Data protection

Storage bucket policy grant authenticated users object admin access

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

Google Cloud Storage service allows you to store and retrieve data in a bucket. It was found that the {GcpStorageBucket} bucket is allowing Storage Bucket Object Admin permissions to all authenticated users. This could result with any authenticated user with a Google account having full object control on the bucket.

  • Recommended Mitigation

    It is recommended to limit the bucket object admin access to authorized users only.

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.