Securing Batch

To use Batch securely, learn about your security and compliance responsibilities.

In general, Oracle provides security of cloud infrastructure and operations, such as cloud operator access controls and infrastructure security patching. You are responsible for securely configuring your cloud resources. Security in the cloud is a shared responsibility between you and Oracle.

Oracle is responsible for the following security requirements:

• Physical Security: Oracle is responsible for protecting the global infrastructure that runs all services offered in Oracle Cloud Infrastructure. This infrastructure consists of the hardware, software, networking, and facilities that run Oracle Cloud Infrastructure services.

Your security responsibilities are described on this page, which include the following areas:

• Access Control: Limit privileges as much as possible. Users should be given only the access necessary to perform their work.

Use this checklist to identify the tasks you perform to secure Batch in a new Oracle Cloud Infrastructure tenancy.

Use policies to limit access to Batch.

Create this policy to allow admin user group to manage all Batch resources in a specific compartment.

Allow group admin to manage batch-computing-family in compartment <compartment-name>

For more information about policies and to view more examples, see Batch Policies.

Use Vulnerability Scanning to scan resources that are on private subnets or don't have public IP addresses.

A Compute instance is associated with a VCN (virtual cloud network)  and a subnet . When you create a subnet in a VCN, by default the subnet is considered public and internet communication is permitted. If an instance you want to scan is on a private subnet  or has no public IP address, the VCN must include a service gateway  and a route rule for the service gateway. See Access to Oracle Services: Service Gateway.