Steampipe unbundled →
Steampipe Hub 
Hub
Plugins
turbot/oci
Overview
160Tables
Versions
PowerpipeMods
GitHub
steampipe plugin install oci

Table: oci_identity_authentication_policy - Query OCI Identity Authentication Policies using SQL

Oracle Cloud Infrastructure (OCI) Identity Authentication Policies are a set of rules that define the actions allowed on resources within a compartment. These policies are used to manage access to OCI resources, ensuring that only authorized users can perform operations on these resources. The policies are written in a human-readable, declarative language, and they specify who can access which resources, and how.

Table Usage Guide

The oci_identity_authentication_policy table provides insights into the authentication policies within OCI Identity. As a security administrator, you can explore policy-specific details through this table, including the policy statements, versions, and associated metadata. Utilize it to uncover information about policies, such as those with specific permissions, the resources they affect, and the conditions under which they apply.

Examples

Basic info

Uncover the details of your authentication policy to ensure it meets your security standards. This query helps in assessing the password requirements and restrictions, such as length and character type, as well as identifying any network sources that are allowed.

select
  minimum_password_length,
  is_lowercase_characters_required,
  is_numeric_characters_required,
  is_special_characters_required,
  is_uppercase_characters_required,
  is_username_containment_allowed,
  network_source_ids
from
  oci_identity_authentication_policy
select
  minimum_password_length,
  is_lowercase_characters_required,
  is_numeric_characters_required,
  is_special_characters_required,
  is_uppercase_characters_required,
  is_username_containment_allowed,
  network_source_ids
from
  oci_identity_authentication_policy

Control examples

Schema for oci_identity_authentication_policy

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form, e.g. connection_name.
is_lowercase_characters_requiredbooleanAt least one lower case character required.
is_numeric_characters_requiredbooleanAt least one numeric character required.
is_special_characters_requiredbooleanAt least one special character required.
is_uppercase_characters_requiredbooleanAt least one uppercase character required.
is_username_containment_allowedbooleanUser name is allowed to be part of the password.
minimum_password_lengthbigintMinimum password length required.
network_source_idstextList of IP ranges from which users can sign in to the Console.
tenant_idtextThe OCID of the Tenant in which the resource is located.
tenant_nametextThe name of the Tenant in which the resource is located.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- oci

You can pass the configuration to the command with the --config argument:

steampipe_export_oci --config '<your_config>' oci_identity_authentication_policy