Skip to main content

MongoDB Public and Any IP Access Check

ID: rule:aliyun:mongodb-public-and-any-ip-access-check
Severity: high

Description

Ensures that MongoDB instances do not have an open whitelist (0.0.0.0/0).

Reason for Violation

Setting the whitelist to 0.0.0.0/0 allows any IP to attempt connection, significantly increasing the risk of data breaches or brute force attacks.

Recommendation

Restrict the IP whitelist for the MongoDB instance to specific trusted IP ranges.

Resource Types

ALIYUN::MONGODB::Instance

Description
Reason for Violation
Recommendation
Resource Types