Ensure only Compartment/Tenancy admins have blanket statements to manage or use resources without restriction.
Adding service-level admins to Oracle policies instead of blanket statements mitigates unintended access to resources by unauthorized users or groups.
When writing policies, avoid blanket statements, and instead give full permissions only to Service-level admins, all other groups should have least access to services.