Package com.oracle.bmc.keymanagement

Class KmsVaultClient

    • Field Detail

      • SERVICE

        public static final Service SERVICE
        Service instance for KmsVault.

      • clientCommonLibraryVersion

        public final String clientCommonLibraryVersion
        Compatible SDK version, provided by the codegen.

      • minimumClientCommonLibraryVersionFromClient

        public final Optional<String> minimumClientCommonLibraryVersionFromClient
        Minimum compatible SDK version, maybe provided by the codegen.

    • Method Detail

      • setRegion

        public void setRegion​(Region region)
        Description copied from interface: KmsVault
        Sets the region to call (ex, Region.US_PHOENIX_1).

        Note, this will call setEndpoint after resolving the endpoint. If the service is not available in this Region, however, an IllegalArgumentException will be raised.

        Specified by:
        setRegion in interface KmsVault
        Parameters:
        region - The region of the service.

      • setRegion

        public void setRegion​(String regionId)
        Description copied from interface: KmsVault
        Sets the region to call (ex, ‘us-phoenix-1’).

        Note, this will first try to map the region ID to a known Region and call setRegion.

        If no known Region could be determined, it will create an endpoint based on the default endpoint format (Region.formatDefaultRegionEndpoint(Service, String) and then call setEndpoint.

        Specified by:
        setRegion in interface KmsVault
        Parameters:
        regionId - The public region ID.

      • backupVault

        public BackupVaultResponse backupVault​(BackupVaultRequest request)
        Description copied from interface: KmsVault
        Backs up an encrypted file that contains all the metadata of a vault so that you can restore the vault later.

        You can backup a vault whether or not it contains keys. This operation only backs up the metadata of the vault, and does not include key metadata.

        Specified by:
        backupVault in interface KmsVault
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation

      • cancelVaultDeletion

        public CancelVaultDeletionResponse cancelVaultDeletion​(CancelVaultDeletionRequest request)
        Description copied from interface: KmsVault
        Cancels the scheduled deletion of the specified vault.

        Canceling a scheduled deletion restores the vault and all keys in it to their respective states from before their scheduled deletion. All keys that were scheduled for deletion prior to vault deletion retain their lifecycle state and time of deletion.

        As a provisioning operation, this call is subject to a Key Management limit that applies to the total number of requests across all provisioning write operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of provisioning write operations exceeds 10 requests per second for a given tenancy.

        Specified by:
        cancelVaultDeletion in interface KmsVault
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation

      • changeVaultCompartment

        public ChangeVaultCompartmentResponse changeVaultCompartment​(ChangeVaultCompartmentRequest request)
        Description copied from interface: KmsVault
        Moves a vault into a different compartment within the same tenancy.

        For information about moving resources between compartments, see Moving Resources to a Different Compartment.

        When provided, if-match is checked against the ETag values of the resource.

        As a provisioning operation, this call is subject to a Key Management limit that applies to the total number of requests across all provisioning write operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of provisioning write operations exceeds 10 requests per second for a given tenancy.

        Specified by:
        changeVaultCompartment in interface KmsVault
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation

      • createVault

        public CreateVaultResponse createVault​(CreateVaultRequest request)
        Description copied from interface: KmsVault
        Creates a new vault.

        The type of vault you create determines key placement, pricing, and available options. Options include storage isolation, a dedicated service endpoint instead of a shared service endpoint for API calls, and either a dedicated hardware security module (HSM) or a multitenant HSM.

        As a provisioning operation, this call is subject to a Key Management limit that applies to the total number of requests across all provisioning write operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of provisioning write operations exceeds 10 requests per second for a given tenancy.

        Specified by:
        createVault in interface KmsVault
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation

      • createVaultReplica

        public CreateVaultReplicaResponse createVaultReplica​(CreateVaultReplicaRequest request)
        Description copied from interface: KmsVault
        Creates a replica for the vault in another region in the same realm

        The API is a no-op if called for same region that a vault is already replicated to. 409 if called on a vault that is already replicated to a different region. Users need to delete existing replica first before calling it with a different region.

        As a provisioning operation, this call is subject to a Key Management limit that applies to the total number of requests across all provisioning write operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of provisioning write operations exceeds 10 requests per second for a given tenancy.

        Specified by:
        createVaultReplica in interface KmsVault
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation

      • deleteVaultReplica

        public DeleteVaultReplicaResponse deleteVaultReplica​(DeleteVaultReplicaRequest request)
        Description copied from interface: KmsVault
        Deletes a vault replica

        As a provisioning operation, this call is subject to a Key Management limit that applies to the total number of requests across all provisioning write operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of provisioning write operations exceeds 10 requests per second for a given tenancy.

        Specified by:
        deleteVaultReplica in interface KmsVault
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation

      • getVault

        public GetVaultResponse getVault​(GetVaultRequest request)
        Description copied from interface: KmsVault
        Gets the specified vault’s configuration information.

        As a provisioning operation, this call is subject to a Key Management limit that applies to the total number of requests across all provisioning read operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of provisioning read operations exceeds 10 requests per second for a given tenancy.

        Specified by:
        getVault in interface KmsVault
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation

      • getVaultUsage

        public GetVaultUsageResponse getVaultUsage​(GetVaultUsageRequest request)
        Description copied from interface: KmsVault
        Gets the count of keys and key versions in the specified vault to calculate usage against service limits.
        Specified by:
        getVaultUsage in interface KmsVault
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation

      • listVaultReplicas

        public ListVaultReplicasResponse listVaultReplicas​(ListVaultReplicasRequest request)
        Description copied from interface: KmsVault
        Lists the replicas for a vault

        As a provisioning operation, this call is subject to a Key Management limit that applies to the total number of requests across all provisioning write operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of provisioning write operations exceeds 10 requests per second for a given tenancy.

        Specified by:
        listVaultReplicas in interface KmsVault
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation

      • listVaults

        public ListVaultsResponse listVaults​(ListVaultsRequest request)
        Description copied from interface: KmsVault
        Lists the vaults in the specified compartment.

        As a provisioning operation, this call is subject to a Key Management limit that applies to the total number of requests across all provisioning read operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of provisioning read operations exceeds 10 requests per second for a given tenancy.

        Specified by:
        listVaults in interface KmsVault
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation

      • restoreVaultFromFile

        public RestoreVaultFromFileResponse restoreVaultFromFile​(RestoreVaultFromFileRequest request)
        Description copied from interface: KmsVault
        Restores a vault from an encrypted backup file.

        If a vault with the same OCID already exists, this operation returns a response with a 409 HTTP status error code.

        Note: This operation consumes a stream.

        If the stream supports InputStream.mark(int) and InputStream.reset(), when a retry is necessary, the stream is reset so it starts at the beginning (or whatever the stream's position was at the time this operation is called}.

        Note this means that if the caller has used InputStream.mark(int) before, then the mark will not be the same anymore after this operation, and a subsequent call to InputStream.reset() by the caller will reset the stream not to the caller's mark, but to the position the stream was in when this operation was called.

        If the stream is a FileInputStream, and the stream's FileChannel position can be changed (like for a regular file), the stream will be wrapped in such a way that it does provide support for InputStream.mark(int) and InputStream.reset(). Then the same procedure as above is followed. If the stream's FileChannel position cannot be changed (like for a named pipe), then the stream's contents will be buffered in memory, as described below.

        If the stream does not support InputStream.mark(int) and InputStream.reset(), then the stream is wrapped in a BufferedInputStream, which means the entire contents may be buffered in memory. Then the same procedure as above is followed.

        The contents of the stream, except when the stream is a FileInputStream whose FileChannel position can be changed, should be less than 2 GiB in size if retries are used. This is because streams 2 GiB in size or larger do no guarantee that mark-and-reset can be performed. If the stream is larger, do not use built-in retries and manage retries yourself.

        Specified by:
        restoreVaultFromFile in interface KmsVault
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation

      • restoreVaultFromObjectStore

        public RestoreVaultFromObjectStoreResponse restoreVaultFromObjectStore​(RestoreVaultFromObjectStoreRequest request)
        Description copied from interface: KmsVault
        Restores a vault from an encrypted backup file stored in Oracle Cloud Infrastructure Object Storage.

        If a vault with the same OCID already exists, this operation returns a response with a 409 HTTP status error code.

        Specified by:
        restoreVaultFromObjectStore in interface KmsVault
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation

      • scheduleVaultDeletion

        public ScheduleVaultDeletionResponse scheduleVaultDeletion​(ScheduleVaultDeletionRequest request)
        Description copied from interface: KmsVault
        Schedules the deletion of the specified vault.

        This sets the lifecycle state of the vault and all keys in it that are not already scheduled for deletion to PENDING_DELETION and then deletes them after the retention period ends. The lifecycle state and time of deletion for keys already scheduled for deletion won’t change. If any keys in the vault are scheduled to be deleted after the specified time of deletion for the vault, the call is rejected with the error code 409.

        As a provisioning operation, this call is subject to a Key Management limit that applies to the total number of requests across all provisioning write operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of provisioning write operations exceeds 10 requests per second for a given tenancy.

        Specified by:
        scheduleVaultDeletion in interface KmsVault
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation

      • updateVault

        public UpdateVaultResponse updateVault​(UpdateVaultRequest request)
        Description copied from interface: KmsVault
        Updates the properties of a vault.

        Specifically, you can update the displayName, freeformTags, and definedTags properties. Furthermore, the vault must be in an ACTIVE or CREATING state to be updated.

        As a provisioning operation, this call is subject to a Key Management limit that applies to the total number of requests across all provisioning write operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of provisioning write operations exceeds 10 requests per second for a given tenancy.

        Specified by:
        updateVault in interface KmsVault
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation

      • getWaiters

        public KmsVaultWaiters getWaiters()
        Description copied from interface: KmsVault
        Gets the pre-configured waiters available for resources for this service.
        Specified by:
        getWaiters in interface KmsVault
        Returns:
        The service waiters.

      • getPaginators

        public KmsVaultPaginators getPaginators()
        Description copied from interface: KmsVault
        Gets the pre-configured paginators available for list operations in this service which may return multiple pages of data.

        These paginators provide an Iterable interface so that service responses, or resources/records, can be iterated through without having to manually deal with pagination and page tokens.

        Specified by:
        getPaginators in interface KmsVault
        Returns:
        The service paginators.

      • enableDualStackEndpoints

        public void enableDualStackEndpoints​(boolean enableDualStackEndpoints)
        This method should be used to enable or disable the use of dual-stack endpoints.

        The default value is false i.e. dual-stack endpoints are disabled by default.

        Parameters:
        enableDualStackEndpoints - This flag can be set to true or false to enable or disable the use of dual-stack endpoints respectively

      • getOptionsMap

        public Map<String,​Boolean> getOptionsMap()
        Return an immutable snapshot representing the current options set for this client.
        Returns:
        immutable snapshot representing the current options set for this client

      • getResolvedEndpoint

        public String getResolvedEndpoint​(Map<String,​Object> requiredParametersMap)
        Returns the endpoint after filling in the current options, as determined by BaseClient.getOptionsMap(), and then filling in the required parameters in requiredParametersMap into the placeholders in the endpoint.
        Parameters:
        requiredParametersMap - the map from required parameter name to their values
        Returns:
        resolved endpoint, with all options and placeholders filled in

      • useRealmSpecificEndpointTemplate

        public void useRealmSpecificEndpointTemplate​(boolean useOfRealmSpecificEndpointTemplateEnabled)
        This method should be used to enable or disable the use of realm-specific endpoint template.

        The default value is null. To enable the use of endpoint template defined for the realm in use, set the flag to true To disable the use of endpoint template defined for the realm in use, set the flag to false

        Parameters:
        useOfRealmSpecificEndpointTemplateEnabled - This flag can be set to true or false to enable or disable the use of realm-specific endpoint template respectively

      • setEndpoint

        public final void setEndpoint​(String endpoint)

      • getEndpoint

        public final String getEndpoint()
        Get the endpoint of the client.

        Note that the endpoint may be parameterized and contain placeholders and options. The region subdomain and realm domain will have been properly replaced already if the endpoint was selected using a Region.

        Examples of endpoints this may return:

        • Unparameterized endpoints 
                       https://identity.us-phoenix-1.oci.oraclecloud.com
             https://identity.us-ashburn-1.oci.oraclecloud.com
             https://test-namespace.objectstorage.us-ashburn-1.oci.customer-oci.com
        • Parameterized endpoints with placeholders 
                       https://{namespaceName+Dot}objectstorage.us-phoenix-1.oci.customer-oci.com
             https://{namespaceName+Dot}objectstorage.us-ashburn-1.oci.customer-oci.com
        • Parameterized endpoints with options 
                       https://{dualStack?ds.:}identity.us-phoenix-1.oci.oraclecloud.com
             https://{dualStack?ds.:}identity.us-ashburn-1.oci.oraclecloud.com
        • Parameterized endpoints with placeholders and options 
                       https://{namespaceName+Dot}{dualStack?ds.:}objectstorage.us-phoenix-1.oci.customer-oci.com
             https://{namespaceName+Dot}{dualStack?ds.:}objectstorage.us-ashburn-1.oci.customer-oci.com

        To get the actual endpoint for a parameterized request, you can use BaseClient.getResolvedEndpoint(Map) or ParameterizedEndpointUtil.getEndpointWithPopulatedServiceParameters(String, Map, Map).

        Returns:
        the endpoint being used by the client

      • refreshClient

        public final void refreshClient()
        Rebuild the backing HttpClient.

        This will call ClientConfigurators again, and can be used to e.g. refresh the SSL certificate.

      • getClientCommonLibraryVersion

        public String getClientCommonLibraryVersion()

      • getMinimumClientCommonLibraryVersionFromClient

        public Optional<String> getMinimumClientCommonLibraryVersionFromClient()