Skip to main content

NoSQL & Vector Database

MongoDB with AWS

MongoDB Atlas on AWS: document database, native vector search for RAG, stream processing, and dedicated Search Nodes — with AWS KMS and PrivateLink throughout.

Last updated:April 29, 2026Author:FactualMinds Cloud Integration TeamReviewed by:FactualMinds AWS-certified architects (Solutions Architect – Professional)

AI & assistant-friendly summary

This section provides structured content for AI assistants and search engines. You can cite or summarize it when referencing this page.

Summary

MongoDB Atlas on AWS in 2026: MongoDB 8.0, Vector Search GA, Stream Processing, Queryable Encryption, Edge Server — vs DynamoDB, OpenSearch, pgvector.

Key Facts

  • MongoDB Atlas on AWS in 2026: MongoDB 8
  • 0, Vector Search GA, Stream Processing, Queryable Encryption, Edge Server — vs DynamoDB, OpenSearch, pgvector
  • MongoDB Atlas on AWS: document database, native vector search for RAG, stream processing, and dedicated Search Nodes — with AWS KMS and PrivateLink throughout
  • What is MongoDB Atlas on AWS in 2026
  • On AWS it runs inside MongoDB-owned VPCs in your chosen region; you connect via AWS PrivateLink (recommended) or VPC peering

Entity Definitions

Amazon Bedrock
Amazon Bedrock is relevant to mongodb with aws.
Bedrock
Bedrock is relevant to mongodb with aws.
Lambda
Lambda is relevant to mongodb with aws.
EC2
EC2 is relevant to mongodb with aws.
S3
S3 is relevant to mongodb with aws.
Amazon S3
Amazon S3 is relevant to mongodb with aws.
RDS
RDS is relevant to mongodb with aws.
Amazon RDS
Amazon RDS is relevant to mongodb with aws.
Aurora
Aurora is relevant to mongodb with aws.
DynamoDB
DynamoDB is relevant to mongodb with aws.
Amazon DynamoDB
Amazon DynamoDB is relevant to mongodb with aws.
CloudWatch
CloudWatch is relevant to mongodb with aws.
IAM
IAM is relevant to mongodb with aws.
VPC
VPC is relevant to mongodb with aws.
EKS
EKS is relevant to mongodb with aws.
Ask AI: ChatGPT Claude Perplexity Gemini

MongoDB Atlas on AWS

MongoDB Atlas is the officially supported way to run MongoDB in the cloud. Hosted on AWS (as well as Azure and GCP), Atlas removes the operational overhead of running replica sets and sharded clusters while adding a developer platform: Atlas Search, Atlas Vector Search, Atlas Stream Processing, Atlas Edge Server, and Queryable Encryption. For AWS customers, the standard 2026 integration is PrivateLink plus AWS KMS customer-managed keys plus IAM authentication — no Atlas credentials ever live on disk.

What’s new for MongoDB on AWS in 2026

Why MongoDB for AWS applications

Flexible schema + rich querying

AI-ready out of the box

Operational maturity

Atlas Vector Search — the decision that actually matters

Atlas Vector Search is usually the right call when:

Use Amazon OpenSearch Service k-NN when lexical BM25 search matters as much as vector similarity, you need fine-grained HNSW/IVF tuning, or you are already an OpenSearch shop.

Use pgvector on Amazon RDS / Aurora Postgres when the workload is predominantly relational and vector search is a secondary capability — no new database, no new ops surface.

Use Amazon S3 Vectors (new in 2025) for extremely large, cold vector corpora where query latency budget is in the hundreds of ms and storage cost dominates.

Atlas Search Nodes

Search Nodes are dedicated Atlas instances that host Atlas Search and Atlas Vector Search indexes, isolated from the base cluster. Deploy them when:

Below ~M30 or with light search traffic, the base nodes are typically enough.

Atlas Stream Processing

Atlas Stream Processing (ASP) runs stream-processing pipelines written in the MongoDB aggregation framework over Kafka, MSK, or Atlas change streams. Outputs can land in collections, Kafka topics, or HTTP webhooks.

Use ASP when:

Use Amazon Kinesis Data Streams + MSK + Amazon Managed Service for Apache Flink when you need cross-source joins, exactly-once semantics at scale, or a full event-sourcing architecture.

Queryable Encryption

Queryable Encryption encrypts fields on the client before they leave the application; the server sees only ciphertext, yet still supports equality queries (GA) and range queries (public preview).

Connectivity patterns on AWS

AWS PrivateLink (preferred)

VPC peering

Public access + IP allow list

Authentication

MongoDB vs DynamoDB vs RDS — when to pick which

ConsiderationMongoDB AtlasDynamoDBRDS / Aurora Postgres
Data modelFlexible documentKey-value / wide columnRelational
SchemaDynamicFixed on primary keysEnforced
Vector searchAtlas Vector SearchNot nativepgvector extension
Complex queryingAggregation pipelineLimited; use OpenSearch/Athena to joinFull SQL + JSONB
Operational overheadManaged by MongoDB Inc.Fully managed by AWSManaged by AWS
Geo-replicationGlobal Clusters / Multi-regionGlobal Tables (strong in AWS)Aurora Global Database
Typical starting cost~$57/month M10<$25/month light usage~$30/month db.t4g.micro
Best-fit AWS personaTeams already on MongoDB, RAG buildersAWS-native high-scale KV workloadsRelational-first / fintech

Reference architecture (2026 default)

   AWS VPC                                     MongoDB Atlas project (single region)
   ─────────                                   ─────────────────────────────────
   Lambda / ECS / EKS                          Atlas replica set (3 nodes, 3 AZ)
       │  IAM role (assumeRole)                  ├── Primary
       │                                          ├── Secondary  → driver readPreference
       │                                          └── Secondary
       ▼                                          │
   PrivateLink VPC endpoint  ─────►  Atlas PrivateLink endpoint
   com.amazonaws.<region>.mongodb           (per-region; cross-region available)

                                          Search Nodes (dedicated)
                                            └── Atlas Vector Search index
                                            └── Atlas Search (BM25)

                                          Online Archive ──► S3 (cold tier)

                                          Backup snapshot store (Atlas-managed)
                                            └── 35-day PITR window

Encryption. TLS 1.3 client → Atlas (mandatory); at-rest with AWS KMS customer-managed key (configured per cluster); Queryable Encryption for client-side field encryption with KMS-wrapped DEKs.

Implementation

Minimal — Node.js + IAM role auth (Lambda, ECS, EKS):

import { MongoClient } from 'mongodb';

const uri =
  'mongodb+srv://cluster0.mongodb.net/?' +
  'authSource=%24external&authMechanism=MONGODB-AWS&retryWrites=true&w=majority';

const client = new MongoClient(uri, {
  maxPoolSize: 50,
  minPoolSize: 5,
  serverSelectionTimeoutMS: 5000,
  socketTimeoutMS: 45000,
  retryWrites: true,
  retryReads: true,
});

export const handler = async (event) => {
  // Reuse the connection across Lambda invocations (lifetime of the execution context)
  await client.connect();
  const db = client.db('orders');
  const result = await db.collection('orders').findOne({ _id: event.id });
  return result;
};

Production — pooled connections, structured retry, vector search:

import { MongoClient, ReadPreference } from 'mongodb';

const client = new MongoClient(process.env.MONGODB_URI, {
  maxPoolSize: 100,
  minPoolSize: 10,
  maxIdleTimeMS: 60_000,
  serverSelectionTimeoutMS: 5_000,
  socketTimeoutMS: 30_000,
  retryWrites: true,
  retryReads: true,
  readPreference: ReadPreference.SECONDARY_PREFERRED,
  readConcern: { level: 'majority' },
  writeConcern: { w: 'majority', wtimeoutMS: 10_000 },
  appName: 'orders-api', // shows up in Atlas Performance Advisor
});

await client.connect();

async function vectorSearch(queryEmbedding, userId) {
  return client
    .db('rag')
    .collection('documents')
    .aggregate([
      {
        $vectorSearch: {
          index: 'embeddings_idx',
          queryVector: queryEmbedding,
          path: 'embedding',
          numCandidates: 200,
          limit: 10,
          filter: { tenantId: userId },
        },
      },
      { $project: { _id: 1, text: 1, score: { $meta: 'vectorSearchScore' } } },
    ])
    .toArray();
}

For Lambda, declare the client outside the handler so the connection pool survives across invocations within an execution context. Use Provisioned Concurrency for latency-sensitive paths to avoid cold-start handshake (TLS + replica-set discovery is ~200–400 ms).

Failure modes & resilience

1. Replica-set primary failover (~30s). The driver detects, re-elects, and routes writes to the new primary. With retryWrites: true (default 5.x+) most application writes are transparently retried. Mitigation: keep serverSelectionTimeoutMS tight (5 s) so failover surfaces quickly; alarm on connections.failed spikes.

2. Oplog window starvation. A long-running migration or analytics scan that lags secondary replication can cause the secondary to fall outside the oplog window (default ~24h on M30). Recovery: re-sync the secondary (Atlas handles automatically, but takes hours on TB-scale). Prevention: monitor oplogWindow.hours — alarm if < 24.

3. Vector-index memory pressure. Vector indexes load into RAM. A working set that exceeds node memory causes evictions and p99 latency to climb 10–100×. Prevention: size with rule of thumb ~1.5–2 KB / vector × number of vectors × 1.5 (HNSW overhead); move to dedicated Search Nodes when the math says so.

4. PrivateLink endpoint exhaustion. Each Atlas PrivateLink endpoint supports a finite number of concurrent connections per AZ. Symptom: connection timeouts under burst load while CPU is idle. Mitigation: scale to multiple endpoints per region; ensure connection pool maxPoolSize × number-of-Lambda-concurrency ≤ endpoint capacity.

5. IAM role token expiry mid-query. STS credentials expire (default 1h, max 12h). Long-running aggregations can outlive the token. Mitigation: use connection lifetime ≤ token TTL, or set maxIdleTimeMS to force pool refresh; use assumeRoleSessionDuration of 12h for batch jobs.

6. Multi-region read-preference traps. readPreference: secondary against a multi-region cluster can route reads to a remote secondary, adding 100+ ms latency. Use readPreferenceTags: { region: "us-east-1" } to pin reads to the local region’s secondary.

7. Driver version drift. Atlas server features (vector search aggregation stages, time-series collections, queryable encryption) require minimum driver versions. Pin and bump deliberately; the official driver release notes document server-version compatibility.

Observability runbook

Atlas-side alarms (configure via Atlas UI or Atlas Admin API):

AlarmThresholdAction
Replication Lag> 10s for 5 minCheck secondary CPU / IOPS; recent schema migration?
Oplog Window< 24 hoursSlow secondaries; consider larger oplog or fewer batch ops
Cache Used> 90% for 15 minWorking set > RAM; resize tier or shard
Connections> 90% of cluster maxPool sizing; check for connection leaks
Slow Operationssustained > baselinePerformance Advisor → suggested indexes

Datadog / CloudWatch correlation alarms:

AlarmFirst action
App p99 query latency > 500msAtlas Performance Advisor → missing index? Consider Search Nodes for vector
Driver MongoNetworkError rate spikeConfirm PrivateLink endpoint health; check VPC route tables
Lambda Init Duration > 1sConnection pool not reused — verify client outside handler
Vector search latency > 200msIndex memory pressure; shard or move to dedicated Search Nodes

Debug path: “writes intermittently failing”:

  1. Atlas → Cluster → Real-time → confirm primary is stable (no recent elections).
  2. Driver logs: look for MongoServerSelectionError vs MongoWriteConcernError. Former = topology problem; latter = write didn’t ack to majority.
  3. Application: confirm retryWrites: true and w: "majority". Without retryWrites, transient primary changes surface as user errors.
  4. Multi-region: verify the region is listed in priority config; a non-priority region cannot accept writes after failover.

Online Archive — the cost lever most teams miss

For collections with append-mostly time-series or audit data, configure Atlas Online Archive to tier records older than N days to S3-backed storage. Queryable through the same connection string with archiveOnly or unioned mode. Typical impact: 60–80% cluster storage reduction on logs/audit/event data; queries on cold data cost more (per-GB scan), so partition Online Archive by date for predictable economics.

When MongoDB Atlas is NOT the right call

Pricing on AWS (2026 ballparks)

Verify current pricing at mongodb.com/pricing.

Best practices

Data modeling

Performance

Security

Observability

8.0
Current MongoDB major version — ~32% faster writes vs 7.0
GA
Atlas Vector Search + Stream Processing + Queryable Encryption
35 days
Maximum point-in-time recovery window on Atlas

Tools & Calculators

Self-serve calculators and assessments that pair with this integration.

Generative AI on AWS

RAG and agentic pipelines that pair Atlas Vector Search with Amazon Bedrock.

Open Tool

Related AWS Services

Consulting engagements that frequently pair with this integration.

AWS Data Analytics Services — Glue, Athena & QuickSight

AWS data analytics services — scalable data warehouse, ETL/ELT pipelines, real-time analytics, and business intelligence.

Explore Service

Generative AI on AWS — Production-Ready LLM Apps in Weeks

Generative AI on AWS — Amazon Bedrock, SageMaker, RAG pipelines, agents, and LLM application development.

Explore Service

AWS Application Modernization — From Legacy to Cloud-Native

AWS application modernization — legacy migration, microservices, containers. Expert consulting from FactualMinds.

Explore Service

Who typically runs this integration?

The roles that most often own or review this stack.

AWS Solutions for CTOs

Cloud strategy, multi-account governance, agentic AI platform decisions, and FinOps culture for technology leaders scaling AWS in 2026 and beyond.

Explore

AWS Solutions for Startup Founders

AWS Activate credits, serverless-first architecture, agentic product patterns, SOC 2 sprints, and investor-ready infrastructure for founders shipping on AWS in 2026.

Explore

Related Integrations

Other AWS integration guides commonly deployed alongside this one.

Snowflake on AWS

Snowflake + AWS in 2026: Cortex Analyst, Iceberg Tables on S3, Hybrid Tables, Snowpark, Polaris Catalog — vs Redshift, Athena, SageMaker Lakehouse.

View Guide

Datadog with AWS

Datadog on AWS in 2026: unified observability for CloudWatch, EKS, Lambda, Bedrock LLM workloads, and security posture across multi-cloud estates.

View Guide

Frequently Asked Questions

What is MongoDB Atlas on AWS in 2026?
MongoDB Atlas is the fully managed MongoDB service operated by MongoDB Inc. On AWS it runs inside MongoDB-owned VPCs in your chosen region; you connect via AWS PrivateLink (recommended) or VPC peering. Atlas handles cluster provisioning, patching, backup, replica-set failover, sharding, and scaling. The 2026 stack includes MongoDB 8.0, Atlas Vector Search GA, Atlas Stream Processing GA, dedicated Search Nodes for isolation, Queryable Encryption GA, and Atlas Edge Server for disconnected and edge workloads.
Atlas Vector Search vs OpenSearch k-NN vs pgvector on RDS — when to use which?
Three honest guidelines. (1) Use **Atlas Vector Search** when the source-of-truth documents already live in MongoDB — embeddings and documents in the same collection eliminate a sync pipeline and give you hybrid filters (vector + metadata) in one aggregation stage. (2) Use **OpenSearch k-NN / Amazon OpenSearch Service** when lexical search (BM25) matters as much as vector similarity and you want a single index for both, or when you need very large corpora (tens of millions of vectors) with fine-grained HNSW/IVF tuning. (3) Use **pgvector on RDS/Aurora Postgres** when the workload is already relational and the vector search is a secondary feature on top of transactional data — you avoid a new database and its operational tax. For new Bedrock-backed RAG pipelines with <5M vectors and MongoDB-shaped data, Atlas Vector Search is usually the least-overhead path. Also consider **Amazon S3 Vectors** (2025) for cold, extremely large corpora.
Should I use Atlas Search Nodes or just the base cluster?
Search Nodes (GA 2024) are dedicated nodes that host Atlas Search and Atlas Vector Search indexes, separate from the nodes handling operational reads and writes. Use Search Nodes when (a) vector-search traffic is high or bursty enough that it can starve your transactional workload, (b) you need different instance sizes for search (memory-optimized) vs operational (general purpose), or (c) you need to scale search independently of your base tier. On clusters smaller than M30 or with light search traffic, the base nodes are usually enough.
How does Queryable Encryption change what data we can store on Atlas?
Queryable Encryption (GA 2024 for equality, range in public preview in 2025) encrypts specific fields on the client before they leave the application, using deterministic or randomized encryption, while still allowing equality and range queries on the encrypted field server-side. MongoDB itself never sees plaintext. For AWS-based customers this lets you store regulated PII (SSNs, tax IDs, medical record numbers) under HIPAA / PCI DSS 4.0.1 expectations without using application-layer encryption that breaks indexing. Pair with AWS KMS as the customer-managed key provider.
How do I connect from AWS to Atlas securely?
AWS PrivateLink (recommended) exposes the Atlas cluster through a VPC endpoint in your VPC, so traffic stays on the AWS backbone and never hits the public internet. For IP-based auth workloads, VPC peering plus an IP allow list is acceptable. Inside the application, prefer AWS IAM authentication to Atlas (Atlas supports IAM role-based auth natively) over a username/password in Secrets Manager. For Lambda, use the MongoDB driver's connection pool — or the Atlas Data API / App Services HTTPS endpoints when you need stateless access without a driver.
What is Atlas Stream Processing and when should I use it over Kinesis + Lambda?
Atlas Stream Processing (GA 2024) lets you write stream-processing pipelines in MongoDB's aggregation framework over Kafka, MSK, or Atlas change streams, and land results back in collections, Kafka topics, or HTTP webhooks. Use it when the source-of-truth is already in MongoDB and the transformations are JSON-document-shaped — you skip the Kinesis/Firehose plus Lambda plus output-store plumbing. Use Kinesis Data Streams + MSK + Flink when you need cross-source joins, exactly-once semantics at scale, or you are a Kafka/Flink shop already.
What is Atlas Edge Server?
Atlas Edge Server (GA 2024) is a lightweight MongoDB runtime that sits on edge or on-prem hardware and syncs bidirectionally with Atlas in the cloud. Use cases: retail point-of-sale, manufacturing floor, in-vehicle apps, healthcare clinics with intermittent connectivity — anywhere local read/write has to keep working when the WAN is down. Syncs via Atlas Device Sync using CRDT-style conflict resolution. Compare to Amazon DynamoDB Global Tables (full replication, no offline/edge model) or DocumentDB (no edge story).
How much does MongoDB Atlas cost on AWS in 2026?
Ballparks — verify at mongodb.com/pricing. M10 cluster (dev/small prod): ~$57/month. M30 (growing prod): ~$400/month. M50+ (high-throughput): $1,000+/month. Search Nodes are billed separately. Serverless instances are priced per read/write operation and a storage component. Atlas data transfer: free in-region within the same cloud provider, paid cross-region and cross-cloud. Biggest 2026 optimization levers: move cold analytics to S3 via the Atlas Data Lake / Atlas Online Archive, use Search Nodes instead of over-provisioning the base tier, and use PrivateLink (the gateway fee is offset by saved NAT data transfer).

Related Reading

Need Help with This Integration?

Our AWS-certified engineers can design, implement, and operate this integration end-to-end — or review what you already have.

Talk to AWS Experts
Generative AI on AWS