Ensure object versioning is enabled on Google Cloud Storage Buckets

LOW

Description

Object versioning is disabled on Google Cloud Storage Buckets.

Remediation

In GCP Console -

Log into the GCP Console and go to Cloud Storage.
Under Buckets, choose the bucket you wish to edit.
Select the Protection tab.
Under Object versioning, select Object Versioning Off.
In the Turn on object versioning dialog, set lifecycle rules as needed and select Confirm.

In Terraform -

In the google_storage_bucket resource, set the versioning.enabled field to true.
Create or configure the lifecycle_rule block as needed.

References:
https://cloud.google.com/storage/docs/using-object-versioning
https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/storage_bucket#nested_versioning
https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/storage_bucket#nested_lifecycle_rule

Policy Details

Rule Reference ID: AC_GCP_0241

CSP: GCP

Remediation Available: Yes

Domain: Logging and Monitoring

Resource: google_storage_bucket

Resource Category: Storage

Resource Type: Bucket

Frameworks

GDPR
NIST-800-171
NIST-800-53
NIST-CSF
HIPAA