PlatformResourcesSign inSign Up

Ensure bucket does not log to itself

Error: Bucket logs to itself

Bridgecrew Policy ID: BC_GCP_GCS_4
Checkov Check ID: CKV_GCP_63
Severity: LOW

Suggest Edits

Bucket logs to itself

Description

A check to ensure that the specified logging bucket is not itself. A bucket must not log access to itself, logging requires a second separate bucket.

Fix - Buildtime

Terraform

  • Resource: google_storage_bucket
    This check will trigger if you attempt to self reference:
resource "google_storage_bucket" "mylovelybucket" {
  name     = "mylovelybucket"
  location = var.location
  uniform_bucket_level_access = true
  logging {
    log_bucket = "mylovelybucket"
    }
}

Updated 10 months ago