OCI-Identity-Empty-Groups

Severity : Low

Description: This control ensures that OCI IAM groups are created with IAM users and policies and are not empty. While having empty groups does not present a direct security risk, it does broaden the management landscape which could potentially introduce risks in the future. If empty IAM groups are reported , they should be removed.

Remediation Steps:

Perform following to remove empty IAM groups :

1. Login to the OCI console at Cloud Sign In .

2. In the navigation, Click Identity & Security.

3. Under Identity, click Groups.

4. Select the group reported from the list of groups. Make sure the right Compartment is selected.

5. Click Delete.

6. Confirm when prompted.

Important:

Reference:

• https://docs.oracle.com/en-us/iaas/Content/Identity/Tasks/managinggroups.htm