Amazon RDS for Oracle now supports credential management with Amazon Secrets Manager for databases using Oracle multitenant architecture
Amazon RDS for Oracle now supports credential management with Amazon Secrets Manager for databases that adopt Oracle multitenant architecture. Oracle multitenant architecture enables customers to consolidate data and code from multiple databases into one database by setting up a multitenant container database (CDB) that can include multiple pluggable databases (PDBs). With this launch, customers can use Amazon Secrets Manager to manage user credentials for their tenant pluggable databases.
Using Amazon Secrets Manager to manage user credentials for tenant pluggable databases allows customers to automate regular password rotations, use Amazon Identity and Access Management (IAM) for access control to authorized users, encrypt credentials using Amazon Key Management Service (KMS), and enhance security posture by replacing the use of plaintext password in application code with programmatic calls to retrieve credentials from Amazon Secret Manager. RDS database management operations such as database restore from Amazon S3 or a snapshot and point-in-time recovery automatically use credentials managed in Amazon Secrets Manager.
To learn more about using Amazon Secrets Manager with Amazon RDS for Oracle database with the CDB architecture, see the Amazon RDS documentation. When storing database secrets in Amazon Secrets Manager, your Amazon Web Services account incurs charges. For information about Amazon Secrets Manager pricing and capabilities, visit the Amazon Secrets Manager product page.
This capability is available in all Amazon Web Services Regions where Amazon RDS for Oracle and Amazon Secrets Manager are available, including Amazon Web Services China (Beijing) region, operated by Sinnet and Amazon Web Services China (Ningxia) region, operated by NWCD. For more information about regional availability, see the Amazon Web Services Region table.