1.3 KMS Profile Management
This topic provides information about KMS profile management.
In the KMS Profile Management view, the user can manage encryption profiles used for data export and trail file encryption. This allows secure handling of sensitive data during export and replication by leveraging encryption keys managed in the OCI Key Management Service (KMS).
Steps to Create a KMS Profile:
- The customer must create an OCI service account (an OCI IAM user account without a password) and generate an associated API key for authentication.
- Click Create Profile to open the Create KMS Profile section.
If KMS Profiles already exist, the user can simply select an existing profile from the drop-down list and click Save to proceed.
Note: The customer can create multiple KMS Profiles with the Encryption Profile Type set to OCI Vault.
A user can perform the following actions on the profiles:
- Create Profile: This action allows the user to create a new encryption profile for managing data encryption. The user must provide the Profile Name, select whether it is a Default Profile, specify the Crypto Endpoint URL, and enter the Key OCID. Once all required details are entered, click Next to proceed with profile creation.
- Validate: This action allows the user to verify the provided profile details. Upon successful validation of the entered values, a "Validation Successful” message is displayed, confirming that the encryption profile is correctly configured.
- Edit: This action allows the user to set or remove a profile as the default. Additionally, if any configuration issues were identified during the validation process, the user can modify the necessary fields and save the updated profile details.
- Delete: This action allows the user to delete the profile.
Parent topic: SaaS Self Service UI