Skip to main content

MongoDB Instance Public Access Check

ID: rule:aliyun:mongodb-public-access-check
Severity: high
IaC Types: ROS, Terraform

Description

MongoDB instance security IP list should not contain 0.0.0.0/0 which allows access from any IP.

Reason for Violation

The MongoDB instance security_ip_list contains 0.0.0.0/0, allowing access from any IP.

Recommendation

Remove 0.0.0.0/0 from security_ip_list and use specific trusted IP ranges.

Resource Types

  • ROS: ALIYUN::MONGODB::Instance
  • Terraform: alicloud_mongodb_instance