Ensure no hard coded OCI private key in provider
Error: OCI private keys are hard coded in the provider
Bridgecrew Policy ID: BC_OCI_SECRETS_1
Checkov Check ID: CKV_OCI_1
Bridgecrew Severity: CRITICAL
Prisma Cloud Severity: HIGH
OCI private keys are hard coded in the provider
Description
When accessing OCI programmatically, users can use a password protected certificate. Including that password in your files that are checked into a repository leaves you exposed to account hijacking.
We recommend using a secrets store or security tokens for secure access.
Fix - Buildtime
Terraform
provider "oci" {
- private_key_password = "secretPassword"
}
Updated 10 months ago