Update Credentials with ARN Parameters for AWS Resources

The ARN credentials you use on Autonomous Database work with the AWS token service that enables you to use temporary role based credentials to access to AWS resources from Autonomous Database. Therefore, if an AWS Administrator revokes the policies, roles, or trust relationship, you need to either update the credentials or create new credentials to access the AWS resources.

Perform the following steps to update credentials:

  1. Use DBMS_CLOUD.UPDATE_CREDENTIAL to update an ARN based credential to supply a new ARN value.
    BEGIN
      DBMS_CLOUD.UPDATE_CREDENTIAL(
         credential_name => 'DEF_CRED_ARN',
         attribute => 'aws_role_arn',
         value => 'new_ARN_value'); 
    END;
    /

    This updates the aws_role_arn attribute to the new value new_ARN_value for the credential named DEF_CRED_ARN.

  2. Use DBMS_CLOUD.UPDATE_CREDENTIAL to update an ARN based credential to update the attribute external_id_type value.
    BEGIN
      DBMS_CLOUD.UPDATE_CREDENTIAL(
         credential_name => 'DEF_CRED_ARN',
         attribute => 'external_id_type',
         value => 'compartment_ocid'); 
    END;
    /

    This updates the external_id_type attribute value to the value compartment_ocid.