turbot/steampipe-mod-gcp-perimeter

Control: Cloud SQL instances should not be publicly accessible

Description

This control checks whether Cloud SQL instances have public access enabled.

Usage

Run the control in your terminal:

powerpipe control run gcp_perimeter.control.cloud_sql_not_publicly_accessible

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run gcp_perimeter.control.cloud_sql_not_publicly_accessible --share

Steampipe Tables

SQL

select
self_link as resource,
case
when ip_configuration ->> 'ipv4Enabled' = 'true' then 'alarm'
else 'ok'
end as status,
case
when ip_configuration ->> 'ipv4Enabled' = 'true' then title || ' has public access enabled.'
else title || ' does not have public access enabled.'
end as reason
, location, project
from
gcp_sql_database_instance;

Tags