Connect to MongoDB® using AWS PrivateLink

SingleStore supports connecting to a MongoDB® instance via AWS PrivateLink.

Configure the Connection

To connect to your MongoDB® instance using a private link:

  1. Copy the VPC Endpoint Service Name from the SingleStore Helios Cloud Portal.

    1. On the Cloud Portal, navigate to your_workspace_group > Firewall > Private Links > Create Connection.

    2. On the Create Connection dialog, copy the VPC Endpoint Service Name.

  2. Create a private endpoint on the Amazon VPC console. While configuring the connection, perform the following tasks:

    1. Attach the MongoDB® instance to the target group of your AWS service.

    2. Use the Service Name copied in the previous step.

    3. Allow incoming connections to TCP port 27017 of your private endpoint.

    4. Copy the VPC Endpoint ID of your private endpoint.

  3. Configure an inbound connection on the Cloud Portal.

    1. Select your_workspace_group > Firewall.

    2. Under Private Links, select Create Connection.

    3. On the Create Connection dialog, enter or select the following information:

      1. Endpoint: Select MongoDB Endpoint.

      2. Workspaces: From the list, select the workspace to connect to.

      3. VPC Endpoint ID: Enter the VPC Endpoint ID of your AWS connection.

The connection is ready to use once it is in ACTIVE state. Connect to the instance from MongoDB® clients and tools using the following connection string (update the credentials and VPC Endpoint):

mongodb://<username>:<password>@<vpc-endpoint>:27017/?authMechanism=PLAIN&tls=true&loadBalanced=true&tlsAllowInvalidHostnames=true&tlsAllowInvalidCertificates=true

Refer to Connect to SingleStore Helios using AWS PrivateLink for more information.

Last modified: June 24, 2024

Was this article helpful?

Verification instructions

Note: You must install cosign to verify the authenticity of the SingleStore file.

Use the following steps to verify the authenticity of singlestoredb-server, singlestoredb-toolbox, singlestoredb-studio, and singlestore-client SingleStore files that have been downloaded.

You may perform the following steps on any computer that can run cosign, such as the main deployment host of the cluster.

  1. (Optional) Run the following command to view the associated signature files.

    curl undefined
  2. Download the signature file from the SingleStore release server.

    • Option 1: Click the Download Signature button next to the SingleStore file.

    • Option 2: Copy and paste the following URL into the address bar of your browser and save the signature file.

    • Option 3: Run the following command to download the signature file.

      curl -O undefined
  3. After the signature file has been downloaded, run the following command to verify the authenticity of the SingleStore file.

    echo -n undefined |
    cosign verify-blob --certificate-oidc-issuer https://oidc.eks.us-east-1.amazonaws.com/id/CCDCDBA1379A5596AB5B2E46DCA385BC \
    --certificate-identity https://kubernetes.io/namespaces/freya-production/serviceaccounts/job-worker \
    --bundle undefined \
    --new-bundle-format -
    Verified OK