Benchmark: 6 Cloud SQL Database Services
Overview
This section covers security recommendations to follow to secure Cloud SQL database services.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-gcp-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select 6 Cloud SQL Database Services.
Run this benchmark in your terminal:
powerpipe benchmark run gcp_compliance.benchmark.cis_v130_6Snapshot and share results via Turbot Pipes:
powerpipe benchmark run gcp_compliance.benchmark.cis_v130_6 --shareBenchmarks
Controls
- 6.4 Ensure that the Cloud SQL database instance requires all incoming connections to use SSL
- 6.5 Ensure That Cloud SQL Database Instances Do Not Implicitly Whitelist All Public IP Addresses
- 6.6 Ensure that Cloud SQL database instances do not have public IPs
- 6.7 Ensure that Cloud SQL database instances are configured with automated backups