Vulnerabilities
Misconfiguration
Runtime Security
Compliance
Google > Storage >

Bucket Logging

MEDIUM
Source
CloudSploit
ID
bucket-logging
management console

Bucket Logging

Ensures object logging is enabled on storage buckets

Storage bucket logging helps maintain an audit trail of access that can be used in the event of a security incident.

Follow the appropriate remediation steps below to resolve the issue.

  1. Log into the Google Cloud Platform Console.

  2. Scroll down the left navigation panel and choose “Cloud Storage” to select the “Buckets” option.

  3. On the “Buckets” page, create the log bucket if you dont have one.Step

  4. Click on the ‘cloud shell’ icon on the top left of navigation bar ,as bucket logging can only be enabled by using the Command Line Interface. Step

  5. Enter the command gsutil logging set on -b gs://[LOG_BUCKET_NAME] -o AccessLog gs://[BUCKET_NAME] Step

  6. Repeat steps number 4-5 to enable logging to all other buckets in the project.

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use