Ensure no hard coded OCI private key in provider

Error: OCI private keys are hard coded in the provider
Bridgecrew Policy ID: BC_OCI_SECRETS_1
Checkov Check ID: CKV_OCI_1
Bridgecrew Severity: CRITICAL
Prisma Cloud Severity: HIGH

OCI private keys are hard coded in the provider

Description

When accessing OCI programmatically, users can use a password protected certificate. Including that password in your files that are checked into a repository leaves you exposed to account hijacking.

We recommend using a secrets store or security tokens for secure access.

Fix - Buildtime

Terraform

provider "oci" {
-  private_key_password = "secretPassword"  
}

Did this page help you?