Class ReencryptObjectDetails
The details used to re-encrypt the data encryption keys associated with an object.
You can only specify either a kmsKeyId or an sseCustomerKey in the request payload, not both.
If the request payload is empty, the object is encrypted using the encryption key assigned to the
bucket. The bucket encryption mechanism can either be a master encryption key managed by Oracle or the Vault service.
- The sseCustomerKey field specifies the customer-provided encryption key (SSE-C) that will be used to re-encrypt the data encryption keys of the
object and its chunks.
- The sourceSSECustomerKey field specifies information about the customer-provided encryption key that is currently
associated with the object source. Specify a value for the sourceSSECustomerKey only if the object
is encrypted with a customer-provided encryption key.
Inheritance
ReencryptObjectDetails
Assembly: OCI.DotNetSDK.Objectstorage.dll
Syntax
public class ReencryptObjectDetails
Properties
KmsKeyId
Declaration
[JsonProperty(PropertyName = "kmsKeyId")]
public string KmsKeyId { get; set; }
Property Value
Type |
Description |
string |
The OCID of the master encryption key used to call the Vault
service to re-encrypt the data encryption keys associated with the object and its chunks. If the kmsKeyId value is
empty, whether null or an empty string, the API will perform re-encryption by using the kmsKeyId associated with the
bucket or the master encryption key managed by Oracle, depending on the bucket encryption mechanism.
|
SourceSseCustomerKey
Declaration
[JsonProperty(PropertyName = "sourceSseCustomerKey")]
public SSECustomerKeyDetails SourceSseCustomerKey { get; set; }
Property Value
SseCustomerKey
Declaration
[JsonProperty(PropertyName = "sseCustomerKey")]
public SSECustomerKeyDetails SseCustomerKey { get; set; }
Property Value