Benchmark: 6.3 SQL Server
Overview
This section covers recommendations addressing Cloud SQL for SQL Server on Google Cloud Platform.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-gcp-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select 6.3 SQL Server.
Run this benchmark in your terminal:
powerpipe benchmark run gcp_compliance.benchmark.cis_v300_6_3Snapshot and share results via Turbot Pipes:
powerpipe benchmark run gcp_compliance.benchmark.cis_v300_6_3 --shareControls
- 6.3.1 Ensure 'external scripts enabled' database flag for Cloud SQL SQL Server instance is set to 'off
- 6.3.2 Ensure that the 'cross db ownership chaining' database flag for Cloud SQL SQL Server instance is set to 'off'
- 6.3.3 Ensure 'user Connections' Database Flag for Cloud Sql Sql Server Instance Is Set to a Non-limiting Value
- 6.3.4 Ensure 'user options' database flag for Cloud SQL SQL Server instance is not configured
- 6.3.5 Ensure 'remote access' database flag for Cloud SQL SQL Server instance is set to 'off'
- 6.3.6 Ensure '3625 (trace flag)' database flag for all Cloud SQL Server instances is set to 'on'
- 6.3.7 Ensure that the 'contained database authentication' database flag for Cloud SQL on the SQL Server instance is not set to 'on'