More Info:

Ensure that “Enforce uniform bucket-level access” policy is enabled for your Google Cloud Platform (GCP) organization in order to enforce uniform bucket-level access for all Google Cloud Storage buckets available in your organization.

Risk Level

Medium

Address

Operational Maturity, Reliability, Security

Compliance Standards

CISGCP, CBP, HIPAA, ISO27001

Triage and Remediation

Remediation

To remediate the misconfiguration of not enforcing uniform bucket-level access at the organization level in GCP, you can follow these steps:

  1. Open the Google Cloud Console and navigate to the Cloud Storage page.
  2. Select the bucket for which you want to enforce uniform bucket-level access.
  3. Click on the “Edit Bucket Permissions” button.
  4. Under the “Uniform bucket-level access” section, select the “Enforced” option.
  5. Click on the “Save” button to apply the changes.

Once you have enforced uniform bucket-level access at the organization level, all objects in the bucket will inherit the bucket’s access control settings. This will help prevent accidental data leaks or unauthorized access to your data.