Using Console
Using CLI
gcloud storage buckets list
gsutil iam ch allAuthenticatedUsers:objectAdmin gs://[BUCKET_NAME]
Note: Replace [BUCKET_NAME] with the actual name of your bucket.gsutil iam get gs://[BUCKET_NAME]
This command should return the access control list (ACL) for the bucket, which should not contain any entry for allAuthenticatedUsers with the role objectAdmin.By following these steps, you can remediate the misconfiguration “Buckets Should Not Allow All Authenticated Users to Write” in GCP using GCP CLI.Using Python
<path_to_service_account_key_file>
and <bucket_name>
with the appropriate values in the code.