Help Docs

Google Cloud Guidance Report

Site24x7's Google Cloud Guidance Report offers tailored insights to fine-tune your cloud resources and provides recommendations to optimize costs, improve fault tolerance and performance. Identify bottlenecks, optimize configurations, and ensure peak performance for your Google Cloud setup by implementing the recommendations provided in Guidance Report.

Where can I view the Guidance Report

You can view the Guidance report for Google Cloud by logging into Site24x7 and then navigating to Cloud in the left navigation pane > GCP > your monitor name > Guidance Report.

List of Google Cloud services covered under Guidance Report

  • Cloud SQL
  • Kubernetes Cluster

Cloud SQL

Enable Automated Backups

Severity:

High

Category:

Reliability

Baseline:

Automated backups ensure the protection of your valuable data by creating regular, scheduled backups of your Cloud SQL databases. In case of accidental data loss, database corruption, or other unforeseen issues, you can easily restore your data to the previous state.

Recommendation:

In the Backups section, check whether Automated Backups are enabled.

Enable Automatic Storage Increase

Severity:

Medium

Category:

Cost

Baseline:

If Automated Backups are enabled, whenever your resource nears the full capacity, storage limit will be increased (permanently).

Recommendation:

In the Edit Configurations section check whether the automatic storage increase is enabled under Storage settings.

Check for MySQL Major Version

Severity:

Medium

Category:

Performance

Baseline:

Ensure that your Google Cloud MySQL database instances are using the latest major version of MySQL database in order to receive the latest database features and benefit from enhanced performance and security.

Recommendation:

Upgrade the database version.

Check for PostgreSQL Major Version

Severity:

Medium

Category:

Performance

Baseline:

Ensure that your Google Cloud PostgreSQL database instances are using the latest major version of PostgreSQL database in order to receive the latest database features and benefit from enhanced performance and security.

Recommendation:

Upgrade the database version.

Kubernetes Cluster

Enable Integrity Monitoring for Cluster Nodes

Severity:

Medium

Category:

Security

Baseline:

In the Google Cloud console's Security section, check the Integrity monitoring feature status. Ensure that the Integrity Monitoring feature is enabled for your Google Kubernetes Engine (GKE) cluster nodes in order to monitor and automatically check the runtime boot integrity of your shielded cluster nodes using Google Cloud Monitoring service.

Recommendation:

Enable Integrity Monitoring for Cluster Nodes.

Restrict Network Access to GKE Clusters

Severity:

Medium

Category:

Security

Baseline:

Adding master authorized networks can provide network level protection and additional security benefits for your Google Kubernetes Engine (GKE) cluster. Authorized networks grant access to a specific set of trusted IP addresses, such as those that originate from a secure network.This can help protect access to your GKE cluster in case of a vulnerability in the cluster's authentication or authorization mechanism.

Recommendation:

Check the Master authorized networks attribute value. If the Master authorized networks value is set to Disabled, anyone on the Internet can perform network connections to the cluster control plane.

Configure Shielded GKE Cluster Nodes

Severity:

Medium

Category:

Security

Baseline:

Ensure that your Google Kubernetes Engine (GKE) cluster pool nodes are shielded in order to provide strong cryptographic identity.This limits the ability of an attacker to impersonate a node in your GKE cluster even if the attacker is able to extract the node credentials.

Recommendation:

Configure Shielded GKE Cluster Nodes. Check the Shielded GKE Nodes configuration attribute value.

Related content

Was this document helpful?

Shortlink has been copied!