Cloud Storage Bucket Logging Not Enabled
- Query id: d6cabc3a-d57e-48c2-b341-bf3dd4f4a120
- Query name: Cloud Storage Bucket Logging Not Enabled
- Platform: Terraform
- Severity: Medium
- Category: Observability
- CWE: 778
- URL: Github
Description¶
Cloud storage bucket should have logging enabled
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - tf file
resource "google_storage_bucket" "positive1" {
name = "auto-expiring-bucket"
location = "US"
force_destroy = true
lifecycle_rule {
condition {
age = 3
}
action {
type = "Delete"
}
}
}