Ensure that logging of checkpoints is enabled.

Explanation

Logging checkpoints provides useful diagnostic data, which can identify performance issues in an application and potential DoS vectors.

Possible Impact

Insufficient diagnostic data.

Suggested Resolution

Enable checkpoints logging.

Insecure Example

The following example will fail the google-sql-pg-log-checkpoints check.

resource "google_sql_database_instance" "db" {
	name             = "db"
	database_version = "POSTGRES_12"
	region           = "us-central1"
	settings {
		database_flags {
			name  = "log_checkpoints"
			value = "off"
		}
	}
}
			

Secure Example

The following example will pass the google-sql-pg-log-checkpoints check.

resource "google_sql_database_instance" "db" {
	name             = "db"
	database_version = "POSTGRES_12"
	region           = "us-central1"
	settings {
		database_flags {
			name  = "log_checkpoints"
			value = "on"
		}
	}
}
			

Getting Started
Provider Checks
Config
GitHub Actions