Skip to content

Bucket logs to itself

Description

A check to ensure that the specified logging bucket is not itself. A bucket must not log access to itself, logging requires a second separate bucket.

Fix - Buildtime

Terraform

  • Resource: google_storage_bucket
    This check will trigger if you attempt to self reference:

go google_storage_bucket.mylovelybucket,tf resource "google_storage_bucket" "mylovelybucket" { name = "mylovelybucket" location = var.location uniform_bucket_level_access = true logging { log_bucket = "mylovelybucket" } }