How to disable the Database flag cross db ownership chaining for Cloud SQL on the SQL Server instance via gcloud

Introduction

The cross db ownership for chaining option is used to configure cross-database ownership chaining for an instance of Microsoft SQL Server. This server option allows you to control cross-database ownership chaining at the database level or to allow cross-database ownership chaining for all databases essentially this is a security feature of SQL Server that allows users of databases access to other databases besides the one they are currently using.

Enabling cross db ownership is not recommended unless all of the databases hosted by the instance of SQL Server must participate in cross-database ownership chaining.

Steps to disable the “cross db ownership chaining” flag using gcloud

1. List all Cloud SQL database Instances

   gcloud sql instances list

   

2. Configure the cross db ownership chaining database flag for every Cloud SQL SQL Server database instance using the below command:

   gcloud sql instances patch <instance_name> --database-flags "cross db ownership chaining=off"

   

Note : This command will overwrite all database flags previously set. To keep those and add new ones, include the values for all flags you want set on the instance; any flag not specifically included is set to its default value. For flags that do not take a value, specify the flag name followed by an equals sign (""="").

OR

• To modify only cross db ownership chaining database flag, configure the database flag by overriding the cross db ownership chaining. Include cross db ownership chaining flag and its value, and also keep all other flags you want to configure

  gcloud sql instances patch [INSTANCE_NAME] --database-flags [FLAG1=VALUE1,FLAG2=VALUE2]