diff --git a/database/advanced/intro/intro-key-vault.md b/database/advanced/intro/intro-key-vault.md
index 034e80768..3753fb53e 100644
--- a/database/advanced/intro/intro-key-vault.md
+++ b/database/advanced/intro/intro-key-vault.md
@@ -4,7 +4,7 @@
### Overview
*Estimated Time to complete the workshop*: 55 minutes
-This workshop is the SECOND of two Hands-On Labs dedicated to encrypting data at rest within the Oracle Database. The first workshop, DB Security – ASO (Transparent Data Encryption & Data Redaction) covers transparent data encryption (TDE). This second workshop covers the important topic of managing encryption keys. Here, we will migrate an encrypted database to Oracle Key Vault for centralized key management.
+This workshop is the SECOND of two Hands-On Labs dedicated to encrypting data at rest within the Oracle Database. The first workshop, DB Security – ASO (Transparent Data Encryption & Data Redaction) covers transparent data encryption (TDE). This second workshop covers the important topic of managing encryption keys. Here, we will migrate an encrypted database to Oracle Key Vault for centralized key management and walk through a typical Key Vault deployment.
Based on an OCI architecture, deployed in a few minutes with a simple internet connection, it allows you to test DB Security use cases in a complete environment already pre-configured by the Oracle Database Security Product Manager Team.
@@ -33,11 +33,11 @@ This Hands-On Labs give the user an opportunity to learn how to configure the DB
In this mini-lab, you will learn how to use the **Oracle Key Vault** (OKV) features.
-The entire DB Security PMs Team wishes you an excellent workshop!
+The entire DB Security PMs team wishes you an excellent workshop!
You may now [proceed to the next lab](#next).
## Acknowledgements
- **Author** - Hakim Loumi, Database Security PM
-- **Contributors** - Peter Wahl, Rahil Mir
-- **Last Updated By/Date** - Hakim Loumi, Database Security PM - August 2024
+- **Contributors** - Peter Wahl, Rahil Mir, Shubham Goyal
+- **Last Updated By/Date** - Shubham Goyal, Database Security PM - October 2025
diff --git a/database/advanced/key-vault-new/images/002-ep.png b/database/advanced/key-vault-new/images/002-ep.png
new file mode 100644
index 000000000..7362832fa
Binary files /dev/null and b/database/advanced/key-vault-new/images/002-ep.png differ
diff --git a/database/advanced/key-vault-new/images/003-add-ep.png b/database/advanced/key-vault-new/images/003-add-ep.png
new file mode 100644
index 000000000..32212d850
Binary files /dev/null and b/database/advanced/key-vault-new/images/003-add-ep.png differ
diff --git a/database/advanced/key-vault-new/images/004-add-ep-details.png b/database/advanced/key-vault-new/images/004-add-ep-details.png
new file mode 100644
index 000000000..c517255f6
Binary files /dev/null and b/database/advanced/key-vault-new/images/004-add-ep-details.png differ
diff --git a/database/advanced/key-vault-new/images/005-add-default-wallet.png b/database/advanced/key-vault-new/images/005-add-default-wallet.png
new file mode 100644
index 000000000..b507444c2
Binary files /dev/null and b/database/advanced/key-vault-new/images/005-add-default-wallet.png differ
diff --git a/database/advanced/key-vault-new/images/OKV-LL4-001a.png b/database/advanced/key-vault-new/images/OKV-LL4-001a.png
new file mode 100644
index 000000000..08acd169a
Binary files /dev/null and b/database/advanced/key-vault-new/images/OKV-LL4-001a.png differ
diff --git a/database/advanced/key-vault-new/images/OKV-LL4-001b.png b/database/advanced/key-vault-new/images/OKV-LL4-001b.png
new file mode 100644
index 000000000..a992635c8
Binary files /dev/null and b/database/advanced/key-vault-new/images/OKV-LL4-001b.png differ
diff --git a/database/advanced/key-vault-new/images/OKV-LL4-001c.png b/database/advanced/key-vault-new/images/OKV-LL4-001c.png
new file mode 100644
index 000000000..1afe11054
Binary files /dev/null and b/database/advanced/key-vault-new/images/OKV-LL4-001c.png differ
diff --git a/database/advanced/key-vault-new/images/OKV-LL4-001d.png b/database/advanced/key-vault-new/images/OKV-LL4-001d.png
new file mode 100644
index 000000000..ef3a2fe29
Binary files /dev/null and b/database/advanced/key-vault-new/images/OKV-LL4-001d.png differ
diff --git a/database/advanced/key-vault-new/images/OKV-LL4-001e.png b/database/advanced/key-vault-new/images/OKV-LL4-001e.png
new file mode 100644
index 000000000..d7ac01d82
Binary files /dev/null and b/database/advanced/key-vault-new/images/OKV-LL4-001e.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-03_13.45.01.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_13.45.01.png
new file mode 100644
index 000000000..29dc80fbd
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_13.45.01.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-03_13.52.35.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_13.52.35.png
new file mode 100644
index 000000000..8530f13b2
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_13.52.35.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-03_13.56.15.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_13.56.15.png
new file mode 100644
index 000000000..aa2f0b5f0
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_13.56.15.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.02.30.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.02.30.png
new file mode 100644
index 000000000..5a71ede36
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.02.30.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.03.59.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.03.59.png
new file mode 100644
index 000000000..752a66ec7
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.03.59.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.11.39.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.11.39.png
new file mode 100644
index 000000000..00bd4617d
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.11.39.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.13.54.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.13.54.png
new file mode 100644
index 000000000..cc8cd570e
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.13.54.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.23.38.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.23.38.png
new file mode 100644
index 000000000..98e9fc5e7
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.23.38.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.26.41.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.26.41.png
new file mode 100644
index 000000000..47c1de353
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.26.41.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.29.00.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.29.00.png
new file mode 100644
index 000000000..3257419bc
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.29.00.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.31.43.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.31.43.png
new file mode 100644
index 000000000..c1c9bb8de
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.31.43.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.33.54.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.33.54.png
new file mode 100644
index 000000000..8132ee87c
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.33.54.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.37.46.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.37.46.png
new file mode 100644
index 000000000..d2d82f13d
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.37.46.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.38.50.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.38.50.png
new file mode 100644
index 000000000..49e60d58d
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.38.50.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.42.12.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.42.12.png
new file mode 100644
index 000000000..fc43a0896
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.42.12.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.44.02.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.44.02.png
new file mode 100644
index 000000000..4916bb736
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_14.44.02.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-03_15.11.26.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_15.11.26.png
new file mode 100644
index 000000000..83e9312cd
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_15.11.26.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-03_15.13.44.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_15.13.44.png
new file mode 100644
index 000000000..4674f24b4
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_15.13.44.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-03_15.56.40.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_15.56.40.png
new file mode 100644
index 000000000..071754257
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_15.56.40.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-03_15.59.33.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_15.59.33.png
new file mode 100644
index 000000000..07de407f5
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_15.59.33.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-03_16.01.30.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_16.01.30.png
new file mode 100644
index 000000000..3378c3866
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_16.01.30.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-03_16.03.05.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_16.03.05.png
new file mode 100644
index 000000000..2e42229d4
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_16.03.05.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-03_16.04.40.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_16.04.40.png
new file mode 100644
index 000000000..9038e8bb6
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_16.04.40.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-03_16.06.27_create.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_16.06.27_create.png
new file mode 100644
index 000000000..c07f90d9f
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_16.06.27_create.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-03_16.06.27_verify.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_16.06.27_verify.png
new file mode 100644
index 000000000..56e295d4e
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_16.06.27_verify.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-03_16.19.30.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_16.19.30.png
new file mode 100644
index 000000000..2dfa0ab21
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-03_16.19.30.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-04_15.32.37.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-04_15.32.37.png
new file mode 100644
index 000000000..43c788514
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-04_15.32.37.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-04_15.43.07.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-04_15.43.07.png
new file mode 100644
index 000000000..271a8f497
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-04_15.43.07.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-04_15.46.44.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-04_15.46.44.png
new file mode 100644
index 000000000..0145515d0
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-04_15.46.44.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-04_15.49.25.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-04_15.49.25.png
new file mode 100644
index 000000000..7775564f3
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-04_15.49.25.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-04_15.54.38.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-04_15.54.38.png
new file mode 100644
index 000000000..4c60418f8
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-04_15.54.38.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-05_10.06.42.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-05_10.06.42.png
new file mode 100644
index 000000000..777c0906b
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-05_10.06.42.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-05_10.08.23.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-05_10.08.23.png
new file mode 100644
index 000000000..6774772b8
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-05_10.08.23.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-05_10.41.36.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-05_10.41.36.png
new file mode 100644
index 000000000..2bf54a02e
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-05_10.41.36.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-05_10.49.21.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-05_10.49.21.png
new file mode 100644
index 000000000..bed51c65b
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-05_10.49.21.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-05_10.54.01.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-05_10.54.01.png
new file mode 100644
index 000000000..0caea4572
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-05_10.54.01.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-05_11.07.08.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-05_11.07.08.png
new file mode 100644
index 000000000..c8eadee80
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-05_11.07.08.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-05_11.10.42.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-05_11.10.42.png
new file mode 100644
index 000000000..b67e7c181
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-05_11.10.42.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-05_11.12.24.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-05_11.12.24.png
new file mode 100644
index 000000000..2151d8e3f
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-05_11.12.24.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-05_11.25.42.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-05_11.25.42.png
new file mode 100644
index 000000000..87ee2a6bb
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-05_11.25.42.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-05_11.33.32.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-05_11.33.32.png
new file mode 100644
index 000000000..c1b2f54e7
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-05_11.33.32.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-07_09.41.40.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-07_09.41.40.png
new file mode 100644
index 000000000..85cc8237b
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-07_09.41.40.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-07_09.55.44.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-07_09.55.44.png
new file mode 100644
index 000000000..5a122d400
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-07_09.55.44.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-07_22.09.24.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-07_22.09.24.png
new file mode 100644
index 000000000..03216b029
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-07_22.09.24.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-07_23.08.12.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-07_23.08.12.png
new file mode 100644
index 000000000..b230d1280
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-07_23.08.12.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-07_23.29.07.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-07_23.29.07.png
new file mode 100644
index 000000000..b8556b3c9
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-07_23.29.07.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-07_23.39.39.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-07_23.39.39.png
new file mode 100644
index 000000000..d9362a4c0
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-07_23.39.39.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-07_23.41.30.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-07_23.41.30.png
new file mode 100644
index 000000000..17b5a69a7
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-07_23.41.30.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-08_11.57.01.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-08_11.57.01.png
new file mode 100644
index 000000000..e00e5b3d0
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-08_11.57.01.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-08_12.10.54.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-08_12.10.54.png
new file mode 100644
index 000000000..55524d1c5
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-08_12.10.54.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-08_12.12.47.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-08_12.12.47.png
new file mode 100644
index 000000000..a47595236
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-08_12.12.47.png differ
diff --git a/database/advanced/key-vault-new/images/Screenshot_2025-10-16_15.48.32.png b/database/advanced/key-vault-new/images/Screenshot_2025-10-16_15.48.32.png
new file mode 100644
index 000000000..ed1554566
Binary files /dev/null and b/database/advanced/key-vault-new/images/Screenshot_2025-10-16_15.48.32.png differ
diff --git a/database/advanced/key-vault-new/images/TDE_CONFIG_OKV.png b/database/advanced/key-vault-new/images/TDE_CONFIG_OKV.png
new file mode 100644
index 000000000..840f25fae
Binary files /dev/null and b/database/advanced/key-vault-new/images/TDE_CONFIG_OKV.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-09-02_16-38-09.png b/database/advanced/key-vault-new/images/image-2025-09-02_16-38-09.png
new file mode 100644
index 000000000..8fdf14040
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-09-02_16-38-09.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-09-02_16-38-44.png b/database/advanced/key-vault-new/images/image-2025-09-02_16-38-44.png
new file mode 100644
index 000000000..2712146e5
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-09-02_16-38-44.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-09-02_16-40-35.png b/database/advanced/key-vault-new/images/image-2025-09-02_16-40-35.png
new file mode 100644
index 000000000..99b687579
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-09-02_16-40-35.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-09-03_09-04-24.png b/database/advanced/key-vault-new/images/image-2025-09-03_09-04-24.png
new file mode 100644
index 000000000..703731bf9
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-09-03_09-04-24.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-09-03_13-29-46.png b/database/advanced/key-vault-new/images/image-2025-09-03_13-29-46.png
new file mode 100644
index 000000000..dcf637953
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-09-03_13-29-46.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-09-03_14-58-53.png b/database/advanced/key-vault-new/images/image-2025-09-03_14-58-53.png
new file mode 100644
index 000000000..c23d97b15
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-09-03_14-58-53.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-09-05-delete-wallet-after-upload.png b/database/advanced/key-vault-new/images/image-2025-09-05-delete-wallet-after-upload.png
new file mode 100644
index 000000000..f4f4e451d
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-09-05-delete-wallet-after-upload.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-09-05-enable-light-out-operation.png b/database/advanced/key-vault-new/images/image-2025-09-05-enable-light-out-operation.png
new file mode 100644
index 000000000..bc739fed3
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-09-05-enable-light-out-operation.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-09-11-17.41.21.png b/database/advanced/key-vault-new/images/image-2025-09-11-17.41.21.png
new file mode 100644
index 000000000..e1a3281fa
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-09-11-17.41.21.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-09-11-17.53.46.png b/database/advanced/key-vault-new/images/image-2025-09-11-17.53.46.png
new file mode 100644
index 000000000..14ace2cc9
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-09-11-17.53.46.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-09-11-18.09.03.png b/database/advanced/key-vault-new/images/image-2025-09-11-18.09.03.png
new file mode 100644
index 000000000..9b522c1b2
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-09-11-18.09.03.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-09-11-18.13.52.png b/database/advanced/key-vault-new/images/image-2025-09-11-18.13.52.png
new file mode 100644
index 000000000..bf175c3c8
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-09-11-18.13.52.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-09-11-18.20.43.png b/database/advanced/key-vault-new/images/image-2025-09-11-18.20.43.png
new file mode 100644
index 000000000..711bbb839
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-09-11-18.20.43.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-09-11-18.27.41.png b/database/advanced/key-vault-new/images/image-2025-09-11-18.27.41.png
new file mode 100644
index 000000000..8caa46de5
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-09-11-18.27.41.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-09-11-18.29.46.png b/database/advanced/key-vault-new/images/image-2025-09-11-18.29.46.png
new file mode 100644
index 000000000..74b2b9ab5
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-09-11-18.29.46.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-09-11-18.33.10.png b/database/advanced/key-vault-new/images/image-2025-09-11-18.33.10.png
new file mode 100644
index 000000000..c63b3d141
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-09-11-18.33.10.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-09-11-18.42.01.png b/database/advanced/key-vault-new/images/image-2025-09-11-18.42.01.png
new file mode 100644
index 000000000..08414f41c
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-09-11-18.42.01.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-09-11-18.46.22.png b/database/advanced/key-vault-new/images/image-2025-09-11-18.46.22.png
new file mode 100644
index 000000000..639dbfc29
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-09-11-18.46.22.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-09-11-18.48.38-CUSTOM.png b/database/advanced/key-vault-new/images/image-2025-09-11-18.48.38-CUSTOM.png
new file mode 100644
index 000000000..6d01aef9b
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-09-11-18.48.38-CUSTOM.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-09-11-18.48.38.png b/database/advanced/key-vault-new/images/image-2025-09-11-18.48.38.png
new file mode 100644
index 000000000..6aa5354c3
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-09-11-18.48.38.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-09-11-18.50.51.png b/database/advanced/key-vault-new/images/image-2025-09-11-18.50.51.png
new file mode 100644
index 000000000..5b457bf51
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-09-11-18.50.51.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-09-11-18.58.43.png b/database/advanced/key-vault-new/images/image-2025-09-11-18.58.43.png
new file mode 100644
index 000000000..2e0108a5f
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-09-11-18.58.43.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-09-11-19.02.06.png b/database/advanced/key-vault-new/images/image-2025-09-11-19.02.06.png
new file mode 100644
index 000000000..334fac4c1
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-09-11-19.02.06.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-09-25_11-48-23.png b/database/advanced/key-vault-new/images/image-2025-09-25_11-48-23.png
new file mode 100644
index 000000000..b58fd9754
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-09-25_11-48-23.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-09-27_install.png b/database/advanced/key-vault-new/images/image-2025-09-27_install.png
new file mode 100644
index 000000000..5357ec3ea
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-09-27_install.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-09-27_upload.png b/database/advanced/key-vault-new/images/image-2025-09-27_upload.png
new file mode 100644
index 000000000..942267492
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-09-27_upload.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-7-24_12-11-54.png b/database/advanced/key-vault-new/images/image-2025-7-24_12-11-54.png
new file mode 100644
index 000000000..142c73974
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-7-24_12-11-54.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-7-24_12-13-38.png b/database/advanced/key-vault-new/images/image-2025-7-24_12-13-38.png
new file mode 100644
index 000000000..9a3eac978
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-7-24_12-13-38.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-7-24_12-17-29.png b/database/advanced/key-vault-new/images/image-2025-7-24_12-17-29.png
new file mode 100644
index 000000000..e914e1c49
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-7-24_12-17-29.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-7-24_12-26-31.png b/database/advanced/key-vault-new/images/image-2025-7-24_12-26-31.png
new file mode 100644
index 000000000..bd9044c15
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-7-24_12-26-31.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-7-24_12-26-40.png b/database/advanced/key-vault-new/images/image-2025-7-24_12-26-40.png
new file mode 100644
index 000000000..bd9044c15
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-7-24_12-26-40.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-7-24_12-27-48.png b/database/advanced/key-vault-new/images/image-2025-7-24_12-27-48.png
new file mode 100644
index 000000000..6bde8027b
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-7-24_12-27-48.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-7-24_12-31-21.png b/database/advanced/key-vault-new/images/image-2025-7-24_12-31-21.png
new file mode 100644
index 000000000..881e42168
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-7-24_12-31-21.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-7-24_12-48-0.png b/database/advanced/key-vault-new/images/image-2025-7-24_12-48-0.png
new file mode 100644
index 000000000..f18173c06
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-7-24_12-48-0.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-7-24_12-50-7.png b/database/advanced/key-vault-new/images/image-2025-7-24_12-50-7.png
new file mode 100644
index 000000000..5034458ef
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-7-24_12-50-7.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-7-24_12-52-28.png b/database/advanced/key-vault-new/images/image-2025-7-24_12-52-28.png
new file mode 100644
index 000000000..5acbb850c
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-7-24_12-52-28.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-7-24_12-53-4.png b/database/advanced/key-vault-new/images/image-2025-7-24_12-53-4.png
new file mode 100644
index 000000000..c42d31e84
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-7-24_12-53-4.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-7-24_15-59-1.png b/database/advanced/key-vault-new/images/image-2025-7-24_15-59-1.png
new file mode 100644
index 000000000..7362832fa
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-7-24_15-59-1.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-7-24_16-12-59.png b/database/advanced/key-vault-new/images/image-2025-7-24_16-12-59.png
new file mode 100644
index 000000000..b507444c2
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-7-24_16-12-59.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-7-24_16-15-52.png b/database/advanced/key-vault-new/images/image-2025-7-24_16-15-52.png
new file mode 100644
index 000000000..830fa09f5
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-7-24_16-15-52.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-7-24_16-33-45.png b/database/advanced/key-vault-new/images/image-2025-7-24_16-33-45.png
new file mode 100644
index 000000000..0f4e66aea
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-7-24_16-33-45.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-7-24_16-58-54.png b/database/advanced/key-vault-new/images/image-2025-7-24_16-58-54.png
new file mode 100644
index 000000000..6452a738f
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-7-24_16-58-54.png differ
diff --git a/database/advanced/key-vault-new/images/image-2025-7-24_17-8-50.png b/database/advanced/key-vault-new/images/image-2025-7-24_17-8-50.png
new file mode 100644
index 000000000..8427e262d
Binary files /dev/null and b/database/advanced/key-vault-new/images/image-2025-7-24_17-8-50.png differ
diff --git a/database/advanced/key-vault-new/images/images-2025-09-25_13-30-45_root.png b/database/advanced/key-vault-new/images/images-2025-09-25_13-30-45_root.png
new file mode 100644
index 000000000..b0f9de488
Binary files /dev/null and b/database/advanced/key-vault-new/images/images-2025-09-25_13-30-45_root.png differ
diff --git a/database/advanced/key-vault-new/images/images-2025-09-26_12-41-08-tde_seps.png b/database/advanced/key-vault-new/images/images-2025-09-26_12-41-08-tde_seps.png
new file mode 100644
index 000000000..c379d8312
Binary files /dev/null and b/database/advanced/key-vault-new/images/images-2025-09-26_12-41-08-tde_seps.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-032.png b/database/advanced/key-vault-new/images/multi-master/okv-032.png
new file mode 100644
index 000000000..5413f9a45
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-032.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-033.png b/database/advanced/key-vault-new/images/multi-master/okv-033.png
new file mode 100644
index 000000000..24fd3cf01
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-033.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-034.png b/database/advanced/key-vault-new/images/multi-master/okv-034.png
new file mode 100644
index 000000000..4874d908e
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-034.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-035.png b/database/advanced/key-vault-new/images/multi-master/okv-035.png
new file mode 100644
index 000000000..b12261b62
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-035.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-036.png b/database/advanced/key-vault-new/images/multi-master/okv-036.png
new file mode 100644
index 000000000..372e4b24f
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-036.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-037.png b/database/advanced/key-vault-new/images/multi-master/okv-037.png
new file mode 100644
index 000000000..eeb993193
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-037.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-038.png b/database/advanced/key-vault-new/images/multi-master/okv-038.png
new file mode 100644
index 000000000..7e418065c
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-038.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-039.png b/database/advanced/key-vault-new/images/multi-master/okv-039.png
new file mode 100644
index 000000000..a25790789
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-039.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-040.png b/database/advanced/key-vault-new/images/multi-master/okv-040.png
new file mode 100644
index 000000000..436d1c604
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-040.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-041.png b/database/advanced/key-vault-new/images/multi-master/okv-041.png
new file mode 100644
index 000000000..2b766c376
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-041.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-042.png b/database/advanced/key-vault-new/images/multi-master/okv-042.png
new file mode 100644
index 000000000..9c3ee6183
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-042.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-042a.png b/database/advanced/key-vault-new/images/multi-master/okv-042a.png
new file mode 100644
index 000000000..0b3f412f3
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-042a.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-043.png b/database/advanced/key-vault-new/images/multi-master/okv-043.png
new file mode 100644
index 000000000..f5a177f8c
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-043.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-044.png b/database/advanced/key-vault-new/images/multi-master/okv-044.png
new file mode 100644
index 000000000..4cc73072c
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-044.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-045.png b/database/advanced/key-vault-new/images/multi-master/okv-045.png
new file mode 100644
index 000000000..7e7a9f674
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-045.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-046.png b/database/advanced/key-vault-new/images/multi-master/okv-046.png
new file mode 100644
index 000000000..5a539f758
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-046.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-047.png b/database/advanced/key-vault-new/images/multi-master/okv-047.png
new file mode 100644
index 000000000..c6e975bcb
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-047.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-048.png b/database/advanced/key-vault-new/images/multi-master/okv-048.png
new file mode 100644
index 000000000..aba702644
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-048.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-049.png b/database/advanced/key-vault-new/images/multi-master/okv-049.png
new file mode 100644
index 000000000..e5cd98263
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-049.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-050.png b/database/advanced/key-vault-new/images/multi-master/okv-050.png
new file mode 100644
index 000000000..20abb1558
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-050.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-051.png b/database/advanced/key-vault-new/images/multi-master/okv-051.png
new file mode 100644
index 000000000..096185cbe
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-051.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-052.png b/database/advanced/key-vault-new/images/multi-master/okv-052.png
new file mode 100644
index 000000000..15cff9d2c
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-052.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-052a.png b/database/advanced/key-vault-new/images/multi-master/okv-052a.png
new file mode 100644
index 000000000..27275bc2d
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-052a.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-053.png b/database/advanced/key-vault-new/images/multi-master/okv-053.png
new file mode 100644
index 000000000..9b4979e5d
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-053.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-054.png b/database/advanced/key-vault-new/images/multi-master/okv-054.png
new file mode 100644
index 000000000..5c7b47be1
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-054.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-055.png b/database/advanced/key-vault-new/images/multi-master/okv-055.png
new file mode 100644
index 000000000..96edd543a
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-055.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-056.png b/database/advanced/key-vault-new/images/multi-master/okv-056.png
new file mode 100644
index 000000000..5d8fdee30
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-056.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-057.png b/database/advanced/key-vault-new/images/multi-master/okv-057.png
new file mode 100644
index 000000000..b28300e8f
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-057.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-058.png b/database/advanced/key-vault-new/images/multi-master/okv-058.png
new file mode 100644
index 000000000..25509e1d8
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-058.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-059.png b/database/advanced/key-vault-new/images/multi-master/okv-059.png
new file mode 100644
index 000000000..32f884c48
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-059.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-060.png b/database/advanced/key-vault-new/images/multi-master/okv-060.png
new file mode 100644
index 000000000..5c6fb1c2e
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-060.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-061.png b/database/advanced/key-vault-new/images/multi-master/okv-061.png
new file mode 100644
index 000000000..ff52e5cff
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-061.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-062.png b/database/advanced/key-vault-new/images/multi-master/okv-062.png
new file mode 100644
index 000000000..f32e765c8
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-062.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-063.png b/database/advanced/key-vault-new/images/multi-master/okv-063.png
new file mode 100644
index 000000000..ba17f0f21
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-063.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-064.png b/database/advanced/key-vault-new/images/multi-master/okv-064.png
new file mode 100644
index 000000000..ab7c03353
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-064.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-065.png b/database/advanced/key-vault-new/images/multi-master/okv-065.png
new file mode 100644
index 000000000..3dfcdf4c6
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-065.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-066.png b/database/advanced/key-vault-new/images/multi-master/okv-066.png
new file mode 100644
index 000000000..55ca61c1a
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-066.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-067.png b/database/advanced/key-vault-new/images/multi-master/okv-067.png
new file mode 100644
index 000000000..ace6bfe11
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-067.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-068.png b/database/advanced/key-vault-new/images/multi-master/okv-068.png
new file mode 100644
index 000000000..a872849fc
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-068.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-069.png b/database/advanced/key-vault-new/images/multi-master/okv-069.png
new file mode 100644
index 000000000..453baf08b
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-069.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-070.png b/database/advanced/key-vault-new/images/multi-master/okv-070.png
new file mode 100644
index 000000000..4b3f8dd27
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-070.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-071.png b/database/advanced/key-vault-new/images/multi-master/okv-071.png
new file mode 100644
index 000000000..483c82371
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-071.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-072.png b/database/advanced/key-vault-new/images/multi-master/okv-072.png
new file mode 100644
index 000000000..508b4b919
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-072.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-073.png b/database/advanced/key-vault-new/images/multi-master/okv-073.png
new file mode 100644
index 000000000..38e456f86
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-073.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-074.png b/database/advanced/key-vault-new/images/multi-master/okv-074.png
new file mode 100644
index 000000000..ec64c1477
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-074.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-075.png b/database/advanced/key-vault-new/images/multi-master/okv-075.png
new file mode 100644
index 000000000..98a8f42d2
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-075.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-076.png b/database/advanced/key-vault-new/images/multi-master/okv-076.png
new file mode 100644
index 000000000..69ae5a8b3
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-076.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-077.png b/database/advanced/key-vault-new/images/multi-master/okv-077.png
new file mode 100644
index 000000000..bd603b486
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-077.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-078.png b/database/advanced/key-vault-new/images/multi-master/okv-078.png
new file mode 100644
index 000000000..0f9d73c17
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-078.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-079.png b/database/advanced/key-vault-new/images/multi-master/okv-079.png
new file mode 100644
index 000000000..a7fa44c75
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-079.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-080.png b/database/advanced/key-vault-new/images/multi-master/okv-080.png
new file mode 100644
index 000000000..ca95ee006
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-080.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-081.png b/database/advanced/key-vault-new/images/multi-master/okv-081.png
new file mode 100644
index 000000000..d6208fc44
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-081.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-082.png b/database/advanced/key-vault-new/images/multi-master/okv-082.png
new file mode 100644
index 000000000..c7e640b0a
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-082.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-083.png b/database/advanced/key-vault-new/images/multi-master/okv-083.png
new file mode 100644
index 000000000..7a92774c9
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-083.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-084.png b/database/advanced/key-vault-new/images/multi-master/okv-084.png
new file mode 100644
index 000000000..2d77eb3d2
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-084.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-085.png b/database/advanced/key-vault-new/images/multi-master/okv-085.png
new file mode 100644
index 000000000..85ab4d3a8
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-085.png differ
diff --git a/database/advanced/key-vault-new/images/multi-master/okv-086.png b/database/advanced/key-vault-new/images/multi-master/okv-086.png
new file mode 100644
index 000000000..e833011e7
Binary files /dev/null and b/database/advanced/key-vault-new/images/multi-master/okv-086.png differ
diff --git a/database/advanced/key-vault-new/images/okv-001.png b/database/advanced/key-vault-new/images/okv-001.png
new file mode 100644
index 000000000..2c007e93d
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-001.png differ
diff --git a/database/advanced/key-vault-new/images/okv-001b.png b/database/advanced/key-vault-new/images/okv-001b.png
new file mode 100644
index 000000000..2e4039a39
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-001b.png differ
diff --git a/database/advanced/key-vault-new/images/okv-002.png b/database/advanced/key-vault-new/images/okv-002.png
new file mode 100644
index 000000000..4d1e3edd2
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-002.png differ
diff --git a/database/advanced/key-vault-new/images/okv-003.png b/database/advanced/key-vault-new/images/okv-003.png
new file mode 100644
index 000000000..8e267589f
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-003.png differ
diff --git a/database/advanced/key-vault-new/images/okv-004.png b/database/advanced/key-vault-new/images/okv-004.png
new file mode 100644
index 000000000..cecfb6a40
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-004.png differ
diff --git a/database/advanced/key-vault-new/images/okv-005a.png b/database/advanced/key-vault-new/images/okv-005a.png
new file mode 100644
index 000000000..a635b22e7
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-005a.png differ
diff --git a/database/advanced/key-vault-new/images/okv-005b.png b/database/advanced/key-vault-new/images/okv-005b.png
new file mode 100644
index 000000000..bce5a3265
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-005b.png differ
diff --git a/database/advanced/key-vault-new/images/okv-005c.png b/database/advanced/key-vault-new/images/okv-005c.png
new file mode 100644
index 000000000..790cbd31d
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-005c.png differ
diff --git a/database/advanced/key-vault-new/images/okv-006.png b/database/advanced/key-vault-new/images/okv-006.png
new file mode 100644
index 000000000..202e2b507
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-006.png differ
diff --git a/database/advanced/key-vault-new/images/okv-006b.png b/database/advanced/key-vault-new/images/okv-006b.png
new file mode 100644
index 000000000..61dc41b0e
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-006b.png differ
diff --git a/database/advanced/key-vault-new/images/okv-007.png b/database/advanced/key-vault-new/images/okv-007.png
new file mode 100644
index 000000000..2419d9a4b
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-007.png differ
diff --git a/database/advanced/key-vault-new/images/okv-008.png b/database/advanced/key-vault-new/images/okv-008.png
new file mode 100644
index 000000000..a74c7e807
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-008.png differ
diff --git a/database/advanced/key-vault-new/images/okv-009.png b/database/advanced/key-vault-new/images/okv-009.png
new file mode 100644
index 000000000..4b604cd5d
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-009.png differ
diff --git a/database/advanced/key-vault-new/images/okv-010.png b/database/advanced/key-vault-new/images/okv-010.png
new file mode 100644
index 000000000..e27d1d10f
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-010.png differ
diff --git a/database/advanced/key-vault-new/images/okv-011.png b/database/advanced/key-vault-new/images/okv-011.png
new file mode 100644
index 000000000..576a7eda3
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-011.png differ
diff --git a/database/advanced/key-vault-new/images/okv-012.png b/database/advanced/key-vault-new/images/okv-012.png
new file mode 100644
index 000000000..067455fd1
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-012.png differ
diff --git a/database/advanced/key-vault-new/images/okv-013.png b/database/advanced/key-vault-new/images/okv-013.png
new file mode 100644
index 000000000..144ac9c69
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-013.png differ
diff --git a/database/advanced/key-vault-new/images/okv-014.png b/database/advanced/key-vault-new/images/okv-014.png
new file mode 100644
index 000000000..191c0e064
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-014.png differ
diff --git a/database/advanced/key-vault-new/images/okv-015.png b/database/advanced/key-vault-new/images/okv-015.png
new file mode 100644
index 000000000..02eb8cd54
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-015.png differ
diff --git a/database/advanced/key-vault-new/images/okv-016.png b/database/advanced/key-vault-new/images/okv-016.png
new file mode 100644
index 000000000..be3beb32b
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-016.png differ
diff --git a/database/advanced/key-vault-new/images/okv-017.png b/database/advanced/key-vault-new/images/okv-017.png
new file mode 100644
index 000000000..bb9eb690a
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-017.png differ
diff --git a/database/advanced/key-vault-new/images/okv-018.png b/database/advanced/key-vault-new/images/okv-018.png
new file mode 100644
index 000000000..c0780b997
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-018.png differ
diff --git a/database/advanced/key-vault-new/images/okv-019.png b/database/advanced/key-vault-new/images/okv-019.png
new file mode 100644
index 000000000..c6fb9e07a
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-019.png differ
diff --git a/database/advanced/key-vault-new/images/okv-020.png b/database/advanced/key-vault-new/images/okv-020.png
new file mode 100644
index 000000000..b4dc85bb1
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-020.png differ
diff --git a/database/advanced/key-vault-new/images/okv-021.png b/database/advanced/key-vault-new/images/okv-021.png
new file mode 100644
index 000000000..d669894da
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-021.png differ
diff --git a/database/advanced/key-vault-new/images/okv-022.png b/database/advanced/key-vault-new/images/okv-022.png
new file mode 100644
index 000000000..ebcc2a563
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-022.png differ
diff --git a/database/advanced/key-vault-new/images/okv-023.png b/database/advanced/key-vault-new/images/okv-023.png
new file mode 100644
index 000000000..996002d34
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-023.png differ
diff --git a/database/advanced/key-vault-new/images/okv-024.png b/database/advanced/key-vault-new/images/okv-024.png
new file mode 100644
index 000000000..e78ff5ba4
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-024.png differ
diff --git a/database/advanced/key-vault-new/images/okv-025.png b/database/advanced/key-vault-new/images/okv-025.png
new file mode 100644
index 000000000..69849dab1
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-025.png differ
diff --git a/database/advanced/key-vault-new/images/okv-026.png b/database/advanced/key-vault-new/images/okv-026.png
new file mode 100644
index 000000000..a3c463c34
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-026.png differ
diff --git a/database/advanced/key-vault-new/images/okv-027.png b/database/advanced/key-vault-new/images/okv-027.png
new file mode 100644
index 000000000..5164fc817
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-027.png differ
diff --git a/database/advanced/key-vault-new/images/okv-028.png b/database/advanced/key-vault-new/images/okv-028.png
new file mode 100644
index 000000000..cadf28173
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-028.png differ
diff --git a/database/advanced/key-vault-new/images/okv-029.png b/database/advanced/key-vault-new/images/okv-029.png
new file mode 100644
index 000000000..14c618efe
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-029.png differ
diff --git a/database/advanced/key-vault-new/images/okv-030.png b/database/advanced/key-vault-new/images/okv-030.png
new file mode 100644
index 000000000..baf344a4e
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-030.png differ
diff --git a/database/advanced/key-vault-new/images/okv-031.png b/database/advanced/key-vault-new/images/okv-031.png
new file mode 100644
index 000000000..a9764ec41
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-031.png differ
diff --git a/database/advanced/key-vault-new/images/okv-032.png b/database/advanced/key-vault-new/images/okv-032.png
new file mode 100644
index 000000000..0ebd70d48
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-032.png differ
diff --git a/database/advanced/key-vault-new/images/okv-033.png b/database/advanced/key-vault-new/images/okv-033.png
new file mode 100644
index 000000000..19dc15377
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-033.png differ
diff --git a/database/advanced/key-vault-new/images/okv-034.png b/database/advanced/key-vault-new/images/okv-034.png
new file mode 100644
index 000000000..2cdbdcb3f
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-034.png differ
diff --git a/database/advanced/key-vault-new/images/okv-050.png b/database/advanced/key-vault-new/images/okv-050.png
new file mode 100644
index 000000000..0435114bb
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-050.png differ
diff --git a/database/advanced/key-vault-new/images/okv-051.png b/database/advanced/key-vault-new/images/okv-051.png
new file mode 100644
index 000000000..c041d2600
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-051.png differ
diff --git a/database/advanced/key-vault-new/images/okv-052.png b/database/advanced/key-vault-new/images/okv-052.png
new file mode 100644
index 000000000..a2b5329e0
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-052.png differ
diff --git a/database/advanced/key-vault-new/images/okv-053.png b/database/advanced/key-vault-new/images/okv-053.png
new file mode 100644
index 000000000..545a876ff
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-053.png differ
diff --git a/database/advanced/key-vault-new/images/okv-054.png b/database/advanced/key-vault-new/images/okv-054.png
new file mode 100644
index 000000000..4d7347060
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-054.png differ
diff --git a/database/advanced/key-vault-new/images/okv-055.png b/database/advanced/key-vault-new/images/okv-055.png
new file mode 100644
index 000000000..0b30c593d
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-055.png differ
diff --git a/database/advanced/key-vault-new/images/okv-056.png b/database/advanced/key-vault-new/images/okv-056.png
new file mode 100644
index 000000000..7d9fff02f
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-056.png differ
diff --git a/database/advanced/key-vault-new/images/okv-070.png b/database/advanced/key-vault-new/images/okv-070.png
new file mode 100644
index 000000000..3b0233a72
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-070.png differ
diff --git a/database/advanced/key-vault-new/images/okv-071.png b/database/advanced/key-vault-new/images/okv-071.png
new file mode 100644
index 000000000..f68c71662
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-071.png differ
diff --git a/database/advanced/key-vault-new/images/okv-072.png b/database/advanced/key-vault-new/images/okv-072.png
new file mode 100644
index 000000000..9d21820a2
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-072.png differ
diff --git a/database/advanced/key-vault-new/images/okv-073.png b/database/advanced/key-vault-new/images/okv-073.png
new file mode 100644
index 000000000..eb91280a0
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-073.png differ
diff --git a/database/advanced/key-vault-new/images/okv-074.png b/database/advanced/key-vault-new/images/okv-074.png
new file mode 100644
index 000000000..2265cf922
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-074.png differ
diff --git a/database/advanced/key-vault-new/images/okv-075.png b/database/advanced/key-vault-new/images/okv-075.png
new file mode 100644
index 000000000..2158c41d6
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-075.png differ
diff --git a/database/advanced/key-vault-new/images/okv-076.png b/database/advanced/key-vault-new/images/okv-076.png
new file mode 100644
index 000000000..d2eb80589
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-076.png differ
diff --git a/database/advanced/key-vault-new/images/okv-201.png b/database/advanced/key-vault-new/images/okv-201.png
new file mode 100644
index 000000000..ee6dec492
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-201.png differ
diff --git a/database/advanced/key-vault-new/images/okv-202.png b/database/advanced/key-vault-new/images/okv-202.png
new file mode 100644
index 000000000..613a0884b
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-202.png differ
diff --git a/database/advanced/key-vault-new/images/okv-cluster-concept.png b/database/advanced/key-vault-new/images/okv-cluster-concept.png
new file mode 100644
index 000000000..c44b60622
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-cluster-concept.png differ
diff --git a/database/advanced/key-vault-new/images/okv-concept.png b/database/advanced/key-vault-new/images/okv-concept.png
new file mode 100644
index 000000000..d4eef9f5f
Binary files /dev/null and b/database/advanced/key-vault-new/images/okv-concept.png differ
diff --git a/database/advanced/key-vault-new/key-vault-Lab10.md b/database/advanced/key-vault-new/key-vault-Lab10.md
new file mode 100644
index 000000000..bbae298ef
--- /dev/null
+++ b/database/advanced/key-vault-new/key-vault-Lab10.md
@@ -0,0 +1,70 @@
+# Automate key rotation
+
+## Introduction
+Scripting of the key rotation operations can be made easier and safer by storing the keystore password in an external store.
+
+Estimated Lab Time: 5 minutes
+
+### Objectives
+In this lab, you will add the keystore password to a local auto-login wallet and then use this wallet to perform a re-key operation without needing to enter the OKV password.
+
+### Prerequisites
+This lab assumes you have completed lab 9.
+
+## Task 1: Automate re-key
+
+1. Add the keystore password into a new local auto-open wallet in <WALLET_ROOT>/tde
+
+ ````
+
+ sqlplus / as sysdba
+ ADMINISTER KEY MANAGEMENT ADD SECRET '' FOR CLIENT 'OKV_PASSWORD' TO LOCAL AUTO_LOGIN KEYSTORE '/etc/ORACLE/WALLETS/cdb1/tde_seps';
+ exit;
+
+ ````
+
+ 
+
+2. Check the Master Encryption Key ID before a re-key
+
+ ```
+
+ sqlplus / as sysdba
+ col "container" format a10
+ select b.name "CONTAINER", a.MASTERKEYID "MASTER ENCRYPTION KEY ID"
+ from v$database_key_info a join v$containers b on a.con_id = b.con_id
+ where b.name in ('CDB$ROOT');
+ exit;
+
+ ```
+
+ 
+
+3. Execute a re-key operation without using the Key Vault password
+
+ ````
+
+ sqlplus / as sysdba
+ ADMINISTER KEY MANAGEMENT SET KEY FORCE KEYSTORE IDENTIFIED BY EXTERNAL STORE;
+ exit;
+
+ ````
+
+ This command rotates the TDE master encryption keys for CDB$ROOT and PDB1.
+
+ 
+
+4. Verify that the tablespace was re-keyed
+
+ ```
+
+ sqlplus / as sysdba
+ col "container" format a10
+ select b.name "CONTAINER", a.MASTERKEYID "MASTER ENCRYPTION KEY ID"
+ from v$database_key_info a join v$containers b on a.con_id = b.con_id
+ where b.name in ('CDB$ROOT');
+ exit;
+
+ ```
+
+ 
\ No newline at end of file
diff --git a/database/advanced/key-vault-new/key-vault-Lab11.md b/database/advanced/key-vault-new/key-vault-Lab11.md
new file mode 100644
index 000000000..e9efd8658
--- /dev/null
+++ b/database/advanced/key-vault-new/key-vault-Lab11.md
@@ -0,0 +1,97 @@
+# Bring your own key
+
+## Introduction
+You may want to bring an externally generated key, potentially with higher entropy, and manage it with Key Vault.
+
+Estimated Lab Time: 5 minutes
+
+### Objectives
+In this lab, you will upload an externally generated key to the Key Vault server, and activate it for the database.
+
+### Prerequisites
+This lab assumes you have completed lab 10.
+
+
+## Task 1: Generate a key external to Oracle Key Vault
+
+1. Write your key to a file
+
+ In this example, we use openssl to generate TDE Master Encryption Key. You can use other means to generate this key.
+
+ ```
+
+ openssl rand -hex 32 | tr '[:lower:]' '[:upper:]' > $DBSEC_LABS/okv/byok_aes256.txt
+
+ ```
+
+
+## Task 2: Upload the key to Oracle Key Vault
+
+1. Login to Key Vault as user **KVRESTADMIN**
+
+ Get the randonly generated password by executing this command
+
+ ```
+
+ cat wui_passphrase
+
+ ```
+
+ 
+
+2. Click the **Keys & Wallets** tab and then click the **Keys & Secrets** tab
+
+ 
+
+3. Click the **Create** button
+
+ 
+
+4. Click the **TDE Master Encryption Key** link
+
+ 
+
+5. Click the **Bring Your Own Key** radio button and upload `byok_aes256.txt` file you had created above.
+
+ This will be located at `/home/oracle/DBSecLab/livelabs/okv/byok_aes256.txt`
+
+ 
+
+6. Click the **Select Wallet** button, choose the **LIVELABS\_DB\_WALLET** wallet from the pop-up, and click the **Close** button of the pop-up window
+
+ 
+
+7. Copy the **Master Encryption Key Identifier** (at the top of this page)
+
+ 
+
+8. Click the **Create** button
+
+## Task 3: Activate the key in the database
+
+1. Activate the imported key (BYOK)
+
+ Note: The Master Encryption Key Identifier is the string you copied above in task 2 step 7
+ ````
+
+ sqlplus / as sysdba
+ ADMINISTER KEY MANAGEMENT USE KEY '' FORCE KEYSTORE IDENTIFIED BY EXTERNAL STORE;
+ exit;
+
+ ````
+ 
+
+2. Verify the key with the supplied master encryption key identifier was activated by the database
+
+ ```
+
+ sqlplus / as sysdba
+ col "container" format a10
+ select b.name "CONTAINER", a.MASTERKEYID "MASTER ENCRYPTION KEY ID"
+ from v$database_key_info a join v$containers b on a.con_id = b.con_id
+ where b.name in ('CDB$ROOT');
+ exit;
+
+ ```
+
+ 
\ No newline at end of file
diff --git a/database/advanced/key-vault-new/key-vault-Lab12.md b/database/advanced/key-vault-new/key-vault-Lab12.md
new file mode 100644
index 000000000..3f43db656
--- /dev/null
+++ b/database/advanced/key-vault-new/key-vault-Lab12.md
@@ -0,0 +1,265 @@
+# Explore Key Vault in a typical customer deployment
+
+## Introduction
+Oracle Key Vault offers continuously available, fault-tolerant, and highly scalable centralized management of encryption keys and secrets for all Oracle Database deployment models, addressing diverse organizational requirements. It securely stores and manages sensitive cryptographic material, including TDE master encryption keys, Oracle GoldenGate keys, SSH keys, public and private keys, digital certificates, and more.
+
+Key Vault is purpose-built to manage TDE master encryption keys for standalone, multitenant, RAC, and sharded databases deployed on Exadata, Cloud, Cloud@Customer, and on Oracle Database Appliance. It also operates seamlessly across diverse infrastructure architectures, including multi-cloud and hybrid environments, as well as traditional on-premises and fully cloud-based deployments.
+
+As a critical system component, proper Key Vault operation is essential to maintaining operational continuity. To support this, Key Vault provides comprehensive reporting and notifications, including inventory, activity, security, operational, and audit reports, with notifications delivered via email alerts, remote syslog, or SNMP.
+
+Estimated Lab Time: 15 minutes
+
+### Objectives
+In this lab, you will explore the different types of Key Vault endpoints for Oracle databases, and how virtual wallets organize database keys. You will also explore Oracle Key Vault's actionable reports and how to interpret them - for example identifying which TDE master encryption keys need to be re-keyed, which certificates are nearing expiration or no longer satisfy stricter compliance requirements. You’ll also learn how administrators manage users, monitor system health, and administer the Key Vault server.
+
+### Prerequisites
+This lab assumes you have completed lab 11.
+
+## Task 1: Oracle Key Vault Home page
+
+1. Login to Key Vault as user **KVRESTADMIN**
+
+ 
+
+2. On the home page, observe the following:
+
+ - The **Alerts** banner summarizes critical items that need immediate attention which may impact operational continuity.
+ - The **Managed Entities** provides a quick overview of the databases (endpoints) and the wallets storing database keys.
+ - The **Managed Keys & Secrets** gives a quick glance of all the managed cryptographic objects.
+
+ 
+
+2. The System Overview section at the bottom identifies the system. At this time, the system is deployed as a standalone server.
+
+ 
+
+## Task 2: Manage Primary-Standby, Sharded DBs, Multi-Tennant and RAC databses
+
+Oracle Key Vault can manage all deployment modes of the Oracle database - single instance, RAC, multi-tenant, Data Guard, sharded, and cloud. This is done by deploying database clients called **endpoints** on the database host. For cloud databases, you have to use the cloud console. Endpoints can also be deployed for Oracle GoldenGate, Oracle ACFS, MySQL databases, SSH servers, and more.
+
+The system administrator is tasked with creating, and overseeing the endpoints on the Key Vault server.
+
+1. Click the **Endpoints** tab
+ 
+
+2. This takes you to the Endpoints page
+
+ Note the endpoints deployed across various Oracle database deployment modes:
+ - Three different shards of the sharded database, REGIONS, are endpoints REGIONS\_SHARD\_1, REGIONS\_SHARD\_2, and REGIONS\_SHARD\_3.
+ - Pluggable instance, INVENTORY, of the two node RAC and multi-tenant database SALES, has two endpoints SALES\_INVENTORY\_1 and SALES\_INVENTORY\_2.
+ - Primary-Standby two instance RAC database, STAFF, are four endpoints STAFF\_PRIMARY\_1, STAFF\_PRIMARY\_2, STAFF\_STANDBY\_1 and STAFF\_STANDBY\_2.
+
+ 
+
+## Task 3: Virtual wallets for database keys
+
+To simplify management of database keys, Oracle Key Vault offers virtual wallets which group the keys of the database. Virtual wallets can be tied to multiple endpoint, depending on the database deployment model, so that all keys uploaded by an endpoint become a part of this wallet by default. You can think of this wallet as the Key Vault representation of the local TDE wallet.
+
+The key administrator is responsible for creating and managing virtual wallets.
+
+1. Click the **Keys & Wallets** tab
+ 
+
+2. This takes you to the Wallets page
+
+ In the image below, you can see that each database or pluggable database is tied to a wallet.
+
+ For example:
+ - The sharded database, REGIONS, has a wallet named REGIONS.
+ - Both pluggable databases, INVENTORY and PURCHASE, have their own wallets named INVENTORY and PURCHASE, respectively.
+ - All instances of the primary-standby RAC database, STAFF, share the same wallet named STAFF.
+
+ 
+
+## Task 4: Inventory of database encryption keys
+
+Oracle Key Vault offers a comprehensive set of reports, including inventory, activity, security, and system reports.
+
+Inventory reports cover Oracle databases, GoldenGate, Secure Shell (SSH), public and private keys, certificates, and more. Activity reports include endpoint activity, user activity, and SSH usage details. Security reports provide information on entitlements, SSH authorizations, SSH access, user accounts, failed logins, and more. System reports encompass backup history and RESTful service usage statistics.
+
+1. Click the **Reports** tab
+
+ 
+
+2. Expand the **Key Management Reports for Oracle Endpoints**
+
+ 
+
+3. Select **DB Generated TDE Master Encryption Key Attribute Report** - to see an example of a report with the inventory of database encryption keys
+
+ This report tells you:
+ - Who created and activated the key
+ - Which database, and the container database (including their GUIDs), the key was created or activated for
+ - When the key was created or activated
+
+ 
+
+## Task 5: Track database key and certificate lifetimes
+
+OKV reports help maintain compliance by listing active TDE master keys with activation times to highlight databases overdue for rotation, and by flagging expired or non‑compliant certificates, including lifetime and key size issues.
+
+1. Click the **Reports** tab
+
+ 
+
+2. Expand the **Key Management Reports for Oracle Endpoints**
+
+ 
+
+3. Select **DB Activated TDE Master Encryption Key Report** - to see an example of a report with the inventory of database encryption keys
+
+ This report lists active TDE master keys along with their activation time, helping you identify databases that haven’t generated a new key recently and are in violation of rotation policies
+
+ 
+
+4. Expand the **Keys and Wallets Report**
+
+ 
+
+5. Select **Certificate Awareness Report** - to see an example of a report to track certificate lifetimes
+
+ This report lists certificates expiring in 30, 60, or 90 days, and flag those that need attention or drift out of compliance. For example, when their lifetime exceeds a newly-defined shorter lifetime. You can also view the key sizes used for certificates to help verify they are policy compliant.
+
+ 
+
+## Task 6: Receive notifications for urgent tasks
+
+To keep you aware of your system state, Oracle Key Vault generates alerts and delivers notifications. Key Vault raises categorized alerts when your system reaches critical thresholds for cluster & system parameters, and when keys & certificates are expiring. Besides showing alerts on the console, Key Vault delivers notifications via email alerts, remote syslog, or SNMP depending on your organizational needs.
+
+1. Click the **Reports** tab and click the **Alerts** tab on the left-side panel
+
+ 
+
+2. Alerts that required immediate attention. Key Vault only shows the relevant alerts to the administrator based on their roles.
+
+ In the image below, there are notifications for:
+ - User's passwords that are expiring and need to be reset
+ - Certificate objects that are expiring and need to be rotated
+
+ 
+
+## Task 7: Ensure accountability with audit records
+
+Oracle Key Vault reporting includes a complete audit trail to track actions and monitor changes across Key Vault. The audit trail captures operations like creating a key, done by the users or endpoints, from where, and when. This is available to all administrators.
+
+1. Click the **Reports** tab and click the **Audit Trail** tab on the left-side panel
+
+ 
+
+2. The audit trail page shows all audit records for your Key Vault deployment
+
+ Audit managers can use the **Audit Settings** button to filter for custom events and also select which events they want to be audited.
+
+ Here you can see which subject (user, or endpoint) performed what action on which object, the time it happened at and whether or not it was successfully completed.
+
+ 
+
+## Task 8: Enforce separation of duties
+
+For separation of duties, Key Vault provides three distinct administrator roles: system administrator, key administrator, and audit manager. Regular Key Vault administrators can be assigned specific privileges, such as creating endpoints or endpoint groups, to manage their designated sets of endpoints. A regular user with monitor privileges can run RESTful monitor commands.
+
+Key Vault users can be managed locally as native Key Vault users or externally through Active Directory. Additionally, single sign-on can be enabled for users managed in Entra ID or ADFS. The role of account management is undertaken by the system administrator. To perform these tasks:
+
+1. Click the **Users** tab
+
+ 
+
+2. This takes you to the **Manager Users** page
+
+ 
+
+3. To change the Key Vault user password, click the **Change Password** tab on the left-side panel
+
+ 
+
+4. The **Change Password** page is where the user can change their password
+
+ 
+
+**ADD STEP TO SHOW HOW TO CONFIGURE LDAP**
+5. For organizations that need LDAP support, show the page using some LDAP details added in
+
+6. For deployments using LDAP, key administrators can manage access for users to specific wallets by setting up LDAP group mappings. Click **Manage LDAP Mappings** on the left-side panel.
+
+ 
+
+7. The **LDAP Group Mappings** page shows which mappings are setup to which roles and privileges in Key Vault
+
+ **GET A PHOTO FROM AKHIL SHOWING SOME LDAP GROUPS**
+
+ 
+
+## Task 9: Assess system health
+
+1. To assess the health of the Key Vault server, click the **System** tab
+
+ 
+
+2. This page shows the system health
+
+ Observe the various classes of information shown on this page:
+ - The base server information
+ - The state of critical system services
+ - Information about space usage
+ - Deployment related information
+ - Certificate state
+
+ 
+
+## Task 10: Monitor performance for optimal Oracle Key Vault operations
+
+Oracle Key Vault performance monitoring allows system administrators to identify and address potential bottlenecks, proactively resolve unusual or complex environment-specific issues, and maintain overall system health. In addition, by analyzing system load and resource utilization across the cluster, administrators can make informed decisions about scaling the environment.
+
+1. Click the **System** tab
+
+ 
+
+2. Click the **System Metrics** button
+
+ 
+
+3. To monitor system performance for example, expand the **CPU & Memory Metrics** section
+
+ 
+
+## Task 11: Administer Oracle Key Vault
+
+For ease of use, Key Vault consolidates all network, system, certificate, and monitoring configurations onto a single landing page within the web console. In a cluster deployment, a drop-down menu indicates which configurations are applied across the cluster and which need to be configured individually for each node.
+
+1. Click the **System** tab
+
+ 
+
+2. Click the **Settings** tab on the left-side panel
+
+ 
+
+3. This takes you to the page from where the system administrator can administer the Key Vault server
+
+ System administrators are reponsible for most of the system configuration. Audit Manager is responsible for setting up Audit Vault integration.
+
+ 
+
+## Task 12: A quick look at the cluster
+
+A Key Vault cluster provides continuous availability of your keys to ensure uninterrupted database operations. This task will convert a standalone Key Vault server into the first node of a cluster. This initial node will contain all existing keys and can be used to create a cluster by adding additional nodes.
+
+1. Click the **Cluster** tab
+
+ 
+
+2. Configure the server as a Candidate Node
+
+ 
+
+3. Once the server has been configured as a cluster node, the Cluster page is updated to show the status of all nodes that are part of this cluster
+
+ You can click the **Add** button to add a second, third and more nodes to the cluster.
+
+ 
+
+4. On the Home page, the System Overview section at the bottom is updated, identifying the deployment mode as Cluster
+
+ This section highlights how many read-write pairs are part of the cluster as well as the cluster service status. For now, there is just the one node that we setup.
+
+ 
diff --git a/database/advanced/key-vault-new/key-vault-Lab4.md b/database/advanced/key-vault-new/key-vault-Lab4.md
new file mode 100644
index 000000000..e75badf32
--- /dev/null
+++ b/database/advanced/key-vault-new/key-vault-Lab4.md
@@ -0,0 +1,51 @@
+# Review a typical TDE environment
+
+## Introduction
+Before migrating a database from a local TDE wallet to centralized key management with Oracle Key Vault, you need to understand what the TDE parameters are set, and what tablespaces are encrypted.
+
+Estimated Lab Time: 3 minutes
+
+### Objectives
+In this lab, you will see a typical TDE setup with encrypted tablespaces.
+
+### Prerequisites
+This lab assumes you have completed lab 3.
+
+## Task 1: Review TDE setup in an encrypted database
+
+An encrypted database has been prepared for you to review the environment.
+
+To review this environment, open a terminal and run the following script
+
+````
+
+cd $DBSEC_LABS/okv
+./review_tde_deployment.sh
+
+````
+
+The output of the script will show:
+
+1. The system parameters that are controlling the behavior of TDE in your database:
+- The default algorithm is AES256
+- Newly created tablespaces will be encrypted by default
+- The database uses a file-based wallet
+- File based wallets will be created in the <WALLET_ROOT>/tde directory
+
+
+
+2. The file based wallet is open for use. Since the database is using united mode PDBs, they inherit their location from CDB$ROOT.
+
+
+
+3. The identifier of the TDE master encryption key in use by the CDB and the PDB as well as their creation time
+
+
+
+4. The list of encrypted tablespaces
+
+
+
+5. The list of encrypted RMAN backups
+
+
diff --git a/database/advanced/key-vault-new/key-vault-Lab5.md b/database/advanced/key-vault-new/key-vault-Lab5.md
new file mode 100644
index 000000000..7fe9ccb20
--- /dev/null
+++ b/database/advanced/key-vault-new/key-vault-Lab5.md
@@ -0,0 +1,202 @@
+# Migrate to OKV in 5 easy steps
+
+## Introduction
+To use Oracle Key Vault as your centralized key manager, you need to migrate your Oracle databases from a local TDE wallet to Key Vault.
+
+Estimated Lab Time: 15 minutes
+
+### Objectives
+In this lab, you will learn how to onboard the Oracle database to Oracle Key Vault, and how to migrate your keys from the local TDE wallet to Key Vault.
+
+### Prerequisites
+This lab assumes you have completed lab 4.
+
+## Task 1: Enroll the incoming Oracle database into Oracle Key Vault
+
+1. Login to Key Vault as user **KVEPADMIN**
+
+ For the password, execute the following command
+
+ ```
+
+ cat wui_passphrase
+
+ ```
+
+ 
+
+2. Click the **Endpoints** tab and then click the **Add** button to add a new endpoint
+
+ An endpoint represents an Oracle database instance in Oracle Key Vault.
+
+ 
+
+3. Provide the endpoint details and click **Register** to register the new endpoint
+
+ We recommend using LIVELABS\_DB\_EP for the **Endpoint Name**
+ ```plaintext
+
+ LIVELABS_DB_EP
+
+ ```
+ And using the following text for the **Description**
+ ```plaintext
+
+ This is the endpoint for LiveLabs database (cdb1).
+
+ ```
+
+ 
+
+
+4. Click the newly created endpoint **LIVELABS\_DB\_EP** to view the details for this endpoint
+
+ 
+
+5. On the endpoint details page, add **LIVELABS\_DB\_WALLET** as the **Default Wallet** and click **Save**
+
+ By setting up a *default wallet*, all new keys of the database will be a part of this wallet.
+
+ ```plaintext
+
+ LIVELABS_DB_WALLET
+
+ ```
+
+ 
+
+8. Verify that the permissions of the default wallet (LIVELABS\_DB\_WALLET) show 'Read, Write, Manage Wallet' by checking the **Access to Wallets** section of this page
+
+ 
+
+9. Click the **Endpoints** tab and copy the **Enrollment Token** for **LIVELABS\_DB\_EP**
+
+ 
+
+10. Click on the username KVEPADMIN on the top right hand corner of the page and then click **Logout**
+
+ 
+
+## Task 2: Download the Oracle Key Vault client software for this database
+
+1. On the database host, go to the Key Vault login page, and click on **Endpoint Enrollment and Software Download**
+
+
+
+ 
+
+2. Provide the Enrollment Token and click **Submit Token**. Endpoint details will be automatically populated.
+
+ 
+
+3. Click **Enroll** to download the "okvclient.jar" file. The file is downloaded to your database host.
+
+ 
+
+## Task 3: Deploy the Oracle Key Vault client software on the database host
+
+1. Setup the Key Vault endpoint home. This is the base of operations for the endpoint software
+
+ ```
+
+ export OKV_HOME=/etc/ORACLE/WALLETS/cdb1/okv
+
+ ```
+
+2. Install the Key Vault software. This will prompt for the endpoint connection password. We will refer to this as the "Key Vault endpoint password"
+
+ This is a one time step and the install software (okvclient.jar) is automatically deleted after the install is completed successfully.
+
+ **Note:** the Key Vault endpoint password will be used throughout this workshop for SQL and okvutil commands.
+
+ ```
+
+ java -jar ~/Downloads/okvclient.jar -d $OKV_HOME
+
+ ```
+
+ 
+
+3. Review details under the Key Vault endpoint home
+
+ ```
+
+ tree $OKV_HOME
+
+ ```
+
+ 
+
+4. Deploy the Key Vault library (liborapkcs.so) that the database will use to communicate with Key Vault
+
+ ```
+
+ sudo $OKV_HOME/bin/root.sh
+
+ ```
+
+ 
+
+## Task 4: Prepare the database for the migration to Oracle Key Vault
+
+1. Change the TDE configuration of the database to OKV|FILE
+
+ ```
+
+ sqlplus / as sysdba
+ ALTER SYSTEM SET TDE_CONFIGURATION = 'KEYSTORE_CONFIGURATION=OKV|FILE' SCOPE = BOTH;
+ exit;
+
+ ```
+
+ 
+
+## Task 5: Migrate the database to use Oracle Key Vault for centralized key management
+
+1. Migrate the database to use Key Vault
+
+ The Key Vault endpoint password is the same password you used earlier for deployment in task 3 step 2.
+
+ For the TDE wallet password, execute the following command
+
+ ```
+
+ echo $DBUSR_PWD
+
+ ```
+
+ ```
+
+ sqlplus / as sysdba
+ ADMINISTER KEY MANAGEMENT SET KEY IDENTIFIED BY "" FORCE KEYSTORE MIGRATE USING "";
+ exit;
+
+ ```
+
+ 
+
+2. Migration is always a re-key operation. There are two new keys created in Key Vault: one for the CDB$ROOT and one for PDB1
+
+ When prompted, enter the Key Vault endpoint password.
+
+ ```
+
+ $OKV_HOME/bin/okvutil list
+
+ ```
+
+ 
+
+3. Review the database setup after migrating to Key Vault
+
+ ```
+
+ ./review_tde_using_okv_configuration.sh
+
+ ```
+
+ Note the following changes:
+ - In the TDE configuration parameters, the KEYSTORE_CONFIGURATION now says OKV|FILE
+ - In the wallet status, you'll see the wallet of type OKV is open
+
+ 
\ No newline at end of file
diff --git a/database/advanced/key-vault-new/key-vault-Lab6.md b/database/advanced/key-vault-new/key-vault-Lab6.md
new file mode 100644
index 000000000..a12f73bcd
--- /dev/null
+++ b/database/advanced/key-vault-new/key-vault-Lab6.md
@@ -0,0 +1,51 @@
+# Leave no keys behind - Full migration
+
+## Introduction
+Full migration refers to the ability of allowing one to upload pre-migration keys from the local TDE wallet to Key Vault. This enables you to eventually delete the old TDE wallet and comply with PCI requirements which mandates the removal of the TDE master encryption keys from the database hosts. Oracle Key Vault is the only key manager with this unique ability because OKV has been purpose-built for Oracle. No other key manager can do this.
+
+Estimated Lab Time: 3 minutes
+
+### Objectives
+In this lab, you will learn how to upload pre-migration keys from the local TDE wallet to OKV.
+
+### Prerequisites
+This lab assumes you have completed lab 5.
+
+## Task 1: Achieve PCI compliance ONLY with Oracle Key Vault
+
+1. Upload the pre-migration keys in the database's TDE wallet to the database's default wallet in the Key Vault server that you created in lab 5
+
+ When prompted for the source wallet password, enter the TDE wallet password.
+
+ When prompted for the Oracle Key Vault endpoint password, enter the Key Vault endpoint password.
+
+ ````
+
+ $OKV_HOME/bin/okvutil upload -t WALLET -g LIVELABS_DB_WALLET -l /etc/ORACLE/WALLETS/cdb1/tde/ -v 3
+
+ ````
+
+ 
+
+2. Set the TDE_CONFIGURATION of the database to "OKV"
+
+ ````
+
+ sqlplus / as sysdba
+ ALTER SYSTEM SET TDE_CONFIGURATION = 'KEYSTORE_CONFIGURATION=OKV' SCOPE = BOTH;
+ exit;
+
+ ````
+
+ 
+
+3. Delete the local TDE wallet from <WALLET_ROOT>/tde
+
+ ````
+
+ rm -v /etc/ORACLE/WALLETS/cdb1/tde/*
+ ls /etc/ORACLE/WALLETS/cdb1/tde/
+
+ ````
+
+ 
diff --git a/database/advanced/key-vault-new/key-vault-Lab7.md b/database/advanced/key-vault-new/key-vault-Lab7.md
new file mode 100644
index 000000000..7c92c73ea
--- /dev/null
+++ b/database/advanced/key-vault-new/key-vault-Lab7.md
@@ -0,0 +1,69 @@
+# Enable lights-out operations
+
+## Introduction
+For high availability purposes, you may want to configure your databases to open a connection to Oracle Key Vault without human intervention. For example, when your Oracle Grid Infrastructure restarts your Oracle RAC database instance, or the Data Guard standby restarts as the primary database after a role switch.
+
+Estimated Lab Time: 3 minutes
+
+### Objectives
+In this lab, you will learn how to setup an auto-open OKV connection.
+
+### Prerequisites
+This lab assumes you have completed lab 6.
+
+## Task 1: Enable lights-out operations
+
+1. Add the Key Vault endpoint password into a new local auto-open wallet in <WALLET_ROOT>/tde.
+
+ ````
+
+ sqlplus / as sysdba
+ ADMINISTER KEY MANAGEMENT ADD SECRET '' FOR CLIENT 'OKV_PASSWORD' TO LOCAL AUTO_LOGIN KEYSTORE '/etc/ORACLE/WALLETS/cdb1/tde';
+ exit;
+
+ ````
+
+ 
+
+2. Change the TDE\_CONFIGURATION of the database to 'OKV|FILE' to enable the database to find the new wallet in <WALLET_ROOT>/tde.
+
+ ```
+
+ sqlplus / as sysdba
+ ALTER SYSTEM SET TDE_CONFIGURATION = 'KEYSTORE_CONFIGURATION=OKV|FILE' SCOPE = BOTH;
+ exit;
+
+ ```
+
+ 
+
+3. Restart the database
+
+ ```
+
+ sqlplus / as sysdba
+ SHUTDOWN IMMEDIATE;
+ STARTUP;
+ exit;
+
+ ```
+
+ 
+
+4. Verify that the auto-login wallet is open
+
+ ```
+
+ sqlplus / as sysdba
+ set lines 130 pages 9999 feedback off
+ col "container" format a10
+ col "wallet location" format a30
+ select b.name "CONTAINER", a.status "WALLET STATUS",
+ a.wallet_type "WALLET TYPE", a.wrl_parameter "WALLET LOCATION"
+ from v$encryption_wallet a join v$containers b on a.con_id = b.con_id
+ where b.name in ('CDB$ROOT','PDB1') order by a.con_id, a.wallet_order;
+ exit;
+
+ ```
+
+ 
\ No newline at end of file
diff --git a/database/advanced/key-vault-new/key-vault-Lab8.md b/database/advanced/key-vault-new/key-vault-Lab8.md
new file mode 100644
index 000000000..0f58402da
--- /dev/null
+++ b/database/advanced/key-vault-new/key-vault-Lab8.md
@@ -0,0 +1,96 @@
+# Tolerate connectivity issues with secure persistent cache
+
+## Introduction
+Oracle Key Vault cluster deployment provides continuous availability in case of server failures, but the cluster deployment may not help with network connectivity issues unless there is network redundancy. What happens if there is an underwater landslide that cuts the connection between your databases and your Key Vault cluster? Not to worry, Key Vault's secure persistent cache saves your day and keeps your databases running.
+
+Estimated Lab Time: 5 minutes
+
+### Objectives
+In this lab, you will check the secure persistent cache, simulate a connectivity failure, and create a new tablespace to observe cache-based operation.
+
+### Prerequisites
+This lab assumes you have completed lab 5.
+
+## Task 1: Review Oracle Key Vault's secure persistent cache
+
+1. List the IDs of the keys in the secure persistent cache
+
+ When prompted, enter the Key Vault endpoint password.
+
+ ````
+
+ $OKV_HOME/bin/okvutil list -t OKV_PERSISTENT_CACHE -l /etc/ORACLE/WALLETS/cdb1/okv/conf
+
+ ````
+
+ 
+
+## Task 2: Cut the connectivity to Oracle Key Vault server
+
+1. Cut the connectivity to the Key Vault server to simulate a network connection issue
+
+ ````
+
+ sudo iptables -A OUTPUT -p tcp --dport 5696 -j DROP
+
+ ````
+
+2. Confirm that the server is unreachable
+
+ When prompted, enter the Key Vault endpoint password.
+
+ ````
+
+ $OKV_HOME/bin/okvutil list
+
+ ````
+
+ 
+
+## Task 3: Create a new tablespace to confirm that database operations continue uninterrupted
+
+1. Create a new tablespace
+
+ ````
+
+ sqlplus / as sysdba
+ CREATE TABLESPACE tolerance_tbs DATAFILE SIZE 100M;
+ exit;
+
+ ````
+
+ 
+
+2. Verify the new tablespace was created
+
+ ````
+
+ sqlplus / as sysdba
+ SELECT tablespace_name, encrypted FROM dba_tablespaces WHERE tablespace_name = UPPER('tolerance_tbs');
+ exit;
+
+ ````
+
+ 
+
+## Task 4: Restore connectivity
+
+1. Restore the connectivity to the Key Vault server
+
+ ````
+
+ sudo iptables -D OUTPUT -p tcp --dport 5696 -j DROP
+
+ ````
+
+2. Confirm that the server is reachable
+
+ When prompted, enter the Key Vault endpoint password.
+
+ ````
+
+ $OKV_HOME/bin/okvutil list
+
+ ````
+
+ 
diff --git a/database/advanced/key-vault-new/key-vault-Lab9.md b/database/advanced/key-vault-new/key-vault-Lab9.md
new file mode 100644
index 000000000..ae516fa4c
--- /dev/null
+++ b/database/advanced/key-vault-new/key-vault-Lab9.md
@@ -0,0 +1,108 @@
+# Increased key control for less secure environments
+
+## Introduction
+In certain scenarios, it may be necessary to share data with environments that operate under lower security controls. However, it is critical that the TDE master encryption keys aren't exposed in or downloaded to this environment, or even cached in the secure persistent cache. For this purpose, Oracle Key Vault can also mark keys as non-extractable.
+
+Estimated Lab Time: 5 minutes
+
+### Objectives
+In this lab, you will set a key as 'Non-Extractable'. Creation of a new tablespace will fail in case of a connectivity failure verifying that non-extractable keys remain protected in Key Vault.
+
+### Prerequisites
+This lab assumes you have completed lab 8.
+
+## Task 1: Generate a Non-Extractable key
+
+1. Login to Key Vault as user **KVRESTADMIN**
+
+ Get the randonly generated password by executing this command
+
+ ```
+
+ cat wui_passphrase
+
+ ```
+
+ 
+
+2. Click the **Endpoints** tab and then click the **Settings** tab on the left-side panel
+
+ 
+
+3. Scroll to the bottom, set the **Extractable Attribute** for the **Symmetric Key** to False and click **Save**
+
+ 
+
+4. On the database host, set a new Non-Extractable key in the Key Vault
+
+ ```
+
+ sqlplus / as sysdba
+ ADMINISTER KEY MANAGEMENT SET KEY FORCE KEYSTORE IDENTIFIED BY "";
+ exit;
+
+ ```
+
+ 
+
+## Task 2: Cut the connectivity to Oracle Key Vault server
+
+1. Cut the connectivity to the Key Vault server to simulate a network connection issue
+
+ ````
+
+ sudo iptables -A OUTPUT -p tcp --dport 5696 -j DROP
+
+ ````
+
+2. Confirm that the server is unreachable
+
+ When prompted, enter the Key Vault endpoint password.
+
+ ````
+
+ $OKV_HOME/bin/okvutil list
+
+ ````
+
+ 
+
+## Task 3: Attempt to create a new tablespace to confirm that database operations fail even when the secure persistent cache exists
+
+ 1. Attempt to create a new tablespace
+
+ ````
+
+ sqlplus / as sysdba
+ CREATE TABLESPACE extractable_key_tbs DATAFILE 'extractable_key_tbs01.dbf' SIZE 100M;
+ exit;
+
+ ````
+
+ Note that the step will fail, as in the example below
+
+ 
+
+
+## Task 4: Restore connectivity
+
+1. Restore the connectivity to the Key Vault server
+
+ ````
+
+ sudo iptables -D OUTPUT -p tcp --dport 5696 -j DROP
+
+ ````
+
+2. Confirm that the server is reachable
+
+ When prompted, enter the Key Vault endpoint password.
+
+ ````
+
+ $OKV_HOME/bin/okvutil list
+
+ ````
+
+ 
+
diff --git a/database/advanced/key-vault-new/key-vault.md b/database/advanced/key-vault-new/key-vault.md
new file mode 100644
index 000000000..fa27684c7
--- /dev/null
+++ b/database/advanced/key-vault-new/key-vault.md
@@ -0,0 +1,152 @@
+# Oracle Key Vault (OKV)
+
+## Introduction
+This workshop guides you through the process of migrating an encrypted Oracle database 19c from a local Transparent Database Encryption (TDE) wallet to centralized key management with Oracle Key Vault.
+
+*Estimated Lab Time:* 60 minutes
+
+*Version tested in this lab:* Oracle OKV 21.12 and DBEE 19.28
+
+### Video Preview
+Watch a preview of "*LiveLabs - Oracle Key Vault*" [](youtube:4VR1bbDpUIA)
+
+### Objectives
+During the course of this workshop, you will:
+- Review Transparent Data Encryption (TDE) setup of an Oracle database with encrypted tablespaces
+- Migrate your databases with keys in local TDE wallet to centralized key management with Oracle Key Vault
+- "Full migration" - Upload pre-migration TDE master encryption keys from the local TDE wallet to Oracle Key Vault
+- Enable "lights-out" operations
+- Tolerate network interruptions with secure persistent cache
+- No key exposure for lower security environments
+- Enable re-key operations
+- Bring your own key into Oracle Key Vault
+- Explore Oracle Key Vault in a typical customer deployment
+
+In this workshop, you'll have a pre-setup database host and an Oracle Key Vault server:
+ - The Oracle Key Vault server:
+ - The Oracle Key Vault management console is open in your remote desktop.
+ - The Oracle Key Vault server has been pre-populated with example endpoints, wallets, keys and secrets.
+ - The database host:
+ - The remote desktop is the database host.
+ - You should open a terminal to perform database and Key Vault endpoint operations.
+
+### Prerequisites
+This lab assumes you have:
+
+- A Free Tier, Paid or LiveLabs Oracle Cloud account
+- You have completed:
+ - Lab: Prepare Setup (*Free-tier* and *Paid Tenants* only)
+ - Lab: Environment Setup
+ - Lab: Initialize Environment
+
+
+- An Oracle Cloud account
+- You have completed:
+ - Introduction Tasks
+
+
+### Lab Timing (estimated)
+
+
+| Lab No. | Feature | Approx. Time | Details |
+| -------- | -------------------------------------------------------- | ------------ | -------------------------------------------------------------------------- |
+| 4 | Review a typical TDE environment | 3 minutes | |
+| 5 | Migrate to OKV in 5 easy steps | 15 minutes | |
+| 6 | Leave no keys behind - Full migration | 3 minutes | |
+| 7 | Enable "lights-out" operation | 3 minutes | |
+| 8 | Tolerate connectivity issues with secure persistent cache| 5 minutes | |
+| 9 | Increased key control for less secure environments | 5 minutes | |
+|10 | Automate key rotation | 5 minutes | |
+|11 | Bring your own key | 5 minutes | |
+|12 | Explore Key Vault in a typical customer deployment | 15 minutes | |
+
+
+| Lab No. | Feature | Approx. Time | Details |
+| -------- | -------------------------------------------------------- | ------------ | -------------------------------------------------------------------------- |
+| 4 | Review a typical TDE environment | 3 minutes | |
+| 5 | Migrate to OKV in 5 easy steps | 15 minutes | |
+| 6 | Leave no keys behind - Full migration | 3 minutes | |
+| 7 | Enable "lights-out" operation | 3 minutes | |
+| 8 | Tolerate connectivity issues with secure persistent cache| 5 minutes | |
+| 9 | Increased key control for less secure environments | 5 minutes | |
+|10 | Automate key rotation | 5 minutes | |
+|11 | Bring your own key | 5 minutes | |
+|12 | Explore Key Vault in a typical customer deployment | 15 minutes | |
+
+
+## **Appendix**: About the Product
+### **Overview**
+
+Oracle Key Vault is a full-stack, security-hardened software appliance built to centralize the management of keys and security objects within the enterprise.
+
+Oracle Key Vault is a robust, secure, and standards-compliant key management platform, where you can store, manage, and share your security objects.
+
+
+
+Security objects that you can manage with Oracle Key Vault include as encryption keys, Oracle wallets, Java keystores (JKS), Java Cryptography Extension keystores (JCEKS), and credential files.
+
+Oracle Key Vault centralizes encryption key storage across your organization quickly and efficiently. Built on Oracle Linux, Oracle Database, Oracle Database security features like Oracle Transparent Data Encryption, Oracle Database Vault, Oracle Virtual Private Database, and Oracle GoldenGate technology, Oracle Key Vault's centralized, highly available, and scalable security solution helps to overcome the biggest key-management challenges facing organizations today. With Oracle Key Vault you can retain, back up, and restore your security objects, prevent their accidental loss, and manage their lifecycle in a protected environment.
+
+Oracle Key Vault is optimized for the Oracle Stack (database, middleware, systems), and Advanced Security Transparent Data Encryption (TDE). In addition, it complies with the industry standard OASIS Key Management Interoperability Protocol (KMIP) for compatibility with KMIP-based clients.
+
+You can use Oracle Key Vault to manage a variety of other endpoints, such as MySQL TDE encryption keys.
+
+Starting with Oracle Key Vault release 18.1, a new multi-master cluster mode of operation is available to provide increased availability and support geographic distribution.
+
+The multi-master cluster nodes provide high availability, disaster recovery, load distribution, and geographic distribution to an Oracle Key Vault environment.
+
+An Oracle Key Vault multi-master cluster provides a mechanism to create pairs of Oracle Key Vault nodes for maximum availability and reliability.
+
+
+
+Oracle Key Vault supports two types of mode for cluster nodes: read-only restricted mode or read-write mode.
+
+- **Read-only restricted mode**
+
+ In this mode, only non-critical data can be updated or added to the node. Critical data can be updated or added only through replication in this mode. There are two situations in which a node is in read-only restricted mode:
+ - A node is read-only and does not yet have a read-write peer.
+ - A node is part of a read-write pair but there has been a breakdown in communication with its read-write peer or if there is a node failure. When one of the two nodes is non-operational, then the remaining node is set to be in the read-only restricted mode. When a read-write node is again able to communicate with its read-write peer, then the node reverts back to read-write mode from read-only restricted mode.
+
+- **Read-write mode**
+
+This mode enables both critical and non-critical information to be written to a node. A read-write node should always operate in the read-write mode.
+
+You can add read-only Oracle Key Vault nodes to the cluster to provide even greater availability to endpoints that need Oracle wallets, encryption keys, Java keystores, certificates, credential files, and other objects.
+
+An Oracle Key Vault multi-master cluster is an interconnected group of Oracle Key Vault nodes. Each node in the cluster is automatically configured to connect with all the other nodes, in a fully connected network. The nodes can be geographically distributed and Oracle Key Vault endpoints interact with any node in the cluster.
+
+This configuration replicates data to all other nodes, reducing risk of data loss. To prevent data loss, you must configure pairs of nodes called read-write pairs to enable bi-directional synchronous replication. This configuration enables an update to one node to be replicated to the other node, and verifies this on the other node, before the update is considered successful. Critical data can only be added or updated within the read-write pairs. All added or updated data is asynchronously replicated to the rest of the cluster.
+
+After you have completed the upgrade process, every node in the Oracle Key Vault cluster must be at Oracle Key Vault release 18.1 or later, and within one release update of all other nodes. Any new Oracle Key Vault server that is to join the cluster must be at the same release level as the cluster.
+
+The clocks on all the nodes of the cluster must be synchronized. Consequently, all nodes of the cluster must have the Network Time Protocol (NTP) settings enabled.
+
+Every node in the cluster can serve endpoints actively and independently while maintaining an identical dataset through continuous replication across the cluster. The smallest possible configuration is a 2-node cluster, and the largest configuration can have up to 16 nodes with several pairs spread across several data centers.
+
+### **Benefits of Using Oracle Key Vault**
+- Oracle Key Vault helps you to fight security threats, centralize key storage, and centralize key lifecycle management
+- Deploying Oracle Key Vault in your organization will help you accomplish the following:
+- Manage the lifecycle for endpoint security objects and keys, which includes key creation, rotation, deactivation, and removal
+- Prevent the loss of keys and wallets due to forgotten passwords or accidental deletion
+- Share keys securely between authorized endpoints across the organization
+- Enroll and provision endpoints easily using a single software package that contains all the necessary binaries, configuration files, and endpoint certificates for mutually authenticated connections between endpoints and Oracle Key Vault
+- Work with other Oracle products and features in addition to Transparent Data Encryption (TDE), such as Oracle Real Application Clusters (Oracle RAC), Oracle Data Guard, pluggable databases, and Oracle GoldenGate. Oracle Key Vault facilitates the movement of encrypted data using Oracle Data Pump and transportable tablespaces, a key feature of Oracle Database
+- Oracle Key Vault multi-master cluster provides additional benefits, such as:
+- Maximum key availability by providing multiple Oracle Key Vault nodes from which data may be retrived
+- Zero endpoint downtime during Oracle Key Vault multi-master cluster maintenance
+
+## Want to Learn More?
+Technical Documentation:
+- [Oracle Key Vault](https://docs.oracle.com/en/database/oracle/key-vault/21.10/index.html)
+- [Oracle Key Vault - Multimaster](https://docs.oracle.com/en/database/oracle/key-vault/21.10/okvag/multimaster_concepts.html)
+- [Oracle Key Vault - SSH Key Management](https://docs.oracle.com/en/database/oracle/key-vault/21.10/okvag/management_of_ssh_keys_concepts.html)
+
+ > To learn more about how to use OKV to manage SSH keys, please refer to the "[DB Security - Key Vault (SSH Key Management)] (https://livelabs.oracle.com/pls/apex/dbpm/r/livelabs/view-workshop?wid=727)" workshop
+
+Video:
+- *Introducing Oracle Key Vault 21 (January 2021)* [](youtube:SfXQEwziyw4)
+
+## Acknowledgements
+- **Author** - Hakim Loumi, Database Security PM
+- **Contributors** - Peter Wahl, Rahil Mir, Shubham Goyal
+- **Last Updated By/Date** - Shubham Goyal, Database Security PM - October 2025
\ No newline at end of file
diff --git a/database/advanced/workshops/desktop-key-vault-new/index.html b/database/advanced/workshops/desktop-key-vault-new/index.html
new file mode 100644
index 000000000..7d36cfa7d
--- /dev/null
+++ b/database/advanced/workshops/desktop-key-vault-new/index.html
@@ -0,0 +1,70 @@
+
+
+
+
+
+
+
+
+ Oracle LiveLabs
+
+
+
+
+
+
+
+
+
+
+
+
+
+
Oracle LiveLabs
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/database/advanced/workshops/desktop-key-vault-new/manifest.json b/database/advanced/workshops/desktop-key-vault-new/manifest.json
new file mode 100644
index 000000000..42747aafa
--- /dev/null
+++ b/database/advanced/workshops/desktop-key-vault-new/manifest.json
@@ -0,0 +1,105 @@
+{
+ "workshoptitle": "DB Security - Key Vault",
+ "help": "livelabs-help-db_us@oracle.com",
+ "tutorials": [
+ {
+ "title": "Introduction",
+ "description": "Understand the architecture of this workshop and what it can do",
+ "publisheddate": "10/01/2025",
+ "filename": "../../intro/intro-key-vault.md"
+ },
+ {
+ "title": "Get Started",
+ "description": "Get a Free Trial",
+ "filename": "https://oracle-livelabs.github.io/common/labs/cloud-login/pre-register-free-tier-account.md"
+ },
+ {
+ "title": "Lab 1: Prepare Setup",
+ "description": "How to download your ORM stack and update security rules for an existing VCN",
+ "publisheddate": "10/01/2025",
+ "filename": "../../../common/prepare-setup/prepare-setup.md",
+ "type": "key-vault"
+ },
+ {
+ "title": "Lab 2: Initialize Environment",
+ "description": "How to initialize and start all the workshop components",
+ "publisheddate": "10/01/2025",
+ "filename": "../../../common/init-start-env/init-start-env-dbs.md"
+ },
+ {
+ "title": "Lab 3: Key Vault (OKV)",
+ "description": "In this lab you can see how to leverage Oracle Key Vault (OKV)",
+ "publisheddate": "10/01/2025",
+ "filename": "../../key-vault-new/key-vault.md",
+ "type": "green"
+ },
+ {
+ "title": "Lab 4: Review a typical TDE environment",
+ "description": "Confirm the encryption status of a tablespace in an Oracle database, and understand how TDE has been setup.",
+ "publisheddate": "10/01/2025",
+ "filename": "../../key-vault-new/key-vault-Lab4.md",
+ "type": "green"
+ },
+ {
+ "title": "Lab 5: Migrate to OKV in 5 easy steps",
+ "description": "Prepare Oracle Key Vault for the incoming database and install the OKV endpoint software on the database host",
+ "publisheddate": "10/01/2025",
+ "filename": "../../key-vault-new/key-vault-Lab5.md",
+ "type": "green"
+ },
+ {
+ "title": "Lab 6: Leave no keys behind - Full migration",
+ "description": "Upload pre-migration TDE master encryption keys from the local TDE wallet to OKV",
+ "publisheddate": "10/01/2025",
+ "filename": "../../key-vault-new/key-vault-Lab6.md",
+ "type": "green"
+ },
+ {
+ "title": "Lab 7: Enable lights-out operations",
+ "description": "Learn how to setup an auto-open connection to OKV",
+ "publisheddate": "10/01/2025",
+ "filename": "../../key-vault-new/key-vault-Lab7.md",
+ "type": "green"
+ },
+ {
+ "title": "Lab 8: Tolerate connectivity issues with secure persistent cache",
+ "description": "See how OKVs secure persistent cache keeps your databases running",
+ "publisheddate": "10/01/2025",
+ "filename": "../../key-vault-new/key-vault-Lab8.md",
+ "type": "green"
+ },
+ {
+ "title": "Lab 9: Increased key control for less secure environments",
+ "description": "Learn how OKV can restrict access of your keys to environments with lower security controls",
+ "publisheddate": "10/01/2025",
+ "filename": "../../key-vault-new/key-vault-Lab9.md",
+ "type": "green"
+ },
+ {
+ "title": "Lab 10: Automate key rotation",
+ "description": "See how you can add keystore passwords to local auto-login wallets to simplify key rotation operations",
+ "publisheddate": "10/01/2025",
+ "filename": "../../key-vault-new/key-vault-Lab10.md",
+ "type": "green"
+ },
+ {
+ "title": "Lab 11: Bring your own key",
+ "description": "Upload an externally generated key into OKV",
+ "publisheddate": "10/01/2025",
+ "filename": "../../key-vault-new/key-vault-Lab11.md",
+ "type": "green"
+ },
+ {
+ "title": "Lab 12: Explore Key Vault in a typical customer deployment",
+ "description": "Explore Key Vault in a typical customer deployment",
+ "publisheddate": "10/01/2025",
+ "filename": "../../key-vault-new/key-vault-Lab12.md",
+ "type": "green"
+ },
+ {
+ "title": "Need Help?",
+ "description": "Solutions to Common Problems and Directions for Receiving Live Help",
+ "filename": "https://oracle-livelabs.github.io/common/labs/need-help/need-help-freetier.md"
+ }
+ ]
+}
diff --git a/database/advanced/workshops/freetier-key-vault-new/index.html b/database/advanced/workshops/freetier-key-vault-new/index.html
new file mode 100644
index 000000000..aebbdda4a
--- /dev/null
+++ b/database/advanced/workshops/freetier-key-vault-new/index.html
@@ -0,0 +1,63 @@
+
+
+
+
+
+
+
+
+ Oracle LiveLabs
+
+
+
+
+
+
+
+
+
+
+
+
+
+
Oracle LiveLabs
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/database/advanced/workshops/freetier-key-vault-new/manifest.json b/database/advanced/workshops/freetier-key-vault-new/manifest.json
new file mode 100644
index 000000000..3681d7a9f
--- /dev/null
+++ b/database/advanced/workshops/freetier-key-vault-new/manifest.json
@@ -0,0 +1,105 @@
+{
+ "workshoptitle": "DB Security - Key Vault",
+ "help": "livelabs-help-db_us@oracle.com",
+ "tutorials": [
+ {
+ "title": "Introduction",
+ "description": "Understand the architecture of this workshop and what it can do",
+ "publisheddate": "10/01/2025",
+ "filename": "../../intro/intro-key-vault.md"
+ },
+ {
+ "title": "Get Started",
+ "description": "Get a Free Trial",
+ "filename": "https://oracle-livelabs.github.io/common/labs/cloud-login/pre-register-free-tier-account.md"
+ },
+ {
+ "title": "Lab 1: Prepare Setup",
+ "description": "How to download your ORM stack and update security rules for an existing VCN",
+ "publisheddate": "10/01/2025",
+ "filename": "../../../common/prepare-setup/prepare-setup.md",
+ "type": "key-vault"
+ },
+ {
+ "title": "Lab 2: Initialize Environment",
+ "description": "How to initialize and start all the workshop components",
+ "publisheddate": "10/01/2025",
+ "filename": "../../../common/init-start-env/init-start-env-dbs.md"
+ },
+ {
+ "title": "Lab 3: Key Vault (OKV)",
+ "description": "In this lab you can see how to leverage Oracle Key Vault (OKV)",
+ "publisheddate": "10/01/2025",
+ "filename": "../../key-vault-new/key-vault.md",
+ "type": "brown"
+ },
+ {
+ "title": "Lab 4: Review a typical TDE environment",
+ "description": "Confirm the encryption status of a tablespace in an Oracle database, and understand how TDE has been setup.",
+ "publisheddate": "10/01/2025",
+ "filename": "../../key-vault-new/key-vault-Lab4.md",
+ "type": "brown"
+ },
+ {
+ "title": "Lab 5: Migrate to OKV in 5 easy steps",
+ "description": "Prepare Oracle Key Vault for the incoming database and install the OKV endpoint software on the database host",
+ "publisheddate": "10/01/2025",
+ "filename": "../../key-vault-new/key-vault-Lab5.md",
+ "type": "brown"
+ },
+ {
+ "title": "Lab 6: Leave no keys behind - Full migration",
+ "description": "Upload pre-migration TDE master encryption keys from the local TDE wallet to OKV",
+ "publisheddate": "10/01/2025",
+ "filename": "../../key-vault-new/key-vault-Lab6.md",
+ "type": "brown"
+ },
+ {
+ "title": "Lab 7: Enable lights-out operations",
+ "description": "Learn how to setup an auto-open connection to OKV",
+ "publisheddate": "10/01/2025",
+ "filename": "../../key-vault-new/key-vault-Lab7.md",
+ "type": "brown"
+ },
+ {
+ "title": "Lab 8: Tolerate connectivity issues with secure persistent cache",
+ "description": "See how OKVs secure persistent cache keeps your databases running",
+ "publisheddate": "10/01/2025",
+ "filename": "../../key-vault-new/key-vault-Lab8.md",
+ "type": "brown"
+ },
+ {
+ "title": "Lab 9: Increased key control for less secure environments",
+ "description": "Learn how OKV can restrict access of your keys to environments with lower security controls",
+ "publisheddate": "10/01/2025",
+ "filename": "../../key-vault-new/key-vault-Lab9.md",
+ "type": "brown"
+ },
+ {
+ "title": "Lab 10: Automate key rotation",
+ "description": "See how you can add keystore passwords to local auto-login wallets to simplify key rotation operations",
+ "publisheddate": "10/01/2025",
+ "filename": "../../key-vault-new/key-vault-Lab10.md",
+ "type": "brown"
+ },
+ {
+ "title": "Lab 11: Bring your own key",
+ "description": "Upload an externally generated key into OKV",
+ "publisheddate": "10/01/2025",
+ "filename": "../../key-vault-new/key-vault-Lab11.md",
+ "type": "brown"
+ },
+ {
+ "title": "Lab 12: Explore Key Vault in a typical customer deployment",
+ "description": "Explore Key Vault in a typical customer deployment",
+ "publisheddate": "10/01/2025",
+ "filename": "../../key-vault-new/key-vault-Lab12.md",
+ "type": "brown"
+ },
+ {
+ "title": "Need Help?",
+ "description": "Solutions to Common Problems and Directions for Receiving Live Help",
+ "filename": "https://oracle-livelabs.github.io/common/labs/need-help/need-help-freetier.md"
+ }
+ ]
+}
diff --git a/database/advanced/workshops/livelabs-key-vault-new/index.html b/database/advanced/workshops/livelabs-key-vault-new/index.html
new file mode 100644
index 000000000..aebbdda4a
--- /dev/null
+++ b/database/advanced/workshops/livelabs-key-vault-new/index.html
@@ -0,0 +1,63 @@
+
+
+
+
+
+
+
+
+ Oracle LiveLabs
+
+
+
+
+
+
+
+
+
+
+
+
+
+
Oracle LiveLabs
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/database/advanced/workshops/livelabs-key-vault-new/manifest.json b/database/advanced/workshops/livelabs-key-vault-new/manifest.json
new file mode 100644
index 000000000..42747aafa
--- /dev/null
+++ b/database/advanced/workshops/livelabs-key-vault-new/manifest.json
@@ -0,0 +1,105 @@
+{
+ "workshoptitle": "DB Security - Key Vault",
+ "help": "livelabs-help-db_us@oracle.com",
+ "tutorials": [
+ {
+ "title": "Introduction",
+ "description": "Understand the architecture of this workshop and what it can do",
+ "publisheddate": "10/01/2025",
+ "filename": "../../intro/intro-key-vault.md"
+ },
+ {
+ "title": "Get Started",
+ "description": "Get a Free Trial",
+ "filename": "https://oracle-livelabs.github.io/common/labs/cloud-login/pre-register-free-tier-account.md"
+ },
+ {
+ "title": "Lab 1: Prepare Setup",
+ "description": "How to download your ORM stack and update security rules for an existing VCN",
+ "publisheddate": "10/01/2025",
+ "filename": "../../../common/prepare-setup/prepare-setup.md",
+ "type": "key-vault"
+ },
+ {
+ "title": "Lab 2: Initialize Environment",
+ "description": "How to initialize and start all the workshop components",
+ "publisheddate": "10/01/2025",
+ "filename": "../../../common/init-start-env/init-start-env-dbs.md"
+ },
+ {
+ "title": "Lab 3: Key Vault (OKV)",
+ "description": "In this lab you can see how to leverage Oracle Key Vault (OKV)",
+ "publisheddate": "10/01/2025",
+ "filename": "../../key-vault-new/key-vault.md",
+ "type": "green"
+ },
+ {
+ "title": "Lab 4: Review a typical TDE environment",
+ "description": "Confirm the encryption status of a tablespace in an Oracle database, and understand how TDE has been setup.",
+ "publisheddate": "10/01/2025",
+ "filename": "../../key-vault-new/key-vault-Lab4.md",
+ "type": "green"
+ },
+ {
+ "title": "Lab 5: Migrate to OKV in 5 easy steps",
+ "description": "Prepare Oracle Key Vault for the incoming database and install the OKV endpoint software on the database host",
+ "publisheddate": "10/01/2025",
+ "filename": "../../key-vault-new/key-vault-Lab5.md",
+ "type": "green"
+ },
+ {
+ "title": "Lab 6: Leave no keys behind - Full migration",
+ "description": "Upload pre-migration TDE master encryption keys from the local TDE wallet to OKV",
+ "publisheddate": "10/01/2025",
+ "filename": "../../key-vault-new/key-vault-Lab6.md",
+ "type": "green"
+ },
+ {
+ "title": "Lab 7: Enable lights-out operations",
+ "description": "Learn how to setup an auto-open connection to OKV",
+ "publisheddate": "10/01/2025",
+ "filename": "../../key-vault-new/key-vault-Lab7.md",
+ "type": "green"
+ },
+ {
+ "title": "Lab 8: Tolerate connectivity issues with secure persistent cache",
+ "description": "See how OKVs secure persistent cache keeps your databases running",
+ "publisheddate": "10/01/2025",
+ "filename": "../../key-vault-new/key-vault-Lab8.md",
+ "type": "green"
+ },
+ {
+ "title": "Lab 9: Increased key control for less secure environments",
+ "description": "Learn how OKV can restrict access of your keys to environments with lower security controls",
+ "publisheddate": "10/01/2025",
+ "filename": "../../key-vault-new/key-vault-Lab9.md",
+ "type": "green"
+ },
+ {
+ "title": "Lab 10: Automate key rotation",
+ "description": "See how you can add keystore passwords to local auto-login wallets to simplify key rotation operations",
+ "publisheddate": "10/01/2025",
+ "filename": "../../key-vault-new/key-vault-Lab10.md",
+ "type": "green"
+ },
+ {
+ "title": "Lab 11: Bring your own key",
+ "description": "Upload an externally generated key into OKV",
+ "publisheddate": "10/01/2025",
+ "filename": "../../key-vault-new/key-vault-Lab11.md",
+ "type": "green"
+ },
+ {
+ "title": "Lab 12: Explore Key Vault in a typical customer deployment",
+ "description": "Explore Key Vault in a typical customer deployment",
+ "publisheddate": "10/01/2025",
+ "filename": "../../key-vault-new/key-vault-Lab12.md",
+ "type": "green"
+ },
+ {
+ "title": "Need Help?",
+ "description": "Solutions to Common Problems and Directions for Receiving Live Help",
+ "filename": "https://oracle-livelabs.github.io/common/labs/need-help/need-help-freetier.md"
+ }
+ ]
+}