The OCID of the compartment that contains this master encryption key.
The OCID of the key version used in cryptographic operations. During key rotation, the service might be in a transitional state where this or a newer key version are used intermittently. The {@code currentKeyVersion} property is updated when the service is guaranteed to use the new key version for all subsequent encryption operations.
Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {@code {"Operations": {"CostCenter": "42"}}}
A user-friendly name for the key. It does not have to be unique, and it is changeable. Avoid entering confidential information.
Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {@code {"Department": "Finance"}}
The OCID of the key.
A parameter specifying whether the auto key rotation is enabled or not.
A Boolean value that indicates whether the Key belongs to primary Vault or replica vault.
The key's current lifecycle state.
Example: {@code ENABLED}
The key's protection mode indicates how the key persists and where cryptographic operations that use the key are performed. A protection mode of {@code HSM} means that the key persists on a hardware security module (HSM) and all cryptographic operations are performed inside the HSM. A protection mode of {@code SOFTWARE} means that the key persists on the server, protected by the vault's RSA wrapping key which persists on the HSM. All cryptographic operations that use a key with a protection mode of {@code SOFTWARE} are performed on the server. By default, a key's protection mode is set to {@code HSM}. You can't change a key's protection mode after the key is created or imported. A protection mode of {@code EXTERNAL} mean that the key persists on the customer's external key manager which is hosted externally outside of oracle. Oracle only hold a reference to that key. All cryptographic operations that use a key with a protection mode of {@code EXTERNAL} are performed by external key manager.
The OCID of the key from which this key was restored.
The date and time the key was created, expressed in RFC 3339 timestamp format.
Example: {@code 2018-04-03T21:10:29.600Z}
An optional property indicating when to delete the key, expressed in RFC 3339 timestamp format. Example: {@code 2019-04-03T21:10:29.600Z}
The OCID of the vault that contains this key.
The logical entities that represent one or more key versions, each of which contains cryptographic material.