Control: 1.12 Ensure all OCI IAM user accounts have a valid and current email address
Description
All OCI IAM local user accounts have an email address field associated with the account. It is recommended to specify an email address that is valid and current. If you have an email address in your user profile, you can use the Forgot Password link on the sign on page to have a temporary password sent to you.
Remediation
From Console
- Login to OCI Console.
- Select
Identity
from Services menu. - Select
Users
from Identity menu. - Click on each non-complaint user.
- Click on
Edit User
. - Enter a valid and current email address in the
EMAIL
text box. - Click
Save Changes
.
From Command Line
Execute the following for each non-compliant user:
oci iam user update --user-id <user-ocid> --email '<email address>'
Usage
Run the control in your terminal:
powerpipe control run oci_compliance.control.cis_v110_1_12
Snapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run oci_compliance.control.cis_v110_1_12 --share
SQL
This control uses a named query:
identity_user_valid_email