turbot/oci

GitHub
steampipe plugin install ocisteampipe plugin install oci
oci_analytics_instanceoci_apigateway_apioci_autoscaling_auto_scaling_configurationoci_budget_alert_ruleoci_budget_budgetoci_cloud_guard_configurationoci_cloud_guard_detector_recipeoci_cloud_guard_managed_listoci_cloud_guard_responder_recipeoci_cloud_guard_targetoci_containerengine_clusteroci_core_block_volume_replicaoci_core_boot_volumeoci_core_boot_volume_attachmentoci_core_boot_volume_backupoci_core_boot_volume_metric_read_opsoci_core_boot_volume_metric_read_ops_dailyoci_core_boot_volume_metric_read_ops_hourlyoci_core_boot_volume_metric_write_opsoci_core_boot_volume_metric_write_ops_dailyoci_core_boot_volume_metric_write_ops_hourlyoci_core_boot_volume_replicaoci_core_dhcp_optionsoci_core_drgoci_core_imageoci_core_image_customoci_core_instanceoci_core_instance_metric_cpu_utilizationoci_core_instance_metric_cpu_utilization_dailyoci_core_instance_metric_cpu_utilization_hourlyoci_core_internet_gatewayoci_core_load_balanceroci_core_local_peering_gatewayoci_core_nat_gatewayoci_core_network_load_balanceroci_core_network_security_groupoci_core_public_ipoci_core_public_ip_pooloci_core_route_tableoci_core_security_listoci_core_service_gatewayoci_core_subnetoci_core_vcnoci_core_vnic_attachmentoci_core_volumeoci_core_volume_attachmentoci_core_volume_backupoci_core_volume_backup_policyoci_database_autonomous_databaseoci_database_autonomous_db_metric_cpu_utilizationoci_database_autonomous_db_metric_cpu_utilization_dailyoci_database_autonomous_db_metric_cpu_utilization_hourlyoci_database_autonomous_db_metric_storage_utilizationoci_database_autonomous_db_metric_storage_utilization_dailyoci_database_autonomous_db_metric_storage_utilization_hourlyoci_database_dboci_database_db_homeoci_database_db_systemoci_database_pluggable_databaseoci_database_software_imageoci_dns_rrsetoci_dns_tsig_keyoci_dns_zoneoci_events_ruleoci_file_storage_file_systemoci_file_storage_mount_targetoci_file_storage_snapshotoci_functions_applicationoci_functions_functionoci_identity_api_keyoci_identity_auth_tokenoci_identity_authentication_policyoci_identity_availability_domainoci_identity_compartmentoci_identity_customer_secret_keyoci_identity_dynamic_groupoci_identity_groupoci_identity_network_sourceoci_identity_policyoci_identity_tag_defaultoci_identity_tag_namespaceoci_identity_tenancyoci_identity_useroci_kms_keyoci_kms_key_versionoci_kms_vaultoci_logging_logoci_logging_log_groupoci_mysql_backupoci_mysql_channeloci_mysql_configurationoci_mysql_configuration_customoci_mysql_db_systemoci_mysql_db_system_metric_connectionsoci_mysql_db_system_metric_connections_dailyoci_mysql_db_system_metric_connections_hourlyoci_mysql_db_system_metric_cpu_utilizationoci_mysql_db_system_metric_cpu_utilization_dailyoci_mysql_db_system_metric_cpu_utilization_hourlyoci_mysql_db_system_metric_memory_utilizationoci_mysql_db_system_metric_memory_utilization_dailyoci_mysql_heat_wave_clusteroci_nosql_tableoci_nosql_table_metric_read_throttle_countoci_nosql_table_metric_read_throttle_count_dailyoci_nosql_table_metric_read_throttle_count_hourlyoci_nosql_table_metric_storage_utilizationoci_nosql_table_metric_storage_utilization_dailyoci_nosql_table_metric_storage_utilization_hourlyoci_nosql_table_metric_write_throttle_countoci_nosql_table_metric_write_throttle_count_dailyoci_nosql_table_metric_write_throttle_count_hourlyoci_objectstorage_bucketoci_objectstorage_objectoci_ons_notification_topicoci_ons_subscriptionoci_regionoci_resource_searchoci_resourcemanager_stackoci_streaming_streamoci_vault_secret

Table: oci_kms_key_version

A key version provides new cryptographic material for a master encryption key. The key must be in an ENABLED state to be rotated.

You must specify a Key ID, Management Endpoint and Region in a where clause (where key_id='' and management_endpoint='' and region='').

Examples

Basic info

select
v.id as key_version_id,
k.name as key_name,
v.lifecycle_state,
v.time_created as time_created
from
oci_kms_key k,
oci_kms_key_version v
where
v.key_id = k.id
and v.management_endpoint = k.management_endpoint
and v.region = k.region;

Get latest key version for all active keys

with oci_kms as (
select
k.name,
k.lifecycle_state,
max(v.time_created) as latest_key_version_created,
k.region,
k.compartment_id
from
oci_kms_key k, oci_kms_key_version v
where
v.key_id = k.id
and v.management_endpoint = k.management_endpoint
and v.region = k.region
and k.lifecycle_state = 'ENABLED'
group by
k.name,k.lifecycle_state, k.region,k.compartment_id
)
select
k.name,
k.lifecycle_state,
latest_key_version_created,
k.region,
coalesce(c.name, 'root') as compartment
from
oci_kms k left join oci_identity_compartment c on c.id = k.compartment_id;

.inspect oci_kms_key_version

OCI KMS Key Version

NameTypeDescription
_ctxjsonbSteampipe context in JSON form, e.g. connection_name.
compartment_idtextThe OCID of the compartment in Tenant in which the resource is located.
idtextThe OCID of the key version.
key_idtextThe OCID of the master encryption key associated with this key version.
lifecycle_statetextThe key version's current lifecycle state.
management_endpointtextThe service endpoint to perform management operations against.
origintextThe source of the key material. When this value is INTERNAL, Key Management created the key material. When this value is EXTERNAL, the key material was imported from an external source.
public_keytextThe public key in PEM format which will be populated only in case of RSA and ECDSA keys.
regiontextThe OCI region in which the resource is located.
restored_from_key_version_idtextThe OCID of the key version from which this key version was restored.
tenant_idtextThe OCID of the Tenant in which the resource is located.
time_createdtimestamp with time zoneThe date and time this key version was created.
time_of_deletiontimestamp with time zoneAn optional property to indicate when to delete the key version.
titletextTitle of the resource.
vault_idtextThe OCID of the vault that contains this key version.