How to Connect to Amazon DocumentDB with Python (`pymongo`)

Amazon DocumentDB is a fully managed document database service that supports MongoDB workloads. While it behaves similarly to MongoDB, connecting to it requires a few extra steps — especially with SSL and replica sets.

In this short guide, I'll show you how to connect to your Amazon DocumentDB cluster using Python and the pymongo driver.

---

📦 Prerequisites

Before jumping into the code, make sure you have the following ready:

✅ Amazon DocumentDB cluster (with rs0 as the replica set)
✅ A user and password to authenticate
✅ The AWS-provided SSL certificate
✅ Python 3.7+
✅ The pymongo library

Install pymongo via pip:

pip install pymongo

Download the global CA bundle (required for SSL):

curl -o global-bundle.pem https://truststore.pki.rds.amazonaws.com/global/global-bundle.pem

---

🧠 Understanding the Connection Requirements

Amazon DocumentDB requires:

• TLS/SSL enabled (ssl=true)
• Replica set name specified (replicaSet=rs0)
• Retryable writes disabled (retryWrites=false)

---

🧪 Python Example: check_connection.py

from pymongo import MongoClient

# Replace with your actual credentials and endpoint
username = "myadmin"
password = "**********"
cluster_endpoint = "docdb-dima-1.cluster-xxxxxxxxxxxx.us-east-1.docdb.amazonaws.com"
port = 27017
database_name = "test"
ca_cert_path = "global-bundle.pem"  # Path to Amazon CA certificate

# Construct the URI
uri = (
    f"mongodb://{username}:{password}@{cluster_endpoint}:{port}/"
    f"?ssl=true"
    f"&replicaSet=rs0"
    f"&readPreference=secondaryPreferred"
    f"&retryWrites=false"
)

# Create MongoClient with SSL configuration
client = MongoClient(uri, tlsCAFile=ca_cert_path)

# Access the database and print collections
db = client[database_name]
print(db.list_collection_names())

---

⚠️ Common Pitfalls

Here are a few gotchas to watch out for:

Networking issues

• Ensure your client can reach the DocumentDB cluster (same VPC, VPN, or public access if configured).
• Port 27017 must be open in your cluster's security group.

SSL certificate mismatch

• Use the exact CA certificate from AWS (download link).

Incorrect replica set name

• DocumentDB uses a static replica set name: rs0.

Retry writes

• Disable retryable writes: retryWrites=false. DocumentDB doesn't support them.

---

✅ Output Example

If everything is configured correctly, the script will print the list of collections in your specified database:

['users', 'orders', 'logs']

---

🚀 Final Thoughts

Connecting to Amazon DocumentDB is easy once you get past the SSL and replica set nuances. This Python script provides a solid foundation for building apps that securely interact with your DocumentDB cluster.