Alibaba Cloud MongoDB is not deployed inside a VPC

Description

This policy ensures that MongoDB instances in Alibaba Cloud are deployed inside a VPC (Virtual Private Cloud). Deploying MongoDB inside a VPC provides network isolation and enhanced security, ensuring that the database is accessible only to resources within the same VPC and not exposed to the public internet.

Failing to deploy MongoDB inside a VPC can result in exposure to public internet traffic, increasing the risk of unauthorized access and potential data breaches.

Code Example

resource "alicloud_mongodb_instance" "example" {
  ...
+  network_type = "VPC"
}

Remediation

Terraform

Resource: alicloud_mongodb_instance
Attribute: network_type

To mitigate this issue, ensure that the `network_type` attribute in the `alicloud_mongodb_instance` resource is set to `VPC`.

Example:

Rule Details

Field	Value
ID	IAC-0038
Severity	LOW
IaC Type	Terraform
Frameworks	Terraform
Checkov ID	CKV_ALI_41

References

Checkov Rule

Overview

SAST (Application Security)

SCA (Dependencies)

Secrets Detection

IaC Security

License Compliance

SAST Rules

IaC Rules

License Rules

Alibaba Cloud MongoDB is not deployed inside a VPC

Description

Code Example

Remediation

Rule Details

References

SAST Rules

IaC Rules

License Rules

Alibaba Cloud MongoDB is not deployed inside a VPC ​

Description ​

Code Example ​

Remediation ​

Rule Details ​

References ​

Alibaba Cloud MongoDB is not deployed inside a VPC

Description

Code Example

Remediation

Rule Details

References