This rule detects when a Google Cloud Storage (GCS) bucket has been made public by adding the 'allUsers' permission, allowing anyone on the internet to access the data stored in that bucket. The rule utilizes Google Cloud Audit Logs to monitor changes to the bucket's IAM policies. If the 'roles/storage.objectViewer' role is assigned to 'allUsers', it signifies that the bucket has been improperly configured for public access, which may lead to data breaches or unauthorized data access. The rule is classified as high severity due to the potential risks associated with public data access in cloud storage contexts. The associated MITRE ATT&CK techniques highlight the adversarial tactics related to information exposure that this rule is intended to mitigate. Users are advised to validate the changes and ensure that making the bucket public was an intentional and secure action. Guidance is provided to verify access control configurations through the specified reference documentation.