Long story short: Connecting to mongo atlas, and trying to whitelist the smallest ip range possible.
VPC peering won't work as the Mongo cluster is hosted in AWS, and it's just a Mongo Atlas limitation. Also, some of our mongo clusters are M5 (or lower), and they don't support VPC Peering.
That being said, I'm not sure what the public/external ip of my pods will be, when they attempt to connect to Mongo. If not narrowing the outbound ip range as much as possible, what other options exist.
The GKE cluster is not private, and it's autopilot
Found these two articles that shows how you can route egress traffic to a single IP that can be used for whitelisting your GKE from Mongo Atlas:
Route the GKE cluster's egress traffic via Cloud NAT
or
Route your Public GKE cluster’s egress traffic via NAT instances
Unfortunately, both of these options only work for Non Autopilot GKEs. For routing the GKE cluster's egress traffic via Cloud NAT, the desired networking behavior is currently not supported by public Autopilot GKE clusters. The cluster's IP masquerade configuration is not configured to perform SNAT within the cluster for packets sent from Pods to the internet. Currently, there isn't a way to configure the IP masquerade agent to not masquerade the pod range when reaching out to the internet in Autopilot clusters. As a result, pod egress traffic in public Autopilot GKE clusters will be using the node's external IP.
So to move forward with Cloud NAT it's either: