Resource Type: GCP > Storage > Bucket
The Bucket resource type is a container for storing data objects that can be used to store and retrieve any amount of data at any time from anywhere on the web.
Resource Context
Bucket is a part of the Storage service.
Each Bucket lives under a Region.
Controls
The primary controls for GCP > Storage > Bucket are:
It is also targeted by these controls:
- GCP > CIS v1 > 5 Storage > 5.01 Ensure that Cloud Storage bucket is not anonymously or publicly accessible (Scored)
- GCP > CIS v1 > 5 Storage > 5.03 Ensure that logging is enabled for Cloud storage buckets (Scored)
- GCP > CIS v2.0 > 2 - Logging and Monitoring > 2.03 - Ensure That Retention Policies on Cloud Storage Buckets Used for Exporting Logs Are Configured Using Bucket Lock
- GCP > CIS v2.0 > 5 - Storage > 5.01 - Ensure That Cloud Storage Bucket Is Not Anonymously or Publicly Accessible
- GCP > CIS v2.0 > 5 - Storage > 5.02 - Ensure That Cloud Storage Buckets Have Uniform Bucket-Level Access Enabled
- GCP > Storage > Object > Discovery
Category
In Your Workspace
- Controls by Resource Type report
- Policy Settings by Resource Type report
- Resources by Resource Type report
Developers
- tmod:@turbot/gcp-storage#/resource/types/bucket
- tmod:@turbot/turbot#/resource/categories/storageContainer
- turbot graphql resource --id "tmod:@turbot/gcp-storage#/resource/types/bucket"
Get Resource- select * from guardrails_resource where resource_type_uri = 'tmod:@turbot/gcp-storage#/resource/types/bucket';
- select * from guardrails_policy_setting where filter = 'resourceTypeId:"tmod:@turbot/gcp-storage#/resource/types/bucket"';
- select * from guardrails_notification where resource_type_uri = 'tmod:@turbot/gcp-storage#/resource/types/bucket' and notification_type in ('resource_updated', 'resource_created');
Get ResourceGet Policy Settings (By Resource ID)Get Resource Notification
Resource Type URI
Category URI
GraphQL
CLI
Steampipe Query