gcp-sql-ssl-off¶
Ensure all Cloud SQL database instance requires all incoming connections to use SSL
It is highly recommended that you enforce using SSL/TLS to connect your databases, especially if you plan on connecting across the Internet.
Examples¶
Insecure Example
resource "google_sql_database_instance" "main-db" {
name = "main-db"
database_version = "MYSQL_5_7"
"settings" {
tier = "db-n1-standard-1"
disk_autoresize = true
ip_configuration {
require_ssl = false
}
backup_configuration {
binary_log_enabled = true
enabled = true
start_time = "03:00"
}
}
}
Secure Example
resource "google_sql_database_instance" "main-db" {
name = "main-db"
database_version = "MYSQL_5_7"
"settings" {
tier = "db-n1-standard-1"
disk_autoresize = true
ip_configuration {
require_ssl = true
}
backup_configuration {
binary_log_enabled = true
enabled = true
start_time = "03:00"
}
}
}