1. Using Oracle WebLogic Server for OCI
  2. Manage a Domain
  3. About Deleting Secrets and Policies

About Deleting Secrets and Policies

Policies control your access to Oracle Cloud Infrastructure and secrets are used to store passwords such as the administrator password. These policies and secrets should be set up prior to creating the Oracle WebLogic Server for OCI instances. However, you have the option to delete these policies and secrets after you provision a Oracle WebLogic Server for OCI domain.

The following are the effects of deleting the policies and secrets post provisioning:

  • Removing the administrator password secret policy will not allow you to scale out compute instances. To enable scale out, you will need to create a new secret and add back the policy that references the new secret. Additionally, ensure that you specify the new secret in the stack UI or Terraform if you are using CLI.
  • Deleting the administrator password secret and policy would impact the functionality of the restart_domain.sh script to some extent. You would have to type in a password each time you use the start, stop, and restart options. However, a VM reboot will start the servers because the reboot does not rely on a password.
  • Removing the database secret and policy would affect the functionality of the delete_rcu.sh script. You would need to type the WebLogic administrator password and the password for the database user with the SYSDBA role.
  • Removing the IDCS secret and policy would affect the functionality of the delete_idcs_application.sh script. You would need to type in the client secret for the IDCS confidential application.
If you want to scale out an instance, you will need to add back the dynamic group policy statement provided below to the policy at the root compartment level.
Allow dynamic-group MyInstancesPrincipalGroup to read secret-bundles in tenancy where target.secret.id = '<OCID_of_wls_password_secret>'