Configuring Scan Settings for GCP Database

Posture Control (DSPM) Help
Scan Settings
Scan Settings for GCP
Configuring Scan Settings for GCP Database

Posture Control (DSPM)

Configuring Scan Settings for GCP Database

You can configure the scan settings to scan the Google Cloud Platform (GCP) databases such as SQL, MySQL and PostgreSQL. DSPM scans the database instances for any sensitive data. The scan results are displayed on the Data Inventory page.

You can configure the scan settings after onboarding the GCP organization. To learn more, see About Cloud Accounts.

To scan the GCP databases:

1. Select the cloud and resource type.
1. Go to Administration > Scan Settings.
2. Select the Scan Settings tab.
  If you are configuring the scan settings for the first time, the following page appears:
  See image.
  Close
3. Click Configure Scan Settings.
4. For subsequent configurations, click Add Scan Settings on the Scan Settings page.
  See image.
  Close
5. On the Select Cloud and Resource Type page:
  - For Cloud Type, select Google Cloud.
  - For Resource Type, select Database
  See image.
  Close
6. Click Next.
Close
2. Select the projects that must be scanned.
1. On the Select Resources to Scan page, choose one of the following options:
  - Scan All Projects: Scans all the supported databases across all onboarded projects.
    See image.
    Close
  - Exclude Projects from the Scan: Exclude specific projects from the scan. When you select this option, the list of projects is displayed. Select the checkbox for the projects that must be excluded from the scan.
    See image.
    Close
  - Scan Specific Projects: Scan only specific projects. When you select this option, the list of projects is displayed. Select the checkbox for the projects that must be scanned.
    See image.
    Close
  - Scan Specific Database Instances or Clusters: Specify the instances or clusters that must be scanned. When you select this option, enter the key-value pairs for the instance tags. You can add multiple key-value pairs.
    See image.
    Close
2. Click Next.
3. If you chose Scan All Projects, you can optionally exclude specific database servers from the scan.
  See image.
  Close
4. Click Next.
Close
3. Select the scan type.
1. On the Scan Type page, you can choose to perform one of the following scans:
  - Data Sampling Scan: Scan a sample of recent data in the database.
  - Full Scan: A complete scan of all databases across all onboarded projects.
  DSPM cannot detect files that are deleted in the GCP console.
  See image.
  Close
2. Click Next.
Close
4. Set up the scan schedule.
1. On the Scan Schedule page, select the scan frequency:
  - Daily: Scan the data daily.
  - Weekly: Scan the data once a week. Select the day from the drop-down menu.
  - Monthly: Scan the data once a month.
  See image.
  Close
2. Click Next.
Close
5. Select the scan scope.
1. On the Scan Scope page, choose a scan scope from the drop-down menu to set up your scan settings.
  To learn more about configuring and creating a scan scope, see Configuring Scan Scope.
  See image.
  Close
2. Click Next.
Close
6. Review and complete the configuration.
1. Review the scan settings. Click the Edit icon to change any values, if required.
  See image.
  Close
2. Click Finish.
Close

Posture Control (DSPM)

Configuring Scan Settings for GCP Database

Was this article helpful? Click an icon below to submit feedback.

Related Articles