Oracle Cloud Infrastructure Documentation

Addressing Basic Configuration Issues

This topic lists procedures to address common configuration issues that affect the security of your cloud resources.

Block Volume

Block volume detached from instance

Compute

Instance created based on unapproved custom image

IAM

Member of the Administrators group used API keys
Policy grants broad permissions
API signing keys over 90 days old
Tenancy administrator privilege grant to an IAM group

Networking: VCN, Load Balancers, and DNS

No ingress rules in security lists
Security list allows traffic from any IP address (open source)
Security list allows traffic to sensitive ports
Internet gateway attached to VCN
Instance has a public IP
Load balancer has no inbound rules or listeners
Load balancer has no backend sets
Load balancer SSL certificate expires in X days

Object Storage

Public buckets detected