Ensure that Cloud Storage buckets have uniform bucket-level access enabled
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | storage |
| Provider | |
| Vulnerability Type | omission |
Description#
Cloud Storage buckets without uniform bucket-level access enabled allow object-level ACLs, resulting in multiple, potentially conflicting access controls. This increases the risk of misconfigurations and unintentional data exposure.
Impact#
If exploited, attackers or unauthorized users could gain unintended access to sensitive data due to overly permissive or misconfigured ACLs, leading to potential data leaks, compliance violations, and loss of data confidentiality.
Resolution#
Enable uniform bucket level access to provide a uniform permissioning system.