Ensure that your Second-Generation Cloud SQL database instances are configured to use private IP addresses instead of public IPs.
By default, each Cloud SQL database instance is configured with a public IP address. To reduce the application`s attack surface, Cloud SQL databases should have only private IPs attached. Private IPs provide improved cloud network security and lower latency for your database applications.
To determine if your Second-Generation SQL database instances are using public IP addresses, perform the following actions:
Remediation / Resolution
To reconfigure your Google Cloud SQL database instances to use private IP addresses instead of public IPs, perform the following actions:
- CIS Security Documentation
- Securing Google Cloud Computing Platform
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
You are auditing:
Check for Cloud SQL Database Instances with Public IPs
Risk level: Medium