Access Mongo database of AWS EC2 instance from your local machine using MongoDB Compass
MongoDB is the one of most adopted Non-relational databases nowadays. Many organizations are migrating to it and seeking new methods to manage the flood of data and are drawn toward the alternate database management tools and systems that are different from the traditional relational database systems.
So, Here is my experience during the development and deployment of an application which uses MongoDB as a database.
During development a backend engineer needs a powerful GUI for querying, aggregating, and analyzing your MongoDB data in a visual environment. People have a choice among MongoDB Compass, robo 3t, Atlas, Etc. because after rising data size mongo Shell does not seem an easy tool.
Here we will go ahead with MongoDB compass, when we are at local environment, MongoDB can be connected at port 27017 at localhost
Connecting MongoDB Compass to AWS EC2 Instance
Before setting up a connection let me tell you why it’s challenging and needs some technical understanding in case of cloud database access.
One needs to have a primary knowledge about AWS cloud, How we setup a server there, How AWS security group Rule works, and why we can not just connect by hitting the public IP address of our EC2 instance at port 27017. To know all such things you need to spend some time to understand AWS first (you can read AWS cloud in my other blogs in detail) . Let me give a small idea of AWS cloud hosting which I feel is required to understand the connection process. suppose we are having server like Apache, Nginx and that servers are dealing with all web request and exposed with public ID, our actual backend server still runs on localhost of the EC2 instance , these server tools are kind of shield to our application, also we have security groups and roles which says that only allowed category can connect to the server , rest request won’t be considered. Generally we allow HTTP,HTTPS and SSH type of traffic only, which may expand according to the requirement.
What I tried as a beginner? Well, A beginners is an avoidant, maybe they know or not but still they adopt an easy path to see results, which is not the right way to get a job done. knowingly-unknowingly sometimes people compromise with security in a hurry of completing the task, in our case people just allow all the types of traffic in security rules to connect with MongoDB. What is the harm in this method? Even if you have a password protected database it is still approachable to the world and in case of false requests hitting and authenticating your database may be hung and diverted from the actual job.
We prefer SSH connection to connect with the database of our EC2 instance which is a secure and professionally accepted method,
if you are a Mac OS user or a Linux user !! your shell will provide you SSH connection facility
and if you are a window user, you need additional tools like putty, MobaXterm, Etc.
To connect to a remote MongoDB server running on AWS EC2 that only allows local connections you can use an SSH tunnel, also known as SSH port forwarding. An SSH tunnel creates a connection between a port on your local machine and an address + port on the server, and tunnels the data to the server over SSH on port 22 so it doesn’t get blocked by any firewalls or security groups (assuming SSH connections are allowed to the server). After the data reaches the SSH server it gets forwarded to the address + port you specified when you created the SSH tunnel. An important detail here is that the destination address + port are accessed from the context of the server, so localhost or 127.0.0.1 refer to the server machine on the destination side of the tunnel, not your local machine.
ssh -i ~/my-aws-key.pem -N -f -L 8000:localhost:27017 ubuntu@<public IP>
This SSH command will create a secure connection with AWS EC2 instance , you can access the cloud localhost:27017 at local port 8000
Connect MongoDB compass
Congratulations!! now you can access your cloud database and write query directly.
here we did not put any authentication for simplicity , anyway until you have your SSH key secure with you no one can access this.
when you done your job with database this is advised to kill the connection by closing shell window or “Enter ~”
If you find this article helpful please leave a comment, like and follow to motivate me for more technical articles.
Thank you
