Atlas
- A brief description of what you are looking to do
- How you think this will help
- Why this matters to you
152 results found
-
Cluster Termination Protection
It is possible to quickly delete an entire cluster, for example through terraform, if you're not careful.
It would be great to have a "Termination Protection" feature that can only be disabled in the Admin UI and not via the public APIs.
In terraform I could then enable it like so
resource "mongodbatlas_cluster" "my_cluster" { enable_delete_protection = true }When I would run
terraform destroythe cluster should not be destroyed and instead the API returns an error saying that the Cluster has Termination Protection enabled. If I want to disable it, I can login to the Admin UI, select…66 votesYou can now set "Termination Protection" for your Atlas cluster. For more information, see https://www.mongodb.com/docs/atlas/cluster-additional-settings/#termination-protection
-
Allow creation of a free cluster (M0) through the API
Through the API it is possible to create several projects within an organization, and as far as I understand you offer 1 free cluster per project....
So, why not create the M0 cluster also through the API? (considering the limitation of only 1 for the project, of course)
This would be of great help for integrations that automatically generate small test environments for certain applications that plan to use atlas as a database server.
4 votesHi Bruno,
Thank you for taking the time and raising this feedback. We believe it’s crucial to support you and development teams in integrating MongoDB with your CI / CD pipeline. For example by enabling generation of small test environments using M0 clusters.
With that in mind, we’re happy to share that this capability has been recently added to our Public APIs as well as MongoCLI. To learn more and read about other new capabilities we’ve added, visit https://docs.mongodb.com/mongocli/stable/release-notes/Thank you again for sharing your idea and keep it coming.
All the best,
Jakub -
Annual Snapshot Retention Policy Option
I have customers that would like the ability to retain annual snapshots going back 5 or so years for compliance reasons. Currently, you can do this with monthly snapshots by retaining for 5*12 months, but then you have to store all the monthly snapshots in between.
25 votesAs of March 2024, Atlas Backups now have a yearly snapshot frequency option in the UI and API. This is also available in our Terraform MongoDB Atlas Provider v1.16.0
-
Terraform resource to add users to an existing team
You can automate this :) https://docs.atlas.mongodb.com/reference/api/teams-add-user/
1 vote -
Atlas API Enhancements
Since we want to automate the user (de)provisioning for organizations and projects, we would like to see the following API enhancements:
Please enhance the Mongo Atlas API for the following functionalities:
- invite (existing mongo) user to organization (currently not possible)
- remove user from organization
- get invitation status from user
- cancel invitation for userThank you
8 votesThe work for invite management has been completed and added as endpoints to organizations and projects: https://docs.atlas.mongodb.com/reference/api/projects/ and https://docs.atlas.mongodb.com/reference/api/organizations/
-
Possibility to change 'frequency_type' of snapshot backup policy item via Terraform
Hi,
I’m facing an issue about Snapshot Backup Policy creation/modification via Terraform ( FYI, I open a case to the support of MongoDB https://support.mongodb.com/case/00668262). Let me explain :
When I want to create a MongoAtlas Cluster via terraform, I want to apply a custom Snahsphot Backup Policy with ONLY 2 items during the creation of the cluster :
N° Item Frequency type Frequency Retention
0 Daily 1 7 Days
1 Weekly 1 (Saturday) 4 weeksHowever, during the creation of the mongo atlas cluster, I can see an error
Error: Error applying plan:1 error occurred:
* module.cluster…28 votesThe Cloud Backup policy has been completely reworked as of provider version 1.0.0, with a few more fixes in 1.0.1 (coming shortly). This should address the pain points that have been raised here and elsewhere.
-
Add Test Failover permissions to the Project Cluster Manager role
Add Test Failover permissions to the Project Cluster Manager role.
Use Case:
We'd like to have folks with this permission without also allowing them to modify Project membership and all the other permissions that come with being an Owner.4 votes -
1 vote
For Atlas UI authentication via SAML SSO please use Federated Authentication https://docs.atlas.mongodb.com/security/federated-authentication/
For Database authentication you can use Workforce Identity Federation with OIDC: https://www.mongodb.com/docs/atlas/workforce-oidc/
For your application access with GCP service accounts or Oauth2, you can use Workload Identity Federation: https://www.mongodb.com/docs/atlas/workload-oidc/
-
Support native Azure authentication for the DB, e.g. service principal
Customers often want centralized permissioning for the database and LDAP is not generally supported well in the cloud. If a customer is using Azure, they want us to support Azure AD for database authentication. I believe that means using service principals
32 votesYour applications can now access Atlas Clusters with Azure Service Principals including Azure Managed Identities using MongoDB Workload Identity Federation (https://www.mongodb.com/docs/atlas/workload-oidc/). The feature is supported by MongoDB 7.0.11 dedicated clusters (M10 and above).
For your workforce access, we recommend to use Workforce Identity Federation (https://www.mongodb.com/docs/atlas/workforce-oidc/) with your corporate identity provider such as Azure Entra ID.
Thank you for your feedback.
-
more information in AWS IAM audit logs
We are using MongoDB-AWS for authentication, and have set up the audit log to log events taken by AWS roles. However, there is insufficient information in the logs to identify who is doing those actions, as roles can be assumed by multiple people.
An example log line in the current audit log:
{ "atype" : "authenticate", "ts" : { "$date" : "2021-01-05T00:21:52.628+00:00" }, "local" : { "ip" : "192.168.248.203", "port" : 27017 }, "remote" : { "ip" : "172.31.0.5", "port" : 54195 }, "users" : [ { "user" : "arn:aws:sts::555555555555:assumed-role/developer-role/", "db" : "$external" } ], "roles" : [ {…4 votesThe full ARN including the user information is now captured in audit logs when AWS IAM authentication is used with assumed roles. This is a delayed update; the change was made in 2021. Thank you for your feedback to make MongoDB better.
-
Need access to the REST API for IdP Federation
Currently all IdP federation set up must be done in the Atlas GUI. This prohibits scripting the setup of IdP organization and role mapping for new projects.
Customers can prefer setting this up via a scriptable Rest API interface for a new project. Everything else about the project has an API that is currently used to create projects and deploy clusters. Authentication is important part of the process and currently requires manual set up through the GUI.
3 votes -
Tag/label project
Give the ability to tag/label a project
8 votes -
Integration with Microsoft Teams
Add third-party service integration for Microsoft Teams, as we do for Slack.
Most likely the following can be leveraged to achieve the integration: https://docs.microsoft.com/en-us/graph/teams-proactive-messaging28 votesThis is now available! You can find the integration on the integrations page in Cloud. Documentation to follow in coming days.
-
"Chaos testing" for Atlas - simulate node(s) down
The current "Test Failover" feature supports testing application/driver resiliency in case of elections. For additional testing, we want to be able to cause a node or nodes to be shut down and started up in a cluster. There should be selectivity allowing the entire node or just the mongod or mongos process to be shut down and started up.
33 votes -
Support the regions parameter of a network peering container
In the API documentation you mention a regions parameter usable when creating a network container with a network smaller than /18. In terraform there is no such parameter. I would like to see that supported (for creating networks smaller than /18 on GCP).
See: https://docs.atlas.mongodb.com/reference/api/vpc-create-container/#request-body-parameters
2 votesThis work is completed and in v0.9.0 of the provider.
-
Allow to set teams to users by Federated Authentication
When an Atlas User logs in by a Federated Authentication (like Okta) there is only a "Default User Role" to control its permission, so all users get the same role. And after that, we must manually add to teams, or change their roles. It would be better to allow the IdP to set (and update) the groups/teams for each user automatically.
32 votesThis has been released —> https://docs.atlas.mongodb.com/security/manage-role-mapping
You can now map IDP groups to Atlas Roles between Orgs and Projects. We do not support mapping to teams, that is not planned.
-
Expose minRetentionHours oplog option
MongoDB 4.4 introduces the new minRetentionHours for the oplog.
Currently this option is not exposed in the Atlas UI and the command replSetResizeOplog is not allowed.
Would be nice to have this option available in Atlas (and be accessible via Terraform too)8 votes -
in the explorer -> 'Global Writes' tab: compound shard key should support unique index property
set the compound index created during the Global Cluster configuration to be set as unique
today there is no option for that and it's a very basic need for those who using global clusters.
1 voteThis is a timely piece of feedback as we have been working behind the scenes to make this possible! I’d like to share some good news: Atlas now allows you to use a unique index as the shard key of a global writes collection. This capability allows you to enforce a unique constraint on the entire shard key combination. See https://docs.atlas.mongodb.com/data-explorer/global-writes/#procedure for more details.
-
LDAP configuration using Terraform
We would like to be able to use Terraform to configure LDAP authentication/authorization on projects.
The functionality is available via the API:
https://docs.atlas.mongodb.com/reference/api/ldaps-configuration/However, go-client-mongodb-atlas does not have these endpoints implemented, so that would need to be done before this functionality is included in the provider.
36 votesLDAP is now available in versions 0.9.0 of the provider.
-
Ability to delete account
I really need to delete my account as this is not what I am looking for.
5 votesHello,
I just want to update this ticket that self-serve account deletion is supported since August 2021. Please note that once you delete your Atlas account, you cannot use the same email to create a new Atlas account.
- Don't see your idea?