My Oracle Support Banner

KMS - KMS Key Policy for Different Applications - Can They be Shared? (Doc ID 1309492.1)

Last updated on JULY 25, 2022

Applies to:

Oracle Key Manager - Version 1.2.0 and later
Sun StorageTek Crypto Key Management System - Version Not Applicable and later
Information in this document applies to any platform.


I am reading the KMS System Administration Guide and understand that ...

1. First create Key Policies.
2. Then Create Key Groups (which mapped to a particular Key Policy).
3. Finally assign a Key Group to a list of Agents -or- assign a Agent to a list of Key Groups.

Now the question is:

1.    Suppose the Tape Library is shared for two applications.
2.    Application #1 is Solaris platform Netbackup.
3.    Application #2 is Windows platform Backup.
4.    They both use the same pool of tape drives (i.e. a tape drive serves both platforms).

How can one configure the Data Units such that they have different retention policy? Say, Data Units for Solaris/Netbackup require one year encryption period while Data Units for Windows/Backup require three months encryption period.


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.