Plugin Title Policy Least Privilege
Cloud ORACLE
Category Identity
Description Ensure only service-level admins have blanket statements to manage or use resources without restriction.
More Info Adding service-level admins to Oracle policies instead of blanket statements mitigates unintended access to resources by unauthorized users or groups.
AWS Link https://docs.cloud.oracle.com/iaas/Content/Security/Reference/iam_security.htm
Recommended Action When writing policies, avoid blanket statements, and instead give full permissions only to Service-level admins, all other groups should have least access to services.


Detailed Remediation Steps

Want to scan for this risk automatically?

Get Started Now