| Plugin Title | Excessive Policies |
| Cloud | ORACLE |
| Category | Identity |
| Description | Determine if there are an excessive number of policies in the account |
| More Info | Keeping the number of policies to a minimum helps reduce the chances of compromised accounts causing catastrophic damage to the account. Rather than creating new policies with the same statement for each group, common statements should be grouped under the same policy. |
| ORACLE Link | https://docs.cloud.oracle.com/iaas/Content/Identity/Concepts/policygetstarted.htm |
| Recommended Action | Limit the number of policies to prevent accidental authorizations |
- Log in to the Oracle Cloud Platform Console.
- Scroll down the left navigation panel and choose the "Identity" under the "Governance and Administration."
- On the Identity menu, select the "Policies" option.
- On the "Policy" page select the policy by clicking on the "Name" as a link to check the "Policy Statement."
- On the "Policy Statement" page, check whether we need the same "Policy" or not.
- Repeat steps number 2 - 5 to check other "Policies" in the account.
- Navigate to "Identity" under the "Governance and Administration" and select the "Policies" settings to remove the "Excessive Policy".
- On the "Policy" page, select the policy by clicking on the checkbox and click on "Delete" option at the top.
- On the "Delete Policy" tab, click on the "Delete" button to make the changes.
- Repeat steps number 7 - 9 to limit the number of policies to prevent accidental authorizations.
