Terraform Nsg Mongodb Public Access
Description
Detects Azure Network Security Group (NSG) rules that allow unrestricted public access to MongoDB ports (27017). This represents a security risk as it could allow unauthorized access to MongoDB databases from any source IP address.
Detection Strategy
• Identifies Network Security Group resource blocks in Terraform configuration files
• Examines security rules within the NSG for MongoDB port (27017) configurations
• Reports a vulnerability when a rule allows inbound traffic to port 27017 from any source ('*' or '0.0.0.0/0')
• Checks if the rule's 'access' property is set to 'Allow' and 'direction' is set to 'Inbound'
Vulnerable code example
resource "azurerm_network_security_group" "example" {
name = "mongo-nsg"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
security_rule { # Vulnerable: allows MongoDB port 27017 access from any IP (*)
name = "MongoDB"
priority = 100...✅ Secure code example
resource "azurerm_network_security_group" "example" {
name = "mongo-nsg"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
security_rule {
name = "MongoDB"
priority = 100...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.