🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

mongo-atlas-update-whitelist-for-aws

Package Overview
Dependencies
Maintainers
1
Versions
3
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

mongo-atlas-update-whitelist-for-aws

Updates the MongoDB Atlas IP whitelist with IP ranges for AWS services

1.1.0
latest
Source
npm
Version published
Maintainers
1
Created
Source

Home of the mawaws command!

Updates your MongoDB Atlas IP whitelist using the published IP ranges for AWS Services. This makes it easy to allow a whole region so, for example, a Lambda function on any EC2 instance in that region will be able to reach your database. This was built for this exact use case and when you cannot use VPC with EC2 NAT to give your Lambda a predicatable IP.

Install

npm install -g mongo-atlas-update-whitelist-for-aws
mawaws help

Running directly

  • As a pre-requisite, you need to have an API key for MongoDB Atlas. Follow these instructions to get one.
  • We need to get the ID of the group we want to update: 
    mawaws list-groups \
  --user=abcdef \
  --key=4c03c17c-25d8-42fa-a762-bd9c22b5a55a
    ...and you'll see output that looks like: 
    # example output
Listing MongoDB Atlas groups (AKA projects)
Available groups:
  1ab2bf4c3b53b9822afa9364: Project 1
  • Now we perform the update to the whitelist for that project, using the ID from the previous command: 
    mawaws update-whitelist \
  --region=ap-southeast-2 \
  --groupid=1ab2bf4c3b53b9822afa9364 \
  --user=abcdef \
  --key=4c03c17c-25d8-42fa-a762-bd9c22b5a55a

Note: the default service to get IPs for is EC2, if you wish to target a different service, supply the --service param:

mawaws update-whitelist \
  --service=AMAZON \
  ... # continue with other params

Running with docker

  • either pull the pre-built docker image with 
    docker pull tomsaleeba/mongo-atlas-update-whitelist-for-aws:1.1.0
  • or, build the image locally with 
    # after you've cloned this repo
docker build -t tomsaleeba/mongo-atlas-update-whitelist-for-aws:1.1.0 .
  • run the container and pass args like you would to the raw command 
    docker run --rm -it tomsaleeba/mongo-atlas-update-whitelist-for-aws:1.1.0 --help
docker run --rm -it tomsaleeba/mongo-atlas-update-whitelist-for-aws:1.1.0 \
  list-groups --user=abcdef --key=123abc

Running using cron on AWS ECS Fargate

As the list of IP ranges is being updated semi-frequently, it makes sense to run this command on a regular schedule. See the instructions in aws-deploy/README.md for how to set this up.

TODO

  • make delete function that can remove all entries for a region
  • lots more validation of command line params

Keywords

mongodb
mongo
atlas
aws

FAQs

Package last updated on 21 Feb 2021

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Malicious Koishi Chatbot Plugin Exfiltrates Messages Triggered by 8-Character Hex Strings

Research

Security News

Malicious Koishi Chatbot Plugin Exfiltrates Messages Triggered by 8-Character Hex Strings

Malicious Koishi plugin silently exfiltrates messages with hex strings to a hardcoded QQ account, exposing secrets in chatbots across platforms.

By Kirill Boychenko  -  May 19, 2025