diff --git a/internal/db/schema/migrations/oss/postgres/47/01_key_rewrap.up.sql b/internal/db/schema/migrations/oss/postgres/47/01_key_rewrap.up.sql
new file mode 100644
index 0000000000..ea30a7e19a
--- /dev/null
+++ b/internal/db/schema/migrations/oss/postgres/47/01_key_rewrap.up.sql
@@ -0,0 +1,23 @@
+-- make the required schema changes to upgrade the dependency:
+-- github.com/hashicorp/go-kms-wrapping/extras/kms/v2
+-- this migration is from:
+-- https://github.com/hashicorp/go-kms-wrapping/blob/main/extras/kms/migrations/postgres/05_key_rewrap.up.sql
+
+begin;
+
+-- we need to make the key and version columns mutable in order to support
+-- rewrapping the root key versions.
+drop trigger kms_immutable_columns on kms_root_key_version;
+
+create trigger kms_immutable_columns before update on kms_root_key_version
+  for each row execute procedure kms_immutable_columns('private_id', 'root_key_id', 'create_time');
+
+
+-- we need to make the key and version columns mutable in order to support
+-- rewrapping the data key version.
+drop trigger kms_immutable_columns on kms_data_key_version;
+
+create trigger kms_immutable_columns before update on kms_data_key_version
+  for each row execute procedure kms_immutable_columns('private_id', 'data_key_id', 'root_key_version_id', 'create_time');
+
+commit;