Amazon DocumentDB Creation and Connect With Robo 3T

Amazon DocumentDB (with MongoDB compatibility) is a fast, reliable, and fully managed database service. Amazon DocumentDB makes it easy to set up, operate, and scale MongoDB-compatible databases in the cloud. With Amazon DocumentDB, you can run the same application code and use the same drivers and tools that you use with MongoDB. Amazon DocumentDB free tier not eligible.

Create EC2 Instance
Create ubuntu 18.04 Instance with default inbound rule ssh.

Cerate Security Group for DocumentDB

• For Security group name, enter SecurityGroupDocDB.
• For Description, enter a description.
• For VPC, accept the usage of your default VPC.
• In the Inbound rules section, choose Add rule.
• For Type, choose Custom TCP Rule.
• For Port range, enter 27017.
• Add your EC2 Insatnce Security Group.
• After that click Create Button.

Create an Amazon DocumentDB cluster

• On the Amazon DocumentDB management console, under Clusters, choose Create.

• On the Create Amazon DocumentDB cluster page, in the Configuration section, choose 1 for Number of instances. Choosing one instance helps minimize costs. If this were a production system, it is recommended to provision three instances for high availability. You can leave the other settings in the Configuration section at their default.

• In the Authentication section, enter a username and password.
  Ex - UserName : MasterUser Password : Test1234

• Turn on Show advanced settings.In the Network settings section, for VPC security groups, choose SecurityGroupDocDB.

• Choose Create cluster.

Install the mongo shell

Connect previously created EC2 Instance and run following commands.

sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 2930ADAE8CAF5059EE73BB4B58712A2291FA4AD5

echo "deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu xenial/mongodb-org/3.6 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.6.list

sudo apt-get update

sudo apt-get install -y mongodb-org-shell

Manage Amazon DocumentDB TLS
Transport Layer Security (TLS) is enabled by default for any new Amazon DocumentDB clusters. You can use following command.
wget https://s3.amazonaws.com/rds-downloads/rds-combined-ca-bundle.pem

Connect to your Amazon DocumentDB cluster in EC2
Navigate to the Connection box and Copy the connection string provided. After that paste it connected EC2 Instance. You want to give the previosly created username and password.
Sample connection string mongo --ssl --host docdb-2022-01-11-10-37-59.cluster-cfvufltihmhv.us-east-2.docdb.amazonaws.com:27017 --sslCAFile rds-combined-ca-bundle.pem --username MasterUser --password Test1234

Insert and query data

• To insert a single document, enter the following:
  db.collection.insert({"hello":"DocumentDB"})

• You can read the document that you wrote with the findOne() command (because it only returns a single document). Input the following:
  db.collection.findOne()

• To perform a few more queries, consider a gaming profiles use case. First, insert a few entries into a collection titled profiles. Input the following:
  

db.profiles.insertMany([
            { "_id" : 1, "name" : "Matt", "status": "active", "level": 12, "score":202},
            { "_id" : 2, "name" : "Frank", "status": "inactive", "level": 2, "score":9},
            { "_id" : 3, "name" : "Karen", "status": "active", "level": 7, "score":87},
            { "_id" : 4, "name" : "Katie", "status": "active", "level": 3, "score":27}
            ])

• Use the find() command to return all the documents in the profiles collection. Input the following:
  db.profiles.find()

• Use a query for a single document using a filter. Input the following:
  db.profiles.find({name: "Katie"})

• Now let’s try to find a profile and modify it using the findAndModify command. We’ll give the user Matt an extra ten points with the following code:
  

db.profiles.findAndModify({
        query: { name: "Matt", status: "active"},
        update: { $inc: { score: 10 } }
    })

• You can verify that his score has changed with the following query: db.profiles.find({name: "Matt"})

Now try to connect with Robo 3T

Robo 3T is a lightweight, open-source, shell centric, cross-platform graphical user interface tool for managing MongoDB workloads. Robo 3T gives you the ability to create databases, collections, add users, documents, execute one-time queries with auto-completion, and visualize results from a GUI interface.

You can download Robo 3T using this link

• Open Robo 3T and choose Create.

• On the Connection tab, in the Address field, enter the cluster endpoint information. Go to cluster inside and go configuration tab and you can see Cluster endpoint
  EX - docdb-2022-01-11-10-37-59.cluster-cfvufltihmhv.us-east-2.docdb.amazonaws.com

• On the Authentication tab, check the box for Perform Authentication. Now enter the authentication information for your cluster. Make sure to use a custom database name like test. Using admin (default setting) does not work for Amazon DocumentDB for clusters with no databases. Once you have created your first database you can modify your connection to use admin.

You can run following command in the EC2 get database name.
db.adminCommand( { listDatabases: 1 } )

• On the SSH tab, check the box for Use SSH tunnel, and add the SSH address, username, and private key/password of your EC2 instance. The SSH address is the public DNS of your EC2 instance.

In SSH Auth Method, choose one of the authentication methods.

1. If you chose Private Key, then select the “…” button to open up the file finder and select the .pem file for your EC2 instance.
2. If you chose Password, you must enter the SSH address, username and private key for your AWS EC2 instance. You can find this on the AWS EC2 console.

Tip - If you are on Linux/macOS client machine, you might have to change the permissions of your private key using the following command:
chmod 400 /fullPathToYourPemFile/<yourKey>.pem

• Now choose the SSL tab and click the drop down menu for Authentication Method. Choose Use CA Certificate. Select Advanced Options and for the Invalid Hostnames menu, select Allowed.

You can connect EC2 with FileZilla for get CA Certificate.

• Test the connection by choosing the Test button. A Diagnostic window should appear with the test results. If everything is green, then close the box. Now choose Save. Now select your cluster and choose Connect.

Thanks for reading the Article.