Create Vault Resources for Password Management for PeopleSoft Cloud Manager

Before You Begin

This tutorial shows you how to create a vault, encryption key, and secrets in Oracle Cloud Infrastructure console. You must use vault secrets to specify the passwords when installing the Resource Manager stack for PeopleSoft Cloud Manager. You can also use vault secrets to manage passwords for Cloud Manager provisioned environments.This tutorial takes approximately 30 minutes to complete.

See Key Management in the Oracle Cloud Infrastructure documentation.

Background

This is the eighth tutorial in the Install PeopleSoft Cloud Manager series. Read the tutorials in the order listed. The optional tutorials offer alternate methods for setup.

Step 1: Create the Vault

On the Oracle Cloud Infrastructure Console home page, click the menu icon () and select Identity and Security, then Vault.
Click Create Vault.

Description of this illustration (create_vault_page.png)
Select the compartment for the vault.

Note:
The vault, encryption key, and secrets can be in different compartments in the same tenancy. They do not need to be in the same compartment as the Cloud Manager instance or provisioned environment.
Enter a name.
Click Create Vault.

Step 2: Create the Encryption Key

On the Identity and Security > Vaults page, select the name of the vault you created, or select View Vault Details from the actions menu.
On the Vault Details page, select Master Encryption Keys from the Resources list.
Click Create Key.

Description of this illustration (create_vault_key_page.png)
Select the compartment for the encryption key.
Select the Protection Mode.
- HSM — Create a key that is stored and processed on a hardware security module.
- Software — Create a key that is stored and processed on a server.
Enter a name.
Choose an encryption key algorithms from the drop-down list.
- AES — Advanced Encryption Standard
- RSA — Rivest-Shamir-Adleman
- ECDSA — Elliptic curve cryptography digital signature algorithm
Select 128, 192, or 256 bits for the encryption key length.
Click Create Key.

For more information on the options on this page, see Creating a Master Encryption Key in the Oracle Cloud Infrastructure documentation.

Step 3: Create Secrets

On the Vault Details page, select Secrets from the Resources list on the left.
Click the Create Secret button.

Description of this illustration (create_secret_page.png)
Select a compartment for the secret.
Enter a name and description.

Tip:
The name that you enter will be available for selection when you install the Resource Manager stack for Cloud Manager, or when you provision environments in Cloud Manager. Use a descriptive name to make it easy to select the desired secret.
Select an encryption key.
The key must belong to the same vault. The key must also be a symmetric key. You cannot encrypt vault secrets with asymmetric keys.
Choose plain text or Base-64 from the Secret Type Template drop-down list.

Enter the password in the Secret Contents field. The following table lists the passwords required to deploy the Resource Manager stack for Cloud Manager.

Parameter	Description	Requirements
Db Connect Password	PeopleSoft Connect ID password. The default ID is people.	Select the vault secret containing the password. Ensure the password is between 6 and 30 characters in length. It must only contain letters and numbers.
Access ID	PeopleSoft Database Access ID. The default ID is SYSADM.	NA
Access ID Password	Password for the Access ID.	Select the vault secret containing the password. Ensure the password begins with a letter, contains only alphanumeric characters, and is no more than 8 characters in length.
Db Admin Password	Database Administrator (SYS and SYSTEM) password. The database administrators are SYS and SYSTEM.	Select the vault secret containing the password. Ensure that the password is between 8 and 30 characters in length. It must contain at least one lowercase letter, one uppercase letter, one number, and one special character. The special character must be either an underscore (_), dash (-), or number sign (#).
Cloud Manager Administrator password	Password for the domain boot user (CLADM).	Select the vault secret containing the password. Ensure the password contains only alphanumeric characters and is no more than 8 characters in length.
Integration Gateway User password	Password for the default Integration Gateway user, which is administrator.	Select the vault secret containing the password. Ensure the password contains only alphanumeric characters and is between 8 and 30 characters in length.
WebLogic Administrator User password	Oracle WebLogic administrator password. The default Oracle WebLogic administrator is system.	Select the vault secret containing the password. Ensure that the password is between 8 and 30 characters in length with at least one lowercase letter and one uppercase letter. It must also contain one number or one special character (!@#$%^&).
Web profile password	PeopleSoft Web Profile password. The default web profile user is PTWEBSERVER.	Select the vault secret containing the password. Ensure the password contains only alphanumeric characters and is between 8 and 30 characters in length.
Domain Connect Password	Application Server Domain connection password.	Select the vault secret containing the password. Ensure the password contains only alphanumeric characters and is between 8 and 20 characters in length.
My Oracle Support (MOS) User ID	User ID of registered My Oracle Support account.	To use My Oracle Support, you must create an Oracle Single SignOn (SSO) account and register at least one support identifier (SI) with My Oracle Support.
My Oracle Support (MOS) Password	Password for the registered MOS account.	Select the vault secret containing the password.

Note:

You are not required to supply the My Oracle Support User ID and password when you install the Resource Manager stack. If you do choose to supply it during installation you must use a vault secret. Otherwise, you can specify the credentials after you complete the installation, on the Cloud Manager Settings page.

(Optional) Select the Show Base 64 conversion to view the password in base 64.
You can provide secret contents in plain-text when you use the Console to create a vault secret or vault secret version, but secret contents do need to be base64-encoded before they're sent to the service. The Console automatically encodes plain-text secret contents for you.
Click Create Secret.
Repeat steps 2-9 for each password.
(Optional) You can add secrets for additional passwords to use when provisioning environments at this point, or you can add them later.
- Search administrator password
- Search proxy user password
- Windows administrator password
- RMAN backup encryption password
- Source TDE keystore (wallet) password for refreshing DB system environments
- Source TDE key file path for refreshing DB system environments

For more information, see Creating a Secret in a Vault in the Oracle Cloud Infrastructure documentation.

Step 4: Install Cloud Manager

When installing the Resource Manager stack for Cloud Manager, select the vault and choose the secrets.

Next Steps

Generate API Signing Keys for PeopleSoft Cloud Manager

Learn More

PeopleSoft Cloud Manager Home Page, My Oracle Support, Doc ID 2231255.2
Cumulative Feature Overview Tool (Click Generate a CFO report and select PeopleSoft Cloud Manager at the top.)
Oracle Cloud Documentation in Oracle Help Center

Title and Copyright Information

Create Vault Resources for Password Management for PeopleSoft Cloud Manager

F82809-03

January 2025

Create a vault, encryption key, and secrets for password management for PeopleSoft Cloud Manager.

This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited.

If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, then the following notice is applicable:

U.S. GOVERNMENT END USERS: Oracle programs (including any operating system, integrated software, any programs embedded, installed or activated on delivered hardware, and modifications of such programs) and Oracle computer documentation or other Oracle data delivered to or accessed by U.S. Government end users are "commercial computer software" or "commercial computer software documentation" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, the use, reproduction, duplication, release, display, disclosure, modification, preparation of derivative works, and/or adaptation of i) Oracle programs (including any operating system, integrated software, any programs embedded, installed or activated on delivered hardware, and modifications of such programs), ii) Oracle computer documentation and/or iii) other Oracle data, is subject to the rights and limitations specified in the license contained in the applicable contract. The terms governing the U.S. Government's use of Oracle cloud services are defined by the applicable contract for such services. No other rights are granted to the U.S. Government.

This software or hardware is developed for general use in a variety of information management applications. It is not developed or intended for use in any inherently dangerous applications, including applications that may create a risk of personal injury. If you use this software or hardware in dangerous applications, then you shall be responsible to take all appropriate fail-safe, backup, redundancy, and other measures to ensure its safe use. Oracle Corporation and its affiliates disclaim any liability for any damages caused by use of this software or hardware in dangerous applications.

Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.

Intel and Intel Inside are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. AMD, Epyc, and the AMD logo are trademarks or registered trademarks of Advanced Micro Devices. UNIX is a registered trademark of The Open Group.

This software or hardware and documentation may provide access to or information about content, products, and services from third parties. Oracle Corporation and its affiliates are not responsible for and expressly disclaim all warranties of any kind with respect to third-party content, products, and services unless otherwise set forth in an applicable agreement between you and Oracle. Oracle Corporation and its affiliates will not be responsible for any loss, costs, or damages incurred due to your access to or use of third-party content, products, or services, except as set forth in an applicable agreement between you and Oracle.