This topic describes how to configure a whitelist for an ApsaraDB for MongoDB standalone instance. Only the devices whose IP addresses are added to the whitelists of the instance are allowed to access the instance. The default whitelist only contains the IP address, which indicates that no devices can connect to the instance. Proper configuration of whitelists can enhance access security of ApsaraDB for MongoDB. We recommend that you maintain your whitelists on a regular basis.


  1. Log on to the ApsaraDB for MongoDB console.
  2. In the upper-left corner of the page, select the resource group and region to which the instance belongs.
  3. In the left-side navigation pane, click Replica set instances.
  4. On the page that appears, find the instance that you want to manage and click its ID.
  5. In the left-side navigation pane, choose Data Security > Whitelist Settings.
  6. In the Create Whitelist section, select one of the following methods to configure a whitelist for the instance.
    • Manually add a whitelist
      • The IP addresses can be in the following formats:
        • A single IP address. Example:
        • One or more CIDR blocks. Example: 24 indicates that the prefix of the CIDR block is 24 bits in length. You can replace 24 with a value within the range of 1 to 32.
      • Multiple IP addresses. Separate multiple IP addresses with commas (,).
      • If the value is or empty, the ApsaraDB for MongoDB instance can be accessed by all IP addresses. In this situation, the database is at high security risk.
      1. Click More icon in the Actions column and select Manually Modify.
      2. In the Manually Modify panel, enter an IP address or CIDR block in the IP Whitelist text box.
      3. Click OK.
    • Load IP addresses of ECS instances
      1. Click More icon in the Actions column and select Import ECS Intranet IP.
      2. In the IP Whitelist of the Import ECS Intranet IP panel, select the ECS internal IP address to be added.
      3. Click Add icon.
      4. Click OK.