During project initialization apply public access prevention flag to bucket #27
Comments
|
To test this we would add this command to the script that creates our bucket:
Maybe somewhere around here: |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
As an extra safety measure on the project bucket that will be used to store data, experiment with adding the public access prevention flag:
https://cloud.google.com/storage/docs/using-public-access-prevention#command-line
Still to be determined. What IAM permissions are needed to remove this flag? Can we easily have a setup where a limited number of users can control this? This might require users to work with an admin during their project setup phase. Even having the flag set at least produces additional warnings and makes it slightly harder for a user to accidentally set a bucket to have public access.
The text was updated successfully, but these errors were encountered: