0

current status:

I have created a documentdb cluster. added an inbound rule for the security group to allow all traffic from anywhere. disabled TLS for the cluster

tried connecting to the db following this https://docs.aws.amazon.com/documentdb/latest/developerguide/connect_programmatically.html

but throws following error:

(node:45892) UnhandledPromiseRejectionWarning: MongoNetworkError: failed to connect to server [aacb-c1.cluster-c3ggyumy9pd2.us-east-2.docdb.amazonaws.com:27017] on first connect [MongoNetworkTimeoutError: connection timed out
Improve this question

2 Answers 2

Reset to default
2

Amazon DocumentDB is virtual private cloud (VPC)-only and does not currently support public endpoints. Hence, if you are trying to connect from a Node server running locally in your machine, it will not be able to reach Amazon DocumentDB publicly.

https://docs.aws.amazon.com/documentdb/latest/developerguide/troubleshooting.connecting.html#troubleshooting.cannot-connect.public-endpoints

Alternate options:

  • You can use SSH tunneling to connect from a local environment. To create an SSH tunnel, you need an Amazon EC2 instance running in the same Amazon VPC as your Amazon DocumentDB cluster. You can refer to the instructions here: https://docs.aws.amazon.com/documentdb/latest/developerguide/connect-from-outside-a-vpc.html

  • You can try running your application from an EC2 instance(with Node installed) created in the same VPC containing the Amazon DocumentDB cluster.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

When you say connect from your 'local node.js server', do you mean something running on your own computer? If so, I believe that will not work even if you have added a rule to the inbound security group, since the DocumentDB runs in its own VPC.

There's a guide for that here (you basically need to have your node.js server running in AWS as well): https://docs.aws.amazon.com/documentdb/latest/developerguide/connect-from-outside-a-vpc.html

Update: In theory it should be possible to setup a network load balancer with a target group pointing to the IP of the DocumentDB, but this would not be very reliable since it would stop working as soon as AWS changes the IP of the cluster. There are some solutions to use DNS name instead: https://aws.amazon.com/blogs/networking-and-content-delivery/hostname-as-target-for-network-load-balancers/

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.