PlatformResourcesSign inSign Up

Ensure Alibaba Cloud MongoDB has transparent data encryption enabled

Error: Alibaba Cloud MongoDB does not have transparent data encryption enabled

Bridgecrew Policy ID: BC_ALI_GENERAL_15
Checkov Check ID: CKV_ALI_44
Severity: LOW

Suggest Edits

Alibaba Cloud MongoDB does not have transparent data encryption enabled

Description

Transparent data encryption for your Alibaba Cloud MongoDB helps protect your data from unauthorized access or tampering by encrypting the data as it is written to disk and decrypting it when it is accessed. By enabling transparent data encryption, you can help ensure that only authorized users with the correct keys can access and decrypt the data, and that the data is protected while in storage.

Fix - Runtime

Fix - Buildtime

Terraform

resource "alicloud_mongodb_instance" "pass" {
  engine_version      = "3.4"
  db_instance_class   = "dds.mongo.mid"
  db_instance_storage = 10
  vswitch_id          = alicloud_vswitch.ditch.id
  security_ip_list    = ["10.168.1.12", "100.69.7.112"]
  kms_encryption_context= {

  }
  # tde_status = "Disabled"
  ssl_action = "Update"
  # not set
  network_type = "VPC"
  tde_status = "enabled"
}

Updated 3 months ago