Identity domain users with tenancy administrator permissions should not have API keys

문서 > Datadog 보안 > OOTB Rules > Identity domain users with tenancy administrator permissions should not have API keys

이 페이지는 아직 한국어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Description

Oracle Cloud identity domain users with tenancy administrator permissions should not have API keys. Administrator accounts with API keys present an elevated security risk, as compromised keys provide programmatic access with full administrative privileges. Removing API keys from administrator accounts reduces the attack surface and enforces the principle of least privilege.

Note: Only active users in a default identity domain who are members of the Administrators group are assessed.

Remediation

Remove API keys from users with tenancy administrator permissions. Consider using alternative authentication methods or creating separate service accounts with limited permissions for programmatic access. For guidance on managing API keys, refer to the Working with API Keys section in the Oracle Cloud Infrastructure Documentation.

Identity domain users with tenancy administrator permissions should not have API keys

Description

Remediation

How can I help you today?