To Replicate a Vault and Its Keys
Learn how to replicate a vault and its keys.
Virtual vaults created before the cross-region vault replication feature was introduced can't be replicated across regions. However, all private vaults support cross region replication. You can use the GetVault API's isVaultReplicable
parameter to find if a virtual vault supports cross region replication. Create a new vault and new keys if you have a vault that you need to replicate in another region and replication isn't supported for that vault. Existing keys can't be copied to a new vault.
You can only replicate active virtual private vaults and active, enabled, or disabled keys.
- Open the navigation menu, select Identity & Security, and then select Vault.
- Under List Scope, in the Compartment list, click the name of the compartment that contains the vault that you want to replicate.
- From the list of vaults in the compartment, click the name of the vault that you are interested in.
- Click Replicate Vault.
- In the Replicate Vault dialog box, choose a destination region from the list, and then click Create Replica.
Use the oci kms management vault create-vault-replica command and required parameters to create a replica for the vault in another region in the same realm.
oci kms management vault create-vault-replica --replica-region target_region_id --vault-id vault_id
For a complete list of parameters and values for CLI commands, see the CLI Command Reference.
Run the Create Vault Replica operation to create a replica for the vault in another region in the same realm.