GCP Cloud Storage
Overview
Critical
0High
4Medium
20Low
0Informational
0Security issues (24)
| Severity | Non-Compliance | Resource | Issue | Remediation | Read more | Action |
|---|---|---|---|---|---|---|
| High | PCI DSS 3.5 HIPAA (Encryption) | gcf-sources-853160546542-us-central1 | Storage bucket is not encrypted using Customer-Managed Keys (CMK). | To fulfill HIPAA and PCI DSS compliance requirements for encryption of data at rest, make sure your storage buckets are encrypted using CMK. | More info | |
| Medium | — | gcf-sources-853160546542-us-central1 | Storage bucket does not use lifecycle management rules to manage objects during their lifetime. | To optimize your data for storage costs, make sure your storage buckets are using lifecycle management rules to manage objects during their lifetime. | More info | |
| Medium | PCI DSS 10.2 HIPAA (Audit) | gcf-sources-853160546542-us-central1 | Storage bucket has no logging enabled. | To fulfill HIPAA requirements for logging of all activity including access and actions taken, enable logging for your storage buckets by using "gsutil logging set on" command | More info | |
| Medium | CIS 2.3 | gcf-sources-853160546542-us-central1 | Storage bucket has no retention policy. | For security and compliance purposes, ensure that the objects stored within your storage buckets have a sufficient data retention period. | More info | |
| Medium | — | gcf-sources-853160546542-us-central1 | Storage bucket does not have object versioning enabled. | To protect your object data from being overwritten or accidentally deleted, ensure that object versioning is enabled for all your storage buckets. | More info | |
| High | PCI DSS 3.5 HIPAA (Encryption) | prevasio-test-bucket | Storage bucket is not encrypted using Customer-Managed Keys (CMK). | To fulfill HIPAA and PCI DSS compliance requirements for encryption of data at rest, make sure your storage buckets are encrypted using CMK. | More info | |
| Medium | — | prevasio-test-bucket | Storage bucket does not use lifecycle management rules to manage objects during their lifetime. | To optimize your data for storage costs, make sure your storage buckets are using lifecycle management rules to manage objects during their lifetime. | More info | |
| Medium | PCI DSS 10.2 HIPAA (Audit) | prevasio-test-bucket | Storage bucket has no logging enabled. | To fulfill HIPAA requirements for logging of all activity including access and actions taken, enable logging for your storage buckets by using "gsutil logging set on" command | More info | |
| Medium | CIS 2.3 | prevasio-test-bucket | Storage bucket has no retention policy. | For security and compliance purposes, ensure that the objects stored within your storage buckets have a sufficient data retention period. | More info | |
| Medium | — | prevasio-test-bucket | Storage bucket does not have object versioning enabled. | To protect your object data from being overwritten or accidentally deleted, ensure that object versioning is enabled for all your storage buckets. | More info | |
| High | PCI DSS 3.5 HIPAA (Encryption) | staging.sylvan-surf-339107.appspot.com | Storage bucket is not encrypted using Customer-Managed Keys (CMK). | To fulfill HIPAA and PCI DSS compliance requirements for encryption of data at rest, make sure your storage buckets are encrypted using CMK. | More info | |
| Medium | PCI DSS 10.2 HIPAA (Audit) | staging.sylvan-surf-339107.appspot.com | Storage bucket has no logging enabled. | To fulfill HIPAA requirements for logging of all activity including access and actions taken, enable logging for your storage buckets by using "gsutil logging set on" command | More info | |
| Medium | CIS 2.3 | staging.sylvan-surf-339107.appspot.com | Storage bucket has no retention policy. | For security and compliance purposes, ensure that the objects stored within your storage buckets have a sufficient data retention period. | More info | |
| Medium | CIS 5.2 | staging.sylvan-surf-339107.appspot.com | Storage bucket does not have uniform bucket-level access enabled. | To ensure uniform access to all the objects within a storage bucket. ensure that uniform bucket-level access is enabled for all your storage buckets. | More info | |
| Medium | — | staging.sylvan-surf-339107.appspot.com | Storage bucket does not have object versioning enabled. | To protect your object data from being overwritten or accidentally deleted, ensure that object versioning is enabled for all your storage buckets. | More info | |
| High | PCI DSS 3.5 HIPAA (Encryption) | sylvan-surf-339107.appspot.com | Storage bucket is not encrypted using Customer-Managed Keys (CMK). | To fulfill HIPAA and PCI DSS compliance requirements for encryption of data at rest, make sure your storage buckets are encrypted using CMK. | More info | |
| Medium | — | sylvan-surf-339107.appspot.com | Storage bucket does not use lifecycle management rules to manage objects during their lifetime. | To optimize your data for storage costs, make sure your storage buckets are using lifecycle management rules to manage objects during their lifetime. | More info | |
| Medium | PCI DSS 10.2 HIPAA (Audit) | sylvan-surf-339107.appspot.com | Storage bucket has no logging enabled. | To fulfill HIPAA requirements for logging of all activity including access and actions taken, enable logging for your storage buckets by using "gsutil logging set on" command | More info | |
| Medium | CIS 2.3 | sylvan-surf-339107.appspot.com | Storage bucket has no retention policy. | For security and compliance purposes, ensure that the objects stored within your storage buckets have a sufficient data retention period. | More info | |
| Medium | CIS 5.2 | sylvan-surf-339107.appspot.com | Storage bucket does not have uniform bucket-level access enabled. | To ensure uniform access to all the objects within a storage bucket. ensure that uniform bucket-level access is enabled for all your storage buckets. | More info | |
| Medium | — | sylvan-surf-339107.appspot.com | Storage bucket does not have object versioning enabled. | To protect your object data from being overwritten or accidentally deleted, ensure that object versioning is enabled for all your storage buckets. | More info | |
| Medium | CIS 5.1 | us.artifacts.sylvan-surf-339107.appspot.com | Storage bucket has anonymous and/or public access. | To prevent access from anonymous and/or public users, make sure the allUsers and allAuthenticatedUsers are removed from IAM policy for all storage bucket. | More info | |
| Medium | CIS 2.3 | us.artifacts.sylvan-surf-339107.appspot.com | Storage bucket retention has expired 50 days ago. | For security and compliance purposes, ensure that the objects stored within your storage buckets have a sufficient data retention period. | More info | |
| Medium | CIS 5.2 | us.artifacts.sylvan-surf-339107.appspot.com | Storage bucket does not have uniform bucket-level access enabled. | To ensure uniform access to all the objects within a storage bucket. ensure that uniform bucket-level access is enabled for all your storage buckets. | More info |
Buckets (5)
| Bucket | Location | Location type | Storage class | Created | Modified | Security issues |
|---|---|---|---|---|---|---|
| gcf-sources-853160546542-us-central1 | us-central1 | Region | Standard | 1 High + 4 others (details) | ||
| prevasio-test-bucket | us | Multi-region | Standard | 1 High + 4 others (details) | ||
| staging.sylvan-surf-339107.appspot.com | us | Multi-region | Standard | 1 High + 4 others (details) | ||
| sylvan-surf-339107.appspot.com | us | Multi-region | Standard | 1 High + 5 others (details) | ||
| us.artifacts.sylvan-surf-339107.appspot.com | us | Multi-region | Standard | 3 Medium (details) |