1

I have a VPC peering established with MongoDB Atlas, however when I try to resolve the database cluster's domain from within an EC2 instance in the same VPC, I get back the public IP. This is a problem because the whitelist can't contain any public IPs, as I want to grant access to the database only for internal services.

I tried to enable both "DNS resolution" and "DNS hostnames" in the VPC settings, as well as "Accepter DNS resolution" in the peering configuration, but nothing works.

Besides the information above, I can mention that the EC2 does have access to the Internet (that's how I connect via SSH to it), the VPC has only one subnet and the route table is properly configured to send traffic to the VPC peering (see screenshot below).

My questions are: 1) Is it possible to do what I'm trying (I saw multiple people on the Internet describing their solution to this, however they don't work for me -- good to note that their articles dates from years ago, so that all might be different now); 2) What am I doing wrong?

Improve this question
4
  • You can use ip-private-ipv4-address.ec2.internal However, why not just use the IP address? Commented Feb 7, 2020 at 20:29
  • @MarkWagner I need the address of the database and not the instance, and the database address is given through domain name. Commented Feb 7, 2020 at 21:59
  • 1
    docs.atlas.mongodb.com/security-vpc-peering/#vpc-peering "If DNS hostnames and DNS resolution are disabled and the VPC is accessible to the internet, the DNS resolves to the public IP address rather than the internal IP address." -- try disabling internet access for the MongoDB Atlas VPC Commented Feb 7, 2020 at 22:34
  • @MarkWagner You are right. However, the problem was that I missed their banner stating that some offerings don't support VPC peering and the one I was using is included in the list. I answered this question myself and added the link you posted, thanks for that, it helped. Commented Feb 9, 2020 at 19:11

1 Answer 1

Reset to default
0

I realized what was happening. From Atlas documentation:

MongoDB Atlas documentation page mentioning VPC peering isn't available for M0, M2 and M5 clusters

Creating a M10 cluster, for example, works perfectly.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.