Use Vault Secret Credentials
You can create vault secret credentials with secrets stored in any of the supported vaults:
-
Oracle Cloud Infrastructure Vault
-
Azure Key Vault
-
AWS Secrets Manager
-
GCP Secret Manager
For example, some possible uses cases for vault secret credentials:
-
You can avoid duplicating secrets (passwords) when you access cloud resources from an Autonomous Database instance. In this case, you store secrets in a vault and Autonomous Database accesses the vault. This allows you to rotate secrets without updating the credentials you create to access cloud resources.
-
You can use vault secret credentials with database links. In this case, you can create routines that access another database and you don't need to expose passwords in your code.
-
You can use vault secret credentials with DBMS_DATAPUMP APIs.
Operations that use Oracle Data Pump support vault secret credentials (for example
impdp
and expdp
). Oracle Data Pump
support with vault secret credentials is limited to Oracle Cloud
Infrastructure Swift URIs and Oracle Cloud
Infrastructure Native URIs. See DBMS_CLOUD URI Formats for more information.
Topics
- Use Vault Secret Credentials with Oracle Cloud Infrastructure Vault
Describes using vault secret credentials, where the secret (password) is stored as a secret in Oracle Cloud Infrastructure Vault. - Use Vault Secret Credential with Azure Key Vault
Describes using vault secret credentials, where the credential secret (password) is stored in Azure Key Vault. - Use Vault Secret Credential with AWS Secrets Manager
Describes using vault secret credentials, where the credential secret (password) is stored in AWS Secrets Manager. - Use Vault Secret Credential with GCP Secret Manager
Describes using vault secret credentials, where the credentials secret (password) are stored as a secret in GCP Secret Manager. - Refresh Vault Secret Credentials
Describes how vault secret credentials can be refreshed from the latest value in the vault. - Update Vault Secret Credentials
Describes the steps to update vault secret credential attributes.