Ensure Security Group attached to EC2 instance does not allow inbound traffic from all to TCP 27017 (MongoDB)

Error: Security Group attached to EC2 instance allows inbound traffic from all to TCP 27017 (MongoDB)

Bridgecrew Policy ID: BC_AWS_NETWORKING_21
Severity: HIGH

Security Group attached to EC2 instance allows inbound traffic from all to TCP 27017 (MongoDB)

Description

TCP port 27017 is used by the MongoDB Database, a free and open-source cross-platform document-oriented NoSQL database. We recommend all Mongo DBs should be protected with an access control mechanism to prevent data theft and data loss. Allowing unrestricted MongoDB Database access can increase opportunities for malicious activity such as hacking, denial-of-service (DoS) attacks, and loss of data.