fix(rdb): ssh bastion connection (#4874)

ldecarvalho-doc · web-flow · commit 29b9ef9e1fb6 · 2025-04-24T14:59:56.000+02:00
diff --git a/macros/databases/ssh-bastion-mdb.mdx b/macros/databases/ssh-bastion-mdb.mdx
@@ -0,0 +1,21 @@
+---
+macro: ssh-bastion-mdb
+---
+
+<Message type="note">
+Managed MongoDB® is currently not compatible with the [Static NAT](/public-gateways/concepts/#nat) feature of [Scaleway Public Gateways](/public-gateways/concepts/#public-gateway). Instead, you can use Public Gateways' [SSH bastion](/public-gateways/how-to/use-ssh-bastion/) feature and perform port forwarding. Follow the steps below to connect using SSH bastion.
+</Message>
+
+If you want to connect locally to a Database Instance that is not accessible via the public internet, you can use SSH Bastion and connect it to the same Private Network the Database Instance is connected to.
+
+1. Open an SSH tunnel with port forwarding:
+
+    ```
+    ssh -L local_port:instance_id.network_id.internal:27017 bastion@gatewayIP -p 61000 -N
+    ```
+
+2. Connect using `mongosh`:
+
+    ```
+    mongosh --host localhost --port local_port --username "username"
+    ```
diff --git a/macros/databases/ssh-bastion.mdx b/macros/databases/ssh-bastion.mdx
@@ -0,0 +1,21 @@
+---
+macro: ssh-bastion
+---
+
+<Message type="important">
+Managed Databases for PostgreSQL and MySQL are currently not compatible with the [Static NAT](/public-gateways/concepts/#nat) feature of [Scaleway Public Gateways](/public-gateways/concepts/#public-gateway). Instead, you can use Public Gateways' [SSH bastion](/public-gateways/how-to/use-ssh-bastion/) feature and perform port forwarding. Follow the steps below to connect using SSH bastion.
+</Message>
+
+If you want to connect locally to a Database Instance that is not accessible via the public internet, you can use SSH bastion and connect it to the same Private Network the Database Instance is connected to.
+
+1. Open an SSH tunnel with port forwarding:
+
+    ```
+    ssh -L <local_port>:<database_private_ip>:<database_port> bastion@<bastion_ip> -p<bastion_port> -N
+    ```
+
+2. Connect using `psql`:
+
+    ```
+    psql -h localhost --port <local_port> -d <database> -U <user>
+    ```
diff --git a/menu/navigation.json b/menu/navigation.json
@@ -2209,6 +2209,10 @@
                     "label": "Connect to a Database Instance",
                     "slug": "connect-database-instance"
                   },
+                  {
+                    "label": "Connect a Database Instance to a Private Network",
+                    "slug": "connect-database-private-network"
+                  },
                   {
                     "label": "Create a database",
                     "slug": "add-a-database"
@@ -2281,10 +2285,6 @@
                     "label": "Apply scheduled maintenance",
                     "slug": "apply-maintenance"
                   },
-                  {
-                    "label": "Connect a Database Instance to a Private Network",
-                    "slug": "connect-database-private-network"
-                  },
                   {
                     "label": "Remove a public endpoint",
                     "slug": "remove-public-endpoint"
@@ -2475,6 +2475,10 @@
                 "label": "Quickstart",
                 "slug": "quickstart"
               },
+              {
+                "label": "FAQ",
+                "slug": "faq"
+              },
               {
                 "items": [
                   {
diff --git a/pages/managed-databases-for-postgresql-and-mysql/faq.mdx b/pages/managed-databases-for-postgresql-and-mysql/faq.mdx
@@ -143,4 +143,8 @@ Quotas exist to protect Scaleway from abuse, and to protect your Scaleway resour
 
 When it comes to automatic data preservation, however, Scaleway prioritizes the resilience of your data. Therefore, if a Database Instance has autobackup set up, even if the quota is exceeded, the backup or snapshot will still be automatically created.
 
-You can monitor your [quotas](https://console.scaleway.com/organization/quotas), backups and snapshots via the Scaleway console or the API.
+You can monitor your [quotas](https://console.scaleway.com/organization/quotas), backups and snapshots via the Scaleway console or the API.
+
+## How can I connect to a Database Instance in a Private Network using Public Gateways?
+
+<Macro id="ssh-bastion" />
diff --git a/pages/managed-databases-for-postgresql-and-mysql/how-to/connect-database-private-network.mdx b/pages/managed-databases-for-postgresql-and-mysql/how-to/connect-database-private-network.mdx
@@ -57,11 +57,9 @@ You can create new Database Instances to attach to your Private Network, or atta
     </Message>
 6. Click **Attach to Private Network** to conclude.
 
-<Message type="important">
-Managed Databases for PostgreSQL and MySQL are currently not compatible with the [Static NAT](/public-gateways/concepts/#nat) feature of [Scaleway Public Gateways](/public-gateways/concepts/#public-gateway).
+## How to connect to a Database Instance through a Public Gateway
 
-You can use Public Gateways in [SSH bastion](/public-gateways/how-to/use-ssh-bastion/) mode and perform port forwarding.
-</Message>
+<Macro id="ssh-bastion" />
 
 ## How to detach a Database Instance from a Private Network
 
diff --git a/pages/managed-mongodb-databases/faq.mdx b/pages/managed-mongodb-databases/faq.mdx
@@ -0,0 +1,15 @@
+---
+meta:
+  title: Managed MongoDB® FAQ
+  description: Learn about Managed MongoDB® and how to get started with your MongoDB® Database Instances.
+content:
+  h1: Managed MongoDB® FAQ
+dates:
+  validation: 2025-01-29
+category: managed-databases
+productIcon: MongoDBProductIcon
+---
+
+## How can I connect to a Database Instance in a Private Network using Public Gateways?
+
+<Macro id="ssh-bastion-mdb" />
diff --git a/pages/managed-mongodb-databases/how-to/connect-database-private-network.mdx b/pages/managed-mongodb-databases/how-to/connect-database-private-network.mdx
@@ -48,14 +48,14 @@ You can [create new Database Instances](/managed-mongodb-databases/how-to/create
         </Message>
 6. Click **Attach to Private Network** to conclude.
 
-<Message type="note">
-Managed MongoDB® is currently not compatible with the [Static NAT](/public-gateways/concepts/#nat) feature of [Scaleway Public Gateways](/public-gateways/concepts/#public-gateway). You can use Public Gateways in [SSH bastion](/public-gateways/how-to/use-ssh-bastion/) mode and perform port forwarding.
-</Message>
-
 <Message type="tip">
 Once you have attached your Database Instance to a Private Network, you can [connect to the Database Instance](/managed-mongodb-databases/how-to/connect-database-instance) using the private endpoint connection string.
 </Message>
 
+## How to connect to a Database Instance through a Public Gateway
+
+<Macro id="ssh-bastion-mdb" />
+
 ## How to detach a Database Instance from a Private Network
 
 1. Click **MongoDB®** under **Managed Databases** on the side menu. A list of your Database Instances displays.
