Skip to main content

πŸ’Ό 2.3 Ensure That Retention Policies on Cloud Storage Buckets Used for Exporting Logs Are Configured Using Bucket Lock - Level 2 (Automated)

  • Contextual name: πŸ’Ό 2.3 Ensure That Retention Policies on Cloud Storage Buckets Used for Exporting Logs Are Configured Using Bucket Lock - Level 2 (Automated)
  • ID: /frameworks/cis-gcp-v1.3.0/02/03
  • Located in: πŸ’Ό 2 Logging and Monitoring

Description​

Enabling retention policies on log buckets will protect logs stored in cloud storage buckets from being overwritten or accidentally deleted. It is recommended to set up retention policies and configure Bucket Lock on all storage buckets that are used as log sinks.

Similar​

  • Sections
    • /frameworks/cis-gcp-v2.0.0/02/03
    • /frameworks/cis-gcp-v1.2.0/02/03
  • Internal
    • ID: dec-c-f21f0b3f

Similar Sections (Take Policies From)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό CIS GCP v1.2.0 β†’ πŸ’Ό 2.3 Ensure that retention policies on log buckets are configured using Bucket Lock - Level 1 (Automated)1
πŸ’Ό CIS GCP v2.0.0 β†’ πŸ’Ό 2.3 Ensure That Retention Policies on Cloud Storage Buckets Used for Exporting Logs Are Configured Using Bucket Lock - Level 2 (Automated)1

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό CIS GCP v1.2.0 β†’ πŸ’Ό 2.3 Ensure that retention policies on log buckets are configured using Bucket Lock - Level 1 (Automated)1
πŸ’Ό CIS GCP v2.0.0 β†’ πŸ’Ό 2.3 Ensure That Retention Policies on Cloud Storage Buckets Used for Exporting Logs Are Configured Using Bucket Lock - Level 2 (Automated)1

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags

Policies (1)​

PolicyLogic CountFlags
πŸ“ Google Logging Log Sink exports logs to a Storage Bucket without Bucket Lock 🟒1🟒 x6