Find out how to use encryption keys to help secure Big Data Service.
Describes how to use customer-managed encryption keys with Big Data Service clusters, and if you're using customer-managed encryption keys, how to update encryption after rotating the key, switch to another customer-managed encryption key, or switch to Oracle-managed encryption keys.
Create Big Data Service cluster selecting the KMS key. See Creating a Cluster.
Oracle-Managed Encryption Keys 🔗
By default cluster use Oracle-managed encryption keys. Using Oracle-managed keys, Big Data Service creates and manages the encryption keys that protect your cluster.
Prerequisites to Use Customer-Managed Encryption Keys with Big Data Service Clusters 🔗
Perform these prerequisite steps to use customer-managed keys with Big Data Service.
Create an Oracle Cloud Infrastructure Vault.
Open the Oracle Cloud Infrastructure
Console.
Under Identity & Security, click Vault.
Select an existing Vault or create a Vault.
For more details, see the instructions for creating a vault, To create a new vault .
Create a Master Encryption Key in the Vault.
Note
You must use these options when you create the key:
Key Shape: Algorithm: AES (Symmetric key used for Encrypt and Decrypt)