Data protection

Storage bucket policy grant public object creator access

Description

Google Cloud Storage service allows you to store and retrieve data in a bucket. It was found that the {GcpStorageBucket} bucket is allowing Storage Bucket Object Creator permissions to all users. This could result with unauthorized entities executing object creation operations on the bucket.
  • Recommended Mitigation

    It is recommended to limit the bucket object creator access to authorized users only.