Ensure bucket does not log to itself

Error: Bucket logs to itself

Bridgecrew Policy ID: BC_GCP_GCS_4
Checkov Check ID: CKV_GCP_63
Severity: LOW

Bucket logs to itself


A check to ensure that the specified logging bucket is not itself. A bucket must not log access to itself, logging requires a second separate bucket.

Fix - Buildtime


  • Resource: google_storage_bucket
    This check will trigger if you attempt to self reference:
resource "google_storage_bucket" "mylovelybucket" {
  name     = "mylovelybucket"
  location = var.location
  uniform_bucket_level_access = true
  logging {
    log_bucket = "mylovelybucket"