diff --git a/app/README.md b/app/README.md
index 31246415277110d7479ba4bb40df9c265b03f725..bf92513c4ff0a1f975c8dd483ea8319373f18f1b 100644
--- a/app/README.md
+++ b/app/README.md
@@ -39,11 +39,18 @@ Recently policy service was migrated from Flask to FastAPI, this was done in par
     * baremetal
     * aws
     * azure
-    * gcp
+    * gc
     * ibm
     * LOCAL
     * MOCK or undefined
-
+  
+    Libraries for working with storage can only be imported for the following providers:
+    * baremetal
+    * aws
+    * azure
+    * gc
+    * ibm
+    
     Related Settings/Environmental variables:
     - `POLICY_BUCKET` - used by AWS, Google Cloud and IBM to determine which bucket is used for providing bundle files. Service identity running policy service needs to have write permission to contents in this bucket. Note us-east-1 is only region supported at this time for AWS.
     - `CONTAINER_NAME` - used by Azure to determine which container is used for providing bundle files. Service principal running policy service needs to have write permission to contents in this bucket.
diff --git a/app/bundles/storage.py b/app/bundles/storage.py
index 4dd0616a93cc11a003fd97c7432bca41aa48a699..174aa8d2cc76475b9e6b530e6f5eecd8f577e17f 100644
--- a/app/bundles/storage.py
+++ b/app/bundles/storage.py
@@ -22,6 +22,8 @@ from typing import Tuple
 
 from osdu_api.providers.types import FileLikeObject
 
+import conf
+
 logger = logging.getLogger(__name__)
 
 
@@ -56,11 +58,16 @@ def get_storage() -> BundleStorageClient:
         sys.exit(1)
 
     cloud_env = os.environ.get("CLOUD_PROVIDER")
-    try:
-        provider_module = _import_provider_specific_module(cloud_env)
-    except ModuleNotFoundError as exc:
-        logger.critical(f"Error occurred while importing module for {cloud_env}")
-        logger.critical(f"Exception: {exc}")
+
+    if cloud_env in conf.ALLOWED_CLOUD_PROVIDERS:
+        try:
+            provider_module = _import_provider_specific_module(cloud_env)
+        except ModuleNotFoundError as exc:
+            logger.critical(f"Error occurred while importing module for {cloud_env}")
+            logger.critical(f"Exception: {exc}")
+    else:
+        logger.critical("Error: specified CLOUD_PROVIDER wasn't in allowed list")
+        sys.exit(1)
 
     logger.info(f"get_storage provider for cloud_env {cloud_env}")
     return provider_module.storage_client()
diff --git a/app/conf.py b/app/conf.py
index 14702f4162df7fbdc4ff897990a0badda3d2e2b5..60456ca3918968dacd25a6d809d3d099d6c6e1e9 100644
--- a/app/conf.py
+++ b/app/conf.py
@@ -546,4 +546,8 @@ ALLOW_CORRELATION_ID_PATTERN = "^[A-Za-z0-9_-]*$"
 # OCI Registry not supported
 OPA_SUPPORTED_SERVICES = ["s3", "gcs", "gcp", "blob", "nginx"]
 
+# whitelisted cloud providers to import libraries
+ALLOWED_CLOUD_PROVIDERS = {"aws", "azure", "baremetal", "gc", "ibm"}
+
+
 CLOUD_PROVIDER = os.getenv("CLOUD_PROVIDER", "LOCAL")