Home of the mawaws
command!
Updates your MongoDB Atlas IP
whitelist using
the published IP
ranges for
AWS Services. This makes it easy to allow
a whole region so, for example, a
Lambda function on any EC2 instance in that region will be able to reach your
database. This was built for this exact use case and when you cannot use VPC
with EC2 NAT to
give your Lambda a predicatable IP.
npm install -g mongo-atlas-update-whitelist-for-aws
mawaws help
- As a pre-requisite, you need to have an API key for MongoDB Atlas. Follow these instructions to get one. The API key must have Project Owner permission to be able to update the IP allowlist.
- We need to get the ID of the group we want to update:
...and you'll see output that looks like:
mawaws list-groups \ --user=abcdef \ --key=4c03c17c-25d8-42fa-a762-bd9c22b5a55a
# example output Listing MongoDB Atlas groups (AKA projects) Available groups: 1ab2bf4c3b53b9822afa9364: Project 1
- Now we perform the update to the whitelist for that project, using the ID
from the previous command:
mawaws update-whitelist \ --region=ap-southeast-2 \ --groupid=1ab2bf4c3b53b9822afa9364 \ --user=abcdef \ --key=4c03c17c-25d8-42fa-a762-bd9c22b5a55a
Note: the default service to get IPs for is EC2
, if you wish to target a
different service, supply the --service
param:
mawaws update-whitelist \
--service=AMAZON \
... # continue with other params
- either pull the pre-built docker image with
docker pull tomsaleeba/mongo-atlas-update-whitelist-for-aws:1.1.0
- or, build the image locally with
# after you've cloned this repo docker build -t tomsaleeba/mongo-atlas-update-whitelist-for-aws:1.1.0 .
- run the container and pass args like you would to the raw command
docker run --rm -it tomsaleeba/mongo-atlas-update-whitelist-for-aws:1.1.0 --help docker run --rm -it tomsaleeba/mongo-atlas-update-whitelist-for-aws:1.1.0 \ list-groups --user=abcdef --key=123abc
As the list of IP ranges is being updated semi-frequently, it makes sense to run this command on a regular schedule. See the instructions in aws-deploy/README.md for how to set this up.
- make
delete
function that can remove all entries for a region - lots more validation of command line params