Cloud Storage Bucket Versioning Disabled

• Query id: ad0875c1-0b39-4890-9149-173158ba3bba
• Query name: Cloud Storage Bucket Versioning Disabled
• Platform: GoogleDeploymentManager
• Severity: Medium
• Category: Observability
• CWE: 1357
• URL: Github

Description

Cloud Storage Bucket should have versioning enabled
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - yaml file

resources:
- name: a-new-pubsub-topic
  type: storage.v1.bucket
  properties:
      storageClass: STANDARD
      location: EUROPE-WEST3

Positive test num. 2 - yaml file

resources:
- name: a-new-pubsub-topic2
  type: storage.v1.bucket
  properties:
      storageClass: STANDARD
      location: EUROPE-WEST3
      versioning:
        enabled: false

Code samples without security vulnerabilities

Negative test num. 1 - yaml file

resources:
- name: a-new-pubsub-topic3
  type: storage.v1.bucket
  properties:
      storageClass: STANDARD
      location: EUROPE-WEST3
      versioning:
        enabled: true