The algorithm used by a key's key versions to encrypt or decrypt data.
The OCID of the compartment that contains the key.
Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {@code {"Operations": {"CostCenter": "42"}}}
A user-friendly name for the key. It does not have to be unique, and it is changeable. Avoid entering confidential information.
Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {@code {"Department": "Finance"}}
The OCID of the key.
A parameter specifying whether the auto key rotation is enabled or not.
The key's current lifecycle state.
Example: {@code ENABLED}
The key's protection mode indicates how the key persists and where cryptographic operations that use the key are performed. A protection mode of {@code HSM} means that the key persists on a hardware security module (HSM) and all cryptographic operations are performed inside the HSM. A protection mode of {@code SOFTWARE} means that the key persists on the server, protected by the vault's RSA wrapping key which persists on the HSM. All cryptographic operations that use a key with a protection mode of {@code SOFTWARE} are performed on the server. By default, a key's protection mode is set to {@code HSM}. You can't change a key's protection mode after the key is created or imported. A protection mode of {@code EXTERNAL} mean that the key persists on the customer's external key manager which is hosted externally outside of oracle. Oracle only hold a reference to that key. All cryptographic operations that use a key with a protection mode of {@code EXTERNAL} are performed by external key manager.
The date and time the key was created, expressed in RFC 3339 timestamp format.
Example: {@code 2018-04-03T21:10:29.600Z}
The OCID of the vault that contains the key.
The details of the Key.