Oracle Cloud Infrastructure Documentation

Moving a Secret to a Different Compartment

Learn how to move a secret stored in an OCI vault to a different compartment.

    1. On the Secrets list page, find the secret that you want to work with. If you need help finding the list page, see Listing Secrets.
    2. Select the Actions menu Actions Menu and then select Move resource.
    3. In the Move resource dialog box, select the destination compartment.
    4. Select Move Resource.
    5. If you created alarms to monitor the secret, update the alarms to reference the new compartment. See Updating an Alarm After Moving a Resource for more information.

  • Use the oci vault secret change-compartment command to move a secret to a different compartment:

    oci vault secret change-compartment --secret-id <target_secret_id> --compartment-id <new_compartment_id>

    For example:

    
oci vault secret change-compartment --secret-id ocid1.vaultsecret.oc1.iad.exampleaz5qacpqahuecvbjqzql4qmpbrtd7pprafhivcfik6wuitexample --compartment-id ocid1.tenancy.oc1..exampleati4wjo6cvbxq4iusld5lsdneskcfy7lr4a6wfauxuwrwed5b3xea

    For a complete list of parameters and values for CLI commands, see the CLI Command Reference.

  • Use the ChangeSecretCompartment API with the Management Endpoint to move a secret from one compartment to another compartment.

    Note

    The Management Endpoint is used for management operations including Create, Update, List, Get, and Delete. The Management Endpoint is also called the control plane URL or the KMSMANAGEMENT endpoint.

    The Cryptographic Endpoint is used for cryptographic operations including Encrypt, Decrypt, Generate Data Encryption Key, Sign, and Verify. The Cryptographic Endpoint is also called the data plane URL or the KMSCRYPTO endpoint.

    You can find the management and cryptographic endpoints in a vault's details metadata. See Getting a Vault's Details for instructions.

    For regional endpoints for the Key Management, Secret Management, and Secret Retrieval APIs, see API Reference and Endpoints.

    For information about using the API and signing requests, see REST API documentation and Security Credentials. For information about SDKs, see SDKs and the CLI.