turbot/oci

steampipe plugin install ocisteampipe plugin install oci
oci_apigateway_apioci_autoscaling_auto_scaling_configurationoci_budget_alert_ruleoci_budget_budgetoci_cloud_guard_configurationoci_cloud_guard_detector_recipeoci_cloud_guard_managed_listoci_cloud_guard_responder_recipeoci_cloud_guard_targetoci_core_block_volume_replicaoci_core_boot_volumeoci_core_boot_volume_attachmentoci_core_boot_volume_backupoci_core_boot_volume_metric_read_opsoci_core_boot_volume_metric_read_ops_dailyoci_core_boot_volume_metric_read_ops_hourlyoci_core_boot_volume_metric_write_opsoci_core_boot_volume_metric_write_ops_dailyoci_core_boot_volume_metric_write_ops_hourlyoci_core_dhcp_optionsoci_core_drgoci_core_imageoci_core_instanceoci_core_instance_metric_cpu_utilizationoci_core_instance_metric_cpu_utilization_dailyoci_core_instance_metric_cpu_utilization_hourlyoci_core_internet_gatewayoci_core_local_peering_gatewayoci_core_nat_gatewayoci_core_network_load_balanceroci_core_network_security_groupoci_core_public_ipoci_core_route_tableoci_core_security_listoci_core_service_gatewayoci_core_subnetoci_core_vcnoci_core_volumeoci_core_volume_attachmentoci_core_volume_backupoci_core_volume_backup_policyoci_database_autonomous_databaseoci_dns_rrsetoci_dns_tsig_keyoci_dns_zoneoci_events_ruleoci_file_storage_file_systemoci_file_storage_snapshotoci_functions_applicationoci_identity_api_keyoci_identity_auth_tokenoci_identity_authentication_policyoci_identity_availability_domainoci_identity_compartmentoci_identity_customer_secret_keyoci_identity_dynamic_groupoci_identity_groupoci_identity_network_sourceoci_identity_policyoci_identity_tag_defaultoci_identity_tag_namespaceoci_identity_tenancyoci_identity_useroci_kms_keyoci_kms_key_versionoci_kms_vaultoci_logging_logoci_logging_log_groupoci_mysql_backupoci_mysql_channeloci_mysql_db_systemoci_nosql_tableoci_nosql_table_metric_read_throttle_countoci_nosql_table_metric_read_throttle_count_dailyoci_nosql_table_metric_read_throttle_count_hourlyoci_nosql_table_metric_storage_utilizationoci_nosql_table_metric_storage_utilization_dailyoci_nosql_table_metric_storage_utilization_hourlyoci_nosql_table_metric_write_throttle_countoci_nosql_table_metric_write_throttle_count_dailyoci_nosql_table_metric_write_throttle_count_hourlyoci_objectstorage_bucketoci_ons_notification_topicoci_ons_subscriptionoci_region

Table: oci_kms_key_version

A key version provides new cryptographic material for a master encryption key. The key must be in an ENABLED state to be rotated.

You must specify a Key ID, Management Endpoint and Region in a where clause (where key_id='' and management_endpoint='' and region='').

Examples

Basic info

select
v.id as key_version_id,
k.name as key_name,
v.lifecycle_state,
v.time_created as time_created
from
oci_kms_key k,
oci_kms_key_version v
where
v.key_id = k.id
and v.management_endpoint = k.management_endpoint
and v.region = k.region;

Get latest key version for all active keys

select
k.name as key_name,
k.lifecycle_state,
max(v.time_created) as latest_key_version_created,
k.region,
coalesce(c.name, 'root') as compartment
from
oci_kms_key k
left join oci_identity_compartment c on c.id = k.compartment_id,
oci_kms_key_version v
where
v.key_id = k.id
and v.management_endpoint = k.management_endpoint
and v.region = k.region
and k.lifecycle_state = 'ENABLED'
group by
key_name, k.lifecycle_state, k.region, compartment

.inspect oci_kms_key_version

OCI KMS Key Version

NameTypeDescription
compartment_idtextThe OCID of the compartment in Tenant in which the resource is located.
idtextThe OCID of the key version.
key_idtextThe OCID of the master encryption key associated with this key version.
lifecycle_statetextThe key version's current lifecycle state.
management_endpointtextThe service endpoint to perform management operations against.
origintextThe source of the key material. When this value is INTERNAL, Key Management created the key material. When this value is EXTERNAL, the key material was imported from an external source.
public_keytextThe public key in PEM format which will be populated only in case of RSA and ECDSA keys.
regiontextThe OCI region in which the resource is located.
restored_from_key_version_idtextThe OCID of the key version from which this key version was restored.
tenant_idtextThe OCID of the Tenant in which the resource is located.
time_createdtimestamp without time zoneThe date and time this key version was created.
time_of_deletiontimestamp without time zoneAn optional property to indicate when to delete the key version.
titletextTitle of the resource.
vault_idtextThe OCID of the vault that contains this key version.