Details
-
Improvement
-
Status: Done
-
Medium
-
Resolution: Fixed
-
None
-
None
-
Yes
-
Yes
-
Yes
-
[obsolete] Server Integrations
Description
User story:
When I creating a DB cluster I need to be able to specify the type of connection (internal/external) I need for the particular DB Cluster, so that access to the cluster is controlled
UI/UX:
? "Step2": Connection select/checkbox to let user set it external or internal 
TBD
Acceptance criteria
- The user is able to specify the type of the connection during the cluster creation process
- User is getting the type of connection he/she requested
- When looking at the list of Clusters user is able to see is this externally available or internal only DB cluster
- The default value for EKS/
GKSbased clusters should be "internal" - Documentation
- RN
- DbaaS usage documentation updated with an explanation about internal/external connections and differences with them
Out of scope:
- other operations
- other than specifying it during the creation and view on the list
- GKS is not yet supported/tested
Suggested implementation:
TBD
How to test:
TBD
Details:
TBD
Original report:
As a user creating a database and my Kubernetes orchestrator is one of the public cloud providers (EKS/GKS/etc), my database should not become world-public automatically but instead remain private by default or issue a public load balancer IP only if I request it. This could cause severe harm to my business if in inadvertently open up a system for world access with a weak account causing me to incur heavy processing/consumption costs.
Therefor if I'm a entirely on private infrastructure (including my K8s layer) I would have the option to make my DBaaS instance private to K8s (no external load-balanced IP) or public to my network. But if I'm found to be using public cloud for K8s, I would expect an additional option to make it public to the world but that option would be off by default.
