Managing Secrets

Create and manage vault secrets, secret tags, and secret rules.

Following are the functionalities performed in vault secret management:

  • Create vault secrets
  • View secret details
  • View a list of secrets
  • View a list of vault secret versions for a specific secret
  • Update a secret description
  • Create a new secret version (by updating secret contents)
  • Promote a secret version to current
  • Manage a secret tags
  • View a secret rules
  • Add or edit secret rules
  • Delete secrets or secret versions to permanently prevent the use of their secret contents
  • Move a secret to a new compartment
  • View properties for all secret versions
  • Cancelling deletion of a secret
  • Cancelling deletion of a secret version
  • Updating a secret content to create a new secret version

Required IAM Policy

To use Oracle Cloud Infrastructure, you must be granted security access in a policy  by an administrator. This access is required whether you're using the Console or the REST API with an SDK, CLI, or other tool. If you get a message that you don’t have permission or are unauthorized, verify with your administrator what type of access you have and which compartment  to work in.

For administrators:

If you're new to policies, see Getting Started with Policies and Common Policies.

Tagging Resources

You can apply tags to your resources to help you organize them according to your business needs. You can apply tags at the time you create a resource, or you can update the resource later with the wanted tags. For general information about applying tags, see Resource Tags.

Monitoring Resources

You can monitor the health, capacity, and performance of your Oracle Cloud Infrastructure resources by using metrics, alarms, and notifications. For more information, see Monitoring and Notifications.

For information about monitoring the traffic associated with your secrets, see Monitoring Vault Resources.

Moving Resources to a Different Compartment

You can move secrets from one compartment to another. After you move a secret to a new compartment, inherent policies apply immediately and affect access to the secret and secret versions. Moving a secret doesn't affect access to the vault that a secret is associated with. Similarly, you can move a vault from one compartment to another independently of moving any of its secrets. For more information, see Managing Compartments.