Oracle Cloud Infrastructure Documentation

Viewing Secret Versions

Learn how to view secret versions for secrets stored in an OCI vault.

    1. Open the navigation menu , select Identity & Security, and then select Vault.
    2. Under List Scope, in the Compartment list, select the name of the compartment that contains the vault that has the secret that you want to update.

    3. From the list of vaults in the compartment, select the vault name.

    4. Select Secrets, and then select the name of the secret for which you want to see a list of secret versions. (If needed, first change the list scope to the compartment that contains the secret, and then select the secret name.)
    5. Under Versions, you can see all versions that exist for the selected secret with the following information:
      • Version Number: The version number assigned to that version.
      • Status: The lifecycle management state of the secret. For example, Current, Previous, Pending, Deprecated.
      • Content auto generated: Specifies whether the secret content is automatically generated or not.
      • Created: The date and time when the secret was initially created.
      For more information about secret versions, see Secret Versions and Rotation States.

  • Use the list command to list all the secret versions for the specified secret.

    Open a command prompt and run oci vault secret-version list to view a list of secret versions for a specific secret:

    oci vault secret-version list --secret-id <secret_OCID>

    For example:

    
oci vault secret-version list --secret-id ocid1.vaultsecret.oc1.iad.exampleaz5qacpqahuecvbjqzql4qmpbrtd7pprafhivcfik6wuitexample

    For a complete list of parameters and values for CLI commands, see the CLI Command Reference.

  • Use the ListSecretVersions API with the Management Endpoint to view your secret versions and their summary details.

    Note

    The Management Endpoint is used for management operations including Create, Update, List, Get, and Delete. The Management Endpoint is also called the control plane URL or the KMSMANAGMENT endpoint.

    The Cryptographic Endpoint is used for cryptographic operations including Encrypt, Decrypt, Generate Data Encryption Key, Sign, and Verify. The Cryptographic Endpoint is also called the data plane URL or the KMSCRYPTO endpoint.

    You can find the management and cryptographic endpoints in a vault's details metadata. See Getting a Vault's Details for instructions.

    For regional endpoints for the Key Management, Secret Management, and Secret Retrieval APIs, see API Reference and Endpoints.

    For information about using the API and signing requests, see REST API documentation and Security Credentials. For information about SDKs, see SDKs and the CLI.