Description
Network Gateways act as routers between VCNs (Virtual Cloud Networks) and the Internet, Oracle Services Networks, other VCNs, and on-premise networks. Monitoring and alerting on changes to Network Gateways by using the OCI Events Service will help in identifying changes to the security posture. OCI Events Service enables you to create automation based on the state changes of resources throughout your tenancy. With Event Rules, developers can respond to changes in real-time by triggering code with Functions, writing to Streaming, or sending alerts using Notifications. It was detected that there is no Notification configured for Network Gateways changes under root compartment (tenancy) {OciIdentityCompartment.Name}. Event Rules are compartment scoped and will detect events in child compartments. Therefore, it is advised to create the Event Rule at the root compartment level.
-
Recommended Mitigation
It is recommended to setup an Event Rule and Notification at the root compartment (tenancy) level that gets triggered when Network Gateways are created, updated, deleted, attached, detached, or moved. This recommendation includes Internet Gateways, Dynamic Routing Gateways, Service Gateways, Local Peering Gateways, and NAT Gateways.