Mod: gcp-storage
The gcp-storage mod consists of 3 resource types, 47 policies and 18 controls.
Recommended Version
Version
5.11.3
Released On
Sep 13, 2024
Depends On
Resource Types
Controls
- GCP > Storage > API Enabled
- GCP > Storage > Bucket > Access Control
- GCP > Storage > Bucket > Active
- GCP > Storage > Bucket > Approved
- GCP > Storage > Bucket > CMDB
- GCP > Storage > Bucket > Discovery
- GCP > Storage > Bucket > Encryption at Rest
- GCP > Storage > Bucket > Labels
- GCP > Storage > Bucket > Policy
- GCP > Storage > Bucket > Policy > Trusted Access
- GCP > Storage > Bucket > Usage
- GCP > Storage > Bucket > Versioning
- GCP > Storage > CMDB
- GCP > Storage > Discovery
- GCP > Storage > Object > Active
- GCP > Storage > Object > Approved
- GCP > Storage > Object > CMDB
- GCP > Storage > Object > Discovery
IAM Roles
Policies
- GCP > Storage > API Enabled
- GCP > Storage > Approved Regions [Default]
- GCP > Storage > Bucket > Access Control
- GCP > Storage > Bucket > Active
- GCP > Storage > Bucket > Active > Age
- GCP > Storage > Bucket > Active > Last Modified
- GCP > Storage > Bucket > Approved
- GCP > Storage > Bucket > Approved > Custom
- GCP > Storage > Bucket > Approved > Regions
- GCP > Storage > Bucket > Approved > Usage
- GCP > Storage > Bucket > CMDB
- GCP > Storage > Bucket > Encryption at Rest
- GCP > Storage > Bucket > Encryption at Rest > Customer Managed Key
- GCP > Storage > Bucket > Labels
- GCP > Storage > Bucket > Labels > Template
- GCP > Storage > Bucket > Policy
- GCP > Storage > Bucket > Policy > Trusted Access
- GCP > Storage > Bucket > Policy > Trusted Access > All Authenticated
- GCP > Storage > Bucket > Policy > Trusted Access > All Users
- GCP > Storage > Bucket > Policy > Trusted Access > Domains
- GCP > Storage > Bucket > Policy > Trusted Access > Groups
- GCP > Storage > Bucket > Policy > Trusted Access > Projects
- GCP > Storage > Bucket > Policy > Trusted Access > Service Accounts
- GCP > Storage > Bucket > Policy > Trusted Access > Users
- GCP > Storage > Bucket > Regions
- GCP > Storage > Bucket > Usage
- GCP > Storage > Bucket > Usage > Limit
- GCP > Storage > Bucket > Versioning
- GCP > Storage > CMDB
- GCP > Storage > Enabled
- GCP > Storage > Labels Template [Default]
- GCP > Storage > Object > Active
- GCP > Storage > Object > Active > Age
- GCP > Storage > Object > Active > Last Modified
- GCP > Storage > Object > Approved
- GCP > Storage > Object > Approved > Custom
- GCP > Storage > Object > Approved > Regions
- GCP > Storage > Object > Approved > Usage
- GCP > Storage > Object > CMDB
- GCP > Storage > Object > Regions
- GCP > Storage > Permissions
- GCP > Storage > Permissions > Levels
- GCP > Storage > Permissions > Levels > Modifiers
- GCP > Storage > Regions
- GCP > Turbot > Event Handlers > Logging > Sink > Compiled Filter > @turbot/gcp-storage
- GCP > Turbot > Permissions > Compiled > Levels > @turbot/gcp-storage
- GCP > Turbot > Permissions > Compiled > Service Permissions > @turbot/gcp-storage
Policy Packs
- Enforce Creator and Creation Time Labels for GCP Storage Buckets
- Enforce Encryption at Rest Is Enabled for GCP Storage Buckets
- Enforce GCP Storage Buckets Are Not Older Than 7 Days
- Enforce GCP Storage Buckets Are Not Publicly Accessible
- Enforce Uniform Access Is Enabled for GCP Storage Buckets
- GCP CIS v2.0.0 - Section 2 - Logging and Monitoring
- GCP CIS v2.0.0 - Section 5 - Storage