GCP BigQuery and CIS Compliance (CIS Compliance benchmarks)
Certain CIS benchmarks are applicable to BigQuery.
Leaving a dataset as PUBLIC (IAM policy allowing ANYONE to access a dataset) is the
allUsers -> Represents anyone of the internet
allAuthenticatedUsers -> Anyone logged in to a Google Service (which can be gmail...)
You would want to REMOVE access for allUsers and allAuthenticatedUsers
CIS GCP Foundations Benchmark, 7.1, It is recommended that the IAM policy on BigQuery datasets does not allow anonymous and/or public access.
Need an experienced AWS/GCP/Azure Professional to help out with your Public Cloud Strategy? Set up a time with Anuj Varma.
Leave a Reply