAULT NULL,
  region varchar2 DEFAULT NULL, 
  endpoint varchar2 DEFAULT NULL,
  credential_name varchar2 DEFAULT NULL
) RETURN dbms_cloud_oci_vt_vaults_update_secret_response_t;

Parameters

Parameter	Description
`secret_id`	(required) The OCID of the secret.
`update_secret_details`	(required) Request to update a secret.
`if_match`	(optional) For optimistic concurrency control. In the PUT or DELETE call for a resource, set the `if-match` parameter to the value of the etag from a previous GET or POST response for that resource. The resource will be updated or deleted only if the etag you provide matches the resource's current etag value.
`opc_request_id`	(optional) Unique identifier for the request. If provided, the returned request ID will include this value. Otherwise, a random request ID will be generated by the service.
`region`	(optional) OCI region id. e.g us-phoenix-1 for US West (Phoenix).
`endpoint`	(optional) The endpoint of the service to call using this function. e.g https://vaults.{region}.oci.{secondLevelDomain}.If both endpoint and region are given, then endpoint takes precedence.
`credential_name`	(optional) The name of the credential for authenticating with the corresponding cloud native API.

Oracle Cloud Infrastructure Documentation

CANCEL_SECRET_DELETION Function

CANCEL_SECRET_VERSION_DELETION Function

CHANGE_SECRET_COMPARTMENT Function

CREATE_SECRET Function

GET_SECRET Function

GET_SECRET_VERSION Function

LIST_SECRET_VERSIONS Function

LIST_SECRETS Function

SCHEDULE_SECRET_DELETION Function

SCHEDULE_SECRET_VERSION_DELETION Function

UPDATE_SECRET Function