I have a backend hosted on AWS that is used for my twitch extension. The mongodb is running on an EC2 Instance, and I use it to make API calls to store things in the database running on the ec2 instance.
I want to improve the security of this DB by whitelisting ‘twitch.tv’ on AWS as in the security groups, as a source IP to enter my database port xxxx. Are these the normal steps one would go through to secure their db?
I’m open up to discussion on this, since I am currently in effort to increase the security.