Data protection

Storage bucket policy grant public admin access

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

Google Cloud Storage service allows you to store and retrieve data in a bucket. It was found that the {GcpStorageBucket} bucket is allowing Storage Bucket Admin permissions to all authenticated users. This could result with unauthorized entities having full control on the bucket and objects of it.
  • Recommended Mitigation

    It is recommended to limit the bucket admin access to authorized users only.