Hi team, I am currently using SST and my DB is MongoDB Atlas. I followed this tutorial to set it up: https://serverless-stack.com/examples/how-to-use-mongodb-atlas-in-your-serverless-app.html Under one of the steps for network access, it says "For now we’ll use the Allow Access From Anywhere option." which allows any IP to access the DB. This is fine for a dev environment, but for a production setup, we need to whitelist only the required IPs right? So only connections from my defined Lambda handlers should be allowed. How do we achieve this? Appreciate any suggestions or guidance here, thanks!

I don’t think you can use IP whitelisting while using the API Gateway with Lambdas. Another approach you could take is VPC peering. Check out their docs about this here - https://www.mongodb.com/docs/atlas/security-vpc-peering/ or you could also try working with private endpoint using AWS PrivateLink, check out some relevant docs here - https://www.mongodb.com/docs/atlas/security-private-endpoint/ Hoping this helps!

Actually, if you deploy the Lambda functions into private subnets of a VPC and use a NAT gateway, you can attach a static IP to the NAT. And any request going out from the Lambda functions will appear to have that IP.

Thanks @Ashishkumar Pandey !