Set Encryption Key (v1)
Provides a Bring Your Own Key ( BYOK) solution to include Oracle EPM Cloud in your standard key management rotation.
This topic describes the original version of this REST API. You can also use the simplified v2 version of the REST API. The v2 version contains all parameters in the payload and does not require URL encoding while calling the REST APIs. This makes the v2 API easier to use. The v2 version is backwards compatible.
The API can be used to set and remove a user-defined encryption key for access to database used in an Oracle EPM Cloud instance.
This is an asynchronous job and uses the job status URI to determine if the operation is complete.
Before using the REST resources, you must understand how to access the REST resources and other important concepts. See Implementation Best Practices for EPM Cloud REST APIs. Using this REST API requires prerequisites. See Prerequisites.
This API is version v1.
Required Roles
Service Administrator
Table 10-14 Set Encryption Key
| Task | Request | REST Resource |
|---|---|---|
| Execute a Job | PUT |
|
| Retrieve Job Status | GET |
|
The following table summarizes the request parameters.
Table 10-15 Parameters
| Name | Description | Type | Required | Default |
|---|---|---|---|---|
Key |
The user-defined encryption key. If empty or no key is passed, encryption is reset. | Form | No | None |
Response
Supported Media Types: application/json
Table 10-16 Parameters
| Parameters | Description |
|---|---|
details |
In case of errors, details are published with the error string |
status |
See Migration Status Codes |
links |
Detailed information about the link |
href |
Links to API call or status API |
action |
The HTTP call type |
rel |
Can be self and/or Job Status. If set to Job Status, you can use the href to get the status of the import operation
|
data |
Parameters as key value pairs passed in the request |
Example of Response Body
The following shows an example of the response body in JSON format.
Response 1 example when job is in progress:
{
"details":null,
"status":-1,
"links":[{
"href":"https://<SERVICE_NAME>-<TENANT_NAME>.<SERVICE_TYPE>.<dcX>.oraclecloud.com/interop/rest/v1/services/encryptionkey",
"rel":"self",
"data":null,
"action":"PUT"
},{
"href":"https://<SERVICE_NAME>-<TENANT_NAME>.<SERVICE_TYPE>.<dcX>.oraclecloud.com/interop/rest/v1/services/jobs/777",
"rel":"Job Status",
"data":null,
"action":"GET"
}]
}
Sample Code
Example 10-1 cURL Sample – setencryptionkey.sh
Prerequisites: jq (http://stedolan.github.io/jq/download/linux64/jq)
Common Functions: See Common Helper Functions for cURL
funcSetEncryptionKey() {
url=$SERVER_URL/interop/rest/v1/services/encryptionkey
key="xcfddrerghgArfh" #use a strong key to set the encryption key
param="key=$key"
funcExecuteRequest "PUT" $url $param "application/json"
output=`cat response.txt`
status=`echo $output | jq '.status'`
if [ $status == -1 ]; then
echo "Setting Encryption Key"
funcGetStatus "GET"
else
error=`echo $output | jq '.details'`
echo "Error occurred. " $error
fi
funcRemoveTempFiles "respHeader.txt" "response.txt"
}
funcResetEncryptionKey() {
url=$SERVER_URL/interop/rest/v1/services/encryptionkey
param=""
funcExecuteRequest "PUT" $url $param "application/json"
output=`cat response.txt`
status=`echo $output | jq '.status'`
if [ $status == -1 ]; then
echo "Resetting Encryption Key"
funcGetStatus "GET"
else
error=`echo $output | jq '.details'`
echo "Error occurred. " $error
fi
funcRemoveTempFiles "respHeader.txt" "response.txt"
}