I was able to connect to my DocumentDB cluster from localhost using a ssh tunnel into an E2 instance.
I was wondering: why can't I add a rule in DocumentDb's security group for tcp port 27017 and source my static IP address? This works for a RDS MySQL database but not for DocumentDB. Why?
Is creating a ssh tunnel into an ec2 instance the only way to access DocumentDB from localhost?
