cancel
Showing results for 
Search instead for 
Did you mean: 

Ensure Public buckets donot have a PII tag. (AWS / Azure / GCP)

Rajarshi
Netskope
Netskope

Organizations have their own  convention of tagging buckets containing PII objects . We can leverage Security Posture Management to create custom rules to check if these specifically tagged buckets are open to the public:

 

AWS : S3Bucket where Access eq "Public" should not have Tags with [ Name eq "PII" ]

 

Azure: StorageAccount where ( Tags with [ Name eq "PII" ] ) should have every BlobContainers with [ Access eq "None" ] or not AllowBlobPublic

 

GCP: Bucket should not have Policies with [ Members . AllUsers eq True or Members . AllAuthenticatedUsers eq True ] and Tags with [ Name eq "PII" ]

0 REPLIES 0