Contained database authentication should be disabled
Users with ALTER permissions on users can grant access to a contained database without the knowledge of an administrator
Impact
Access can be granted without knowledge of the database administrator
Recommended Actions
Follow the appropriate remediation steps below to resolve the issue.
Disable contained database authentication
1
2
3
4
5
6
7
8
9
10
11
12
|
resource "google_sql_database_instance" "db" {
name = "db"
database_version = "SQLSERVER_2017_STANDARD"
region = "us-central1"
settings {
database_flags {
name = "contained database authentication"
value = "off"
}
}
}
|
Links