Data at risk

Publicly accessible storage bucket

Risk Level

Informational (4)

Compliance Frameworks


The bucket {GcpStorageBucket} is publicly accessible. Allowing anonymous or public access grants permissions to anyone to access bucket content. Such access might not be desired if you are storing any sensitive data. Hence, ensure that anonymous or public access to a bucket is not allowed.
  • Recommended Mitigation

    Remove 'allUsers' and 'allAuthenticatedUsers' from bucket permissions.