Skip to main content

MongoDB Instance TDE with Custom KMS Key

ID: rule:aliyun:mongodb-instance-encryption-byok-check
Severity: medium
IaC Types: ROS, Terraform

Description

MongoDB instances should have TDE enabled with a customer-managed KMS encryption key (BYOK).

Reason for Violation

The MongoDB instance does not have TDE enabled with a custom KMS key.

Recommendation

Set tde_status to 'enabled' and specify an encryption_key.

Resource Types

ROS: ALIYUN::MONGODB::Instance
Terraform: alicloud_mongodb_instance

Description
Reason for Violation
Recommendation
Resource Types