MongoDB Configuration and Installation
Firewall Configuration
Inbound Rules
| Type |
Protocol |
Port Range |
Sources |
| ICMP |
ICMP |
- |
10.131.0.0/16 |
| SSH |
TCP |
22 |
Bastion (tag) |
| Custom |
TCP |
27017 |
10.131.43.239, mg-ub-web-001, mg-ub-web-002, mg-ub-web-003, mg-ub-web-004, ProductionConsumers (tag), ProductionWebsocket (tag), Webserver (tag) |
Outbound Rules
| Type |
Protocol |
Port Range |
Destinations |
| ICMP |
ICMP |
All ports |
All IPv4, All IPv6 |
| All TCP |
TCP |
All ports |
131.226.32.251, Webserver (tag) |
| DNS TCP |
TCP |
53 |
All IPv4, All IPv6 |
| HTTP |
TCP |
80 |
All IPv4, All IPv6 |
| HTTPS |
TCP |
443 |
All IPv4, All IPv6 |
| Custom |
TCP |
587 |
All IPv4, All IPv6 |
| Custom |
TCP |
27017 |
Webserver (tag) |
| All UDP |
UDP |
All ports |
Webserver (tag) |
| DNS UDP |
UDP |
53 |
All IPv4, All IPv6 |
Installation
Add repo to yum sources
[MongoDB]
name=MongoDB Repository
baseurl=http://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/4.2/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-4.2.asc
Configuration
Modify WAF access to only allow 27017 access from webservers. No other configuration needed.
Last modified by: Unknown