---
title: Google Cloud Storage Bucket permissions modified
description: Datadog, the leading service for cloud-scale monitoring.
breadcrumbs: >-
  Docs > Datadog Security > OOTB Rules > Google Cloud Storage Bucket permissions
  modified
---

# Google Cloud Storage Bucket permissions modified
Classification:complianceTactic:[TA0005-defense-evasion](https://attack.mitre.org/tactics/TA0005)Technique:[T1562-impair-defenses](https://attack.mitre.org/techniques/T1562) 
## Goal{% #goal %}

Detect when permissions have changed on a GCS Bucket.

## Strategy{% #strategy %}

Monitor GCS bucket admin activity audit logs to determine the following method is invoked:

- `storage.setIamPermissions`

## Triage and response{% #triage-and-response %}

Review the bucket permissions and ensure they are not overly permissive.

## Changelog{% #changelog %}

5 September 2022 - Updated rule query.