Oracle > Object Store >

Pre-Authenticated Requests Access

HIGH

Source

CloudSploit

ID

pre-authenticated-requests-access

management console

Pre-Authenticated Requests Access

Ensure that pre-authenticated requests have least privilege access.

Pre-authenticated requests allow for users who are not in the tenancy to access buckets, ensuring least access prevents malicious entities from leveraging this type of access to edit or delete objects in a bucket.

Recommended Actions

When creating pre-authenticated Requests, ensure only object read permissions are selected.

Links

https://docs.cloud.oracle.com/iaas/Content/Object/Tasks/usingpreauthenticatedrequests.htm

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.

Copyright © 2024 Aqua Security Software Ltd. Privacy Policy | Terms of Use