From an infosec perspective, as long as the queries are encrypted (with proper TLS verification), that angle is covered (though there are other considerations about data sovereignity etc.).

In terms of response time, that's something you'd need to benchmark for your application - though, given most DBaaSes run in the same major cloud providers are your application, it'll either be the same region or go cross-region via their private backbone, so the latency delta should be manageable. Of course if your app is particularly latency-sensitive for the DB that won't work.

If you’re using TLS what is the concern? I’d be more worried about Internet data transfer costs than that. Latency might be a concern but it’s going to be very dependent on use case.

It's not encryption but the fact database could be siphoned off by just stealing the credentials and possibly getting one of your IPs whitelisted. If it's inside the network, they have to establish a bridgehead and maintain it which is in theory, more difficult and higher risk of detection.

From latency perspective, not really. As someone who used redislabs at a previous company, the requests got routed through the Private Network proxy (whatever AWS calls it) which minimizes any networking overhead.

I’ve seen entirely AWS workloads that still routed traffic out to the internet and back in.

Devs running infrastructure is always an interesting experience.

pretty hard to miss this in surprise billing.

You might be surprised at what companies will let slip through when the AWS bill is in the millions $/month.

true. congress should do something about egress gouging, it’s insane.