One of the recent additions to Oracle Cloud Infrastructure (OCI) is IAM Domains. New OCI tenancies are provisioned with IAM Domains and at time of writing tenancies with IDCS instances are being migrated to IAM Domains.
I originally created Peek to create a visual representation of effective user permissions inside an OCI tenancy to assist with performing user access reviews. Excessive permissions and IAM misconfigurations are a common issue found in cloud environments that can lead to privilege escalation and/or unauthorised access to resources and data.
At time of writing the latest release of the OCI CLI now supports interacting with IAM Domain resources and so I have created a version of Peek that works with IAM domains.Continue reading “OCI IAM Domains User Access Review”