Update Protection Key

Available in VPC

Change a secret protection key. The protection key of a secret in the REVOKE (deletion requested) status can't be changed.

Request

This section describes the request format. The method and URI are as follows:

Request headers

For information about the headers common to all Secret Manager APIs, see Secret Manager request headers.

Request path parameters

You can use the following path parameters with your request:

Request body

You can include the following data in the body of your request:

Request example

The request example is as follows:

curl --location --request PUT 'https://secretmanager.apigw.ntruss.com/api/v1/secrets/{secretId}/protection-key' \
--header 'x-ncp-apigw-timestamp: {Timestamp}' \
--header 'x-ncp-iam-access-key: {Access Key}' \
--header 'x-ncp-apigw-signature-v2: {API Gateway Signature}' \
--header 'Content-Type: application/json' \
--data '{
    "protectionKeyType": "USER_MANAGED_KEY",
    "kmsKeyTag": "*****a8e99ef1ba49b9c190a0cb4f6fb20cff86dd3a3017fd6ee05aea8b*****"
}'

Response

This section describes the response format.

Response body

The response body includes the following data:

Response status codes

For information about the HTTP status codes common to all Secret Manager APIs, see Secret Manager response status codes.

Response example

The response example is as follows:

{
    "code": "SUCCESS",
    "data": {
        "secretId": "*****687685109842348f7358629bca2a6b2491e8c2352718e7d312b183*****",
        "protectionKey": {
            "type": "USER_MANAGED_KEY",
            "kmsKeyTag": "*****a8e99ef1ba49b9c190a0cb4f6fb20cff86dd3a3017fd6ee05aea8b*****",
            "kmsKeyName": "test-***"
        }
    }
}