Turbot Guardrails Hub 
Hub
  • Mods
  • Policy Packs
  • Docs
  • Home
ModsPolicy PacksDocsHome
Mods
GCP
Loading policies...

Policy: GCP > SQL > Instance > Database Flags > SQL Server > Template

The template is used to generate the keys and values for database flags under GCP SQL instance.

Database flags are configurable parameters that allow to customize the behavior and performance of the Cloud SQL instance. These flags can be used to set various database engine options, such as enabling or disabling specific features, tuning performance settings, or adjusting the default behavior of the database. Changes to database flags usually require a restart of the instance to take effect.

Flags not defined in SQL Instance Databse Flags Template will not be modified or deleted. Setting a flag value to undefined or null will result in the flag being deleted.

Sample flags supported for SQL Server DB engine:

SQL Server: external scripts enabled: off cross db ownership chaining: off user connections: 10 user options: 2 remote access: off 3625: on contained database authentication: off

See SQL Server database flags for more information.

Note: cross db ownership chaining flag is deprecated for all SQL Server versions. Going forward, you can't set its value to on. However, if you have this flag enabled, we strongly recommend that you either remove the flag from your database or set it to off.

Targets

This policy targets the following resource types:

  • GCP > SQL > Instance

Primary Policy

This policy is used with the following primary policy:

  • GCP > SQL > Instance > Database Flags > SQL Server

Controls

Setting this policy configures this control:

  • GCP > SQL > Instance > Database Flags

Policy Packs

This policy setting is used by the following policy packs:

  • GCP CIS v2.0.0 - Section 6 - Cloud SQL Database Services

Policy Specification

Schema Type
object
Default
{}
Examples [YAML]
  • 3625: on
external scripts enabled: off
cross db ownership chaining: off
user connections: 10
user options: 2
remote access: off
contained database authentication: off

Category

  • Resource > Logging

In Your Workspace

  • Policy Settings by Type report

Developers

    Category URI
    • tmod:@turbot/turbot#/control/categories/resourceLogging
    • Policy Type URI
    • tmod:@turbot/gcp-sql#/policy/types/instanceSqlDatabaseFlagsTemplate
    • GraphQL
    • query policyType(id: "tmod:@turbot/gcp-sql#/policy/types/instanceSqlDatabaseFlagsTemplate") { … }
    • query policySettings(filter: "policyTypeId:'tmod:@turbot/gcp-sql#/policy/types/instanceSqlDatabaseFlagsTemplate'") { … }
    • query policyValues(filter: "policyTypeId:'tmod:@turbot/gcp-sql#/policy/types/instanceSqlDatabaseFlagsTemplate'") { … }
    • CLI
    • Get Policy Type
    • turbot graphql policy-type --id "tmod:@turbot/gcp-sql#/policy/types/instanceSqlDatabaseFlagsTemplate"
      • Get Policy Settings
    • turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/gcp-sql#/policy/types/instanceSqlDatabaseFlagsTemplate"
Guardrails
Guardrails Hub
  • Hub
  • Docs
  • Blog
  • Changelog
Products
  • GuardrailsGuardrails
  • PipesPipes
  • SteampipeSteampipe
  • PowerpipePowerpipe
  • FlowpipeFlowpipe
  • TailpipeTailpipe
Turbot
  • Home
  • About us
  • We're hiring!
  • Contact us
Community

Our community of practitioners love to discuss cloud governance & security.

Slack logoJoin us on Slack →

System StatusLegalSecurity
Terms of UseSecurityPrivacy
39
Mods
130
Resource Types
2,226
Policies
1,100
Controls
35
Quick Actions
83
IAM