---
names:
  full: "Oracle Storage Bucket is not encrypted with a customer managed key"
  contextual: "Storage Bucket is not encrypted with a customer managed key"
description: >
  Ensure that Oracle Storage Buckets use customer managed keys from OCI Vault for
  server-side encryption. Customer managed keys provide stronger control over key
  access, rotation, auditing, and revocation than provider-managed encryption keys.
type: "COMPLIANCE_POLICY"
categories:
  - "SECURITY"
frameworkMappings:
  - "/frameworks/cis-oracle-v3.1.0/05/01/02"
  - "/frameworks/cloudaware/resource-security/data-encryption"
similarPolicies:
  internal:
    - "dec-x-6664ebac"