Set up VPC Peering Connection


This feature is not available for M0 (Free Tier), M2, and M5 clusters. For more information, see Atlas M0 (Free Tier), M2, and M5 Limitations.

Atlas supports VPC peering connections for AWS-backed clusters. Atlas does not support VPC Peering for clusters deployed on Google Cloud Platform or Microsoft Azure. For Atlas clusters deployed on GCP or Azure, add the IP addresses of your GCP or Azure services to Atlas project IP whitelist to grant those services access to the cluster.


To set up a VPC peering connection, you must be the project owner.

From the Clusters view, select the Security tab, then click Peering, then New Peering Connection.



Optional: Enable DNS hostnames and DNS resolution in AWS.

Enabling DNS hostnames and DNS resolution can result in faster VPC peering.


AWS VPC resolves hostnames in an Atlas cluster to their private IP addresses when you enable DNS resolution. You can use these DNS entries to connect to hosts in your Atlas cluster from the peered VPC since AWS handles resolving the peered hostnames automatically.

  1. Log in to your AWS account.
  2. Go to the VPC dashboard.
  3. Open your list of VPC resources.
  4. Select the VPC you want to peer with.
  5. Enable DNS hostnames and DNS resolution. See Updating DNS Support for Your VPC for further documentation on how to enable these options.

Go to VPC Peering view.

From the Clusters view, select the Security tab, then Peering.

Click New Peering Connection.


Enter required information in the Peering Connection Dialog.

To create the VPC Peering connection, fill in the requested information:

Field Notes
Account ID AWS Account ID of the owner of the peer VPC. Refer to the dialog for instructions on finding your AWS Account ID.
VPC ID The ID of the peer VPC. Refer to the dialog for instructions on finding your VPC ID.

The peer VPC CIDR block or subset. Must not overlap with your Atlas CIDR Block or any other peering connection VPC CIDR.

The CIDR block must be in one of the following private networks:

  • - (10/8 prefix)
  • - (172.16/12 prefix)
  • - (192.168/16 prefix)

You can choose to add the VPC CIDR block address (or a subset) to the whitelist. For VPC peering connections, you can also add the Security Group associated with the peer VPC instead of the CIDR block. See Configure Whitelist Entries.

See RFC 4632 for more information about CIDR blocks.

Application VPC Region

AWS region where the peer VPC resides.

Atlas creates a VPC for the Atlas project in this region if no M10+ clusters or VPC peering connections exist for the selected Region.


The Atlas VPC CIDR block. Must not overlap with the peer VPC CIDR block.

Atlas uses the specified CIDR block for all other VPC peering connections created in the project.

The Atlas CIDR block must be at least a /24 and at most a /21 in one of the following private networks.

  • - (10/8 prefix)
  • - (172.16/12 prefix)
  • - (192.168/16 prefix)

Atlas locks this value if an M10+ cluster or a VPC peering connection already exists. To modify the CIDR block, ensure there are no M10+ clusters in the project and no other VPC peering connections in the project. Alternatively, create a new project and create a VPC Peering Connection to set the desired Atlas VPC CIDR block for that project.


Atlas limits the number of MongoDB nodes per VPC based on the CIDR block and the region selected for the project. For example, a project in an AWS region supporting 3 availability zones and a Atlas CIDR VPC block of /24 is limited to the equivalent of 27 3-node replica sets.

Contact MongoDB Support for any questions on Atlas limits of MongoDB nodes per VPC.

Atlas VPC Region

AWS region where the Atlas VPC resides.

Uncheck Same as application VPC region to select a different region than where the application VPC resides.


Click Initiate Peering.


Wait for approval of peering connection request.

The owner of the peer VPC must approve the VPC peering connection request. Ensure that the owner approves the request.

Atlas provides instructions for approving the connection request.


Requests expire after 7 days.


Add to route table.

  1. In the VPC Dashboard, click Route Tables.

  2. Select the Route Table for your VPC.

  3. Click the Routes tab.

  4. Click Edit Routes.

  5. Click Add route.

  6. Add the Atlas VPC’s CIDR block to the Destination column.

  7. Add the AWS Peering Connection ID to the Target column.

    This value is prefixed with pcx-.

  8. Click Save.

Once set up, you can edit or terminate VPC peering connection from the Peering table.

To use, you must add your VPC CIDR block address (or subset) or the Security Group associated with the peer VPC to the whitelist.