MongoDB Instance Public Access Check
ID: rule:aliyun:mongodb-public-access-check
Severity: high
IaC Types: ROS, Terraform
Description
MongoDB instance security IP list should not contain 0.0.0.0/0 which allows access from any IP.
Reason for Violation
The MongoDB instance security_ip_list contains 0.0.0.0/0, allowing access from any IP.
Recommendation
Remove 0.0.0.0/0 from security_ip_list and use specific trusted IP ranges.
Resource Types
- ROS:
ALIYUN::MONGODB::Instance - Terraform:
alicloud_mongodb_instance