Cloud Storage buckets have Usage and Storage Logs enabled
cloudstorage_bucket_logging_enabled
Google Cloud Storage buckets are evaluated to ensure that Usage and Storage Logs are enabled. Enabling these logs provides detailed visibility into access requests, usage patterns, and storage activity within each bucket.
Risk
Buckets without Usage and Storage Logs enabled lack visibility into access and storage activity, which increases the risk of undetected data exfiltration, misuse, or configuration errors.
prowler gcp --checks cloudstorage_bucket_logging_enabled
Recommendation
Enable Usage and Storage Logs for all Cloud Storage buckets to track access, detect anomalies, and maintain audit visibility of data operations.
Remediation
gsutil logging set on -b gs://<LOGGING_BUCKET> -o <LOG_OBJECT_PREFIX> gs://<BUCKET_NAME>
Buckets missing the 'logging.logBucket' configuration are treated as having Usage and Storage Logs disabled. The 'logObjectPrefix' field is optional and defaults to the bucket name.
Source Code
Resource Type
storage.googleapis.com/Bucket