Data at risk

KMS key is anonymously/publicly accessible


Granting permissions to allUsers or allAuthenticatedUsers allows anyone to access the dataset. Such access might not be desirable if sensitive data is stored at the location. In this case, ensure that anonymous and/or public access to a Cloud KMS cryptokey is not allowed.
  • Recommended Mitigation

    KMS cryptokeys should restrict anonymous and public access.