GCP Storage Bucket does not have Access and Storage Logging enabled

Description

Some resources require a record of who access them and when.

Code Example

resource "google_storage_bucket" "logging" {
  name     = "jgwloggingbucket"
  location = var.location
  uniform_bucket_level_access = true
+  logging {
+    log_bucket = "mylovelybucket"
+  }
}

Remediation

Terraform

Resource: google_storage_bucket
Arguments: logging/log_bucket to specify a Bucket to store access log in.

Rule Details

Field	Value
ID	IAC-0921
Severity	INFO
IaC Type	Terraform
Frameworks	Terraform, TerraformPlan
Checkov ID	CKV_GCP_62

References

Checkov Rule

Overview

SAST (Application Security)

SCA (Dependencies)

Secrets Detection

IaC Security

License Compliance

SAST Rules

IaC Rules

License Rules

GCP Storage Bucket does not have Access and Storage Logging enabled

Description

Code Example

Remediation

Rule Details

References

SAST Rules

IaC Rules

License Rules

GCP Storage Bucket does not have Access and Storage Logging enabled ​

Description ​

Code Example ​

Remediation ​

Rule Details ​

References ​

GCP Storage Bucket does not have Access and Storage Logging enabled

Description

Code Example

Remediation

Rule Details

References