• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

The Geek Diary

CONCEPTS | BASICS | HOWTO

  • OS
    • Linux
    • CentOS/RHEL
    • Solaris
    • Oracle Linux
    • Linux Services
    • VCS
  • Database
    • oracle
    • oracle 12c
    • ASM
    • mysql
    • MariaDB
    • Data Guard
  • DevOps
    • Docker
    • Shell Scripting
  • Interview Questions
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

What are Oracle Key Vault Roles

By admin

Oracle Key Vault Administrators

Separation of administrative duties is required for secure systems. Oracle Key Vault distinguishes between key, system, and audit management functions. The corresponding roles for these functions are system administrator, key administrator, and audit manager. If desired, one user can be granted multiple roles. However, for separation of duties, it is recommended that different users have different administrative roles. This would enable one administrator to perform one part of an operation and the other to perform a different but related part of the operation: for example, only system administrators can enroll endpoints and only key administrators can create endpoint groups.

Endpoint administrators, by default, do not have a default Oracle Key Vault role. Their task is to upload and download security objects between Oracle Key Vault and the endpoints with the okvutil utility. Some organizations delegate the endpoint administrator tasks to their DBAs and other organizations delegate it to their IT security personnel.

Oracle Key Vault Users and Roles

Oracle Key Vault post-installation includes creating the initial roles and users. After installation, only administrators who have a role can grant it to other administrators or revoke it from them. If a situation arises where there are no users with a particular role, you can use the recovery passphrase to repeat the post-installation configuration and grant each role to a new or an existing user account.

Oracle Key Vault System Administrator

The Oracle Key Vault system administrator performs the tasks listed below:

  • Creates, modifies, and deletes users
  • Enrolls endpoints and deletes them
  • Sets up high availability
  • Configures alerts and key rotation reminders
  • Schedules backups
  • Starts and stops Oracle Key Vault
  • Grants the System Administrator role to and revokes it from other users

Key Administrator

The key administrator manages access to security objects and virtual wallets, and performs the tasks listed below:

  • Controls user and endpoint access to virtual wallets
  • Creates and manages user groups
  • Creates and alters endpoint groups
  • Has Read, Modify, and Manage access on all virtual wallets and security objects
  • Grants the Key Administrator role to other users

Oracle Key Vault Audit Manager

The Oracle Key Vault audit manager manages audit data, which are records of users’ and endpoints’ actions. For this purpose, this role has Read access on all security objects. This role can grant the Audit Manager role to other users.

Filed Under: oracle

Some more articles you might also be interested in …

  1. Managing Oracle Database Backup with RMAN (Examples included)
  2. Oracle RMAN: Monitoring Recovery Manager Jobs
  3. How to get the Values Assigned by Default to a Profile in Oracle Database
  4. Oracle database : Basics about pfile and spfile
  5. How to Rename or Move Datafiles and Logfiles in Oracle Database
  6. Beginners Guide to Automatic Storage Management (ASM)
  7. ORA-12547: TNS:lost Contact (Oracle 12c2)
  8. Understanding Oracle Database Automatic SGA Memory Tuning
  9. Oracle Database : script to create a “CREATE SYNONYM Script”
  10. How to Migrate ASM Disk Groups to another Storage Online [When ASMLIB Devices Are Involved]

You May Also Like

Primary Sidebar

Recent Posts

  • SQL script to find tables that are fragmented
  • TRUNCATE TABLE not releasing space from tablespace
  • How to reclaim entire space of an oracle database table with “Truncate Table” statement
  • Oracle SQL Script to Report Tablespace Free and Fragmentation
  • Archives
  • Contact Us
  • Copyright

© 2021 · The Geek Diary