All Products
Search
Document Center

Cloud Config:polardb-public-access-check

Last Updated:Jun 10, 2026

Checks whether a PolarDB cluster IP whitelist contains 0.0.0.0/0, which allows access from all CIDR blocks.

Scenario

Adding 0.0.0.0/0 to a PolarDB cluster IP whitelist allows access from all CIDR blocks, posing significant security risks. Add this entry with caution.

Risk level

Default risk level: high.

You can change the risk level when you apply this rule.

Compliance evaluation logic

  • If 0.0.0.0/0 is not in the IP whitelist of the PolarDB cluster, the configuration is compliant.
  • If 0.0.0.0/0 is in the IP whitelist of the PolarDB cluster, the configuration is non-compliant. Correct this by following the Non-compliance remediation steps.

Rule details

Item Description
Rule name polardb-public-access-check
Rule ID polardb-public-access-check
Tag PolarDB and VPC
Automatic remediation Not supported
Trigger type Configuration change
Supported resource type PolarDB cluster
Input parameter None

Non-compliance remediation

Delete 0.0.0.0/0 from the IP whitelist of the PolarDB cluster. For more information, see Configure an IP whitelist.