Policy for Enforce Public Access Prevention
aumohr opened this issue · 0 comments
aumohr commented
Describe the bug
The policy "Policy for Enforce Public Access Prevention" is not activated by default even though advised by GCP security best practices.
Rationale
Secure your Cloud Storage data from public exposure by enforcing public access prevention. This governance policy prevents existing and future resources from being accessed via the public internet by disabling and blocking ACLs and IAM permissions that grant access to allUsers and allAuthenticatedUsers.
Recommendation
Enforce this policy on the entire organization (recommended), specific projects, or specific folders to ensure no data is publicly exposed.
This policy overrides existing public permissions.