All Products
Search

This Product

    ApsaraDB for MongoDB:Configure an IP address whitelist

    Document Center

    ApsaraDB for MongoDB:Configure an IP address whitelist

    Last Updated:Jan 20, 2025

    After an ApsaraDB for MongoDB instance is created, you must configure an IP address whitelist or a security group for the instance to allow external devices to access the instance. The default IP address whitelist contains only the IP address 127.0.0.1, which indicates that no devices are permitted to access the ApsaraDB for MongoDB instance. This topic describes how to configure an IP address whitelist.

    Background information

    • Before you use an ApsaraDB for MongoDB instance for the first time, you must configure an IP address whitelist for the instance. After the IP address whitelist is configured, the endpoints of the instance are displayed on the Basic Information and Database Connections pages of the instance.

    • IP address whitelists secure your ApsaraDB for MongoDB instances. We recommend that you maintain the IP address whitelists on a regular basis.

    Procedure

    1. Go to the Replica Set Instances or Sharded Cluster Instances page. In the top navigation bar, select the region in which the instance resides and the resource group to which the instance belongs. Then, find the instance and click the ID of the instance.

    2. In the left-side navigation pane of the page that appears, choose Data Security > Whitelist Settings.

    3. Click Create Whitelist.

    4. In the Create Whitelist panel, configure the following information.

      1. Enter an IP address whitelist name based on the following naming rules.

        Naming rules of IP address whitelists:

        • The name can contain lowercase letters, digits, and underscores (_). The name must start with a lowercase letter and end with a lowercase letter or digit.

        • The name is 2 to 32 characters in length.

      2. Click the IPv4 or IPv6 tab based on the IP address type.

        Note

        IPv6 is supported only by instances that run MongoDB 4.2.

      3. In the IP Whitelist field, add an IP address.

        IPv4

        Separate multiple IP addresses or Classless Inter-Domain Routing (CIDR) blocks with commas (,). A maximum of 1,000 different IP addresses or CIDR blocks can be added.

        The IP addresses can be specified in following formats:

        • Individual IP addresses. Example: 10.23.12.24.

        • CIDR blocks. Example: 10.23.12.24/24. 24 indicates that the prefix of the CIDR block is 24 bits in length. You can replace 24 with a value within the range of 1 to 32.

          Note

          If the IP address whitelist contains only 0.0.0.0/0 or is empty, all IP addresses can access the ApsaraDB for MongoDB instance. This may cause security risks to the instance. Proceed with caution.

        IPv6

        You must separate multiple IP addresses with commas (,). A maximum of 1,000 different IP addresses can be added.

    5. Click OK.

    Related tasks

    Delete an IP address whitelist