Connecting a MongoDB Database

CONTENTS

Home

Connect to MongoDB

Here is what you need to connect:

Create a MongoDB read-only User

bipp recommends using a read-only user for connecting to your MongoDB databases. There are two methods to create the read-only user:

  • Create User and Assign read permission
  • Create Role and Assign Users to the Role

Create User and Assign read permission

Connect to your MongoDB instance and execute the following commands to create a user and assign it read permissions on the database:

> db.createUser({user: "bipp_db_user", pwd: "Secret@123", roles: [{role: "read", db: "your_database"}]})
Successfully added user: {
  "user" : "bipp_db_user",
  "roles" : [
    {
      "role" : "read",
      "db" : "your_database"
    }
  ]
}

Create Role and Assign Users to the Role

Connect to your MongoDB instance and execute the following commands to create a read-only role and assign a user to the role on the database:

> db.createRole({ role: "read-only-role", privileges: [{ resource: { db: "your_database", collection: "your_collection"}, actions: ["find"]}], roles: []})

> db.createUser({ user: "bipp_db_user", pwd: "Secret@123", roles: [{ role: "read-only-role", db: "your_database"}]})
If the bipp_db_user user already exists, you can assign it the read-only role:
> db.grantRolesToUser("bipp_db_user", [ { role: "read-only-role", db: "your_database" } ])
Assign your own user name and strong password for bipp_db_user and Secret@123.

Whitelist the bipp IP address

If your MongoDB instance is behind the firewall, you need to whitelist the bipp IP Address 34.123.9.91 to allow bipp to connect to your database. Use Direct Secure Connection as the Connection type when you create the datasource.

Create a MongoDB Datasource in bipp

  1. Select Datasources from the Home Navigation pane to open the Datasources page.

    Datasource Page

  2. Click New Datasource on the Datasources page.

    New Datasource

  3. Enter a Name. For example, TestMongoDB.

  4. Select MongoDB for SQL Dialect for your database. bipp creates and enforces the rules for the selected dialect.

    Datasource MongoDB

  5. Enter the information for your MongoDB database instance:

    • Host: name or IP address of the database host.
    • Port: port on the host for the connection.
    • AltHosts: comma separated list of hosts for load-balancing. If your MongoDB instance is not configured with any alternate hosts, enter the database host : port.
    • Username: user name for the connection. bipp recommends using a read-only user account.
    • Password: password for the user.
    • Database: name of the database for the connection.
    • Connection: connection type
      • Direct Connection: database directly available over internet or your bipp platform is deployed on-premise in a private subnet.
        • UseTLS: enable Transport Layer Security for the connection. bipp recommends you select yes to use TLS.
        • SslCert: browse to the location of the PEM format file containing your X509 certificate. This certification identifies the MongoDB daemon to clients during TLS/SSL connections.
        • SslKey: browse to the location of your SSL key.
        • SslRootCert: browse to the location of your SSL Root certificate.
      • Direct Secure Connection: secured encrypted TCP connection if your database is behind a firewall. Whitelist the bipp IP address 34.123.9.91. TLS is not supported in this mode. The encrypted data is transmitted to prevent in-transit eavesdropping.
      • SSH Tunnel: encrypted connection using Datasource MongoDB SSH Port Forwarding. bipp supports both forward and reverse SSH tunnels. You can use the SshTunnelAuth to specify Key or Password for the authorization type. Here are the additional SSH fields:
        • SshTunnelHost: name or IP address of the SSH tunnel authentication host.
        • SshPort: port on the SSH tunnel authentication host for the connection.
        • SshTunnelUser: user name for SSH tunnel authentication.
        • Ssh TunnelAuth: select Key to use an SSH Private Key and optional SSH Passphrase, or select Password to use your SSH Password.
  6. Click Test to verify the datasource connectivity. If you have an error, fix the connection or credentials problem and click Test again.

  7. Click Create to add the datasource.

Congratulations! You have successfully created a MongoDB datasource in bipp.