{"id":19522201,"url":"https://github.com/captaincodeman/mongo-aws-vpc","last_synced_at":"2025-06-27T07:34:41.675Z","repository":{"id":6697067,"uuid":"7942406","full_name":"CaptainCodeman/mongo-aws-vpc","owner":"CaptainCodeman","description":"Cloud Formation templates for AWS Virtual Private Cloud with MongoDB","archived":false,"fork":false,"pushed_at":"2013-08-21T14:50:02.000Z","size":144,"stargazers_count":21,"open_issues_count":3,"forks_count":16,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-05-07T04:37:48.643Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/CaptainCodeman.png","metadata":{"files":{"readme":"readme.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2013-01-31T18:12:43.000Z","updated_at":"2025-05-03T16:04:46.000Z","dependencies_parsed_at":"2022-08-20T07:51:26.656Z","dependency_job_id":null,"html_url":"https://github.com/CaptainCodeman/mongo-aws-vpc","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/CaptainCodeman/mongo-aws-vpc","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CaptainCodeman%2Fmongo-aws-vpc","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CaptainCodeman%2Fmongo-aws-vpc/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CaptainCodeman%2Fmongo-aws-vpc/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CaptainCodeman%2Fmongo-aws-vpc/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/CaptainCodeman","download_url":"https://codeload.github.com/CaptainCodeman/mongo-aws-vpc/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CaptainCodeman%2Fmongo-aws-vpc/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":262213011,"owners_count":23276033,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-11T00:37:44.731Z","updated_at":"2025-06-27T07:34:41.650Z","avatar_url":"https://github.com/CaptainCodeman.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# MongoDB AWS VPC\n\n## Description\n\nA set of cloud formation templates for Amazon Web Services to automatically create a Virtual Private Cloud comprising:\n\n* Public subnet for application instances such as web servers\n* Primary private subnet in same availability zone as public subnet for main database instance\n* Secondary private subnet in alternate availability zone for backup database instance\n* Network ACLs and Securioty Groups to secure traffic to and between subnets and instances\n* MongoDB Replicate Set Master instance with 4 x EBS volumes as RAID-10 logical volume\n* MongoDB Replicate Set Slave instance with single EBS volume for snapshot backups\n* NAT instance to provide external access to private subnet inctances\n* Internal DNS service using DnsMasq based off the instance host names\n* OpenVPN for VPN access to private instances\n* Mongo Monitoring Service (MMS)\n\nNOTE: NAT / DNS / VPN / MMS are all combined in a single t1.micro instance.\n\n## Usage\n\nWhile the templates can be used as-is they are really intended to be a starting point and customized\nfor your specific requirements. In particular, you should not use the public templates from my S3 bucket\neven though they will work because I could change them at any time and you should be in control of your\nown templates in case you want to update the configuration of your cloud formation stack.\n\nSo, download the templates, modify the configuration as required and upload and run them from your own\nAmazon S3 bucket. The bucket name will be combined with the amazon region selected to create the VPC\nfor the path to the templates, e.g.\n\n    https://intesoft-cloudformation.s3.amazonaws.com/us-east-1\n\nInstead of a single monolithic template, I've tried to make things modular to allow re-use and re-purposing.\nFor example, an additional private subnet can easily be added in another availability zone containing\nMongoDB Replica Set Slave instances for automatica failover by re-using the subnet-private.template\nwithin the vpc.template and the mongo-slave.template within the stack.template.\n\n### Parameters\n\n[TODO]\n\nAs well as the public input parameters for the 'should change' options, there are also some Mappings within\nthe stack.template and vpc.template to define parameters used by the MongoDB instances and the VPC networks.\n\nI would especially recommend changing the instance types to t1.micro while experimenting with the templates\nso that you do not incur unecessary AWS charges.\n\n## Notes\n\nI'm not a linux expert by any stretch and this is my first attempt at bash scripting, setting up linux\nor cloud formation templates. Most of the settings are based on best practices from research I've done.\nSo, if anything isn't quite as it should be - please let me know so I can correct it. If anything is\nworking particularly well then you probably have other people to thank than me for it!\n\n### OpenVPN\n\nOpenVPN Access Server is installed on the NAT instance to provide secure access to the private VPC subnets.\n\nThis is an unlicenses trial which provides 2 connections to use. It can be upgraded if required but I am\nintending to replace this with the community edition at some point.\n\n### DNS\n\nI've considered using Amazon Route 53 for the DNS but ended up settling on dnsmasq for the internal DNS.\nThis uses the Name tag of the instance to provide consistent DNS access internally and, if you set the\nDNS server option in the openvpn admin web site, you can also refer to the instances by name when your VPN\nconnection is active.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcaptaincodeman%2Fmongo-aws-vpc","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcaptaincodeman%2Fmongo-aws-vpc","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcaptaincodeman%2Fmongo-aws-vpc/lists"}