To confirm that the local host listens on local port 27017, run the following command: nc -zv 127.0.0.1 27017 Note: You must be an admin user to run the Windows command. Windows: netstat -abn | findstr "LISTEN" | findstr Linux and macOS: lsof -P | grep -i "listen" | grep To verify that the SSH tunnel runs in the background, run a command similar to the following one: In the following example, the SSH tunnel binds port 27017 of the local machine to the remote Amazon DocumentDB cluster: ssh -i "ec2Access.pem" -L 27017.:27017 -N -f This is useful only for forwarding ports. L port:host:hostport - Binds the port on the local (client) host to forward the traffic on the hostport of the remote host. I identity_file - Private key-pair for the instance (.pem file). The following command line options are used in this syntax: To set up an SSH tunnel from your local machine to a bastion host, use a syntax similar to the following one: ssh -i -L :: -N -f Configure the SSH tunnelĪfter you verify the connection to the cluster from a bastion host, configure the SSH tunneling. To troubleshoot common connection issues, see Connection issues. Use the MongoDB CLI client to connect to the Amazon DocumentDB cluster: mongo -tls -host -tlsCAFile global-bundle.pem -username -password įor more information on how to connect to the Amazon DocumentDB cluster from an instance, see Connect using Amazon EC2. ssh -i authenticate your cluster, download the certificate authority (CA) certificate for Amazon DocumentDB: wget For more information see Connect to your Linux instance from Linux or macOS with SSH. Connect directly to the bastion hose through SSH, and then use MongoDB Shell to connect to the DB cluster.įrom your local machine, use the private key pair to connect to the bastion host through SSH. Verify that the Amazon DocumentDB cluster is accessible from the bastion hostĬonfirm that the Amazon DocumentDB cluster is accessible from the EC2 bastion host. Install MongoDB Shell or a GUI client on your local machine.The security group allows communication from your local machine over SSH port (22). Associate a security group with the instance.The security group allows communication from the instance over the port that's configured with the Amazon DocumentDB cluster (default 27017). Associate a security group with the Amazon DocumentDB cluster.Associate a private key pair (.pem file) with the instance that's downloaded on your local machine.Launch an instance with a public IP address in the same VPC as the Amazon DocumentDB cluster. ![]() The bastion host uses the MongoDB command line interface (CLI) client to connect to the Amazon DocumentDB cluster from a local machine with SSH tunneling. This example uses an EC2 instance as a bastion host. ![]() ![]() The bastion host acts as a proxy that forwards traffic from your local machine to the Amazon DocumentDB cluster. To use SSH tunneling to forward the traffic from your local machine to the Amazon DocumentDB cluster, use an Amazon Elastic Compute Cloud (Amazon EC2) instance as a bastion or jump host.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |