Open flunderpero opened 3 years ago
Hi @flunderpero , thank you for your question. Could you clarify a bit more about your scenario?
Hi @maqiuyujoyce, I just want to be able to set the flag that prevents a bucket from being made public by accident (see link above). Currently, I just set it by hand for the buckets that contain the most sensitive information and the config-connector reconciliation process leaves that flag untouched.
Right now, there is no way to specify that flag via config-connector.
I just want to be able to set the flag that prevents a bucket from being made public by accident (see link above)
Hi @flunderpero, could you perhaps be talking about a different page? The linked page seems to only be talking about how to make objects in a bucket publicly accessible, but not about preventing buckets from being made public by accident (though we might just be missing something).
Perhaps you might have meant this page instead?
If so, then by a "flag that prevents a bucket from being made public by accident", are you perhaps referring to the To enforce public access prevention at the bucket level
part of that page?
If that is the case, then I believe what you're looking for is support for the iamConfiguration.publicAccessPrevention
field here.
Given that this resource is one of our old Terraform-based resources, I'll go ahead and just bump this Terraform request which is requesting support for that very same field.
@jcanseco You are totally right about everything! Sorry, that I was not able to be precise enough.
No problem at all @flunderpero! Happy to help :)
See https://cloud.google.com/storage/docs/access-control/making-data-public