CloudSQL Access Controls

Securing the development environment is a critical challenge for DevSecOps teams that must navigate multiple cloud environments and technologies. To improve collaboration between developers, security professionals, and IT operations staff, we need to provide secure access physical networks and services—which often includes providing elevated levels of permissions for databases such as CloudSQL. Ultimately, you should come away with an understanding of how to securely grant developers increased privileges in their public cloud CloudSQL environments without sacrificing any security posture or control.




Managing Permissions in CloudSQL

This blog post will explore how to efficiently manage secured elevated permissions to CloudSQL, an enterprise database service offered on Google Cloud Platform. With Apono strategies, you can make sure that only those who need it have access to the right information while minimizing both project overhead and organizational risk. Let’s dive in!




Using Apono To Provide Temporary Access to CloudSQL

Your first step in create an Apono account, you can start your journey here.

Follow the steps at our CloudSQL Integration Guide.

Now that Apono is set you can start creating Dynamic Access Flows:

  • Automatic Approval Access Flows – Using admin defined context and pre defined role to provide automatic access to CloudSQL resources.
  • Manual Approval Access Flows – Using admin defined context and pre defined role to provide automatic access to CloudSQL resources.



Using Apono declarative access flow creator you will be able to simply define:

  • Approvers
    • User Group (round-robin)
    • Single User
    • Automatic – Contextual
  • Requesters
    • User Group
    • Single User
  • Resource
    • Single Resource
    • Pre-Defined Resource Group
    • Partition of a resource
  • Duration
    • By Hours
    • By Days
    • Infinite

Example: CloudSQL Automatic Approval Access Flow:

Example: CloudSQL Manual Approval Workflow:

CTO and Co-founder at Apono | + posts

Ofir is the CTO and Co-founder at Apono. Ofir is a feisty tennis and volleyball player! Throughout his experience Ofir was a Software Development Team Lead at Logz.io. Previously he served as Connectivity Team Lead at the Israeli Air Force. Ofir holds a Bachelor's degree in Computer Science.