Integrating MongoDB with AWS services - AWS Prescriptive Guidance

Integrating MongoDB with AWS services

You can use AWS services to optimize your MongoDB Atlas environment. For example, you can:

  • Configure connections between your applications and AWS services by using AWS PrivateLink.

  • Implement Security Assertion Markup Language (SAML) authentication by using AWS IAM Identity Center (successor to AWS Single Sign-On).

  • Deliver data to MongoDB Atlas from various data sources by integrating Atlas with Amazon Kinesis Data Firehose.

  • Query and analyze data across Atlas and Amazon S3.

  • Run code without provisioning or managing servers, by using AWS Lambda.

The following sections describe these integrations in more detail.

Configuring connections

You can use AWS PrivateLink to connect MongoDB Atlas to your AWS applications and ensure private connectivity between all your AWS services and accounts.

          Using MongoDB Atlas on AWS with AWS PrivateLink

AWS PrivateLink provides these benefits:

  • One-way connection – no extension of the perceived network trust boundary.

  • Consolidated security controls across AWS applications and environments.

  • Transitive connectivity from peered and AWS Direct Connect contexts – you can access Atlas from local environments through a virtual private network (VPN).

Implementing SAML authentication

Atlas supports SAML authentication through integration with IAM Identity Center and other identity management providers. SAML authentication is the open standard for exchanging identity and security information between applications and service providers. It lets customers centralize access management to Atlas by supporting single sign-on using corporate directory credentials. The following diagram shows how IAM Identity Center is used with Atlas.

          Integrating Atlas with IAM Identity Center for SAML authentication

Integrating data from multiple sources

Amazon Kinesis Data Firehose supports the MongoDB Cloud platform as one of its delivery destinations. This native integration between Kinesis Data Firehose and MongoDB Cloud provides a managed, secure, scalable, and fault-tolerant mechanism for delivering data to MongoDB Atlas.

You can stream your data through Amazon Kinesis Data Streams or push data directly to Kinesis Data Firehose and configure it to deliver data to MongoDB Atlas. You can also configure Kinesis Data Firehose to transform the data before delivering it to its destination. You don’t have to write applications and manage resources to read data and push to MongoDB. It’s all managed by AWS, which makes it easier to estimate costs based on your data volume. For more information, see Integrating the MongoDB Cloud with Amazon Kinesis Data Firehose on the AWS Big Data blog.

Querying and analyzing data

MongoDB Atlas Data Lake is a fully managed data lake as a service that enables you to natively query and analyze data across Amazon S3 and MongoDB Atlas. You can seamlessly combine and analyze your richly structured data stored in JSON, BSON, CSV, TSV, Avro, ORC, and Parquet formats without the cost and complexity of data movement and transformation. With this feature, you can query heterogeneous data stored in Amazon S3 and MongoDB Atlas in place and in its native format by using the MongoDB Query Language (MQL). For more information about using Atlas Data Lake with Amazon S3, see MongoDB Atlas Data Lake Lets Developers Create Value from Rich Modern Data on the AWS Partner Network (APN) blog, and the MongoDB documentation.

Serverless development

AWS Lambda lets you run code without provisioning or managing servers. You pay only for the compute time you consume. For more information about using Atlas with Lambda, see Best practices for Connecting from AWS Lambda on the MongoDB website.