oci_adm_knowledge_baseoci_adm_vulnerability_auditoci_ai_anomaly_detection_ai_private_endpointoci_ai_anomaly_detection_data_assetoci_ai_anomaly_detection_modeloci_ai_anomaly_detection_projectoci_analytics_instanceoci_apigateway_apioci_application_migration_migrationoci_application_migration_sourceoci_artifacts_container_imageoci_artifacts_container_image_signatureoci_artifacts_container_repositoryoci_artifacts_generic_artifactoci_artifacts_repositoryoci_autoscaling_auto_scaling_configurationoci_autoscaling_auto_scaling_policyoci_bastion_bastionoci_bastion_sessionoci_bds_bds_instanceoci_budget_alert_ruleoci_budget_budgetoci_certificates_authority_bundleoci_certificates_management_associationoci_certificates_management_ca_bundleoci_certificates_management_certificateoci_certificates_management_certificate_authorityoci_certificates_management_certificate_authority_versionoci_certificates_management_certificate_versionoci_cloud_guard_configurationoci_cloud_guard_detector_recipeoci_cloud_guard_managed_listoci_cloud_guard_responder_recipeoci_cloud_guard_targetoci_container_instances_containeroci_container_instances_container_instanceoci_containerengine_clusteroci_core_block_volume_replicaoci_core_boot_volumeoci_core_boot_volume_attachmentoci_core_boot_volume_backupoci_core_boot_volume_metric_read_opsoci_core_boot_volume_metric_read_ops_dailyoci_core_boot_volume_metric_read_ops_hourlyoci_core_boot_volume_metric_write_opsoci_core_boot_volume_metric_write_ops_dailyoci_core_boot_volume_metric_write_ops_hourlyoci_core_boot_volume_replicaoci_core_cluster_networkoci_core_dhcp_optionsoci_core_drgoci_core_imageoci_core_image_customoci_core_instanceoci_core_instance_configurationoci_core_instance_metric_cpu_utilizationoci_core_instance_metric_cpu_utilization_dailyoci_core_instance_metric_cpu_utilization_hourlyoci_core_internet_gatewayoci_core_load_balanceroci_core_local_peering_gatewayoci_core_nat_gatewayoci_core_network_load_balanceroci_core_network_security_groupoci_core_public_ipoci_core_public_ip_pooloci_core_route_tableoci_core_security_listoci_core_service_gatewayoci_core_subnetoci_core_vcnoci_core_vnic_attachmentoci_core_volumeoci_core_volume_attachmentoci_core_volume_backupoci_core_volume_backup_policyoci_core_volume_default_backup_policyoci_core_volume_groupoci_database_autonomous_databaseoci_database_autonomous_db_metric_cpu_utilizationoci_database_autonomous_db_metric_cpu_utilization_dailyoci_database_autonomous_db_metric_cpu_utilization_hourlyoci_database_autonomous_db_metric_storage_utilizationoci_database_autonomous_db_metric_storage_utilization_dailyoci_database_autonomous_db_metric_storage_utilization_hourlyoci_database_cloud_vm_clusteroci_database_dboci_database_db_homeoci_database_db_systemoci_database_pluggable_databaseoci_database_software_imageoci_devops_projectoci_devops_repositoryoci_dns_rrsetoci_dns_tsig_keyoci_dns_zoneoci_events_ruleoci_file_storage_file_systemoci_file_storage_mount_targetoci_file_storage_snapshotoci_functions_applicationoci_functions_functionoci_identity_api_keyoci_identity_auth_tokenoci_identity_authentication_policyoci_identity_availability_domainoci_identity_compartmentoci_identity_customer_secret_keyoci_identity_db_credentialoci_identity_domainoci_identity_dynamic_groupoci_identity_groupoci_identity_network_sourceoci_identity_policyoci_identity_tag_defaultoci_identity_tag_namespaceoci_identity_tenancyoci_identity_useroci_kms_keyoci_kms_key_versionoci_kms_vaultoci_logging_logoci_logging_log_groupoci_logging_searchoci_mysql_backupoci_mysql_channeloci_mysql_configurationoci_mysql_configuration_customoci_mysql_db_systemoci_mysql_db_system_metric_connectionsoci_mysql_db_system_metric_connections_dailyoci_mysql_db_system_metric_connections_hourlyoci_mysql_db_system_metric_cpu_utilizationoci_mysql_db_system_metric_cpu_utilization_dailyoci_mysql_db_system_metric_cpu_utilization_hourlyoci_mysql_db_system_metric_memory_utilizationoci_mysql_db_system_metric_memory_utilization_dailyoci_mysql_heat_wave_clusteroci_network_firewall_firewalloci_network_firewall_policyoci_nosql_tableoci_nosql_table_metric_read_throttle_countoci_nosql_table_metric_read_throttle_count_dailyoci_nosql_table_metric_read_throttle_count_hourlyoci_nosql_table_metric_storage_utilizationoci_nosql_table_metric_storage_utilization_dailyoci_nosql_table_metric_storage_utilization_hourlyoci_nosql_table_metric_write_throttle_countoci_nosql_table_metric_write_throttle_count_dailyoci_nosql_table_metric_write_throttle_count_hourlyoci_objectstorage_bucketoci_objectstorage_objectoci_ons_notification_topicoci_ons_subscriptionoci_queue_queueoci_regionoci_resource_searchoci_resourcemanager_stackoci_streaming_streamoci_vault_secret
Table: oci_identity_tenancy - Query OCI Identity Tenancies using SQL
The OCI Identity Tenancy is a dedicated instance of Oracle Cloud Infrastructure resources. It is the root compartment that contains all of the organization's resources. A tenancy is provisioned in a specific Oracle Cloud Infrastructure region, but it has access to all global regions.
Table Usage Guide
The oci_identity_tenancy table provides insights into the tenancies within Oracle Cloud Infrastructure Identity. As a cloud administrator, you can explore tenancy-specific details through this table, including the home region, description, and name. Utilize it to uncover information about tenancies, such as their ID, status, and time created, which can be useful for managing and auditing cloud resources.
Examples
Basic info
Explore the basic information about your Oracle Cloud Infrastructure (OCI) tenancy, such as its name and ID, as well as understanding its retention period and description. This is useful for getting a quick overview of your tenancy's configuration and settings.
select name, id, retention_period_days, descriptionfrom oci_identity_tenancy;select name, id, retention_period_days, descriptionfrom oci_identity_tenancy;List tenancies with a retention period less than 365 days
Explore tenancies that have a retention period of less than a year to assess compliance with data retention policies and identify any potential areas of risk.
select name, id, retention_period_days, home_region_keyfrom oci_identity_tenancywhere retention_period_days < 365;select name, id, retention_period_days, home_region_keyfrom oci_identity_tenancywhere retention_period_days < 365;Query examples
- blockstorage_block_volume_age_report
- blockstorage_block_volume_by_compartment
- blockstorage_block_volume_by_tenancy
- blockstorage_block_volume_encryption_report
- blockstorage_block_volume_input
- blockstorage_block_volume_storage_by_compartment
- blockstorage_block_volume_storage_by_tenancy
- blockstorage_block_volume_unattached_report
- blockstorage_boot_volume_age_report
- blockstorage_boot_volume_by_compartment
- blockstorage_boot_volume_by_tenancy
- blockstorage_boot_volume_encryption_report
- blockstorage_boot_volume_input
- blockstorage_boot_volume_storage_by_compartment
- blockstorage_boot_volume_storage_by_tenancy
- blockstorage_boot_volume_unattached_report
- compartment_table
- compute_instance_age_report
- compute_instance_by_compartment
- compute_instance_by_tenancy
- compute_instance_input
- database_autonomous_database_input
- database_autonomous_db_age_report
- database_autonomous_db_by_compartment
- database_autonomous_db_by_tenancy
- filestorage_filesystem_age_report
- filestorage_filesystem_by_compartment
- filestorage_filesystem_by_tenancy
- filestorage_filesystem_input
- identity_api_key_age_report
- identity_customer_secret_key_age_report
- identity_group_input
- identity_groups_by_tenancy
- identity_user_input
- identity_user_mfa_report
- identity_users_by_tenancy
- key_vault_input
- kms_key_age_report
- kms_key_by_compartment
- kms_key_by_tenancy
- kms_key_input
- kms_vault_age_report
- kms_vault_by_compartment
- kms_vault_by_tenancy
- mysql_backup_age_report
- mysql_backup_by_compartment
- mysql_backup_by_tenancy
- mysql_backup_storage_by_compartment
- mysql_backup_storage_by_tenancy
- mysql_db_system_age_report
- mysql_db_system_by_compartment
- mysql_db_system_by_tenancy
- mysql_db_system_input
- mysql_db_system_storage_by_compartment
- mysql_db_system_storage_by_tenancy
- nosql_table_age_report
- nosql_table_by_compartment
- nosql_table_by_tenancy
- nosql_table_input
- objectstorage_bucket_age_report
- objectstorage_bucket_by_compartment
- objectstorage_bucket_by_tenancy
- objectstorage_bucket_encryption_report
- objectstorage_bucket_input
- objectstorage_bucket_lifecycle_report
- objectstorage_bucket_public_access_report
- oci_vcn_by_compartment
- oci_vcn_by_tenancy
- oci_vcn_security_groups_by_compartment
- oci_vcn_security_groups_by_tenancy
- oci_vcn_security_list_by_compartment
- oci_vcn_security_list_by_tenancy
- oci_vcn_subnet_by_compartment
- oci_vcn_subnet_by_tenancy
- ons_notification_topic_age_report
- ons_notification_topic_by_compartment
- ons_notification_topic_by_tenancy
- ons_notification_topic_input
- ons_subscription_age_report
- ons_subscription_by_compartment
- ons_subscription_by_tenancy
- tenancy_count
- tenancy_table
- vcn_input
- vcn_network_security_group_input
- vcn_security_list_input
- vcn_subnet_input
Control examples
- 1.1 Ensure service level admins are created to manage resources of particular service
- 1.1 Ensure service level admins are created to manage resources of particular service
- 1.1 Ensure service level admins are created to manage resources of particular service
- 1.13 Ensure Dynamic Groups are used for OCI instances, OCI Cloud Databases and OCI Function to access OCI resources
- 1.14 Ensure Instance Principal authentication is used for OCI instances, OCI Cloud Databases and OCI Functions to access OCI resources
- 1.14 Ensure storage service-level admins cannot delete resources they manage
- 1.15 Ensure storage service-level admins cannot delete resources they manage
- 1.2 Ensure permissions on all resources are given only to the tenancy administrator group
- 1.2 Ensure permissions on all resources are given only to the tenancy administrator group
- 1.2 Ensure permissions on all resources are given only to the tenancy administrator group
- 1.3 Ensure IAM administrators cannot update tenancy Administrators group
- 1.3 Ensure IAM administrators cannot update tenancy Administrators group
- 1.3 Ensure IAM administrators cannot update tenancy Administrators group
- 1.5 Ensure IAM password policy expires passwords within 365 days
- 1.5 Ensure IAM password policy expires passwords within 365 days
- 1.6 Ensure IAM password policy prevents password reuse
- 1.6 Ensure IAM password policy prevents password reuse
- 2.6 Ensure Oracle Integration Cloud (OIC) access is restricted to allowed sources
- 2.6 Ensure Oracle Integration Cloud (OIC) access is restricted to allowed sources
- 2.7 Ensure Oracle Analytics Cloud (OAC) access is restricted to allowed sources or deployed within a Virtual Cloud Network
- 2.7 Ensure Oracle Analytics Cloud (OAC) access is restricted to allowed sources or deployed within a Virtual Cloud Network
- 3.1 Ensure audit log retention period is set to 365 days
- 3.1 Ensure audit log retention period is set to 365 days
- 3.17 Ensure write level Object Storage logging is enabled for all buckets
- 3.17 Ensure write level Object Storage logging is enabled for all buckets
- 3.2 Ensure default tags are used on resources
- 3.2 Ensure default tags are used on resources
- 3.2 Ensure Secure Boot is enabled on Compute Instance
- 4.1 Ensure default tags are used on resources
- 4.17 Ensure write level Object Storage logging is enabled for all buckets
- 5.1 Create at least one compartment in your tenancy to store cloud resources
- 5.1 Create at least one compartment in your tenancy to store cloud resources
- 5.2 Ensure no resources are created in the root compartment
- 5.2 Ensure no resources are created in the root compartment
- 6.1 Create at least one compartment in your tenancy to store cloud resources
- 6.2 Ensure no resources are created in the root compartment
Schema for oci_identity_tenancy
| Name | Type | Operators | Description |
|---|---|---|---|
| _ctx | jsonb | Steampipe context in JSON form, e.g. connection_name. | |
| compartment_id | text | The OCID of the compartment in Tenant in which the resource is located. | |
| defined_tags | jsonb | Defined tags for resource. Defined tags are set up in your tenancy by an administrator. Only users granted permission to work with the defined tags can apply them to resources. | |
| description | text | The description of the tenancy. | |
| freeform_tags | jsonb | Free-form tags for resource. This tags can be applied by any user with permissions on the resource. | |
| home_region_key | text | The region key for the tenancy's home region. | |
| id | text | The OCID of the tenancy. | |
| name | text | The name of the tenancy. | |
| retention_period_days | bigint | The retention period setting, specified in days. | |
| tags | jsonb | A map of tags for the resource. | |
| tenant_id | text | The OCID of the Tenant in which the resource is located. | |
| tenant_name | text | The name of the Tenant in which the resource is located. | |
| title | text | Title of the resource. | |
| upi_idcs_compatibility_layer_endpoint | text | Url which refers to the UPI IDCS compatibility layer endpoint configured for this Tenant's home region. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- ociYou can pass the configuration to the command with the --config argument:
steampipe_export_oci --config '<your_config>' oci_identity_tenancy