No Security Zones are Visible
Fix general problems that prevent you from viewing and managing resources in Security Zones.
Missing IAM Policy
To view, create, or update a security zone or recipe, you must be given the required type of access in a policy (IAM) written by an administrator, whether you're using the Console or the REST API with an SDK, CLI, or other tool.
For example, to allow users in the group SecurityAuditors
to view the security zones and recipes in the compartment SecurityArtifacts
:
Allow group SecurityAuditors to read security-zone in compartment SecurityArtifacts
Allow group SecurityAuditors to read security-recipe in compartment SecurityArtifacts
To allow users in the group SecurityAuditors
to view all security zones:
Allow group SecurityAuditors to read security-zone in tenancy
The recipe used by a security zone can be in a different compartment than the compartment associated with the security zone.
See Cloud Guard Policies.
Wrong Compartment is Specified
Within the Console, be sure to choose the Compartment that contains the security zone or recipes that you want to view.
By default, a compartment and any subcompartments are in the same security zone. (You can, however, create a different security zone for a subcompartment.) For example, suppose the security zone for CompartmentA
has subcompartments CompartmentB
and CompartmentC
. To view this security zone, select the parent compartment CompartmentA
. Don't select the subcompartments.
If, however, you created a separate security zone for the subcompartment CompartmentB
, then select CompartmentB
to view its security zone.