Creating and connecting to Amazon DocumentDB Cluster
Updated: Dec 5, 2022
In this post, lets see how we can create an Amazon DocumentDB cluster. Amazon DocumentDB (with MongoDB compatibility) is a NOSQL database claimed to be a fast, reliable and it is a fully managed database service from AWS.
Prerequisites for the lab:
You will need a personal or corporate Amazon AWS account
Access to AWS console to create and configure the cluster
Initial step before creating a cluster is to create a "Security Group" and then a "Subnet Group".
Creating a Security group:
Search for VPC and get into it.
Then click on "Security groups" and then click on "Create security group"
Give a custom name to your sg, and then choose a VPC you want to use. Leave it default for Lab purposes. Now, we have to give an Inbound rule as through which port and source the instance can be connected through.
Once adding the Inbound rules, leave the Outbound rules to default for lab purpose. Final result should look something like below.
Creating a Subnet Group:
Before we create the DocumentDB cluster, we have to create a Subnet Group. So, first lets search for the DocumentDB service and go to the Dashboard.
Now, click on the Subnet groups and click on "Create".
Give a custom name to your subnet group, in my case I choose to give "DocDBSubnetGroup". Now, choose the vpc from the drop down list and click on "list all the subnets related to this VPC".
This will load all the subnets and here I choose to remove the access to Public vpc, so I am removing the one which I have highlighted (You can find this from the vpc subnets where Public is marked as "yes").
Next click on "Create" and result looks like below.
Creating a DocumentDB Cluster:
Now that we are ready to create the cluster. Lets go back to dashboard >> clusters and click on "Create".
Choose the instance class as "free trial eligible". You should consult your architect if you are opting to create a cluster for your business use case. I am keeping the instance number as "1" for Lab purpose.
Remember to note down the password you are creating as Admin.
In the network settings, choose the VPC security groups which we had created for this lab.
Leave rest all as default for Lab purpose and you can choose to customize as you want based on your use case and requirement.
Then click on "Create cluster". Now you will see a page as shown below.
Done!!! Grab a cup of coffee or water allowing some time for Amazon to create the cluster for you :)
Once the cluster is ready you should see the below screen.
Connecting to Amazon DocumentDB database:
Click on the "Cluster identifier", then you should see the connect string to get connected to the Database. Click on "Copy" to download the CA certs. ssh into the client box through CloudShell and download the certificate to access the instance from your client machine.
Once you execute, it will download the certificate.
Then you should be able to successfully connect to the instance as shown below.
Please note: If you are creating an instance for the first time, please note that you will have to create an AWS Cloud9 EC2 environment and the security group that is created should use the aws-cloud9-<environment name>. This way, you enable the Cloud9 environment to interact with your DocumentDB cluster.
After you create the Cloud9 environment, open the IDE and then set the below env variables and install the mongosh client as given below, echo -e "[mongodb-org-4.0] \nname=MongoDB Repository\nbaseurl=https://repo.mongodb.org/yum/amazon/2013.03/mongodb-org/4.0/x86_64/\ngpgcheck=1 \nenabled=1 \ngpgkey=https://www.mongodb.org/static/pgp/server-4.0.asc" | sudo tee /etc/yum.repos.d/mongodb-org-4.0.repo sudo yum install -y mongodb-org-shell wget https://s3.amazonaws.com/rds-downloads/rds-combined-ca-bundle.pem mongo --ssl --host docdb-2022-12-05-04-20-20.cx0t7bu8bkss.ap-southeast-2.docdb.amazonaws.com:27017 --sslCAFile rds-combined-ca-bundle.pem --username adminuser --password <insertYourPassword>
Hope this post was helpful.