Amazon DocumentDB is a fully managed document database service that supports MongoDB workloads. While it behaves similarly to MongoDB, connecting to it requires a few extra steps β especially with SSL and replica sets.
In this short guide, I'll show you how to connect to your Amazon DocumentDB cluster using Python and the pymongo
driver.
π¦ Prerequisites
Before jumping into the code, make sure you have the following ready:
β
Amazon DocumentDB cluster (with rs0
as the replica set)
β
A user and password to authenticate
β
The AWS-provided SSL certificate
β
Python 3.7+
β
The pymongo
library
Install pymongo
via pip:
pip install pymongo
Download the global CA bundle (required for SSL):
curl -o global-bundle.pem https://truststore.pki.rds.amazonaws.com/global/global-bundle.pem
π§ Understanding the Connection Requirements
Amazon DocumentDB requires:
-
TLS/SSL enabled (
ssl=true
) -
Replica set name specified (
replicaSet=rs0
) -
Retryable writes disabled (
retryWrites=false
)
π§ͺ Python Example: check_connection.py
from pymongo import MongoClient
# Replace with your actual credentials and endpoint
username = "myadmin"
password = "**********"
cluster_endpoint = "docdb-dima-1.cluster-xxxxxxxxxxxx.us-east-1.docdb.amazonaws.com"
port = 27017
database_name = "test"
ca_cert_path = "global-bundle.pem" # Path to Amazon CA certificate
# Construct the URI
uri = (
f"mongodb://{username}:{password}@{cluster_endpoint}:{port}/"
f"?ssl=true"
f"&replicaSet=rs0"
f"&readPreference=secondaryPreferred"
f"&retryWrites=false"
)
# Create MongoClient with SSL configuration
client = MongoClient(uri, tlsCAFile=ca_cert_path)
# Access the database and print collections
db = client[database_name]
print(db.list_collection_names())
β οΈ Common Pitfalls
Here are a few gotchas to watch out for:
Networking issues
- Ensure your client can reach the DocumentDB cluster (same VPC, VPN, or public access if configured).
- Port
27017
must be open in your cluster's security group.
SSL certificate mismatch
- Use the exact CA certificate from AWS (download link).
Incorrect replica set name
- DocumentDB uses a static replica set name:
rs0
.
Retry writes
- Disable retryable writes:
retryWrites=false
. DocumentDB doesn't support them.
β Output Example
If everything is configured correctly, the script will print the list of collections in your specified database:
['users', 'orders', 'logs']
π Final Thoughts
Connecting to Amazon DocumentDB is easy once you get past the SSL and replica set nuances. This Python script provides a solid foundation for building apps that securely interact with your DocumentDB cluster.
Top comments (0)