This topic describes how to configure a whitelist for a sharded cluster instance after you create the instance. Only the devices whose IP addresses are added to the whitelists of the instance are allowed access to the instance. The default whitelist only contains the IP address 127.0.0.1, which indicates that no devices can connect to the instance.
- You must configure a whitelist upon the first use of an instance. After the whitelist is configured, the connection address of the instance is displayed on the Basic Information and Database Connection pages.
- Proper configuration of the whitelists can enhance access security of ApsaraDB for MongoDB. We recommend that you regularly maintain the whitelist.
- Log on to the ApsaraDB for MongoDB console.
- In the upper-left corner of the page, select the region where the target instance resides.
- In the left-side navigation pane, click Sharding Instances.
- Find the target instance and click its ID.
- In the left-side navigation pane, choose .
- Click the icon in the Operation column, and select Manually Modify or Import ECS Intranet IP.
- Click Manually Modify. In the dialog box that appears, enter an IP address or CIDR block, and click OK.
- Click Import ECS Intranet IP. In the dialog box that appears, the internal IP addresses of the ECS instances of your Alibaba Cloud account are displayed. You can select the desired IP addresses, add them to a whitelist, and click OK.
- If a whitelist contains more than one IP address, separate them with commas (,). Every
IP address in a whitelist must be unique. A whitelist can contain a maximum of 1,000
Supported formats include 0.0.0.0/0, 10.23.12.24 (single IP address), and 10.23.12.24/24. 10.23.12.24/24 is a CIDR notation (for more information, see CIDR blocks), in which the suffix /24 indicates the number of bits for the prefix of the IP address. The prefix consists of 1 to 32 bits.
- If the value is 0.0.0.0/0 or empty, the ApsaraDB for MongoDB instance can be accessed by all IP addresses. In this situation, the database is at high security risk.
Common connection scenarios
- Connect a local client to an ApsaraDB forMongoDB instance over the Internet
- How to connect an ECS instance to an ApsaraDB for MongoDB instance when their network types are different
- How to connect an ECS instance to an ApsaraDB for MongoDB instance when they are in different regions
- How to connect an ECS instance to an ApsaraDB for MongoDB instance when they do not belong to the same Alibaba Cloud account