Luminate Security offers a Software-as-a-Service application access platform that allows users to connect to any kind of application hosted on any datacenter platform without the need to have a direct network connection. For basic explanation about Luminate and how it works, please refer to this article.
Luminate allows Database Administrators to connect to MongoDB databases hosted in company data centers or in Infrastructure-as-a-Service locations using various methods. This article will explain the required configuration steps and the resulting end-user experience when using RoboMongo and Robo 3T applications.
The below diagram depicts the components of the system:
The basic assumption is that there is no network connectivity between the DBA's PC and the corporate data center and that the access is being done via Luminate Security.
The precondition to accessing MongoDB databases with Luminate is an SSH Server configured in Luminate Administration Portal that has TCP access to the relevant Database Servers. In order to configure this, please refer to this article.
Once the SSH Server / Bastion is configured, following steps need to be taken in order to configure the connections to the databases:
- Get the details of the SSH Server / Bastion that will be used for connection from the Luminate User Portal
a. Log in to the Luminate User portal using your web browser at the following address: https://<your company tenant>.luminatesec.com
b. Choose the relevant SSH Server from the list of the applications (this should be the SSH Server / Bastion that has connectivity to the PostgreSQL Servers inside the corporate datacenter)
c. Copy the "Host Name for SSH Client" and "User Name for SSH Client" fields from the UI:
2. Configure the Server Connection
Below are the connection configuration windows for RoboMongo / Robo 3T clients:
Please use the fields copied in the previous step to configure SSH Host and User fields. The SSH Port number should remain 22. If you are using Luminate Access Token, you should copy it to the Password field (in most clients, when leaving this field empty, the client will prompt for the password during the connection). If you are using Luminate RSA Key, you should download the file from the Luminate User Portal and provide the path to the file in Private Key field.