2.132 ENCRYPT_NEW_TABLESPACES

ENCRYPT_NEW_TABLESPACES specifies whether to encrypt newly created user tablespaces.

Property Description

Parameter type

String

Syntax

ENCRYPT_NEW_TABLESPACES = { CLOUD_ONLY | ALWAYS | DDL }

Default value

CLOUD_ONLY

Modifiable

ALTER SYSTEM

Modifiable in a PDB

Yes

Basic

No

Oracle RAC

The same value should be specified for all instances.

The values that can be specified for the ENCRYPT_NEW_TABLESPACES parameter have the following meanings:

  • CLOUD_ONLY:

    When a user tablespace is created in the Oracle Cloud, it will be transparently encrypted if the ENCRYPTIONENCRYPT clause for the SQL CREATE TABLESPACE statement is not specified. The encryption algorithm is determined by the value of the TABLESPACE_ENCRYPTION_DEFAULT_ALGORITHM initialization parameter. When a user tablespace is created in an on-premises database, the ENCRYPTION clause of the CREATE TABLESPACE statement determines if the tablespace is encrypted.

    CLOUD_ONLY is the default value.

  • ALWAYS:

    Whether the user tablespace is created in the Oracle Cloud or in an on-premises database, the tablespace will be transparently encrypted if the ENCRYPTIONENCRYPT clause is not specified in the CREATE TABLESPACE statement. The encryption algorithm is determined by the value of the TABLESPACE_ENCRYPTION_DEFAULT_ALGORITHM initialization parameter.

  • DDL:

    Whether the user tablespace is created in the Oracle Cloud or in an on-premises database, the CREATE TABLESPACE statement follows the specified DDL. If no ENCRYPTION clause is specified, then the tablespace will not be encrypted. If the ENCRYPTION USINGENCRYPT clause is specified, then the specified algorithm will be used to encrypt the tablespace. If ENCRYPTION ENCRYPT is specified, but no algorithm is specified, then the encryption algorithm is determined by the value of the TABLESPACE_ENCRYPTION_DEFAULT_ALGORITHM initialization parameter.

Note:

ENCRYPT_NEW_TABLESPACES is deprecated in Oracle Database 23ai and may be removed in a future release. Oracle recommends that you use the TABLESPACE_ENCRYPTION initialization parameter instead.

See Also: