- put the database in a virtual private cloud (VPC), an internal network
- setup a Virtual Private Network (VPN) also placed in the same VPC from which developers can connect to to access the internal network
- setup at least two MongoDB users, one `readWrite` user that can connect from the internal network and one administrative user that can only connect from localhost
- setup a key based SSH connection only accessible from the VPN to the MongoDB instance
- setup Security Groups (firewall) to lock all the unused ports and IP origins out
That way you'll need a VPN key, an SSH key and the MongoDB admin user's access to fully compromise the database.
- put the database in a virtual private cloud (VPC), an internal network
- setup a Virtual Private Network (VPN) also placed in the same VPC from which developers can connect to to access the internal network
- setup at least two MongoDB users, one `readWrite` user that can connect from the internal network and one administrative user that can only connect from localhost
- setup a key based SSH connection only accessible from the VPN to the MongoDB instance
- setup Security Groups (firewall) to lock all the unused ports and IP origins out
That way you'll need a VPN key, an SSH key and the MongoDB admin user's access to fully compromise the database.