More Info:

Ensures Storage bucket policies do not allow global write, delete, or read permissions. Storage buckets can be configured to allow the global principal to access the bucket via the bucket policy. This policy should be restricted only to known users or accounts.

Risk Level

Critical

Address

Security

Compliance Standards

CISGCP, CBP, HIPAA, ISO27001, HITRUST, SOC2, GDPR, NISTCSF, PCIDSS, FedRAMP

Triage and Remediation

Remediation

Using Console

Additional Reading: