OCI-020 Oracle Cloud Infrastructure (OCI)

Autonomous Database network access is restricted (private endpoint / ACLs).

Autonomous Database network access is restricted (private endpoint / ACLs).

Domain
Oracle Cloud Infrastructure (OCI)
Area
Database
Automated / manual
Automated

Risk if it fails

Public DB endpoints are directly attackable.

A database reachable from the whole internet can be attacked directly; attackers brute-force the login or exploit a flaw and exfiltrate the entire dataset.

How Tess tests it

1 test — each concludes only on cited evidence.

Autonomous Database network access is restricted (private endpoint / ACLs).

Automated
Procedure
Confirm ADB uses private endpoint or network ACLs, not open access.

Read-only command 

oci db autonomous-database list --compartment-id <compartment-ocid> --all --query 'data[].{name:"db-name",access:"network-access-type",acl:"whitelisted-ips"}'

More in Oracle Cloud Infrastructure (OCI)

OCI-001 MFA is enforced for all IAM users, especially administrators. OCI-002 Customer secret keys / API keys are rotated regularly (<=90 days). OCI-003 A strong password policy is configured. OCI-004 Membership of the Administrators group is minimal.

Want Tess to test OCI-020 against your evidence?

Book a demo