To ensure the security and stability of databases, no devices can access ApsaraDB for MongoDB instances by default. The default IP address of these instances is 127.0.0.1. Before using an ApsaraDB for MongoDB instance, you must configure a whitelist to allow access from external devices. Proper whitelist configurations enhance the access security of ApsaraDB for MongoDB instances. We recommend that you maintain your whitelists regularly.
Prerequisites
You have successfully created an instance by following steps mentioned in Getting Started.
The instance status is Running.
Procedure
The following steps describe how to modify the default whitelist group of an instance. For more information about how to create another whitelist group or configure a security group, see Configure an IP addresswhitelist or an ECS security group for an instance.
Go to the Replica Set Instances or Sharded Cluster Instances page. In the top navigation bar, select the resource group and region to which the desired instance belongs. Then, find the instance and click the instance ID.
In the left-side navigation pane of the instance details page, choose .
In the Whitelist Settings section, select one of the following methods to modify the whitelist for the instance:
Manually modify a whitelist
Find the whitelist that you want to manage and click Modify in the Actions column.
In the IP Whitelist field of the Manually Modify panel, enter an IP address or a CIDR block.
An IP address or a CIDR block can be specified in one of the following formats:
A single IP address. Example: 10.23.12.24.
0.0.0.0/0
WarningIf you specify only 0.0.0.0/0 in a whitelist, the instance can be accessed by all IP addresses. This exposes instance databases to high security risks. Exercise caution when you specify only this IP address in a whitelist.
A CIDR block. For more information about CIDR blocks, see FAQ. Example: 10.23.12.24/24. 24 indicates that the prefix of the CIDR block is 24 bits in length. You can replace 24 with a value within the range of 1 to 32.
Separate multiple IP addresses with commas (,).
Click OK.
Load the internal IP addresses of ECS instances
Find the whitelist that you want to manage and click Add Internal IP Addresses of ECS Instances in the Actions column.
In IP Whitelist of the Import ECS Intranet IP panel, select the ECS internal IP address to be added.
Click
.
Click OK.