How to Connect to Amazon DocumentDB with Python (`pymongo`)
Amazon DocumentDB is a fully managed document database service that supports MongoDB workloads. While it behaves similarly to MongoDB, connecting to it requires a few extra steps โ especially with SSL and replica sets.
In this short guide, I’ll show you how to connect to your Amazon DocumentDB cluster using Python and the pymongo driver.
๐ฆ Prerequisites
Before jumping into the code, make sure you have the following ready:
โ
Amazon DocumentDB cluster (with rs0 as the replica set)
โ
A user and password to authenticate
โ
The AWS-provided SSL certificate
โ
Python 3.7+
โ
The pymongo library
Install pymongo via pip:
pip install pymongo
Download the global CA bundle (required for SSL):
curl -o global-bundle.pem https://truststore.pki.rds.amazonaws.com/global/global-bundle.pem
๐ง Understanding the Connection Requirements
Amazon DocumentDB requires:
-
TLS/SSL enabled (
ssl=true) -
Replica set name specified (
replicaSet=rs0) -
Retryable writes disabled (
retryWrites=false)
๐งช Python Example: check_connection.py
from pymongo import MongoClient
# Replace with your actual credentials and endpoint
username = "myadmin"
password = "**********"
cluster_endpoint = "docdb-dima-1.cluster-xxxxxxxxxxxx.us-east-1.docdb.amazonaws.com"
port = 27017
database_name = "test"
ca_cert_path = "global-bundle.pem" # Path to Amazon CA certificate
# Construct the URI
uri = (
f"mongodb://{username}:{password}@{cluster_endpoint}:{port}/"
f"?ssl=true"
f"&replicaSet=rs0"
f"&readPreference=secondaryPreferred"
f"&retryWrites=false"
)
# Create MongoClient with SSL configuration
client = MongoClient(uri, tlsCAFile=ca_cert_path)
# Access the database and print collections
db = client[database_name]
print(db.list_collection_names())
โ ๏ธ Common Pitfalls
Here are a few gotchas to watch out for:
Networking issues
- Ensure your client can reach the DocumentDB cluster (same VPC, VPN, or public access if configured).
- Port
27017must be open in your cluster’s security group.
SSL certificate mismatch
- Use the exact CA certificate from AWS (download link).
Incorrect replica set name
- DocumentDB uses a static replica set name:
rs0.
Retry writes
- Disable retryable writes:
retryWrites=false. DocumentDB doesn’t support them.
โ
Output Example
If everything is configured correctly, the script will print the list of collections in your specified database:
['users', 'orders', 'logs']
๐ Final Thoughts
Connecting to Amazon DocumentDB is easy once you get past the SSL and replica set nuances. This Python script provides a solid foundation for building apps that securely interact with your DocumentDB cluster.
