Query: 3.7 Ensure a notification is configured for IAM policy changes

Description

It is recommended to setup an Event Rule and Notification that gets triggered when IAM Policies are created, updated or deleted. Event Rules are compartment scoped and will detect events in child compartments, it is recommended to create the Event rule at the root compartment level.

Query

Tables used in this query:

• oci_events_rule
• oci_identity_compartment

Controls using this query:

• 3.7 Ensure a notification is configured for IAM policy changes
• 3.7 Ensure a notification is configured for IAM policy changes
• 4.6 Ensure a notification is configured for IAM policy changes

SQL