Introduction
This document describes the integration of Oracle Cloud Infrastructure (OCI) Bring Your Own Key (BYOK), referred to as OCI BYOK in this guide, with the Entrust Cryptographic Security Platform Key Management Vault.
Documents to read first
-
Entrust Cryptographic Security Platform Key Management Vault: nShield® HSM Integration Guide. This document is also available from the Entrust Document Library.
-
Configuring Vault Authentication for Cryptographic Security Platform Vault for Cloud Keys.
-
Configuring OCI for Cryptographic Security Platform Vault BYOK.
-
Also refer to the documentation for OCI in the Oracle Cloud Infrastructure Documentation.
Product configurations
Entrust has successfully tested the integration of Cryptographic Security Platform Key Management Vault with OCI BYOK in the following configurations:
| Vendor | Product | Version |
|---|---|---|
Oracle |
Oracle Cloud |
N/A |
Entrust |
Cryptographic Security Platform |
1.0 |
Entrust |
Key Management Vault |
10.4.5 |
VMware |
vSphere |
8.0 |
Features tested
Entrust has successfully tested the following features:
| Feature | Tested |
|---|---|
API Key Generation |
✓ |
API Key Rotation |
✓ |
OCI API Connection |
✓ |
OCI Compartment Creation |
✓ |
OCI Vault Creation |
✓ |
OCI Vault Master Encryption Key Creation |
✓ |
OCI Bucket Creation |
✓ |
CloudKey Creation for OCI Vault Master Encryption Key. |
✓ |
Disabling and Enabling cloud key |
✓ |