Ensure Alibaba Cloud MongoDB instance is not public

Error: Alibaba Cloud MongoDB instance is public

Bridgecrew Policy ID: BC_ALI_NETWORKING_7
Checkov Check ID: CKV_ALI_43
Severity: LOW

Alibaba Cloud MongoDB instance is public

Description

Fix - Runtime

Disabling the public network access properly improves security by ensuring your Alibaba Cloud MongoDB instances can only be accessed from a private endpoint.

Fix - Buildtime

Terraform

resource "alicloud_mongodb_instance" "pass2" {
  engine_version      = "3.4"
  db_instance_class   = "dds.mongo.mid"
  db_instance_storage = 10
  vswitch_id          = alicloud_vswitch.ditch.id
  security_ip_list    = ["10.168.1.12", "100.69.7.112"]
  kms_encryption_context= {

  }
  # tde_status = "Disabled"
  ssl_action = "Update"
  # not set
  network_type = "VPC"
}

Updated 6 months ago