Re-encrypting an Object Storage Bucket's Data Encryption Keys
Re-encrypt the unique data encryption key that encrypts each object written to an Object Storagebucket by using the most recent version of the master encryption key.
For more information, see Object Storage Data Encryption.
The Work Requests Details dialog box that displays information about the work request, including the percentage completed and the work request OCID. You can copy the work request OCID to monitor the request status later.
Use the oci os bucket reencrypt command and required parameters to re-encrypt the unique data encryption key that encrypts each object written to the bucket by using the most recent version of the master encryption key assigned to the bucket.
oci os bucket reencrypt --name bucket_name [OPTIONS]
For example:
oci os bucket reencrypt --name MyBucket
For a complete list of parameters and values for CLI commands, see the CLI Command Reference.
Run the ReencryptBucket operation to re-encrypt the unique data encryption key that encrypts each object written to the bucket by using the most recent version of the master encryption key assigned to the bucket.
When accessing the Object Storage API, the bucket name is used with the Object Storage namespace name to form the request URL:
n/object_storage_namespace/b/bucket