Plugin Title Database Policy Protection
Category Database
Description Ensure Policy statements have deletion protection for Database Systems, Databases, and Database Homes unless it is an administrator group.
More Info Adding deletion protection to Oracle Database policies mitigates unintended deletion of Database Services by unauthorized users or groups.
AWS Link
Recommended Action When writing policies, avoid blanket statements, and add a where statement with the line request.permission != {DB_SYSTEM_DELETE, DATABASE_DELETE, DB_HOME_DELETE} .

Detailed Remediation Steps

Want to scan for this risk automatically?

Get Started Now