Aqua CSPM

Object Store Policy Protection

Quick Info

Plugin TitleObject Store Policy Protection
CloudORACLE
CategoryObject Store
DescriptionEnsure policy statements have deletion protection for object store services unless it is an administrator group.
More InfoAdding deletion protection to Oracle object store policies mitigates unintended deletion of object store services by unauthorized users or groups.
ORACLE Linkhttps://docs.cloud.oracle.com/iaas/Content/Object/Tasks/managingobjects.htm
Recommended ActionWhen writing policies, avoid blanket statements, and add a where statement with the line request.permission != {OBJECT_DELETE, BUCKET_DELETE} .

Detailed Remediation Steps