-
Type: Task
-
Resolution: Fixed
-
Priority: Major - P3
-
None
-
Affects Version/s: None
-
Component/s: Atlas
-
Labels:None
Description
The current documentation on Network and Firewall Requirements is very limited, consisting of:
"If you use a whitelist on your firewall for network ports, open ports 27015 to 27017 to TCP and UDP traffic on Atlas hosts. This grants your applications access to databases stored on Atlas."
It would be helpful to include information on how to get information on the Atlas hosts, as well as how to support new cluster hosts. The Atlas Networking section of the Atlas Security FAQ contains some helpful information, such as:
- If customers need to configure their application-side networks to accept Atlas traffic, we recommend using the Atlas API clusters-get-all method to retrieve mongoURI or the processes-get-all method to retrieve hostname results containing cluster hostnames (mongo-shard-00-00.mongodb.net, mongo-shard-00-01.mongodb.net etc). These hostname values can be parsed and the IPs programmatically fed into customers' app-tier orchestration automation, including pushing firewall updates.