MongoDB Whitelist Internet Restriction

ID: rule:aliyun:mongodb-public-access-check
Severity: high

Description

Ensures MongoDB security IP whitelists do not contain 0.0.0.0/0.

Reason for Violation

An open MongoDB whitelist allows unrestricted access to sensitive data over the internet.

Recommendation

Restrict the MongoDB whitelist to trusted IP ranges.

Resource Types

• ALIYUN::MONGODB::Instance