Docs Menu
Docs Home
/
MongoDB Kafka Connector
/

MongoDB AWS-based Authentication

On this page

  • Overview
  • Connector Connection Settings

In this guide, you can learn how to authenticate your MongoDB Kafka Connector with your MongoDB replica set using the MONGODB-AWS authentication mechanism. The MONGODB-AWS authentication mechanism uses your Amazon Web Services Identity and Access Management (AWS IAM) credentials to authenticate your user.

To learn how to set up your MongoDB replica set in MongoDB Atlas to use AWS IAM credentials, see the guide on How to Set Up Unified AWS Access.

Important

You must use MongoDB Kafka Connector version 1.5 of later to connect to a MongoDB cluster set up to authenticate using your AWS IAM credentials. AWS IAM credential authentication is available in MongoDB server version 4.4 and later.

You can specify your MONGODB-AWS authentication credentials in your connection URI connector property as shown in the following example:

connection.uri=mongodb://<AWS access key id>:<AWS secret access key>@<hostname>:<port>/?authSource=<authentication database>&authMechanism=MONGODB-AWS&authMechanismProperties=AWS_SESSION_TOKEN:<AWS session token>

The preceding example uses the following placeholders which you must replace:

Placeholder
Description
AWS access key id
Value of your AWS_ACCESS_KEY_ID.
AWS secret access key
Value of your AWS_SECRET_KEY.
hostname
Network address of your MongoDB server.
port
Port number of your MongoDB server.
authentication database
MongoDB database that contains your user's authentication data. If you omit the authSource parameter and placeholder value, the driver uses the default value admin.
AWS session token
Value of your AWS_SESSION_TOKEN. If you do not need to specify an AWS session token, omit the authMechanismProperties parameter and placeholder value.
Optional

Tip

Custom Authentication Provider

You can create and use a custom authentication provider to support AWS IAM authentication. To learn more, see the Custom Authentication Provider guide.

Back

SSL/TLS and X.509 Certificates