Automated Backups Should Be Enabled
More Info:
Ensures automated backups are enabled for SQL instances. Google provides a simple method of backing up SQL instances at a regular interval. This should be enabled to provide an option for restoring data in the event of a database compromise or hardware failure.Risk Level
MediumAddress
Security, Reliability, Operational MaturityCompliance Standards
SOC2, CISGCP, CBP, HITRUST, NISTCSF, PCIDSSTriage and Remediation
Remediation
Using Console
Using Console
To remediate the misconfiguration “Automated Backups Should Be Enabled” in GCP using GCP console, please follow the below steps:
- Login to your GCP console.
- Select the project for which you want to enable automated backups.
- Go to the left-hand side menu and select the “SQL” option under the “Storage” section.
- Select the instance for which you want to enable automated backups.
- Click on the “Edit” button at the top of the page.
- Scroll down to the “Backup” section.
- In the “Backup configuration” subsection, select the “Enable automatic backups” checkbox.
- Set the desired backup start time and frequency.
- Set the desired retention period for the backups.
- Click on the “Save” button at the bottom of the page to save the changes.
Using CLI
Using CLI
To remediate the misconfiguration “Automated Backups Should Be Enabled” in GCP using GCP CLI, you can follow the below steps:Replace the following placeholders with appropriate values:That’s it! You have successfully remediated the misconfiguration “Automated Backups Should Be Enabled” for GCP using GCP CLI.
- Open the command prompt or terminal and authenticate to your GCP account using the following command:
- Once you are authenticated, set the project that you want to remediate the misconfiguration for using the following command:
- Check the current status of automated backups for the GCP instance using the following command:
- If the output of the above command is “False”, then automated backups are not enabled for the instance. To enable automated backups, run the following command:
- [INSTANCE_NAME]: Name of the GCP instance that you want to remediate the misconfiguration for.
- [HH:MM]: Time of day in 24-hour format when you want to start the automated backup.
- [LOCATION]: Location where you want to store the backups.
- [DAYS]: Number of days that you want to retain the backups.
- After running the above command, automated backups will be enabled for the GCP instance. You can verify the status of automated backups using the following command:
Using Python
Using Python
To remediate the misconfiguration “Automated Backups Should Be Enabled” in GCP using Python, you can follow the below steps:
- Import the necessary libraries:
- Authenticate and create a client object:
- Get the list of all instances:
- Loop through each instance and check if automated backups are enabled:
- Replace the
project-idwith your actual project ID and run the script.