Alibaba Cloud MongoDB does not have transparent data encryption enabled
Description
Transparent Data Encryption (TDE) for your Alibaba Cloud MongoDB instance helps safeguard your data from unauthorized access or tampering. TDE encrypts data as it is written to disk and transparently decrypts it when accessed. By enabling TDE, you ensure that only authorized users with the correct keys can access and decrypt the data, providing robust protection for data at rest.
Code Example
go
resource "alicloud_mongodb_instance" "example" {
...
+ tde_status = "enabled"
}Remediation
Terraform
- Resource: alicloud_mongodb_instance
- Arguments: tde_status
To mitigate this issue, ensure the `tde_status` attribute in the `alicloud_mongodb_instance` resource is set to `enabled`.
Example:
Rule Details
| Field | Value |
|---|---|
| ID | IAC-0041 |
| Severity | LOW |
| IaC Type | Terraform |
| Frameworks | Terraform |
| Checkov ID | CKV_ALI_44 |