MEDIUM
Source
CloudSploit
ID
file-storage-policy-protection

File Storage Policy Protection

Ensures policy statements have deletion protection for file storage services unless it is an administrator group.

Adding deletion protection to Oracle file storage policies mitigates unintended deletion of file storage services by unauthorized users or groups.

When writing policies, avoid blanket statements, and add a where statement with the line request.permission != {FILE_SYSTEM_DELETE, MOUNT_TARGET_DELETE, EXPORT_SET_DELETE} .