Gcp Retention Policy Not Configured
Description
Identifies Google Cloud Storage buckets that do not have a locked retention policy configured. Without a locked retention policy, sensitive data in these buckets may be prematurely deleted or modified, potentially violating data retention requirements and compliance standards.
Detection Strategy
• Scans all Cloud Storage buckets in the GCP project
• Reports a vulnerability if a bucket's retention policy is not in a locked state (bucket.retention_policy_locked = False)
• Each reported vulnerability includes the bucket path and retention policy configuration details
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.