GCP-Storage-bucket-with-uniform-bucket-level-access-disabled

Severity: Medium

Description: This control ensures that Uniform bucket-level access is enabled for all Cloud Buckets. FThe uniform bucket-level access controls the applicability of ACLs for Cloud Storage bucket. When enabled, ACLs are disabled and access to Cloud Storage resources then is granted exclusively through Cloud IAM.

Remediation Steps:

Perform following to enable flow log for subnet :

1. Sign in to GCP Console https://console.cloud.google.com.

2. Goto the Cloud Storage browser

3. In the list of buckets, click on the name of the desired bucket.

4. Select the Permissions tab near the top of the page.

5. In the text box that starts with This bucket uses fine-grained access control..., click Edit.

6. In the pop-up menu that appears, select Uniform.

7. Click Save.

Important:

Reference:

• CIS Google Cloud Platform Foundation Benchmark v1.2.0 - 05-01-2021: Recommendation #5.2 

• https://cloud.google.com/storage/docs/uniform-bucket-level-access

• https://cloud.google.com/storage/docs/using-uniform-bucket-level-access

• https://cloud.google.com/storage/docs/setting-org-policies#uniform-bucket