Pattern: Use of cross-database ownership chaining for Google SQL
Issue: -
Cross-database ownership chaining, also known as cross-database chaining, is a security feature of SQL Server that allows users of databases access to other databases besides the one they are currently using.
Resolution: Disable cross database ownership chaining.
Example of incorrect code:
resource "google_sql_database_instance" "db" {
name = "db"
database_version = "SQLSERVER_2017_STANDARD"
region = "us-central1"
}
Example of correct code:
resource "google_sql_database_instance" "db" {
name = "db"
database_version = "SQLSERVER_2017_STANDARD"
region = "us-central1"
settings {
database_flags {
name = "cross db ownership chaining"
value = "off"
}
}
}