1.123 ENCRYPT_NEW_TABLESPACES

ENCRYPT_NEW_TABLESPACES specifies whether to encrypt newly created user tablespaces.

Property Description

Parameter type

String

Syntax

ENCRYPT_NEW_TABLESPACES = { CLOUD_ONLY | ALWAYS | DDL }

Default value

CLOUD_ONLY

Modifiable

ALTER SYSTEM

Modifiable in a PDB

Yes

Basic

No

Oracle RAC

The same value should be specified for all instances.

The values that can be specified for the ENCRYPT_NEW_TABLESPACES parameter have the following meanings:

  • CLOUD_ONLY:

    When a user tablespace is created in the Oracle Cloud, it is transparently encrypted with Advanced Encryption Standard 128 (AES 128) if the ENCRYPTION clause for the SQL CREATE TABLESPACE statement is not specified. When a user tablespace is created in an on-premise database, the ENCRYPTION clause of the CREATE TABLESPACE statement determines if the tablespace is encrypted.

    CLOUD_ONLY is the default value.

  • ALWAYS:

    Whether the user tablespace is created in the Oracle Cloud or in an on-premise database, the tablespace will be transparently encrypted with AES128 if the ENCRYPTION clause is not specified in the CREATE TABLESPACE statement.

  • DDL:

    Whether the user tablespace is created in the Oracle Cloud or in an on-premise database, the CREATE TABLESPACE statement will follow the specified DDL. If no ENCRYPTION clause is specified, then the tablespace will not be encrypted. If the ENCRYPTION clause is specified with the USING keyword and an algorithm, then the specified algorithm will be used to encrypt the tablespace. If ENCRYPTION is specified but no algorithm is specified, then the tablespace will be encrypted with the default AES128 algorithm.

See Also: