RDS Whitelist Internet Restriction
ID: rule:aliyun:rds-white-list-internet-ip-access-check
Severity: high
IaC Types: ROS, Terraform
Description
Ensures RDS security IP whitelists do not contain 0.0.0.0/0 or 0.0.0.0.
Reason for Violation
Allowing 0.0.0.0/0 in the whitelist exposes the database to all public internet traffic.
Recommendation
Remove 0.0.0.0/0 and 0.0.0.0 from security_ips and use specific trusted IPs.
Resource Types
- ROS:
ALIYUN::RDS::DBInstance - Terraform:
alicloud_db_instance