Customer Managed Keys for Oracle Break Glass

By default, your Global Trade and Transportation Management environments are protected by Oracle-managed encryption keys. By subscribing to the Oracle Break Glass service, you are offered the customer-managed keys feature that allows you to provide and manage the encryption keys that protect your environments. You can also purchase this option as an add-on subscription.

Global Trade and Transportation Management leverages the OCI Vault service to enable you to create and manage encryption keys to secure the data stored at rest in your production and non-production environments. You can set up keys on your environment either during environment creation or you can add the key to an existing environment.

Adding the System Policy to Enable Customer-Managed Keys in Your Tenancy

See Add the System Policy to Enable Customer-Managed Keys in Your Tenancy.

Note: You need to add a System Policy in your Tenancy before proceeding with enabling Customer Managed Keys. The contents of this System Policy are different for each Oracle application service. This policy must be added before you add the vault and key to your environment. If this policy is not added, your environment will not complete provisioning (if added during environment creation) or will not complete the maintenance cycle (if added to an existing environment). The contents of this policy will be documented in the future.

Refer to the Customer Managed Keys for Oracle Break Glass documentation for more details on managing the Encryption Keys for your environments.