OCI Key Management Service enables you to automatically rotate encryption keys using a rotation schedule and interval for a private vault. The rotation schedule defines the frequency of rotation and retrieves the date and time when the first rotation occurs. Automatic key rotation is supported only for keys in the "Enabled" state and vault in the "Active" state and the feature is applicable for HSM and Software Keys (both symmetric and Asymmetric keys). For more information, see Automatic Key Rotation.

As part of this enhancement, KMS emits events for auto key rotation success and failure scenarios. For example, KMS emits an event when auto rotation for a key fails or when auto rotation for a key is successfully completed on the scheduled date. These events are then sent to the OCI Events service. To get notifications about these KMS events, you must first subscribe to the OCI Events service. For more information, see OCI Events.