We have a scheduled process which starts up a GCE instance with both an internal and external IP address. This runs a script which:

• uses the Mongo API to get the id of the latest snapshot
• uses the Mongo API to create a restore job with HTTP delivery
• downloads the backup and perform some verification processes on the backup.

Currently Mongo Cloud only allows access to the Mongo API and the HTTPS download over the public Internet. This requires adding Google Cloud IP addresses to both the API key IP Access List and the Network Access IP Access List. It also incurs costs at our end for external IP addresses or Cloud NAT and (presumably) at the Mongo end for Internet egress.

In contrast, our GCE hosted application is able to access our database in Mongo Cloud over a VPC, which is simpler, more secure and probably cheaper and more reliable.

My suggestion for improving the platform is that Mongo Atlas API and restored snapshot HTTP delivery should be possible over VPC as well as over the public Internet.

Thanks,

Christopher Hoskin