Rule Code: GCP-OBJECT-01
Ensure that your Google Cloud Storage buckets are using lifecycle management rules so that they are stored cost effectively throughout their lifecycle.
Audit / Verification
Lifecycle rules provide the ability to manage different aspects of the objects’ lifecycle inside a given bucket. Rules can be triggered based on certain conditions such as age, storage class, date, state, and version. If the defined conditions are met, objects can be either deleted or moved to another of the Google Cloud Storage classes.
To determine if your Google Cloud Storage objects are using lifecycle management configurations, perform the following actions:
Step 1: Sign in to the GCP Management Console. Select the GCP project that you want to examine. Navigate to Cloud Storage dashboard.
Step 2: Choose the storage bucket that you want to examine. Under Lifecycle rules check the number of lifecycle management rules created for the objects inside the bucket.
Verify if there are no lifecycle management rules created and the value is set to None, the objects stored within the selected Google Cloud Storage bucket are not using a lifecycle configuration to help manage storage costs.
Step 3: Repeat step for each virtual machine disk snapshot created for the selected GCP project.
Step 4: Repeat steps for each project deployed in your Google Cloud account.