Configure MongoDB Atlas using Private Service Connect interfaces

This page describes how to configure a MongoDB Atlas source database to work with Datastream using Private Service Connect interfaces. Note that the described procedure isn't a high availability solution. If the MongoDB node fails the connection profile test, you need to manually update the IP address in the Datastream connection profile.

Configure a MongoDB database user

To use Datastream with a MongoDB Atlas instance, you first need to create a database user and grant them access privileges:

  1. In the MongoDB Atlas dashboard, under Security, click Database access.
  2. Click New database user and select the password authentication method for your user.
  3. Enter the username and password for your Datastream user.
  4. Under Database user privileges, select Grant specific user privileges.
  5. Under Specific privileges, add the following role:
    • readAnyDatabase
  6. Click Add user.

Set up network configuration

Connect your Virtual Private Cloud networks across Datastream and MongoDB Atlas.

  1. Identify the central Virtual Private Cloud network in your Google Cloud project. Ensure that the IP address ranges of this network don't overlap with the IP address ranges of your Datastream or MongoDB Atlas networks.
  2. Create a private connectivity configuration to peer your Datastream network with your central Google Cloud Virtual Private Cloud network.
  3. Set up a network peering connection in MongoDB Atlas to peer your central Google Cloud Virtual Private Cloud network with your MongoDB Atlas network. Provide your project ID, the network name, subnet name, and endpoint name. For more information, see Set up a private endpoint for a dedicated cluster in MongoDB documentation.

Create the connection profile

After you configure your network, create a Datastream connection profile.

  1. Go to the Connection profiles page in the Google Cloud Console.

    Go to the Connection profiles page

  2. Click Create profile and select MongoDB.

  3. In the Hostname field, enter the IP address of the endpoint in the Connected endpoints section from the Private Service Connect page in Google Cloud.

    Go to the Private Service Connect

  4. In the Port field, enter 27017.

  5. Enter the username and password for your database user.

  6. Add the tls and tls_allow_invalid_hostnames labels and set their values to true. For more information about setting labels, see Create a connection profile for a MongoDB database.

  7. Select Private connectivity as your connectivity method.

  8. Select the private connectivity configuration that you created.

  9. Click Create to save the connection profile.

  10. Run a test to verify connection to your database.