Aqua CSPM

Policy Least Privilege

Quick Info

Plugin TitlePolicy Least Privilege
CloudORACLE
CategoryIdentity
DescriptionEnsure only service-level admins have blanket statements to manage or use resources without restriction.
More InfoAdding service-level admins to Oracle policies instead of blanket statements mitigates unintended access to resources by unauthorized users or groups.
ORACLE Linkhttps://docs.cloud.oracle.com/iaas/Content/Security/Reference/iam_security.htm
Recommended ActionWhen writing policies, avoid blanket statements, and instead give full permissions only to Service-level admins, all other groups should have least access to services.

Detailed Remediation Steps