Invalid permission from Lambda to MongoDB in EC2 - mongodb

I have created a Lambda Function which intends to connect to MongoDB running on EC2.
I have followed some tutorials and guaranteed that:
Lambda and EC2 run in the same VPC
Lambda has configured EC2's subnet
Lambda has its own security group my-lambda-sg
Lambda's security group is allowed in EC2's security group inbounds rules for MongoDB's port as a "Custom TCP Rule"
Lambda's role has assigned permission AWSLambdaVPCAccessExecutionRole
However, I am stil unable to connect from the lambda to the MongoDB in EC2. When I run a Test in the Lambda I get:
START RequestId: f0869292-5207-11e8-85d2-cba0eb99208c Version: $LATEST
2018-05-07T15:04:29.117Z 567951c4-5207-11e8-ba43-0314179d2bf5 { MongoNetworkError: failed to connect to server [IP:port] on first connect [MongoNetworkError: connection 0 to IP:port timed out]
at Pool.<anonymous> (/var/task/node_modules/mongodb-core/lib/topologies/server.js:503:11)
at emitOne (events.js:116:13)
at Pool.emit (events.js:211:7)
at Connection.<anonymous> (/var/task/node_modules/mongodb-core/lib/connection/pool.js:326:12)
at Object.onceWrapper (events.js:317:30)
at emitTwo (events.js:126:13)
at Connection.emit (events.js:214:7)
at Socket.<anonymous> (/var/task/node_modules/mongodb-core/lib/connection/connection.js:256:10)
at Object.onceWrapper (events.js:313:30)
at emitNone (events.js:106:13)
at Socket.emit (events.js:208:7)
at Socket._onTimeout (net.js:420:8)
at ontimeout (timers.js:482:11)
at tryOnTimeout (timers.js:317:5)
at Timer.listOnTimeout (timers.js:277:5)
name: 'MongoNetworkError',
message: 'failed to connect to server [IP:port] on first connect [MongoNetworkError: connection 0 to IP:port timed out]' }
END RequestId: f0869292-5207-11e8-85d2-cba0eb99208c
From API Gateway I get
You do not have permission to perform this action
And from the browser I get:
{"message": "Endpoint request timed out"}
Other Lambda's not accessing EC2 are working fine.
Any idea what could I be missing?

I found the answer. All requisites above are ok. I just needed to use the internal IP of the EC2 instead the external one in the MongoDB URL connection, to be considered a call within the VPC, as I found here AWS Lambda unable to access EC2 port within the same VPC

Related

mongo atlas connection troubles

I have an app, created in meteor.js but it shouldn't be important i think. I have also mongo cluster on mongo atlas. So far during development i connected to db by connection string without problem from my local machine. However when i created linux machine on DigitalOcean and tried to connect my app using same connection string mongodb+srv://<user>:<password>#xyz.mongodb.net/<dbName>?retryWrites=true&w=majority
I got the following error.
MongoNetworkError: failed to connect to server [xyz.mongodb.net:27017] on first connect [MongoNetworkError: connection 5 to xyz.mongodb.net:27017 closed
at TLSSocket.<anonymous> (/home/ubuntu/staging/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb/lib/core/connection/connection.js:440:9)
at Object.onceWrapper (events.js:421:26)
at TLSSocket.emit (events.js:314:20)
at TLSSocket.EventEmitter.emit (domain.js:483:12)
at net.js:675:12
at TCP.done (_tls_wrap.js:568:7)]
at Pool.<anonymous> (/home/ubuntu/staging/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb/lib/core/topologies/server.js:438:11)
at Pool.emit (events.js:314:20)
at Pool.EventEmitter.emit (domain.js:483:12)
at /home/ubuntu/staging/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb/lib/core/connection/pool.js:562:14
at /home/ubuntu/staging/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb/lib/core/connection/pool.js:1009:9
at callback (/home/ubuntu/staging/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb/lib/core/connection/connect.js:75:5)
at /home/ubuntu/staging/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb/lib/core/connection/connect.js:101:9
at _callback (/home/ubuntu/staging/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb/lib/core/connection/connection.js:329:7)
at Connection.errorHandler (/home/ubuntu/staging/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb/lib/core/connection/connection.js:344:7)
at Object.onceWrapper (events.js:421:26)
at Connection.emit (events.js:314:20)
at Connection.EventEmitter.emit (domain.js:483:12)
at TLSSocket.<anonymous> (/home/ubuntu/staging/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb/lib/core/connection/connection.js:438:12)
at Object.onceWrapper (events.js:421:26)
at TLSSocket.emit (events.js:314:20)
at TLSSocket.EventEmitter.emit (domain.js:483:12)
Do you have any idea of what could be wrong with me server config? I guess it is server config as on other machine same connection string works.

Error at connecting to MongoDB Atlas via VPC Peering from GCP Kubernetes Cluster

I am connecting a Nodejs app running on the GCP Kubernetes cluster. Before, it worked fine, when I enabled VPC Peering and I was using the connection string (Private). It is recommended on the Atlas dashboard:
mongodb+srv://(username):(password)#<cluster_name>-pri.m6tkv.gcp.mongodb.net/<database_name>?retryWrites=true&w=majority
I followed this tutorial to setup: https://docs.atlas.mongodb.com/security-vpc-peering/
I cannot understand since my app has been running for quite a while with this configuration. But one fine day, the app running on a pod in my GCP cluster is unable to connect.
Thats the error message:
Connected mongodb failed MongoNetworkError: failed to connect to server [<cluster_name>-00-00-pri.m6tkv.gcp.mongodb.net:27017] on first connect [MongoNetworkError: connection timed out
at connectionFailureError (/app/node_modules/mongoose/node_modules/mongodb/lib/core/connection/connect.js:406:14)
at TLSSocket.<anonymous> (/app/node_modules/mongoose/node_modules/mongodb/lib/core/connection/connect.js:294:16)
at Object.onceWrapper (events.js:299:28)
at TLSSocket.emit (events.js:210:5)
at TLSSocket.Socket._onTimeout (net.js:469:8)
at listOnTimeout (internal/timers.js:531:17)
at processTimers (internal/timers.js:475:7) {name: 'MongoNetworkError' }] at Pool.<anonymous> (/app/node_modules/mongoose/node_modules/mongodb/lib/core/topologies/server.js:438:11)
at Pool.emit (events.js:210:5)
at /app/node_modules/mongoose/node_modules/mongodb/lib/core/connection/pool.js:562:14
at /app/node_modules/mongoose/node_modules/mongodb/lib/core/connection/pool.js:1009:9
at /app/node_modules/mongoose/node_modules/mongodb/lib/core/connection/connect.js:31:7
at callback (/app/node_modules/mongoose/node_modules/mongodb/lib/core/connection/connect.js:264:5)
at TLSSocket.<anonymous> (/app/node_modules/mongoose/node_modules/mongodb/lib/core/connection/connect.js:294:7)
at Object.onceWrapper (events.js:299:28)
at TLSSocket.emit (events.js:210:5)
at TLSSocket.Socket._onTimeout (net.js:469:8)
at listOnTimeout (internal/timers.js:531:17)
at processTimers (internal/timers.js:475:7)
I switched back to the old connection (Standard), my app works again. The connection string:
mongodb+srv://(username):(password)#<cluster_name>.m6tkv.gcp.mongodb.net/<database_name>?retryWrites=true&w=majority
So connection via VPC Peering is having some problem, I couldn't find any clue.

Can't connect to mongodb cloud

I'm working on a web application with node.js and using Mongodb for database. everything is cool when I run my app in localhost. but when I run it in a shared host it gives an error which looks like its Mongoose connection problem.
here is my code:
const uri = 'mongodb://****:****#iranroboticacademy-bdziw.mongodb.net/test';
mongoose.connect(uri,{ useNewUrlParser: true });
mongoose.connection.once('open', function(){
console.log('DataBase is connected. ');
}).on('error', function(error){
console.log('Connection error:', error);
});
and here is the erro that I get when I run the app in host:
Connection error: { MongoNetworkError: failed to connect to server [iranroboticacademy-shard-00-00-bdziw.mongodb.net:27017] on first connect [MongoNetworkError: connect ECONNREFUSED 3.226.212.92:27017]
at Pool.<anonymous> (/home/iranrob1/public_html/node_modules/mongodb/lib/core/topologies/server.js:433:11)
at Pool.emit (events.js:182:13)
at createConnection (/home/iranrob1/public_html/node_modules/mongodb/lib/core/connection/pool.js:577:14)
at connect (/home/iranrob1/public_html/node_modules/mongodb/lib/core/connection/pool.js:1021:9)
at makeConnection (/home/iranrob1/public_html/node_modules/mongodb/lib/core/connection/connect.js:31:7)
at callback (/home/iranrob1/public_html/node_modules/mongodb/lib/core/connection/connect.js:247:5)
at TLSSocket.err (/home/iranrob1/public_html/node_modules/mongodb/lib/core/connection/connect.js:276:7)
at Object.onceWrapper (events.js:273:13)
at TLSSocket.emit (events.js:182:13)
at emitErrorNT (internal/streams/destroy.js:82:8)
at emitErrorAndCloseNT (internal/streams/destroy.js:50:3)
at process._tickCallback (internal/process/next_tick.js:63:19)
name: 'MongoNetworkError',
[Symbol(mongoErrorContextSymbol)]: {} }
(node:6409) UnhandledPromiseRejectionWarning: MongoNetworkError: failed to connect to server [iranroboticacademy-shard-00-00-bdziw.mongodb.net:27017] on first connect [MongoNetworkError: connect ECONNREFUSED 3.226.212.92:27017]
at Pool.<anonymous> (/home/iranrob1/public_html/node_modules/mongodb/lib/core/topologies/server.js:433:11)
at Pool.emit (events.js:182:13)
at createConnection (/home/iranrob1/public_html/node_modules/mongodb/lib/core/connection/pool.js:577:14)
at connect (/home/iranrob1/public_html/node_modules/mongodb/lib/core/connection/pool.js:1021:9)
at makeConnection (/home/iranrob1/public_html/node_modules/mongodb/lib/core/connection/connect.js:31:7)
at callback (/home/iranrob1/public_html/node_modules/mongodb/lib/core/connection/connect.js:247:5)
at TLSSocket.err (/home/iranrob1/public_html/node_modules/mongodb/lib/core/connection/connect.js:276:7)
at Object.onceWrapper (events.js:273:13)
at TLSSocket.emit (events.js:182:13)
at emitErrorNT (internal/streams/destroy.js:82:8)
at emitErrorAndCloseNT (internal/streams/destroy.js:50:3)
at process._tickCallback (internal/process/next_tick.js:63:19)
(node:6409) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). (rejection id: 1)
(node:6409) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.
Sure you can use the free tier of MongoDB Cloud.
It’s actually much easier to mantain than the hosted version as you have visually all under control, automatic backups etc.
https://mongodb.com
I have asked my host provider in a ticket and they said it doesn’t support mongodb. I have written everything with mongodb database in my application and I really can’t change it into other things. I need to use it in this host. Is there anyone who has a solution for this?!
try to use 'connect to your aplication', copy the then change the

Can not connect MongoDB docker-compose

Can not connect mongodb run in docker-compose
MONGO_URL=mongodb://db:27017/500ae_cms
error:
MongoDB connection error: mongodb://db:27017/500ae_cms.
MongoNetworkError: failed to connect to server [db:27017] on first connect [Error: getaddrinfo ENOTFOUND db
at GetAddrInfoReqWrap.onlookup [as oncomplete] (dns.js:60:26) {
name: 'MongoNetworkError',
errorLabels: [Array],
}]
docker-compose file
For your db service you expose port 27775 but in your app you try to connect to 27017.
Docker resolves the service name in an IP address but this fails here (too?)
failed to connect to server [db:27017];;; getaddrinfo ENOTFOUND db
should at least be something like:
failed to connect to server [db:27017] on first connect [Error: connect ECONNREFUSED 17.19.0.2:27017
Can you try running nslookup db from the api container? If that resolves, then it might be an issue with your mongo driver.

How to connect to external Mongo (MLab) from a Node app in Docker

I have a database setup on Mlab and I have aconnection string that does work remotely. If I run my node app on docker using my local mongo, everything works as expected, however if I change the configuration and connect to my Mlab mongo, I get the following error:
UnhandledPromiseRejectionWarning: MongoNetworkError: failed to connect to server [localhost:27017] on first connect [MongoNetworkError: connect ECONNREFUSED 127.0.0.1:27017]
at Pool.<anonymous> (/usr/src/app/node_modules/mongodb-core/lib/topologies/server.js:564:11)
at emitOne (events.js:116:13)
at Pool.emit (events.js:211:7)
at Connection.<anonymous> (/usr/src/app/node_modules/mongodb-core/lib/connection/pool.js:317:12)
at Object.onceWrapper (events.js:317:30)
at emitTwo (events.js:126:13)
at Connection.emit (events.js:214:7)
at Socket.<anonymous> (/usr/src/app/node_modules/mongodb-core/lib/connection/connection.js:246:50)
at Object.onceWrapper (events.js:315:30)
at emitOne (events.js:116:13)
at Socket.emit (events.js:211:7)
at emitErrorNT (internal/streams/destroy.js:66:8)
at _combinedTickCallback (internal/process/next_tick.js:139:11)
at process._tickDomainCallback (internal/process/next_tick.js:219:9)
(node:24) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). (rejection id: 6)
Apart from handling the error on Node side (which I'm not catching, but that's another problem), how can I connect to an external mongo server form my Docker container?
I've seen this and follow the steps described there but it didn't help me.
Any suggestions?
EDIT
This is a Node app. In my Dockerfile I have the following setting:
ENV DB_HOST=mongodb+srv://<user>:<password>#<mlab>/<db_name>?retryWrites=true
And in my Node app where I have setup the database I have this:
mongoose.connect(process.env.DB_HOST, {useNewUrlParser: true, useFindAndModify: false, useCreateIndex: true});
When I print the above env variable at run time, I get the correct string for the db (running locally everything works fine).
I don't understand why the error shows localhost. This is my first time using Docker. Do I need any additional configuration so my container can talk to an external service?