📄️ 1.2
1.2 Give permissions on all resources only to the tenancy administrator group (Automated)
📄️ 1.3
1.3 Ensure Identity and Access Management (IAM) administrators cannot update tenancy Administrators group (Automated)
📄️ 1.7
1.7 Enable Multi-Factor Authentication (MFA) for all users with console password capability (Automated)
📄️ 1.8
1.8 Ensure user API keys rotate every 90 days (Automated)
📄️ 1.9
1.9 Ensure user customer secret keys rotate every 90 days (Automated)
📄️ 1.10
1.10 Ensure user auth tokens rotate within 90 days (Automated)
📄️ 1.11
1.11 Ensure API keys are not created for tenancy administrator users (Automated)
📄️ 2.1
2.1 Ensure no security lists allow ingress from 0.0.0.0/0 to port 22 (Automated)
📄️ 2.2
2.2 Ensure no security lists allow ingress from 0.0.0.0/0 to port 3389 (Automated)
📄️ 2.3
2.3 Ensure no network security groups allow ingress from 0.0.0.0/0 to port 22 (Automated)
📄️ 2.4
2.4 Ensure no network security groups allow ingress from 0.0.0.0/0 to port 3389 (Automated)
📄️ 2.5
2.5 Ensure the default security list of every Virtual Cloud Network (VCN) restricts all traffic except Internet Control Message Protocol (ICMP) (Automated)
📄️ 3.1
3.1 Set audit log retention period to 365 days (Manual)
📄️ 3.2
3.2 Use default tags on resources (Automated)
📄️ 4.1.1
4.1.1 Ensure no Object Storage buckets are publicly visible (Automated)
📄️ 4.1.2
4.1.2 Encrypt Object Storage Buckets with a Customer Managed Key (CMK) (Automated)
📄️ 4.1.3
4.1.3 Enable Versioning for Object Storage Buckets (Automated)
📄️ 4.2.1
4.2.1 Encrypt Block Volumes with Customer Managed Keys (CMK) (Automated)