1. Packages
  2. Oracle Cloud Infrastructure
  3. API Docs
  4. Kms
  5. getKeyVersion
Oracle Cloud Infrastructure v2.31.0 published on Thursday, Apr 17, 2025 by Pulumi

oci.Kms.getKeyVersion

Explore with Pulumi AI

Oracle Cloud Infrastructure v2.31.0 published on Thursday, Apr 17, 2025 by Pulumi

This data source provides details about a specific Key Version resource in Oracle Cloud Infrastructure Kms service.

Gets information about the specified key version.

As a management operation, this call is subject to a Key Management limit that applies to the total number of requests across all management read operations. Key Management might throttle this call to reject an otherwise valid request when the total rate of management read operations exceeds 10 requests per second for a given tenancy.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";

const testKeyVersion = oci.Kms.getKeyVersion({
    keyId: testKey.id,
    keyVersionId: testKeyVersionOciKmsKeyVersion.id,
    managementEndpoint: keyVersionManagementEndpoint,
});
Copy
import pulumi
import pulumi_oci as oci

test_key_version = oci.Kms.get_key_version(key_id=test_key["id"],
    key_version_id=test_key_version_oci_kms_key_version["id"],
    management_endpoint=key_version_management_endpoint)
Copy
package main

import (
	"github.com/pulumi/pulumi-oci/sdk/v2/go/oci/kms"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := kms.GetKeyVersion(ctx, &kms.GetKeyVersionArgs{
			KeyId:              testKey.Id,
			KeyVersionId:       testKeyVersionOciKmsKeyVersion.Id,
			ManagementEndpoint: keyVersionManagementEndpoint,
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Oci = Pulumi.Oci;

return await Deployment.RunAsync(() => 
{
    var testKeyVersion = Oci.Kms.GetKeyVersion.Invoke(new()
    {
        KeyId = testKey.Id,
        KeyVersionId = testKeyVersionOciKmsKeyVersion.Id,
        ManagementEndpoint = keyVersionManagementEndpoint,
    });

});
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.Kms.KmsFunctions;
import com.pulumi.oci.Kms.inputs.GetKeyVersionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var testKeyVersion = KmsFunctions.getKeyVersion(GetKeyVersionArgs.builder()
            .keyId(testKey.id())
            .keyVersionId(testKeyVersionOciKmsKeyVersion.id())
            .managementEndpoint(keyVersionManagementEndpoint)
            .build());

    }
}
Copy
variables:
  testKeyVersion:
    fn::invoke:
      function: oci:Kms:getKeyVersion
      arguments:
        keyId: ${testKey.id}
        keyVersionId: ${testKeyVersionOciKmsKeyVersion.id}
        managementEndpoint: ${keyVersionManagementEndpoint}
Copy

Using getKeyVersion

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getKeyVersion(args: GetKeyVersionArgs, opts?: InvokeOptions): Promise<GetKeyVersionResult>
function getKeyVersionOutput(args: GetKeyVersionOutputArgs, opts?: InvokeOptions): Output<GetKeyVersionResult>
Copy
def get_key_version(key_id: Optional[str] = None,
                    key_version_id: Optional[str] = None,
                    management_endpoint: Optional[str] = None,
                    opts: Optional[InvokeOptions] = None) -> GetKeyVersionResult
def get_key_version_output(key_id: Optional[pulumi.Input[str]] = None,
                    key_version_id: Optional[pulumi.Input[str]] = None,
                    management_endpoint: Optional[pulumi.Input[str]] = None,
                    opts: Optional[InvokeOptions] = None) -> Output[GetKeyVersionResult]
Copy
func GetKeyVersion(ctx *Context, args *GetKeyVersionArgs, opts ...InvokeOption) (*GetKeyVersionResult, error)
func GetKeyVersionOutput(ctx *Context, args *GetKeyVersionOutputArgs, opts ...InvokeOption) GetKeyVersionResultOutput
Copy

> Note: This function is named GetKeyVersion in the Go SDK.

public static class GetKeyVersion 
{
    public static Task<GetKeyVersionResult> InvokeAsync(GetKeyVersionArgs args, InvokeOptions? opts = null)
    public static Output<GetKeyVersionResult> Invoke(GetKeyVersionInvokeArgs args, InvokeOptions? opts = null)
}
Copy
public static CompletableFuture<GetKeyVersionResult> getKeyVersion(GetKeyVersionArgs args, InvokeOptions options)
public static Output<GetKeyVersionResult> getKeyVersion(GetKeyVersionArgs args, InvokeOptions options)
Copy
fn::invoke:
  function: oci:Kms/getKeyVersion:getKeyVersion
  arguments:
    # arguments dictionary
Copy

The following arguments are supported:

KeyId This property is required. string
The OCID of the key.
KeyVersionId This property is required. string
The OCID of the key version.
ManagementEndpoint This property is required. string
The service endpoint to perform management operations against. Management operations include 'Create,' 'Update,' 'List,' 'Get,' and 'Delete' operations. See Vault Management endpoint.
KeyId This property is required. string
The OCID of the key.
KeyVersionId This property is required. string
The OCID of the key version.
ManagementEndpoint This property is required. string
The service endpoint to perform management operations against. Management operations include 'Create,' 'Update,' 'List,' 'Get,' and 'Delete' operations. See Vault Management endpoint.
keyId This property is required. String
The OCID of the key.
keyVersionId This property is required. String
The OCID of the key version.
managementEndpoint This property is required. String
The service endpoint to perform management operations against. Management operations include 'Create,' 'Update,' 'List,' 'Get,' and 'Delete' operations. See Vault Management endpoint.
keyId This property is required. string
The OCID of the key.
keyVersionId This property is required. string
The OCID of the key version.
managementEndpoint This property is required. string
The service endpoint to perform management operations against. Management operations include 'Create,' 'Update,' 'List,' 'Get,' and 'Delete' operations. See Vault Management endpoint.
key_id This property is required. str
The OCID of the key.
key_version_id This property is required. str
The OCID of the key version.
management_endpoint This property is required. str
The service endpoint to perform management operations against. Management operations include 'Create,' 'Update,' 'List,' 'Get,' and 'Delete' operations. See Vault Management endpoint.
keyId This property is required. String
The OCID of the key.
keyVersionId This property is required. String
The OCID of the key version.
managementEndpoint This property is required. String
The service endpoint to perform management operations against. Management operations include 'Create,' 'Update,' 'List,' 'Get,' and 'Delete' operations. See Vault Management endpoint.

getKeyVersion Result

The following output properties are available:

CompartmentId string
The OCID of the compartment that contains this key version.
ExternalKeyReferenceDetails List<GetKeyVersionExternalKeyReferenceDetail>
Key reference data to be returned to the customer as a response.
ExternalKeyVersionId string
Key version ID associated with the external key.
Id string
The OCID of the key version.
IsAutoRotated bool
An optional property indicating whether this keyversion is generated from auto rotatation.
IsPrimary bool
A Boolean value that indicates whether the KeyVersion belongs to primary Vault or replica Vault.
KeyId string
The OCID of the master encryption key associated with this key version.
KeyVersionId string
The OCID of the key version.
ManagementEndpoint string
PublicKey string
The public key in PEM format. (This value pertains only to RSA and ECDSA keys.)
ReplicaDetails List<GetKeyVersionReplicaDetail>
KeyVersion replica details
RestoredFromKeyId string
RestoredFromKeyVersionId string
The OCID of the key version from which this key version was restored.
State string
The key version's current lifecycle state. Example: ENABLED
TimeCreated string
The date and time this key version was created, expressed in RFC 3339 timestamp format. Example: "2018-04-03T21:10:29.600Z"
TimeOfDeletion string
An optional property to indicate when to delete the key version, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z
VaultId string
The OCID of the vault that contains this key version.
CompartmentId string
The OCID of the compartment that contains this key version.
ExternalKeyReferenceDetails []GetKeyVersionExternalKeyReferenceDetail
Key reference data to be returned to the customer as a response.
ExternalKeyVersionId string
Key version ID associated with the external key.
Id string
The OCID of the key version.
IsAutoRotated bool
An optional property indicating whether this keyversion is generated from auto rotatation.
IsPrimary bool
A Boolean value that indicates whether the KeyVersion belongs to primary Vault or replica Vault.
KeyId string
The OCID of the master encryption key associated with this key version.
KeyVersionId string
The OCID of the key version.
ManagementEndpoint string
PublicKey string
The public key in PEM format. (This value pertains only to RSA and ECDSA keys.)
ReplicaDetails []GetKeyVersionReplicaDetail
KeyVersion replica details
RestoredFromKeyId string
RestoredFromKeyVersionId string
The OCID of the key version from which this key version was restored.
State string
The key version's current lifecycle state. Example: ENABLED
TimeCreated string
The date and time this key version was created, expressed in RFC 3339 timestamp format. Example: "2018-04-03T21:10:29.600Z"
TimeOfDeletion string
An optional property to indicate when to delete the key version, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z
VaultId string
The OCID of the vault that contains this key version.
compartmentId String
The OCID of the compartment that contains this key version.
externalKeyReferenceDetails List<GetKeyVersionExternalKeyReferenceDetail>
Key reference data to be returned to the customer as a response.
externalKeyVersionId String
Key version ID associated with the external key.
id String
The OCID of the key version.
isAutoRotated Boolean
An optional property indicating whether this keyversion is generated from auto rotatation.
isPrimary Boolean
A Boolean value that indicates whether the KeyVersion belongs to primary Vault or replica Vault.
keyId String
The OCID of the master encryption key associated with this key version.
keyVersionId String
The OCID of the key version.
managementEndpoint String
publicKey String
The public key in PEM format. (This value pertains only to RSA and ECDSA keys.)
replicaDetails List<GetKeyVersionReplicaDetail>
KeyVersion replica details
restoredFromKeyId String
restoredFromKeyVersionId String
The OCID of the key version from which this key version was restored.
state String
The key version's current lifecycle state. Example: ENABLED
timeCreated String
The date and time this key version was created, expressed in RFC 3339 timestamp format. Example: "2018-04-03T21:10:29.600Z"
timeOfDeletion String
An optional property to indicate when to delete the key version, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z
vaultId String
The OCID of the vault that contains this key version.
compartmentId string
The OCID of the compartment that contains this key version.
externalKeyReferenceDetails GetKeyVersionExternalKeyReferenceDetail[]
Key reference data to be returned to the customer as a response.
externalKeyVersionId string
Key version ID associated with the external key.
id string
The OCID of the key version.
isAutoRotated boolean
An optional property indicating whether this keyversion is generated from auto rotatation.
isPrimary boolean
A Boolean value that indicates whether the KeyVersion belongs to primary Vault or replica Vault.
keyId string
The OCID of the master encryption key associated with this key version.
keyVersionId string
The OCID of the key version.
managementEndpoint string
publicKey string
The public key in PEM format. (This value pertains only to RSA and ECDSA keys.)
replicaDetails GetKeyVersionReplicaDetail[]
KeyVersion replica details
restoredFromKeyId string
restoredFromKeyVersionId string
The OCID of the key version from which this key version was restored.
state string
The key version's current lifecycle state. Example: ENABLED
timeCreated string
The date and time this key version was created, expressed in RFC 3339 timestamp format. Example: "2018-04-03T21:10:29.600Z"
timeOfDeletion string
An optional property to indicate when to delete the key version, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z
vaultId string
The OCID of the vault that contains this key version.
compartment_id str
The OCID of the compartment that contains this key version.
external_key_reference_details Sequence[kms.GetKeyVersionExternalKeyReferenceDetail]
Key reference data to be returned to the customer as a response.
external_key_version_id str
Key version ID associated with the external key.
id str
The OCID of the key version.
is_auto_rotated bool
An optional property indicating whether this keyversion is generated from auto rotatation.
is_primary bool
A Boolean value that indicates whether the KeyVersion belongs to primary Vault or replica Vault.
key_id str
The OCID of the master encryption key associated with this key version.
key_version_id str
The OCID of the key version.
management_endpoint str
public_key str
The public key in PEM format. (This value pertains only to RSA and ECDSA keys.)
replica_details Sequence[kms.GetKeyVersionReplicaDetail]
KeyVersion replica details
restored_from_key_id str
restored_from_key_version_id str
The OCID of the key version from which this key version was restored.
state str
The key version's current lifecycle state. Example: ENABLED
time_created str
The date and time this key version was created, expressed in RFC 3339 timestamp format. Example: "2018-04-03T21:10:29.600Z"
time_of_deletion str
An optional property to indicate when to delete the key version, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z
vault_id str
The OCID of the vault that contains this key version.
compartmentId String
The OCID of the compartment that contains this key version.
externalKeyReferenceDetails List<Property Map>
Key reference data to be returned to the customer as a response.
externalKeyVersionId String
Key version ID associated with the external key.
id String
The OCID of the key version.
isAutoRotated Boolean
An optional property indicating whether this keyversion is generated from auto rotatation.
isPrimary Boolean
A Boolean value that indicates whether the KeyVersion belongs to primary Vault or replica Vault.
keyId String
The OCID of the master encryption key associated with this key version.
keyVersionId String
The OCID of the key version.
managementEndpoint String
publicKey String
The public key in PEM format. (This value pertains only to RSA and ECDSA keys.)
replicaDetails List<Property Map>
KeyVersion replica details
restoredFromKeyId String
restoredFromKeyVersionId String
The OCID of the key version from which this key version was restored.
state String
The key version's current lifecycle state. Example: ENABLED
timeCreated String
The date and time this key version was created, expressed in RFC 3339 timestamp format. Example: "2018-04-03T21:10:29.600Z"
timeOfDeletion String
An optional property to indicate when to delete the key version, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z
vaultId String
The OCID of the vault that contains this key version.

Supporting Types

GetKeyVersionExternalKeyReferenceDetail

ExternalKeyId This property is required. string
ExternalKeyId refers to the globally unique key Id associated with the key created in external vault in CTM.
ExternalKeyVersionId This property is required. string
Key version ID associated with the external key.
ExternalKeyId This property is required. string
ExternalKeyId refers to the globally unique key Id associated with the key created in external vault in CTM.
ExternalKeyVersionId This property is required. string
Key version ID associated with the external key.
externalKeyId This property is required. String
ExternalKeyId refers to the globally unique key Id associated with the key created in external vault in CTM.
externalKeyVersionId This property is required. String
Key version ID associated with the external key.
externalKeyId This property is required. string
ExternalKeyId refers to the globally unique key Id associated with the key created in external vault in CTM.
externalKeyVersionId This property is required. string
Key version ID associated with the external key.
external_key_id This property is required. str
ExternalKeyId refers to the globally unique key Id associated with the key created in external vault in CTM.
external_key_version_id This property is required. str
Key version ID associated with the external key.
externalKeyId This property is required. String
ExternalKeyId refers to the globally unique key Id associated with the key created in external vault in CTM.
externalKeyVersionId This property is required. String
Key version ID associated with the external key.

GetKeyVersionReplicaDetail

ReplicationId This property is required. string
ReplicationId associated with a key version operation
ReplicationId This property is required. string
ReplicationId associated with a key version operation
replicationId This property is required. String
ReplicationId associated with a key version operation
replicationId This property is required. string
ReplicationId associated with a key version operation
replication_id This property is required. str
ReplicationId associated with a key version operation
replicationId This property is required. String
ReplicationId associated with a key version operation

Package Details

Repository
oci pulumi/pulumi-oci
License
Apache-2.0
Notes
This Pulumi package is based on the oci Terraform Provider.
Oracle Cloud Infrastructure v2.31.0 published on Thursday, Apr 17, 2025 by Pulumi