Oracle Cloud Infrastructure Documentation

Break Glass Support for Environments

How to manage Oracle Break Glass for your Applications environments.

Occasionally, Oracle-authorized personnel need to access resources to troubleshoot or help resolve an issue with your applications environment. Break Glass provides you with the ability to temporarily grant access to Oracle Support using a securely administered workflow.

The Break Glass access control and approval workflow is enabled only for specific Oracle Applications bundles, or if you have specifically purchased the subscription. When you subscribe to Oracle Break Glass service, you get access to Oracle Managed Access, where you enable and manage requests for temporary access to your organization's cloud resources from authorized support operators.

Key features of Break Glass with Oracle Managed Access include:

  • Provides the operator temporary user credentials for a specific duration.
  • Specifies the access level for the representative.
  • Creates logs of all actions, providing an audit trail.

Enabling Break Glass for an Environment

When you provision an environment that has a break glass subscription included in the environment family, the lockbox is automatically created for the environment in Oracle Managed Access with the following default settings:

  • Password expiration time: 96 hours
  • Auto-approval: Enabled

Prerequisite:

  • A subscription that includes Break Glass has been added to the environment family.

You can verify that Break Glass is available for your environment by viewing the environment details:

Click the Security tab and verify that Breakglass is set to Enabled.

Follow the Managed Access documentation to setup the lockbox and approvals for your environment.

Viewing Break Glass Details

To view the break glass settings for the environment, you must have permissions to read the Managed Access resources. For example:

Allow group Environment-Admins to read lockbox-family in tenancy

For information on setting up policies, see Managing User Access to Applications Environments.

To view details

On the environment details page:

  1. Click Encryption.
  2. The following properties of your Breakglass setup are displayed:
    • Enabled
    • Password expiration
    • Auto-aproval setting
    • Resource setting

Updating Break Glass Settings

To edit the break glass settings, you must have permissions to manage the lockbox-family resources. For example:

Allow group Environment-Admins to manage lockbox-family in tenancy

For information on setting up policies, see Managing User Access to Applications Environments.

On the environment details page:

  1. Follow the instructions for Viewing Break Glass Details to view the settings.

  2. To edit these properties, click the resource setting name view its settings in the Managed Access service. Follow the Managed Access documentation.