I have one mongo db hosted in AWS atlas account and my application is running in AWS EC2 instance. I want to access my DB using my application by VPC peering but it always ask for username password which i think is not a good practice because for this i need to hardcode dummy credentials in properties file.
Is there any way I can do this without using dummy credentials. Can I do this using private endpoint? Please suggest best practice used in industry for mongodb atlas.
Authentication is orthogonal to your network topology (VPC).
Authentication in Atlas is required. You can try using x.509 or aws authentication instead of passwords.
For example, using an nginx server sitting within your AWS network?
I'm running a Sails.js application that uses a Google Cloud Postgresql instance on Google App Engine. I'm getting a connection refused error when I deploy the application. This is my sailsjs connection config:
postgresGoogle: {
adapter: 'sails-postgresql',
socketPath: '/cloudsql/' + process.env.INSTANCE_CONNECTION_NAME,
user: 'xxxxx',
password: 'xxxxx',
database: 'postgres'
}
If I add the host, it throws a timeout error. Does anyone know the proper way to configure a sailsjs connection with GCP postresql?
Where exactly is your Sails.js application? Is it on App Engine Flex? I would recommend deploying to App Engine Flex, as described here and then connect to the PostgreSQL from the Flex environment. Otherwise, are you using any of the option steps described in this link for connection?
Solved
As of 16 December 2022...
I finally got Sails.js to work today with GCP SQL. If you follow the tutorials from Google you have either Unix Sockets or TCP options to try -- and sadly neither work with out of the box sails-postgres.
My workaround was to connect via a VPC connector with a dedicated IP address. This way I can connect to Cloud SQL using a regular Postgres connection string, directly to the DB.
https://cloud.google.com/appengine/docs/legacy/standard/python/outbound-ip-addresses
Then I whitelisted the new dedicated IP in Cloud SQL security settings, and forced SSL to require valid SSL certificates.
It may not be best practice for now per Google's docs, but it works.
Our website hosted in one of AWS EC2 instance.
We have MongoDB installed in the separate EC2 instance (Note: MongoDB is not managed by AWS. We are maintaining in the EC2 server)
Our website is HTTPS enabled.
So my questions are
Do we still need TSL/SSL encryption for connecting to MongoDB from our website (which is in EC2), even though both are in AWS and our website is HTTPS
Do we see any performance issue if we enable TSL/SSL encryption for connection from the website
I have an elastic beanstalk web server set up for my website, and have also created an ec2 server and installed mongodb on it so that I can use it as the database for my website. I know the database works, and I can add documents and access them from ec2. However, I wasn't sure how to connect to the mongodb server through PHP from another site (the one I created with elastic beanstalk).
Thank you for any help. I am pretty new with AWS, so if this is a poor website setup, any help would be appreciated.
Could you try under your instance for the EB> security and groups>click on your database instance and edit the inbound rules. Allow SSH/HTTPS/HTTP from your EB's instance.