# Using MongoDB Atlas on AWS

### Overview

* **MongoDB** has established itself as a leading **NoSQL** product over the years. It is widely used as a storage solution suitable for the modern web era, characterized by high traffic and large amounts of data, due to its superior sharding and scale-out capabilities compared to traditional **RDBMS** systems.
    
* Managing **MongoDB** requires considerable expertise and effort. For production-level deployment, it is recommended to use the `MongoDB Atlas` managed cloud serverless service offered by the manufacturer. This service automates most of the complex and challenging management tasks, such as scaling out in response to data growth, and provides a very convenient browser-based management **UI**. Especially since June 2019, the `MongoDB Atlas Full-Text Search` service has been available, which is highly recommended within the **MongoDB** ecosystem for focusing purely on full-text search without worrying about complex backend architecture. [\[Related Link\]](https://www.mongodb.com/blog/post/getting-started-with-mongodb-atlas-fulltext-search)
    

### Creating a MongoDB Atlas Cluster

* Creating a **MongoDB Atlas** cluster is intuitive through the web console. Below is an example of creating an **M10** cluster tier in the **AWS** cloud's **Seoul** region, recommended for development environments but with no scaling limitations later on.
    

```bash
MongoDB Atlas Console
# Deployment
→ Click [Database]
→ Click [Build a Database]
→ Click [Advanced Configuration Options]
→ Click [Dedicated]

# Global Cluster Configuration
→ Uncheck [Enable Global Writes]

# Deploy your database
→ Provider: Select [AWS]
→ Region: Select [Seoul]

# Cluster Tier
→ Tier: Select [M10] (2GB RAM, 10GB Storage, 2 vCPUs, from $0.10/hr)
→ Storage: Enter 10
→ Check [Cluster Tier Scaling]
→ Check [Allow cluster to be scaled down]
→ Minimum cluster size: Select [M10]
→ Maximum cluster size: Select [M30]
→ Check [Storage Scaling]

# Additional Settings
→ Select a Version: Choose [MongoDB 7.0]
→ Check [Turn on Cloud Backup]
→ Check [Continuous Cloud Backup]
→ Uncheck [Enable Business Intelligence Connector]

# Cluster Name
→ Cluster Name: Enter {db-name}
→ Click [Create Cluster]

# Security Quickstart
→ How would you like to authenticate your connection?: [Username and Password]
→ Username: {db-admin-username}
→ Password: {db-admin-password}
→ Click [Create User]
```

* The `M10` and `M20` cluster tiers are recommended for development environments.
    
* The `M30` tier and above are recommended for production environments with high traffic volumes. From this tier onwards, sharding is supported.
    
* Starting from **M10**, auto-scaling without downtime is supported, provided that **General** is selected during cluster tier selection. This feature automatically adjusts the cluster tier and storage capacity based on incoming traffic.
    
* From **M10** onwards, clusters are configured as replica sets by default, which can be upgraded to shards during operation. Note that upgrading to shards requires a minimum tier upgrade to **M30**, and once converted to shards, downgrading to tiers below **M30** is not possible.
    
* Starting from **M10**, **VPC Peering** is supported, allowing the application's **VPC** and **MongoDB Atlas** to be treated as the same internal network. This enables pure internal communication without going through the external internet.
    

### Creating an Amazon VPC Peering Connection

* **MongoDB Atlas** is a managed service that offers public connections, but it's possible to place it alongside an application within an isolated internal network by creating a **VPC Peering Connection** with a privately configured **Amazon VPC**. This can significantly enhance security by preventing unauthorized access to sensitive data. The method to create a **VPC** Peering Connection is as follows:
    

```bash
AWS VPC Console
→ Click [VPC]
→ Select the existing private VPC for which you want to create a peering connection
→ [Edit VPC settings] → Check [Enable DNS hostnames] → Check [Enable DNS resolution] → Click [Save]
(Remember the owner ID of this VPC: 111111111111)
(Remember the ID of this VPC: vpc-11111111111111111)
(Remember the CIDR of this VPC: 10.0.0.0/16)
```

* Next, create a peering connection request on **MongoDB Atlas** as follows:
    

```bash
MongoDB Atlas Console
→ Click [Atlas] → Click [Network Access] → Click [Peering]
→ Click [Add Peering Connection]

# Peering Connection
→ Cloud Provider: Select [AWS] → Click [Next]

# Your Application VPC
→ Account ID: Enter 111111111111 (the remembered owner ID of the VPC)
→ VPC ID: Enter vpc-11111111111111111 (the remembered ID of the VPC)
→ VPC CIDR: Enter 10.0.0.0/16 (the remembered CIDR of the VPC)
→ Check [Add this CIDR block to my IP whitelist]
→ Application VPC Region: Select [ap-northeast-2] (select region)

# Your Atlas VPC
→ Atlas VPC Region: ap-northeast-2 (not selectable)
→ VPC CIDR: 192.168.120.0/21 (non-enterable, remember for later input in AWS VPC Console)
→ Click [Initiate Peering]
(Ensure the Status changes to Waiting for Approval)
```

* Return to the **AWS VPC** console to accept the requested peering connection and add it to the routing table.
    

```bash
Access AWS VPC Console
→ Click [Peering connections]
→ (Select peering connection with Status: Pending acceptance)
→ Click [Actions] → Click [Accept request] → Click [Accept request]

# Accept VPC Peering Connection Request
→ Click [Yes, Accept]
→ Click [Modify my routing tables now]

# Routing Table
→ Click [Routes]
→ Click [Edit routes]
→ Click [Add route]
→ Destination: Enter 192.168.120.0/21 (the remembered CIDR of the VPC) → Target: Select [Peering Connection] → Select {your-vpc-peering-connection}
→ Click [Save routes]
```

### Verifying Peering Connection on Amazon EC2

* After creating the peering connection, you can verify a successful connection from an **Amazon EC2** instance located in the same **VPC** (and subnet). The method is as follows:
    

```bash
# Register Atlas CLI repository on Amazon Linux
$ sudo nano /etc/yum.repos.d/mongodb-org-7.0.repo
[mongodb-org-7.0]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/amazon/2/mongodb-org/7.0/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://pgp.mongodb.com/server-7.0.asc

# Install Atlas CLI
$ sudo yum install mongodb-atlas -y

# Verify Atlas CLI version
$ atlas --version
atlascli version: 1.19.0

# Verify MongoDB Atlas DB Peering Connection
$ mongosh "mongodb+srv://{db-admin-username}:{db-admin-password}@{db-srv}"
```

### Creating a New User

* You can use the `Atlas CLI` to create a new user account. Below is an example of creating a new user and granting **readWrite** and **dbAdmin** roles:
    

```bash
# Create new user account for specific database
$ atlas dbusers create --username {new_username} --password {password} --role readWrite@{mongodb-atlas-db-name} --role dbAdmin@{mongodb-atlas-db-name} --projectId {mongodb-atlas-project-id}
```

### Reference Articles

* [Atlas Sizing and Tier Selection](https://docs.atlas.mongodb.com/sizing-tier-selection/#cluster-auto-scaling)
    
* [Introducing VPC Peering for MongoDB Atlas](https://www.mongodb.com/blog/post/introducing-vpc-peering-for-mongodb-atlas)
