No monitoring for Cloud Storage IAM permission changes

Logging and monitoring

No monitoring for Cloud Storage IAM permission changes

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
CCM-CSA
CCPA
cis_8
GCP CIS
GDPR
HITRUST
ISO 27701
ISO/IEC 27001
Mitre ATT&CK v12
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
UK Cyber Essentials

Description

It is recommended that a metric filter and alarm be established for Cloud Storage Bucket IAM changes. Monitoring changes to cloud storage bucket permissions may reduce the time needed to detect and correct permissions on sensitive cloud storage buckets and objects inside the bucket.

Recommended Mitigation

In the User-defined Metrics section, ensure that at least one metric is present with filter text: resource.type=gcs_bucket AND protoPayload.methodName=""storage.setIamPermissions""

No monitoring for Cloud Storage IAM permission changes

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS