Aqua CSPM

File Storage Policy Protection

Quick Info

Plugin TitleFile Storage Policy Protection
CloudORACLE
CategoryFile Storage
DescriptionEnsures policy statements have deletion protection for file storage services unless it is an administrator group.
More InfoAdding deletion protection to Oracle file storage policies mitigates unintended deletion of file storage services by unauthorized users or groups.
ORACLE Linkhttps://docs.cloud.oracle.com/iaas/Content/Security/Reference/filestorage_security.htm
Recommended ActionWhen writing policies, avoid blanket statements, and add a where statement with the line request.permission != {FILE_SYSTEM_DELETE, MOUNT_TARGET_DELETE, EXPORT_SET_DELETE} .

Detailed Remediation Steps