Ensure Alibaba Cloud database instance is not public

Error: Alibaba Cloud database instance is public

Bridgecrew Policy ID: BC_ALI_GENERAL_7
Checkov Check ID: CKV_ALI_9
Severity: LOW

Alibaba Cloud database instance is public

Description

By ensuring that your database instance is not public, you can help protect your data from unauthorized access or tampering. Public database instances are accessible over the internet, which can make them vulnerable to external threats such as hackers or malware. By making it private, you can help ensure that only authorized users can access the data.

Fix - Buildtime

Terraform

resource "alicloud_db_instance" "pass" {
  engine              = "MySQL"
  engine_version      = "5.6"
  db_instance_class   = "rds.mysql.t1.small"
  db_instance_storage = "10"
  security_ips = [
    "10.23.12.24"
  ]
  parameters = [{
    name  = "innodb_large_prefix"
    value = "ON"
    }, {
    name  = "connect_timeout"
    value = "50"
  }]
}