Atlas Stream Processing Now Supports Azure and Azure Private Link

Today, we're excited to announce that Atlas Stream Processing now supports Microsoft Azure! This update opens new possibilities for developers leveraging Azure's cloud ecosystem, offering a seamless way to:

• Seamlessly integrate MongoDB Atlas and Apache Kafka

• Effortlessly handle complex and rapidly changing data structures

• Use the familiarity of the MongoDB Query API for processing streaming data

• Benefit from a fully managed service that eliminates operational overhead

Azure support in four regions

At launch, we're supporting four Azure regions spanning both the U.S. and Europe:

We'll continue adding more regions across cloud providers in the future. Let us know which regions you need next in UserVoice.

How it works

Working with Atlas Stream Processing on Azure will feel just like it does already today when using AWS. During the Stream Processing Instance (SPI) tier selection in the Atlas UI or CLI, simply select Azure as your provider and then choose your desired region.

Figure 1: Stream Processing instance setup via Atlas UI

$ atlas streams instances create AzureSPI --provider AZURE --region westus --tier SP10

Figure 2: Stream Processing instance setup via the Atlas CLI

Secure networking for Azure Event Hubs via Azure Private Link

In addition to adding support for Azure in multiple regions, we're introducing Azure Private Link support for developers using Azure Event Hubs. Event Hubs is Azure's native, Kafka-compatible data streaming service.

As a reminder, Atlas Stream Processing supports any service that uses the Kafka Wire Protocol. That includes Azure Event Hubs, AWS Managed Service for Kafka (MSK), Redpanda, and Confluent Cloud. As we have written before, security is critical for data services, and it's especially important with stream processing systems where connecting to technologies like Apache Kafka external to a database like MongoDB Atlas, is required.

For this reason, we're engineering Atlas Stream Processing to leverage the advanced networking capabilities available through the major cloud providers (AWS, Azure, and GCP).

Networking

To better understand the value of support for private link, let's summarize the three key ways that developers typically connect between data services:

1. Public networking

2. Private networking through VPC peering

3. Private networking through private link

Public networking connects services using public IP addresses. It's the least secure of all approaches. This makes it the easiest to set up, but it's a less secure approach than either VPC peering or private networking.

Private networking through VPC peering connects services across two virtual private clouds (VPCs). This improves security compared with public networking by keeping traffic off the public internet and is commonly used for testing and development purposes.

Private networking through private link is even more secure by enforcing connections to specific endpoints. While VPC peering lets resources from one VPC connect to all of the resources in the other VPC, private link ensures that each specific resource can only connect to defined services with specific associated endpoints. This connection method is important for use cases relying on sensitive data.

Figure 3: Private Link allows for connecting to specific endpoints

Ready to get started?

With support for Azure Private Link, Atlas Stream Processing now makes it simple to implement the most secure method for networking across MongoDB and Kafka on Azure.

Public link

Please use the above public link if you want to share this noodl on another website.