Break Glass Support for Environments
How to manage Oracle Break Glass for your Applications environments.
Occasionally, Oracle-authorized personnel need to access resources to troubleshoot or help resolve an issue with your applications environment. Break Glass provides you with the ability to temporarily grant access to Oracle Support using a securely administered workflow.
The Break Glass access control and approval workflow is enabled only for specific Oracle Applications bundles, or if you have specifically purchased the subscription. When you subscribe to Oracle Break Glass service, you get access to Oracle Managed Access, where you enable and manage requests for temporary access to your organization's cloud resources from authorized support operators.
Key features of Break Glass with Oracle Managed Access include:
- Provides the operator temporary user credentials for a specific duration.
- Specifies the access level for the representative.
- Creates logs of all actions, providing an audit trail.
Enabling Break Glass for an Environment
When you provision an environment that has a break glass subscription included in the environment family, the lockbox is automatically created for the environment in Oracle Managed Access with the following default settings:
- Password expiration time: 96 hours
- Auto-approval: Enabled
Prerequisite:
- A subscription that includes Break Glass has been added to the environment family.
You can verify that Break Glass is available for your environment by viewing the environment details:
Click the Security tab and verify that Breakglass is set to Enabled.
Follow the Managed Access documentation to setup the lockbox and approvals for your environment.
Viewing Break Glass Details
To view the break glass settings for the environment, you must have permissions to read the Managed Access resources. For example:
Allow group Environment-Admins to read lockbox-family in tenancy
For information on setting up policies, see Managing User Access to Applications Environments.
To view details
On the environment details page:
- Click Encryption.
-
The following properties of your Breakglass setup are displayed:
- Enabled
- Password expiration
- Auto-aproval setting
- Resource setting
Updating Break Glass Settings
To edit the break glass settings, you must have permissions to manage the
lockbox-family
resources. For example:
Allow group Environment-Admins to manage lockbox-family in tenancy
For information on setting up policies, see Managing User Access to Applications Environments.
On the environment details page:
- Follow the instructions for Viewing Break Glass Details to view the settings.
-
To edit these properties, click the resource setting name view its settings in the Managed Access service. Follow the Managed Access documentation.