Create a Post
Offir_Zigelman
Employee Alumnus
Employee Alumnus

New CloudGuard Dome9 Entity: GCP Cloud SQL

We added support for GCP Cloud SQL in the Dome9 Compliance Engine and Inventory.

Cloud SQL is a GCP managed database service that supports PostgreSQL, MySQL, and SQL Server.

It is now possible to reason on Cloud SQL configurations such as replications and disk sizes; networking configurations like IP addresses; and security settings such as certificates and user access rights.

 

Sample GSL:

  • CloudSQL DB should not be publicly exposed
    CloudSql should not have ipAddresses contain [ ipAddress isPublic() ]
  • Make sure auto backup is enabled
    CloudSqlshould have settings.backupConfiguration.enabled

 

Note: retrieving data on CloudSQL requires additional permissions. Check the Dome9 GCP Onboarding for new onboarding procedure, and Cloud Accounts page for missing permissions notifications.

Offir Zigelman, Dome9 Product Team Lead
0 Replies