π Google Cloud SQL Server Instance user connections Database Flag is set to a limiting (other than 0) value π’
- Contextual name: π SQL Server Instance user connections Database Flag is set to a limiting (other than 0) value π’
- ID:
/ce/ca/google/sql/sqlserver-instance-user-connections-flag - Located in: π Google Cloud SQL
Flagsβ
- π’ Policy with categories
- π’ Policy with type
- π’ Production policy
Our Metadataβ
- Policy Type:
COMPLIANCE_POLICY - Policy Category:
RELIABILITY
Similar Policiesβ
- Cloud Conformity
Logicβ
- π§ prod.logic.yaml π’
Descriptionβ
Descriptionβ
It is recommended to check the
user connectionsfor a Cloud SQL SQL Server instance to ensure that it is not artificially limiting connections.Rationaleβ
The
user connectionsoption specifies the maximum number of simultaneous user connections that are allowed on an instance of SQL Server. The actual number of user connections allowed also depends on the version of SQL Server that you are using, and also the limits of your application or applications and hardware. SQL Server allows a maximum of 32,767 user connections. Because user connections is by default a self-configuring value, with SQL Server adjusting the maximum number of user connections automatically as needed, up to the maximum value allowable. For example, if only 10 users are logged in, 10 user connection objects are allocated. In most cases, you do not have to change the value for this option. The default is 0, which means that the maximum (32,767) user connections are allowed. However if there is a number defined here that limits connections, SQL Server will not allow anymore above this limit. If the connections are at the limit, any new requests will be dropped, potentially causing lost data or outages for those using the database.... see more
Remediationβ
Remediationβ
From Google Cloud Consoleβ
- Go to the Cloud SQL Instances page in the Google Cloud Console by visiting https://console.cloud.google.com/sql/instances.
- Select the SQL Server instance for which you want to enable to database flag.
- Click
Edit.- Scroll down to the
Flagssection.- To set a flag that has not been set on the instance before, click
Add item, choose the flaguser connectionsfrom the drop-down menu, and set its value to your organization recommended value.- Click
Saveto save your changes.- Confirm your changes under
Flagson the Overview page.From Google Cloud CLIβ
Configure the
user connectionsdatabase flag for every Cloud SQL SQL Server database instance using the below command.gcloud sql instances patch <INSTANCE_NAME> --database-flags "user connections=[0-32,767]"Note: This command will overwrite all database flags previously set. To keep those and add new ones, include the values for all flags you want set on the instance; any flag not specifically included is set to its default value. For flags that do not take a value, specify the flag name followed by an equals sign ("=").
policy.yamlβ
Linked Framework Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ CIS GCP v3.0.0 β πΌ 6.3.3 Ensure 'user Connections' Database Flag for Cloud Sql Sql Server Instance Is Set to a Non-limiting Value - Level 1 (Automated) | 1 | |||
| πΌ Cloudaware Framework β πΌ System Configuration | 24 |