Creating a Boot Volume Encrypted with a Vault key
Create a boot volume that's encrypted with a Vault key using the Command Line Interface (CLI) and API interfaces.
This task is not available in the OCI Console.
Open a command prompt and run
oci bv boot-volume create
to create a boot volume that is encrypted with a Vault service master encryption key:oci bv boot-volume create --display-name <volume_name> --compartment-id <target_compartment_id> --size-in-gbs <volume_size> --availability-domain <target_availability_domain> --kms-key-id <target_key_id>
For example:
oci bv boot-volume create --display-name EncryptedBlockVolume --compartment-id ocid1.compartment.oc1..example1example25qrlpo4agcmothkbgqgmuz2zzum45ibplooqtabwk3zz --size-in-gbs 50 --availability-domain AAbC:US-ASHBURN-AD-1 --kms-key-id ocid1.key.region1.sea.exampleaaacu2.examplesmtpsuqmoy4m5cvblugmizcoeu2nfc6b3zfaux2lmqz245gezevsq
For a complete list of parameters and values for CLI commands, see KMS CLI Command Reference.
Run the CreateBootVolume operation to create a boot volume using a vault key.
For information about using the API and signing requests, see REST API documentation and Security Credentials. For information about SDKs, see SDKs and the CLI.