Oracle Cloud Infrastructure Documentation

Updating Encryption Key

You can update the encryption key of a DB system. You can either use serviced-managed or self-managed encryption key. Updating the encryption key restarts the DB system.

Note

When you use a self-managed key, database operations will be affected if the key is disabled, scheduled for deletion, or deleted. You can enable a disabled key or cancel delete a key in pending deletion to restore full operations of the database. If the key has been deleted without any backup, you will not be able to access the database or backups.
Use one of the following method to update the encryption key of a DB system:

Using the Console

Use the Console to update the encryption key of the DB system.

This task requires the following
Do the following to update the security certificate of the DB system.
  1. Open the navigation menu and select Databases. Under HeatWave MySQL, select DB systems.
  2. Choose the compartment from the List scope.
  3. In the list of DB systems, select the name of the DB system to open the DB system details page.
  4. Select Edit under Encryption key.
  5. Update the information:
    • Encrypt using an Oracle-managed key: Let HeatWave Service manage the encryption key.
    • Encrypt using an customer-managed key: Bring your own encryption key to Oracle Cloud Infrastructure. You need to select one of the following key location:
      • This tenancy: You must first select the Vault and then the Key in the selected vault. You can change the compartment of the vault and key if required.
      • Different tenancy: You must enter the Encryption key OCID in the format, ocid[0-9]+.key.oc[0-9]+.[region].[0-9a-z]{74}. For example, ocid1+.key.oc1.iad.1234567890abcdefghijklmnopqrstuvwxyz1234567890abcdefghijklmnopqrstuvwxyz12.
  6. Select Save.
Note

Updating the encryption key restarts the DB system.