Other Articles
- Cloud SQL – Configure Private IP
- Cloud SQL – Enable Deletion Protection
- Cloud SQL – Enable Disk Encryption
- Cloud SQL – Enable Automated Backups
- Cloud SQL – Enable Log Export
- Cloud SQL – Enforce Password Validation
- Cloud SQL – Protect From Internet Access
- Cloud SQL – Enforce Secure Transport
- Compute Engine – Block Project-Wide SSH Keys
- Compute Engine – Disable IP Forwarding
- Compute Engine – Disable Public IP Addresses
- Compute Engine – Disable Serial Port Access
- Compute Engine – Enable Confidential Computing
- Compute Engine – Enable OS Login
- Compute Engine – Enable Shielded VM
- Compute Engine – Restrict Default Service Account
- General – Deny Public Access to KMS Keys
- General – Enforce Duties Separation
- General – Enforce KMS Key Rotation
- General – Restrict Admin Roles on Service Accounts
- Cloud Run – Configure Timeout Settings
- Cloud Storage – Enable Bucket Encryption
- Cloud Storage – Enable Bucket Logging
- Cloud Storage – Enable Bucket Versioning
- Cloud Storage – Enforce Uniform Bucket-Level Access
- Cloud Storage – Restrict Public Access
- IAM Users – Enforce GCP-Managed Keys
- IAM Users – Rotate External User-Managed Service Account Keys
Cloud SQL – Monitor CPU Utilization
This check ensures that CPU monitoring is enabled for Cloud SQL instances. Monitoring CPU utilization helps identify performance bottlenecks, capacity issues, and abnormal usage patterns that may impact database availability.
Check Details
- Resource: Cloud SQL
- Check: Enable CPU monitoring
- Risk: Without CPU monitoring, performance issues and resource exhaustion may go unnoticed, potentially leading to degraded performance, outages, or delayed incident response.
Remediation via Google Cloud Console
-
Log in to the Google Cloud Console and navigate to
Cloud SQL.
- Click on the affected Cloud SQL instance.
- Open the Monitoring tab for the instance.
-
Verify that CPU utilization metrics are visible and actively
being collected.
- Ensure that Cloud Monitoring is enabled for the project and instance.
Remediation via Google Cloud CLI
-
Open the Google Cloud Console and launch
Cloud Shell.
-
Verify that Cloud Monitoring is enabled for the project:
gcloud services list --enabled | grep monitoring.googleapis.com
Cloud SQL automatically exports CPU utilization metrics to Cloud Monitoring when monitoring is enabled for the project. No instance-level configuration is required beyond ensuring Monitoring APIs are active.
Default Value
By default, CPU metrics are available only when Cloud Monitoring is enabled for the project. If monitoring services are disabled, CPU utilization data will not be collected or visible.