Table: oci_identity_authentication_policy - Query OCI Identity Authentication Policies using SQL

Oracle Cloud Infrastructure (OCI) Identity Authentication Policies are a set of rules that define the actions allowed on resources within a compartment. These policies are used to manage access to OCI resources, ensuring that only authorized users can perform operations on these resources. The policies are written in a human-readable, declarative language, and they specify who can access which resources, and how.

Table Usage Guide

The oci_identity_authentication_policy table provides insights into the authentication policies within OCI Identity. As a security administrator, you can explore policy-specific details through this table, including the policy statements, versions, and associated metadata. Utilize it to uncover information about policies, such as those with specific permissions, the resources they affect, and the conditions under which they apply.

Examples

Basic info

Uncover the details of your authentication policy to ensure it meets your security standards. This query helps in assessing the password requirements and restrictions, such as length and character type, as well as identifying any network sources that are allowed.

select
  minimum_password_length,
  is_lowercase_characters_required,
  is_numeric_characters_required,
  is_special_characters_required,
  is_uppercase_characters_required,
  is_username_containment_allowed,
  network_source_ids
from
  oci_identity_authentication_policy

select
  minimum_password_length,
  is_lowercase_characters_required,
  is_numeric_characters_required,
  is_special_characters_required,
  is_uppercase_characters_required,
  is_username_containment_allowed,
  network_source_ids
from
  oci_identity_authentication_policy

Control examples

Schema for oci_identity_authentication_policy

Name	Type	Operators	Description
_ctx	jsonb		Steampipe context in JSON form.
is_lowercase_characters_required	boolean		At least one lower case character required.
is_numeric_characters_required	boolean		At least one numeric character required.
is_special_characters_required	boolean		At least one special character required.
is_uppercase_characters_required	boolean		At least one uppercase character required.
is_username_containment_allowed	boolean		User name is allowed to be part of the password.
minimum_password_length	bigint		Minimum password length required.
network_source_ids	text		List of IP ranges from which users can sign in to the Console.
sp_connection_name	text	=, !=, ~~, ~~, !~~, !~~	Steampipe connection name.
sp_ctx	jsonb		Steampipe context in JSON form.
tenant_id	text	=, !=, ~~, ~~, !~~, !~~	The OCID of the Tenant in which the resource is located.
tenant_name	text		The name of the Tenant in which the resource is located.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- oci

You can pass the configuration to the command with the --config argument:

steampipe_export_oci --config '<your_config>' oci_identity_authentication_policy