Identity domain users with tenancy administrator permissions should not have API keys

Docs > Datadog Security > OOTB Rules > Identity domain users with tenancy administrator permissions should not have API keys

このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。

Description

Oracle Cloud identity domain users with tenancy administrator permissions should not have API keys. Administrator accounts with API keys present an elevated security risk, as compromised keys provide programmatic access with full administrative privileges. Removing API keys from administrator accounts reduces the attack surface and enforces the principle of least privilege.

Note: Only active users in a default identity domain who are members of the Administrators group are assessed.

Remediation

Remove API keys from users with tenancy administrator permissions. Consider using alternative authentication methods or creating separate service accounts with limited permissions for programmatic access. For guidance on managing API keys, refer to the Working with API Keys section in the Oracle Cloud Infrastructure Documentation.

Identity domain users with tenancy administrator permissions should not have API keys

Description

Remediation

How can I help you today?