Blue Hexagon Audit for OCI

Owned by Andrew Nelson (Unlicensed)
Last updated: Feb 17, 2022
3 min read

 

Introduction

This document describes the steps needed to setup the Blue Hexagon audit solution for OCI.

 

Step 1:

  1. Log into your Oracle Cloud console and navigate to Administration > Tenancy Details.

  2. Copy your Tenancy OCID and paste it in the file(say “bh_credentials.txt”)

 

Step 2:

  1. Navigate to Identity > Users.

  2. Click on Create User.

  3. Enter "BlueHexagon", then enter "BlueHexagon API Access" in the description.

  4. Click on Create.

 

Step 3:

  1. Copy the User OCID and paste it in the file(“bh_credentials.txt”)

 

Step 4:

  1. Click on “API Keys-->Add API Key-->Generate API Key” for BlueHexagon user.

 

 

Step 5:

  1. Open the private key (oci_api_key.pem) in your preferred text editor and paste it in the file.

  2. Copy the public key fingerprint and paste it in the file(“bh_credentials.txt”).

 

Step 6:

  1. Navigate to Identity > Groups.

  2. Click on Create Group.

  3. Enter "SecurityAudit" in the Name field, then enter "BlueHexagon Security Audit Access" in the description.

  4. Click on Submit.

Step 7:

  1. Click on the SecurityAudit group in the Groups List and Add the BlueHexagon API User to the group.

  2. Navigate to Identity > Policies.

  3. Click on Create Policy.

  4. Enter "SecurityAudit" in the Name field, then enter "BlueHexagon Security Audit Policy" in the description.

  5. Copy and paste the following policy statements:

ALLOW GROUP SecurityAudit to inspect all-resources in tenancy

ALLOW GROUP SecurityAudit to read all-resources in tenancy

ALLOW GROUP SecurityAudit to READ audit-events in tenancy

 

Step 8:

  1. Navigate to Identity > Compartments.

  2. Select your root compartment or the compartment being audited.

  3. Click on "Copy" by your Compartment OCID and paste it in the file.

 

Step 9:

  1. Send the bh_credential.txt file.

 

Blue Hexagon Proprietary