- Knowledge Base
- Cloud Scanning (CSPM)
- Oracle Cloud
-
Security Announcements
-
Product News
-
Next-Gen Vulnerability Management
-
Getting Started
-
General
-
Operating Status
-
System & Network Scanning
-
Web Application Scanning
-
Cloud Scanning (CSPM)
-
API Scanning
-
Phishing & Awareness Training
-
Scanner Appliance
-
Device Agent
-
On-premise platform deployment
-
Asset Management
-
Vulnerability Manager
-
Reports
-
Digest Reports
-
Organizer
-
Continuous Monitoring
-
Integrations
-
Platform API
-
Remediation
-
Users
-
PCI DSS
-
Terms & Conditions
-
Dashboard
Where do I find my Oracle credentials?
These are the credentials you need to use for Scanning the Oracle cloud environment:
- Tenancy OCID
- Compartment ID
- User ID
- Key Fingerprint
- Key Value
- Region
Steps to get Tenancy OCID
- Log into your Oracle Cloud console and navigate to Administration > Tenancy Details.
- Tenancy OCID is displayed
Steps to get compartment ID
- Navigate to Identity > Compartments.
- Copy the OCID of the compartment you want to scan.
Steps to get user ID
- Navigate to Identity > Domains.
- Select the domain you want to create the user in.
- Click on users.
- Click Create user. Enter the following details in the Create user form. Make sure you uncheck Use the email address as the username.
- First Name: holm-cloud-scan
- Last Name: holm-cloud-scan
- Username: holm-cloud-scan
- Email: Enter the desired email.
5. Copy the user OCID.
Steps to get Key Fingerprint
- Navigate to Identity > Domains > < Desired Domain > > Users > holm-cloud-scan
- Select API Keys from the Resources section.
- Click Add API Key.
- Select Generate API Key Pair.
- Download the Private Key.
- Once the key is downloaded, click Add.
-
Once the key is created, you can see the key fingerprint. Copy the key fingerprint.
Steps to get Key Value
- Open the private key downloaded in the previous step in a text editor.
- The private key is a multi-line string. The scanner requires a single-line private key.
- Replace all new lines with \n character to convert the multiline key to a single line key.
- Use the single-line key as a key value.
Steps to get region
- The region should be the home region where the cloud account was initially setup.
- You can find the home region by hovering on the top navigation bar.
Important permission required by the cloud scanner.
Create a security group
- Navigate to Identity > < Desired Domain > > Groups.
- Click on Create Group.
- Enter "SecurityAudit" in the Name field, then enter "Holm Security Cloud Scan Audit Access"
in the description. - Click on Submit.
Add holm-cloud-scan user into security group
- Click on the SecurityAudit group in the Groups List and Add the holm-cloud-scan User to
the group. - 2. Navigate to Identity> Policies.
- Click on Create Policy.
- Enter "SecurityAudit" in the Name field, then enter "Holm Security Audit Policy" in the
description. - Switch to Manual Editor and add the following statement: ALLOW GROUP SecurityAudit to
READ all-resources in tenancy. - Click on Create.
- Done!