Enabling a Vault Key

Enable a vault's master encryption key.

• Console
• CLI
• API

• 1. Open the navigation menu, click Identity & Security, and then click Vault.
  2. Under List scope, select a compartment that contains the vault that has the key you want to enable.
  3. On the Vaults page, click the name of the vault to open its details page.
  4. Under Resources, click Master Encryption Keys and then click the name of the key to open its details page.
  5. Click Enable.

• Open a command prompt and run oci kms management key enable to enable a key:

  oci kms management key enable --key-id <target_key_id> --endpoint <control_plane_url>

  For example:

  
  oci kms management key enable --key-id ocid1.key.region1.sea.exampleaaacu2.examplesmtpsuqmoy4m5cvblugmizcoeu2nfc6b3zfaux2lmqz245gezevsq --endpoint https://exampleaaacu2-management.kms.us-ashburn-1.oraclecloud.com

  For a complete list of parameters and values for CLI commands, see KMS CLI Command Reference.

• Run the EnableKey operation to enable the vault key using the KMSMANAGMENT endpoint.

  Note
  
  Each region uses the KMSMANAGMENT endpoint for managing keys. This endpoint is referred to as the control plane URL or vault management endpoint. For regional endpoints, see the API Documentation.