Ensure that Cloud SQL Database Instances are not publicly exposed
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | sql |
| Provider | |
| Vulnerability Type | omission |
Description#
The configuration allows Cloud SQL database instances to be accessible from the public internet by permitting public IPs or broad CIDR ranges (e.g., 0.0.0.0/0). This exposes the database outside the internal network, increasing the risk of unauthorized access.
Impact#
If exploited, attackers could connect to the database from anywhere on the internet, potentially leading to data breaches, data loss, or service disruption. Sensitive information stored in the database could be exposed or manipulated, compromising the security and integrity of organizational data.
Resolution#
Remove public access from database instances