Ensure Alibaba Cloud MongoDB instance uses SSL

Error: Alibaba Cloud MongoDB instance does not use SSL

Bridgecrew Policy ID: BC_ALI_NETWORKING_6
Checkov Check ID: CKV_ALI_42
Severity: LOW

Alibaba Cloud MongoDB instance does not use SSL

Description

SSL helps protect your data from unauthorized access or tampering by encrypting the data as it is transmitted between the MongoDB instance and the client. By enabling SSL, you can help ensure that only authorized users with the correct keys can access and decrypt the data, and that the data is protected while in transit.

Fix - Runtime

Fix - Buildtime

Terraform

resource "alicloud_mongodb_instance" "pass2" {
  engine_version      = "3.4"
  db_instance_class   = "dds.mongo.mid"
  db_instance_storage = 10
  vswitch_id          = alicloud_vswitch.ditch.id
  security_ip_list    = ["0.0.0.0/0","10.168.1.12", "100.69.7.112"]
  kms_encryption_context= {

  }
  # tde_status = "Disabled"
  ssl_action = "Update"
  # not set
  network_type = "VPC"
}