Aqua CSPM
ORACLEObject Store

Bucket Public Access Type

Quick Info

Plugin TitleBucket Public Access Type
CloudORACLE
CategoryObject Store
DescriptionEnsures object store buckets do not allow global write, delete, or read permissions
More InfoObject store buckets can be configured to allow anyone, regardless of whether they are an Oracle cloud user or not, to write objects to a bucket or delete objects. This option should not be configured unless there is a strong business requirement.
ORACLE Linkhttps://docs.cloud.oracle.com/iaas/Content/Object/Tasks/managingbuckets.htm
Recommended ActionDisable global all users policies on all object store buckets and ensure the bucket is configured with the least privileges.

Detailed Remediation Steps

Cloud Security Posture Management (CSPM)

Scan, monitor and remediate configuration issues in public cloud accounts according to best practices and compliance standards, across AWS, Azure, Google Cloud, and Oracle Cloud.
Sign up for free
Cloud native security as-a-service
Aqua Wave
Get Started
Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2021 Aqua Security Software Ltd.   Privacy Policy | Terms of Use