Alibaba Cloud Mongodb instance does not use SSL
Description
This policy ensures that MongoDB instances in Alibaba Cloud are configured to use SSL (Secure Sockets Layer). Enforcing SSL helps in securing communication between the clients and the database server by encrypting the data transmitted over the network. This ensures data privacy and security, protecting sensitive information from being intercepted during transmission.
Failing to enable SSL can result in unencrypted data transmission, making it vulnerable to eavesdropping and potential data breaches.
Code Example
go
resource "alicloud_mongodb_instance" "example" {
...
+ ssl_action = "Open"
}Remediation
Terraform
- Resource: alicloud_mongodb_instance
- Attribute: ssl_action
To mitigate this issue, ensure that the `ssl_action` attribute in the `alicloud_mongodb_instance` resource is set to `Open` or `Update`.
Example:
Rule Details
| Field | Value |
|---|---|
| ID | IAC-0039 |
| Severity | LOW |
| IaC Type | Terraform |
| Frameworks | Terraform |
| Checkov ID | CKV_ALI_42 |