So I am in the process of planning my setup and reading up on things to get started. One of the things I was going to do was/is use iptables to restrict communication between an LB server and the one or more API servers I would be running. Seems fair I think.

Then I got to thinking about how I would be using iptables on the database servers, and I thought this isn't really going to be feasible to update the iptables on all the database servers I have when, or if, I need to spin up a new API server.

So I was wondering if anyone had any tips when is comes to this type of firewalling problem or is it just a case of following the provided security tips from the relevant DB providers?

Just as a note I would using a MySQL, MongoDB and possible a Redis box.