Policies for Vault Service

Shows how to allow Disaster Recovery (DR) to use the Vault service. This access is required when reading Exadata and Enterprise database passwords required for DR plan executions.

Policies to configure using resource principal

Allow dynamic-group <Dynamic_group_Name> to read vaults in compartment compartment_name
Allow dynamic-group <Dynamic_group_Name> to read secret-family in compartment compartment_name

Policies to configure using user authentication

Allow group group_name to read vaults in compartment compartment_name
Allow group group_name to read secret-family in compartment compartment_name

For additional about the Identity and Access Management (IAM) policies for Vault, refer Details for the Vault Service.

Parent topic: Policies for Other Services Managed by Full Stack Disaster Recovery

Oracle Cloud Infrastructure Documentation

Policies for Vault Service