Atlas
- A brief description of what you are looking to do
- How you think this will help
- Why this matters to you
1258 results found
-
Enforce MFA for google login users
Our organization needs to enforce MFA for users signing in with google login. Is there any way to do it other than "Require MFA"?
1 vote -
Create an AtlasRole custom resource
Currently roles are configured as a list inside the AtlasProject resource. I propose managing these as individual AtlasRole custom resources instead.
Consider a typical microservice based application with several microservices deployed by individual Helm charts, each sharing the same project and cluster. In this scenario the app developer may want to create custom roles for each app / group of apps with access to certain collections, eg to stop them from being able to read collections with sensitive data
Currently it is possible for apps to create their own users, but those users must assume one or more existing roles.…
1 vote -
Data Usage Reporting & Improved Profiler
The Current Problem:
The existing issue stems from MongoDB's inability to provide concrete evidence supporting the data charges for your data usage. This predicament becomes especially troublesome when your system typically operates within a data usage threshold of less than 100GB daily. Suddenly, over a span of 7 days, you are billed for data usage exceeding 1000-2000GB daily, only to subsequently revert to using less than 100GB daily. The absence of substantiated evidence leaves you in a quandary, unsure whether the issue lies with your system or is a reporting error on MongoDB's part. MongoDB Support relies on the slowest…1 vote -
Ability to have UI Users with access to list Indexes but not browse collection documents
We'd like to have users that are read-only and that have access to see metrics and list indexes but not do operations or be able to explore the collection documents.
This is important for application developers to be able to operate their databases without needing to have read access to contents.
1 vote -
Hyperlink to "all cases" that's under the "create new case" link
To access the support portal from the projects page:
- Navigate to Support to the left side of the page
- Click on Visit Support Portal button under Request Support
It will be easier to navigate if a hyper link of "all cases" can be added to "create new case" from the "get help" drop down as in screenshot attached.
2 votes -
Remove the requirement to have an API Access List CIDR before being able to manage backup schedules
The issue is described in this github issue, specifically in the linked comment: https://github.com/mongodb/terraform-provider-mongodbatlas/issues/222#issuecomment-855905952
Here is the requirement as described in the API docs: Remove All Cloud Backup Schedules
Removes all cloud backup schedules for the specified cluster. "This schedule defines when MongoDB Cloud takes scheduled snapshots and how long it stores those snapshots. To use this resource, the requesting API Key must have the Project Atlas Admin role and an entry for the project access list."
https://www.mongodb.com/docs/atlas/reference/api-resources-spec/#tag/Cloud-Backups/operation/deleteAllBackupSchedulesOur request is that the requirement to have an API Access List to manage backup policies be removed.
At the very least,…
3 votes -
Monitoring Metrics on dhandle
We'd like to monitor the WiredTiger dhandle over the time, directly from Cloud Atlas Monitoring view. It would allow to directly see the impact when updating cluster settings.
We'd like also being able to configure alert triggers on it, the goal for us is being alerted when an excessive amount of files (collections & indexes) is loaded into the MongoDB Memory, to avoid reaching an Out Of Memory error.
2 votes -
prometheus integration to use PrivateLink
There is a possibility to integrate Prometheus into an Atlas project.
However, for enabling this integration, one needs to add Prometheus's IP address in the IP Access List.
This procedure has 2 flaws in it:
1. Prometheus runs as pods on some use-cases, meaning that its IP is ephemeral.
2. For projects that work solely with PrivateLink enabled and no open IP in the IP Access List, one cannot use the Prometheus integration (already talked with support about that).The improvement here is to add the Prometheus integration to work as well in "PrivateLink-only" mode.
74 votes -
Improve Atlas suggested indexes
Suggested indexes
- Currently it will suggest indexes that can't be created, such as with multiple array fields.
-- This should be detectable before suggesting an index.
-- Highlight array fields in the suggested index
- Include partial index expressions
- Make more than one suggestion for queriesTrying to create an index that contains multiple array fields (for some documents being indexed) won't fail until it hits one such document.
- Pre-parse to first confirm the fields being indexed don't include more than 1 array for the index?
- Pre-parse and inform the user if any of the fields…2 votes -
Incremental backup on Serverless Instances
Hey,
I would like to know when the access read/write of the "oplog" collection in the "local" database will be enabled in Serverless instances. I need this access for making an incremental backup/restore of the database. The doc does not explain the reason of this limitation and I would like understand why.
There is mainly 2 reasons of my request. First is for a local backup/restore for dev purpose, I don't need/want to restore all the databases each time in local due to the size and time consuming from the restore. The second one is that if I need to…
1 vote -
enable a specific set of tags to go in the logs.
Enable a specific set of tags to go in the logs.
1 vote -
attribute based access control on the roadmap? Authorization based on tag value
attribute based access control on the roadmap? Authorization based on tag value
1 vote -
Include IdP Group and Atlas Role mapped in the ROLE_MAPPING_CREATED event
When an Atlas Role is mapped to an IdP group in the Federation Management Console, an event is created with the eventTypeName "ROLEMAPPINGCREATED" and the description "A Role Mapping was Created". The event returns in both the Atlas Admin API events endpoint and the Organization Alerts. It would be beneficial for auditing to include the IdP group and Atlas Role in the event.
2 votes -
Prevent exposure of Azure Vault or KMS
Today Mongodb communication with the BYOK key is by internet, it is necessary to allow public IPs:
https://learn.microsoft.com/en-us/azure/key-vault/general/private-link-service?tabs=portal
https://learn.microsoft.com/en-us/security/benchmark/azure/baselines/key-vault-security-baseline
1 vote -
Share API key cross organizations
Today, it's not possible to share an API key between different organizations (https://www.mongodb.com/community/forums/t/sharing-api-key-between-different-organizations/190785/13)
It makes it impossible to restore snapshots from one organization to another automatically.It's very important for us, as we need this feature to clone our customers clusters into our organization
16 votes -
More documentation about alert
It would be great if there were a doc explaning what each Alert Event Types means (and even that could give us some examples). And the same documentation should explain wich alerts have thresholdconfig or metricthreshold_config.
The documentation that I have found with a little explanation is thw below (and it shows some alerts type that don´t work)
Example: OPLOGBEHIND => When trying to use this one on terraform, it returns an error saying it does not exist (the one that works is: REPLICATIONOPLOGWINDOWRUNNING_OUT)https://www.mongodb.com/docs/ops-manager/current/reference/alert-types/#user
2 votes -
API KEY - Restrict by Database
Since Mongodb Clients cannot be used in Edge Runtimes (like Vercel, Cloudflare, etc.) the user of Data API becomes inevitable. The Data API access should have same features like user roles where we can restrict an API KEY or an ENDPOINT to have acccess to a single database or multiple database.
2 votes -
Serverless instances on AWS Paris (eu-west-3) region
We are impatiently awaiting the arrival of serverless in France. A lot of projects are needed !
11 votes -
Online archive delete possibility
To free up space in the Online Archive (OA) and comply to GDPR . It would be good to delete not only by "age" the data in an OA, but also by a customize query, similar like the option the data is transferred to the OA from a collection. (A custom query. Atlas runs the query specified in the archiving rule to select the documents to archive. - https://www.mongodb.com/docs/atlas/online-archive/manage-online-archive/)
11 votes -
better index usage
Currently most of our indexes show a usage of <1/min which isn't very useful. If I hover over them I can see the usage which might say 20/day but I would prefer to not have to hover.
1 vote
.png){kind=link}
- Don't see your idea?