Currently the Network access list admits to add IP addresses to allow connections from. However, we are using Private Endpoints to connect to our clusters; from Google Cloud we cannot add rules to PSC in the firewall, so this means that being in our VPN all devices internally has access to our mongo databases.

How can we prevent access from any place in our company to our databases. This is a huge security risk.