My app uses custom generated data that is stored in my DB and is then served to the visitors. That’s handled by a Nginx webserver on one droplet (D1) and a MongoDB on another droplet (D2). To push new data into the DB, I’m running a Python script on a 3rd droplet (D3), and I’m not sure how best to set up the Cloud Firewall for it.
Basically, the Python script calls a 3rd party API, gets the data from it, generates the output and writes it to the MongoDB in D2. So to configure the Cloud FW rules for D3, I think I need: Incoming: -SSH on port 22: all -TCP from D2 (MongoDB) Private IP <—do I need this? I do query the DB before writing new data -How do I handle the 3rd party API incoming data?
Outgoing: -ICMP/TCP/UDP to D2
Does this look reasonable and what should I do regarding the API data calls?
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.