Benchmark: 6.3 SQL Server
Overview
This section covers recommendations addressing Cloud SQL for SQL Server on Google Cloud Platform.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-gcp-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select 6.3 SQL Server.
Run this benchmark in your terminal:
powerpipe benchmark run gcp_compliance.benchmark.cis_v120_6_3Snapshot and share results via Turbot Pipes:
powerpipe benchmark run gcp_compliance.benchmark.cis_v120_6_3 --shareControls
- 6.3.1 Ensure 'external scripts enabled' database flag for Cloud SQL SQL Server instance is set to 'off'
- 6.3.2 Ensure that the 'cross db ownership chaining' database flag for Cloud SQL SQL Server instance is set to 'off'
- 6.3.3 Ensure 'user connections' database flag for Cloud SQL SQL Server instance is set as appropriate
- 6.3.4 Ensure 'user options' database flag for Cloud SQL SQL Server instance is not configured
- 6.3.5 Ensure 'remote access' database flag for Cloud SQL SQL Server instance is set to 'off'
- 6.3.6 Ensure '3625 (trace flag)' database flag for Cloud SQL SQL Server instance is set to 'off'
- 6.3.7 Ensure that the 'contained database authentication' database flag for Cloud SQL on the SQL Server instance is set to 'off'