DNS
In much the same way that Amazon RDS has a public/private setting, could you add a setting to Atlas that lets us make the DNS entries for our cluster resolve to their private IPs all the time instead of just inside a VPC?
This would improve security by routing our connection through a VPN into a VPC that has a peering connection with Atlas' VPC. To accomplish this now, one must to find the private IPs of a cluster and create local, manual DNS entries in a router or on a machine.
Dylan
shared this idea
-
As an update, there is now an Atlas Project-level setting to enable this concept on AWS (on GCP and Azure it's there automatically whenever you use peering).
-
Hi Dylan,
Thank you for filing this: I am happy to share that we're currently working on the finishing touches of a long-running project to enable a bunch of new options.
Specifically, it will soon be possible in the Atlas Project Settings to enable a second connection string for use on AWS that will resolve to private IP where you cannot take advantage of AWS's built in split-horizon DNS across peering connections as you've described.
Note for completeness that this same project will enable our Azure and GCP customers to leverage public IP access concurrently to leveraging peering, which is something that hasn't been possible on Atlas on those platforms while using peering thus far.
We expect this capability to go live in the next two weeks
Cheers
-Andrew
