Description

This control ensures that SSL encryption is enabled for SQL database connections, which include PostgreSQL, MySQL (generation 1 and 2), and SQL Server 2017 instances. Using SSL encryption protects sensitive data such as credentials, database queries, and query outputs from being intercepted through a Man-in-the-Middle (MITM) attack. Enforcing SSL encryption enhances the security of database connections by ensuring that all data exchanged between clients and the Cloud SQL database instance is securely transmitted.

Remediation

To enforce SSL encryption for your database connections, follow the instructions in the Configure SSL for a Cloud SQL instance section of the Google Cloud documentation.