Need to enhance OCI Network Sources to apply globally to CLI access — Cloud Customer Connect
You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register
Get Started with Redwood: Oracle Cloud SCM and Purchasing

Need to enhance OCI Network Sources to apply globally to CLI access

in Idea Lab – Core Infrastructure

Organization Name (Required - If you are an Oracle Partner, please provide the organization you are logging the idea on behalf of):

Berkshire Hathaway Energy

Description (Required):

Need to enhance OCI Network Sources to apply globally to CLI access to avoid having to apply to all policy statements. Current approach requires 100s of potentially error-prone network source restrictions changes. Please note that current configuration was exploited during a penetration test to gain admin access to our tenant with the use of a compromised API key with CLI access. If global network restrictions in place within the tenant were enforced on the CLI, the attack would be more difficult to mount and easier to detect.

1
Up Down
1 votes

Submitted · Last Updated

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!