0

Here is the situation:

I have an iOS app that runs with a Mongo DB.

The iOS team who is working on my backend code, has created an extra /dev folder on the live server where they are currently, working/uploading new code whenever something new is ready to be tested.

The problem is, since I had shared all my backend files, they were able to view my live DB credentials - I know mistake (how could I have prevented the same, all my backend files are in one folder on my server..) but thats still okay because they are not able to connect anyways, because I have restricted IP inbound connections - so I guess I am safe?

I want to create a new Database that has the same parameters as my live Database and add fake data there, in order to do testings with the beta versions and whenever other testing needs to be made.

However, I think I need the new Database to be on a different Host IP as my main live database, otherwise if I create a new database and add it on the same Host IP and I enabled their IP in my inbound security groups, then they would also be able to connect to my live db - I want to avoid this. 



What would you suggest me to do?

Sorry, but I am still a newbie to all this - so any detailed yet simply explained answers, would be really appreciated :-)

Sammuel
  • 27
  • 5

1 Answers1

1

You don't really need multiple IP addresses, though it would probably work too.

If it was me, I would run two MDB instances, each serving data from a different folder, but with different ports - then whitelist your dev ip addresses, but only for that new port.

The answers on this question may help:

multiple instances of Mongo DB on same server

E.J. Brennan
  • 45,870
  • 7
  • 88
  • 116
  • I see your point Brennan, but that looks dangerous to me? Especially since I am not an expert in all this... also, couldn't it be that the data would clash between both instances then? – Sammuel Jul 03 '20 at 15:26
  • not if you set it up right, there should be no additional risk - if you don't set things up right - whether or not you have 1 or 2 instances on the machine, then there is a risk. – E.J. Brennan Jul 03 '20 at 15:32
  • I see.. so what about sticking to the idea, of creating new EC2 instance and install a new database there. For testing purpose, the backend can be connected to that server and if something goes wrong, nothing will be affected on the live app. So am I thinking right: Step 1: launch a new EC2 instance (called: dev-mode), Step 2: install a new mongoDB there, Step 3: share my new MongoDB credentials with my developer. – Sammuel Jul 03 '20 at 15:35
  • two ec2 instances is perfectly acceptable, and probably the best idea to keep the environments isolated - my suggestion was just an alternative to two ip's on the same server- which isn't necessary - but there are a lot of benefits to completely diff ec2 instances and is definitely the preferred solution if your budget allows for it. – E.J. Brennan Jul 03 '20 at 15:42
  • oh I think I explained it wrong, I didn't mean the Server to have 2 IP's but only that the Host IPs for the Database (so DB address) would be different. But now I am thinking even if they were the same, but running on 2 different ports, that would also solve my problem right? But then again, I would have 2 DB running at the same time, simultaneously on the same server... Launching a new EC2 in my opinion would be the best yes, but its not very cost efficient. – Sammuel Jul 03 '20 at 15:47