In Oracle Database 23ai’s Select AI, security between the Autonomous Database and OCI Generative
AI is managed using Resource Principals (B). This mechanism allows the database instance to
authenticate itself to OCI services without hardcoding credentials, enhancing security by avoiding
exposure of sensitive keys. TLS/SSL encryption (A) is used for data-in-transit security, but it’s a
complementary layer, not the primary management method. A VPN tunnel (C) is unnecessary within
OCI’s secure infrastructure and not specified for Select AI. Manual API key entry (D) is impractical and
insecure for automated database interactions. Oracle’s documentation on Select AI highlights
Resource Principals as the secure, scalable authentication method.
Reference:Oracle Database 23ai New Features Guide, Section on Select AI Security.
