search
Sprinto DashboardAPI Reference

GCP

Monitor GCP infrastructure like CloudSQL, Compute Engine, and VPC using Stackdriver to meet compliance checks in Sprinto.

The GCP Infrastructure Monitors section helps you monitor critical metrics and configurations across your GCP workloads to ensure high availability, system integrity, and compliance with regulatory standards.

Sprinto integrates with Google Cloud Monitoring (Stackdriver) to automatically detect key infrastructure metrics and misconfigurations. This allows your team to receive alerts and resolve issues before they escalate into compliance failures.

hashtag
What does Sprinto monitor?

Service
Monitored Metric / Check

Cloud SQL

CPU utilisation, memory usage, available storage, public access configuration

Compute Engine

CPU utilisation, protection from direct internet traffic

Firestore

Read and write frequency monitoring

hashtag
Monitors and How to Resolve Them

1. Monitor GCP Cloud SQL CPU and Memory Usage

  • Go to GCP Console > Monitoring > Metrics Explorer

  • Select resource type: Cloud SQL Database

  • Choose metrics:

    • database/cpu/utilization

    • database/memory/utilization

  • Set alerting policies based on thresholds

  • Upload metric graphs and alert rules as evidence

2. Monitor Freeable Storage on Cloud SQL

  • Same steps as above

  • Metric: database/disk/bytes_used

  • Compare against provisioned size

  • Add storage or set up alerts as needed

3. Protect Cloud SQL from Direct Internet Access

  • Navigate to Cloud SQL > Connections

  • Disable “Public IP”

  • Ensure Private IP is used via VPC

  • Upload screenshot of updated configuration

4. Monitor GCP Compute Instance CPU Utilisation

  • Go to Monitoring > Metrics Explorer

  • Select resource type: gce_instance

  • Metric: compute.googleapis.com/instance/cpu/utilization

  • Upload metric screenshot and alert configuration

5. Protect Compute Instances from Public Access

  • Open VPC Network > Firewall Rules

  • Identify any rules that allow 0.0.0.0/0 for SSH (port 22) or RDP (port 3389)

  • Restrict access to approved IPs

  • Upload updated rule configuration

6. Monitor Firestore Read Frequency

  • Go to Monitoring > Metrics Explorer

  • Resource: cloud_firestore_database

  • Metric: document/read_count

  • Set thresholds based on expected usage pattern

  • Upload charts as evidence

7. Monitor Firestore Write Frequency

  • Same as above

  • Metric: document/write_count

hashtag
Accepted Evidence

Type
Description

Metric Screenshot

Graph showing monitored value over time (e.g. CPU, memory, read/write)

Alert Policy Config

JSON or screenshot showing alert thresholds and triggers

Firewall / Network Screenshot

Proof of no public access configuration

hashtag
Compliance Mapping

Control Category
Frameworks Supported

Infrastructure Monitoring

ISO 27001 A.12.4.1, SOC 2 CC7.2

Network Security

ISO 27001 A.13.1.1, SOC 2 CC6.6

Availability Management

HIPAA §164.308(a)(7), PCI DSS 11.5

PreviousHow to resolve Sprinto check to disable the cross tenant replication on Azure Cloud storage accountNextHow to resolve Sprinto check for monitoring GCP CloudSQL CPU Utilization

Last updated