After an ApsaraDB for MongoDB instance is created, you must configure an IP address whitelist or a security group for the instance to allow external devices to access the instance. The default whitelist contains only the IP address 127.0.0.1, which indicates that no devices are permitted to access the ApsaraDB for MongoDB instance. This topic describes how to configure a whitelist.

Background information

  • Before you use an ApsaraDB for MongoDB instance for the first time, you must configure a whitelist for the instance. After you configure the whitelist, the endpoints of the instance appear on the Basic Information and Database Connections pages.
  • Whitelists secure your ApsaraDB for MongoDB instances. We recommend that you maintain the whitelists on a regular basis.

Procedure

  1. Log on to the ApsaraDB for MongoDB console.
  2. In the upper-left corner of the page, select the resource group and region to which the instance belongs.
  3. In the left-side navigation pane, click Replica Set Instances or Sharded Cluster Instances based on the instance type.
  4. Click the ID of an instance, or click More icon in the Actions column corresponding to the instance and select Manage.
  5. In the left-side navigation pane of the instance details page, choose Data Security > Whitelist Settings.
  6. Click Create Whitelist.
  7. In the Create Whitelist panel, specify a valid whitelist name. Click the IPv4 or IPv6 tab based on the IP address type and specify IP addresses in the IP Whitelist box.
    • Naming rules of whitelists:
      • The name can contain lowercase letters, digits, and underscores (_). The name must start with a lowercase letter and end with a lowercase letter or digit.
      • The name must be 2 to 32 characters in length.
    • IP addresses
      • IPv4: Separate multiple IP addresses or Classless Inter-Domain Routing (CIDR) blocks with commas (,). A maximum of 1,000 different IP addresses or CIDR blocks can be added.
        The IP addresses can be specified in the following formats:
        • Individual IP addresses. Example: 10.23.12.24.
        • CIDR blocks. Example: 10.23.12.24/24. 24 indicates that the prefix of the CIDR block is 24 bits in length. You can replace 24 with a value within the range of 1 to 32.
          Note If the whitelist contains only 0.0.0.0/0 or is empty, all IP addresses can access the ApsaraDB for MongoDB instance. This may cause security risks to the instance. Proceed with caution.
      • You must separate multiple IP addresses with commas (,). A maximum of 1,000 different IP addresses can be added.
  8. Click OK.