SQL Instance Backup Disabled

ID

gcp_sql_db_instance_backup_disabled

Severity

low

Vendor

GCP

Resource

AIM

Tags

non-reachable

Description

Google Cloud SQL instances should have a backup configured because backups can help you restore your data in case of accidental deletion, corruption, or disaster.

To fix it, you must configure the settings.backup_configuration.enabled property of the database instance with true.

Learn more about this topic at About Cloud SQL backups.

Examples

---
- name: create a instance
  google.cloud.gcp_sql_instance:
    name: test_object
    settings:
      tier: db-n1-standard-1
      backup_configuration:
        binary_log_enabled: true
        enabled: false
      ip_configuration:
        ipv4_enabled: true
    database_version: MYSQL_5_7
    region: us-central1
    project: test_project
    auth_kind: serviceaccount
    service_account_file: "/tmp/auth.pem"
    state: present

Mitigation / Fix

---
- name: create a instance
  google.cloud.gcp_sql_instance:
    name: test_object
    settings:
      tier: db-n1-standard-1
      backup_configuration:
        binary_log_enabled: true
        enabled: true
        start_time: 05:00
      ip_configuration:
        ipv4_enabled: true
    database_version: MYSQL_5_7
    region: us-central1
    project: test_project
    auth_kind: serviceaccount
    service_account_file: "/tmp/auth.pem"
    state: present

- name: create a read replica instance with backup file
  google.cloud.gcp_sql_instance:
    name: test_object_read_replica_with_backup_file
    settings:
      tier: db-n1-standard-1
      activation_policy: ALWAYS
      ip_configuration:
        ipv4_enabled: true
      database_version: MYSQL_5_7
      region: us-central1a
      master_instance_name : test_object # Master instance name.
      project : test_project
      auth_kind : serviceaccount
      service_account_file : "/tmp/auth.pem"
      state : present