DOCSP-20844 add troubleshoot info (#232)

kanchana-mongodb · web-flow · commit 11ab6c0332b3 · 2022-03-04T10:40:48.000-08:00
* DOCSP-20844 add troubleshoot info * DOCSP-20844 updates for feedback * DOCSP-20844 updates for review feedback
diff --git a/source/includes/steps-add-existing-privatelink.yaml b/source/includes/steps-add-existing-privatelink.yaml
@@ -55,4 +55,5 @@ ref: click-confirm
 level: 4
 stepnum: 0
 title: "Click :guilabel:`Confirm` to add the existing private endpoint."
+
 ...
diff --git a/source/includes/steps-create-new-privatelink.yaml b/source/includes/steps-create-new-privatelink.yaml
@@ -123,5 +123,62 @@ ref: finish-private-endpoint-aws
 level: 5
 stepnum: 0
 title: "Click :guilabel:`Finish endpoint creation`."
+---
+ref: resource-aws-security-group
+level: 5
+stepnum: 0
+title: "Configure your resources' security groups to send traffic to 
+       and receive traffic from the :term:`interface endpoint`." 
+content: |
+
+  For each resource that needs to connect to your {+dl+} using 
+  {+aws-pl+}, the resource's security group must allow outbound 
+  traffic to the :term:`interface endpoint's <interface endpoint>` 
+  private IP(s) on all ports.
+
+  See :aws:`Adding Rules to a Security Group </AWSEC2/latest/UserGuide/ec2-security-groups.html#adding-security-group-rule>`
+  for more information.
+
+---
+title: "Create a security group for your interface endpoint to allow 
+       resources to access it."
+ref: attach-aws-security-group
+level: 4
+stepnum: 0
+content: |
+
+  This security group must allow inbound traffic on all ports from each 
+  resource that needs to connect to your {+dl+} using {+aws-pl+}:
 
+  a. In the |aws| console, navigate to the :guilabel:`VPC Dashboard`. 
+  
+  #. Click :guilabel:`Security Groups`, then click 
+     :guilabel:`Create security group`.
+
+  #. Use the wizard to create a security group. Make sure you select 
+     your VPC from the :guilabel:`VPC` list.
+
+  #. Select the security group you just created, then click the 
+     :guilabel:`Inbound Rules` tab.
+
+  #. Click :guilabel:`Edit Rules`.
+
+  #. Add rules to allow all inbound traffic from each resource in your
+     VPC that you want to connect to your {+dl+}.
+
+  #. Click :guilabel:`Save Rules`.
+
+  #. Click :guilabel:`Endpoints`, then click the endpoint for your
+     VPC.
+
+  #. Click the :guilabel:`Security Groups` tab, then click 
+     :guilabel:`Edit Security Groups`.
+
+  #. Add the security group you just created, then click 
+     :guilabel:`Save`.
+
+  To learn more about :aws:`VPC security groups 
+  </vpc/latest/userguide/VPC_SecurityGroups.html>`, see the |aws| 
+  documentation.
+  
 ...
