Skip to main content

lacework-global-677

1.10 Ensure user auth tokens rotate within 90 days (Automated)

Description

Auth tokens are authentication tokens generated by Oracle. You use auth tokens to authenticate with APIs that do not support the Oracle Cloud Infrastructure signature-based authentication. If the service requires an auth token, the service-specific documentation instructs you to generate one and how to use it.

Remediation

From Console:

  1. Login to OCI Console.

  2. Select Identity from the Services menu.

  3. Select Users from the Identity menu.

  4. Click an individual user under the Name heading.

  5. Click Auth Tokens in the lower left-hand corner of the page.

  6. Delete any auth token where the current date is greater than or equal to 90 days from the created date.

From CLI:

  1. Get a list of OCI Users:

    oci iam user list

  2. Execute the following for each user ID, and note any results where the current date is greater than or equal to 90 days from the created date:

    oci iam auth-token list --user-id <user_ocid>

  3. Execute the following for each of the offending auth token IDs noted previously:

    oci iam auth-token delete --user-id <user_ocid> --auth-token-id <noted IDs from previous step>

    Each time you run the command this prompt displays:

    Are you sure you want to delete this resource? [y/N]

    Type 'y' and press 'Enter'

References

https://docs.oracle.com/en-us/iaas/cloud-guard/using/detect-recipes.htm#detect-recipes-ref-config__AUTH_TOKEN_TOO_OLD

Last updated on