SQL DB Instance Backup Disabled

  • Query id: a5bf1a1c-92c7-401c-b4c6-ebdc8b686c01
  • Query name: SQL DB Instance Backup Disabled
  • Platform: GoogleDeploymentManager
  • Severity: Medium
  • Category: Backup
  • CWE: 497
  • URL: Github

Description

Checks if backup configuration is enabled for all Cloud SQL Database instances
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - yaml file
resources:
  - name: sql-instance
    type: sqladmin.v1beta4.instance
    properties:
      settings:
        tier: db-custom-1-3840
Positive test num. 2 - yaml file
resources:
  - name: sql-instance
    type: sqladmin.v1beta4.instance
    properties:
      settings:
        tier: db-custom-1-3840
        backupConfiguration:
          binaryLogEnabled: true
Positive test num. 3 - yaml file
resources:
  - name: sql-instance
    type: sqladmin.v1beta4.instance
    properties:
      settings:
        tier: db-custom-1-3840
        backupConfiguration:
          enabled: false

Code samples without security vulnerabilities

Negative test num. 1 - yaml file
resources:
  - name: sql-instance
    type: sqladmin.v1beta4.instance
    properties:
      settings:
        tier: db-custom-1-3840
        backupConfiguration:
          enabled: true