As part of zero-trust focus, InfoSec and Risk teams pay extra attention to data exfiltration threat vectors, including both when it comes to how service providers manage their data, and how to control & manage insider risk exposure through their employees. Solutions to a number of those requirements manifest in the form of network security controls, especially for egress. With regard to database clusters, restricting clusters to access only specific resources for things like backup-restore, publishing real-time change events, or sending observability data can be challenging.