Google Cloud Storage Bucket contents downloaded without authentication

このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。

Goal

Detect unauthenticated access to an object in a GCS bucket (bucket_name).

Strategy

Monitor GCS bucket (bucket_name) for get requests(@evt.name:storage.objects.get) made by unauthenticated users (@usr.id).

Triage and response

Investigate the logs and determine whether or not the accessed bucket: {{bucket_name}} should be accessible to unauthenticated users.

Changelog

  • 27 October 2022 - updated tags.