The net.bindIp setting in MongoDB (see: https://www.mongodb.com/docs/manual/reference/configuration-options/#mongodb-setting-net.bindIp),
whether on the command line, e.g.: mongod --bind_ip x.x.x.x or in the mongod.conf file, e.g.:
# network interfaces
net:
port: 27017
# bindIp: 127.0.0.1 # Enter 0.0.0.0,:: to bind to all IPv4 and IPv6 addresses or, alternatively, use the net.bindIpAll setting.
bindIp: 172.31.11.200,127.0.0.1
specifies the local server network interface to listen to, NOT internet-originated inbound IP addresses. If you change the default to listen to an external interface or a private-public bridge such as an AWS private IP, then any filtering must be done at the host level via IPTables or nftables or (better) at the security group firewall level. But once the bindIp is changed to an external network interface, all traffic allowed through the host- or network-level firewall will be able to reach the server.
The default configuration since the version 3.6 days circa 2017 (and earlier in the official MongoDB repos) have defaulted to strictly listen on loopback for this reason.
Sometimes, admins are confused and try to add "whitelisted" IPs (e.g., for web servers) to the bindIp list and are confused when the database won't start. It won't start because those IP addresses are (almost certainly) not properties of the database server.
Contrary to very highly rated Stack Overflow answers, it does NOT matter if the addresses have spaces or not or if they are quoted or not.
All of these are valid choices for an EC2 server that has 172.31.11.200 as its private IP:
# network interfaces
net:
port: 27017
bindIp: 172.31.11.200,127.0.0.1
bindIp: 172.31.11.200, 127.0.0.1
bindIp: "172.31.11.200,127.0.0.1"
bindIp: "172.31.11.200, 127.0.0.1"
Brackets however are NOT allowed. This is an invalid configuration and will prevent the database from starting:
# network interfaces
net:
port: 27017
bindIp: [172.31.11.200,127.0.0.1]
Hope this saves someone time in troubleshooting the DenverCoder9 problem.