Google > Storage >

Storage Bucket All Users Policy

HIGH

Source

CloudSploit

storage-bucket-all-users-policy

management console

Storage Bucket All Users Policy

Ensures Storage bucket policies do not allow global write, delete, or read permissions

Storage buckets can be configured to allow the global principal to access the bucket via the bucket policy. This policy should be restricted only to known users or accounts.

Recommended Actions

Ensure that each storage bucket is configured so that no member is set to allUsers or allAuthenticatedUsers.

Links

https://cloud.google.com/storage/docs/access-control/iam

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.