| Plugin Title | Policy Least Privilege |
| Cloud | ORACLE |
| Category | Identity |
| Description | Ensure only service-level admins have blanket statements to manage or use resources without restriction. |
| More Info | Adding service-level admins to Oracle policies instead of blanket statements mitigates unintended access to resources by unauthorized users or groups. |
| ORACLE Link | https://docs.cloud.oracle.com/iaas/Content/Security/Reference/iam_security.htm |
| Recommended Action | When writing policies, avoid blanket statements, and instead give full permissions only to Service-level admins, all other groups should have least access to services. |