(Optional) Apply for a public endpoint for an ApsaraDB for MongoDB instance - ApsaraDB for MongoDB

ApsaraDB for MongoDB supports public endpoints. You can apply for a public endpoint for an ApsaraDB for MongoDB instance and use the public endpoint to connect to databases of the instance over the Internet. This topic describes how to apply for a public endpoint for an ApsaraDB for MongoDB sharded cluster instance.

Background information

The following table describes the endpoint types supported by ApsaraDB for MongoDB instances.


Endpoint type	Description
VPC endpoint	A virtual private cloud (VPC) is an isolated network that provides higher security and performance than the classic network. By default, ApsaraDB for MongoDB provides VPC endpoints for instances to ensure high security and high performance.
Classic network endpoint	Cloud services on the classic network are not isolated. Unauthorized access can be blocked only by using security groups or whitelists. For information about how to switch the network type to VPC, see Switch the network type of an ApsaraDB for MongoDB instance from classic network to VPC. Note The classic network is not supported for DynamoDB-compatible sharded cluster instances.
Public endpoint	Security risks may arise if you connect to an ApsaraDB for MongoDB instance over the Internet. For this reason, ApsaraDB for MongoDB provides VPC endpoints by default. If you want to connect to an ApsaraDB for MongoDB instance from a device outside of Alibaba Cloud (such as an on-premise device), you must apply for a public endpoint.

Precautions

When you apply for a public endpoint for an instance, the instance may need to be restarted. We recommend that you perform this operation during off-peak hours.
If you want to connect to an ApsaraDB for MongoDB instance by using a public endpoint, you must add the public IP address of your client to a whitelist of this instance. For more information, see Configure a whitelist for an ApsaraDB for MongoDB instance.

Procedure

Log on to the ApsaraDB for MongoDB console.
In the upper-left corner of the page, select the resource group and region to which the instance belongs.
In the left-side navigation pane, click Sharded cluster instance.
On the page that appears, find the instance that you want to manage and click its ID.
In the left-side navigation pane, click Database Connections.
In the Public Connections section, click Apply for Public Connection String.

In the Apply for Public Connection String panel, set Node Type and Node ID.


Parameter	Value	Description
Node Type	Shard	The shard node. To apply for a public endpoint for a shard node, you must first apply for an endpoint for the shard node. For more information, see Apply for an endpoint for a shard or Configserver node. Note If you want to read the oplog data of a shard node over the Internet when you perform specific operations such as data synchronization between instances, you must apply for a public endpoint for the shard node.
	CS	The Configserver node. To apply for a public endpoint for a Configserver node, you must first apply for an endpoint for the Configserver node. For more information, see Apply for an endpoint for a shard or Configserver node. Note If you want to read the configuration information of a Configserver node over the Internet when you perform specific operations such as data synchronization between instances, you must apply for a public endpoint for the Configserver node.
	Mongos	The mongos node. Note In most cases, mongos nodes are sufficient to meet your read and write needs.
Node ID	Node ID of the current instance	The ID of the node for which you want to apply for a public endpoint.

Click OK.
Optional:To apply for public endpoints for multiple nodes in the sharded cluster instance, repeat the preceding steps.
Note To apply for a public endpoint for another node in the instance, you must wait until the state of the instance becomes Running.

Results

After you apply for public endpoints, you can view the created endpoints in the Public Connections section. For more information about endpoints, see Introduction to connection strings and URIs.

References

For more information about how to connect to an instance by using a public endpoint, see Connect to an ApsaraDB for MongoDB instance over the Internet.
To ensure data security, you can release public endpoints that are no longer needed. For more information about how to release a public endpoint, see Release a public endpoint.
Before you connect to an ApsaraDB for MongoDB instance over the Internet, we recommend that you enable SSL encryption. For more information about how to enable SSL encryption, see Use the mongo shell to connect to an ApsaraDB for MongoDB database in SSL encryption mode.