Atlas
- A brief description of what you are looking to do
- How you think this will help
- Why this matters to you
151 results found
-
Recovery after cluster delete
Cloud Backups should be recoverable even after a cluster delete otherwise they can't really be considered backups. One way to do this would be to allow for automated backup downloads to customer specified cloud provider storage.
6 votesHello,
I am pleased to announce that in Atlas you now have an option to retain all backups when terminating an M10+ cluster.
When you terminated a cluster through the Atlas Ui, on the termination confirmation pop up, you will now see an additional toggle labeled "Keep existing snapshots after termination". If you select this option when terminating your cluster, all of your backups for that cluster will be retained.
You can also choose to retain you backups for a cluster when deleting a cluster through the Atlas Administration API. When deleting a cluster through the API, you can include the retainBackups parameter and this will retain all of your backups after termination as well.
You can view or use the backups from a terminated (or other active) M10+ cluster by selecting the "Backup" tab in the left side navigation of the Atlas UI.
As I mentioned…
-
Automatic backup outside Atlas
For DR strategy, one need to have its backups outside Atlas.
This can be achieved in several ways. Some are:
- Provide APIs to download the current backups and let the customers automate this on their side
- Write backups in the customer provided cloud account (aws s3, azure blob stroage...) My favorite optionI found many ideas related to my needs, but they were too specific. This need is more general: just provide a way to have backups automatically outside of atlas.
5 votesThis feature has been released, you can see how to utilize it here —> https://docs.atlas.mongodb.com/backup/cloud-backup/export/
-
in the explorer -> 'Global Writes' tab: compound shard key should support unique index property
set the compound index created during the Global Cluster configuration to be set as unique
today there is no option for that and it's a very basic need for those who using global clusters.
1 voteThis is a timely piece of feedback as we have been working behind the scenes to make this possible! I’d like to share some good news: Atlas now allows you to use a unique index as the shard key of a global writes collection. This capability allows you to enforce a unique constraint on the entire shard key combination. See https://docs.atlas.mongodb.com/data-explorer/global-writes/#procedure for more details.
-
Support multi-cloud
Support multi-cloud as available in the Atlas UI
7 votesThis has been released in the latest Terraform MongoDB Atlas Provider, https://registry.terraform.io/providers/mongodb/mongodbatlas/latest/docs/resources/advanced_cluster Thank you!
-
9 votes
-
Terraform resource to add users to an existing team
You can automate this :) https://docs.atlas.mongodb.com/reference/api/teams-add-user/
1 vote -
1 vote
Version 0.9.0 of the provider now supports arm64.
-
1 vote
For Atlas UI authentication via SAML SSO please use Federated Authentication https://docs.atlas.mongodb.com/security/federated-authentication/
For Database authentication you can use Workforce Identity Federation with OIDC: https://www.mongodb.com/docs/atlas/workforce-oidc/
For your application access with GCP service accounts or Oauth2, you can use Workload Identity Federation: https://www.mongodb.com/docs/atlas/workload-oidc/
-
Allow creation of a free cluster (M0) through the API
Through the API it is possible to create several projects within an organization, and as far as I understand you offer 1 free cluster per project....
So, why not create the M0 cluster also through the API? (considering the limitation of only 1 for the project, of course)
This would be of great help for integrations that automatically generate small test environments for certain applications that plan to use atlas as a database server.
4 votesHi Bruno,
Thank you for taking the time and raising this feedback. We believe it’s crucial to support you and development teams in integrating MongoDB with your CI / CD pipeline. For example by enabling generation of small test environments using M0 clusters.
With that in mind, we’re happy to share that this capability has been recently added to our Public APIs as well as MongoCLI. To learn more and read about other new capabilities we’ve added, visit https://docs.mongodb.com/mongocli/stable/release-notes/Thank you again for sharing your idea and keep it coming.
All the best,
Jakub -
Security Key (FIDO2) MFA option
Please enable security key (e.g. https://www.yubico.com/gb/product/yubikey-5c-nfc/) option for MFA. Ideally using FIDO2 protocol
9 votesMongoDB added webAuthn support as an MFA method. Please use "Security Key/Biometric" MFA. option to use it with your FIDO2 keys.
https://www.mongodb.com/docs/atlas/security-multi-factor-authentication/
-
Support for tagging clusters in Atlas
Please allow tagging at a cluster level. This will help in storing related metadata if required.
4 votes -
Support the regions parameter of a network peering container
In the API documentation you mention a regions parameter usable when creating a network container with a network smaller than /18. In terraform there is no such parameter. I would like to see that supported (for creating networks smaller than /18 on GCP).
See: https://docs.atlas.mongodb.com/reference/api/vpc-create-container/#request-body-parameters
2 votesThis work is completed and in v0.9.0 of the provider.
-
Need access to the REST API for IdP Federation
Currently all IdP federation set up must be done in the Atlas GUI. This prohibits scripting the setup of IdP organization and role mapping for new projects.
Customers can prefer setting this up via a scriptable Rest API interface for a new project. Everything else about the project has an API that is currently used to create projects and deploy clusters. Authentication is important part of the process and currently requires manual set up through the GUI.
3 votes -
Add resource to allow attachment of roles to mongodbatlas_cloud_provider_access
The need to do two applies to completely configure the
mongodbatlas_cloud_provider_access
resource should have never seen the light of day. I would like to see an additional resource that could attach a role to amongodbatlas_cloud_provider_access
after it has been created. Then you could use the attributes in themongodbatlas_cloud_provider_access
resource to create the role, then attach the role to it using theaccess_role_attachment
resource.9 votesCloud Provider Access in v0.9.0 now has a single apply method and the original two apply method.
-
Add Test Failover permissions to the Project Cluster Manager role
Add Test Failover permissions to the Project Cluster Manager role.
Use Case:
We'd like to have folks with this permission without also allowing them to modify Project membership and all the other permissions that come with being an Owner.4 votes -
more information in AWS IAM audit logs
We are using MongoDB-AWS for authentication, and have set up the audit log to log events taken by AWS roles. However, there is insufficient information in the logs to identify who is doing those actions, as roles can be assumed by multiple people.
An example log line in the current audit log:
{ "atype" : "authenticate", "ts" : { "$date" : "2021-01-05T00:21:52.628+00:00" }, "local" : { "ip" : "192.168.248.203", "port" : 27017 }, "remote" : { "ip" : "172.31.0.5", "port" : 54195 }, "users" : [ { "user" : "arn:aws:sts::555555555555:assumed-role/developer-role/", "db" : "$external" } ], "roles" : [ {…4 votesThe full ARN including the user information is now captured in audit logs when AWS IAM authentication is used with assumed roles. This is a delayed update; the change was made in 2021. Thank you for your feedback to make MongoDB better.
-
Add option to create project without alerts
Currently a project is created with a set of default alerts. We need to customize these but we can only add new alerts via terraform. It would be helpful if there was a boolean flag in the mongodbatlas_project resource to disable default alert creation
17 votesJust added in the latest version 1.1.1: https://registry.terraform.io/providers/mongodb/mongodbatlas/latest/docs/resources/project#with_default_alerts_settings
-
Vault Lock to protect Atlas Cloud Backups
We are currently looking for a solution to secure our Atlas backups.
Something similar to AWS Glacier Vault Lock [1] or a simple grace period before backups are deleted once and for all would be nice.
It would be amazing to protect the Atlas backups from being deleted.
Currently, if one of our Atlas admins was compromised, the damage for the company would be enormously high. So we need to implement measures against the final deletion of our most mission critical data.also mentioned in: [2]
[1] https://aws.amazon.com/de/blogs/security/amazon-glacier-introduces-vault-lock/
[2] https://developer.mongodb.com/community/forums/t/is-there-a-vault-lock-for-atlas-backups/1104110 votesHello,
I am pleased to announce that we have released our backup feature called Backup Compliance Policy, that protects your backups from being deleted by any user, ensuring WORM and full immutability (can not be edited/modified or deleted) for backups automatically in Atlas.
Backup Compliance Policy allows organizations to configure a project-level policy to prevent the deletion of backups before a predefined period, guarantee all clusters have backup enabled, ensure that all clusters have a minimum backup retention and schedule policy in place, and more.
With these controls, you can more easily satisfy data protection requirements (e.g., AppJ, DORA, immutable / WORM backups, etc.) without the need for manual processes.
Please note that the Backup Compliance Policy can not be disabled without MongoDB support once enabled so please make sure to read our documentation thoroughly before enabling.
-
AWS EBS gp3 Volumes
Please add support for the newly announced and already generally available AWS EBS feature. [1]
The top capability is: "The new gp3 volumes deliver a baseline performance of 3,000 IOPS and 125 MB/s at any volume size. Customers looking for higher performance can scale up to 16,000 IOPS and 1,000 MB/s for an additional fee." [2]
That basically means decoupling storage performance from storage size.
It would eliminate all our IOPS pain as 3000k is more than enough for our usecase. Currently, we are slightly overprovisioning storage size in order to guarantee minimal IOPS performance.[1] https://aws.amazon.com/about-aws/whats-new/2020/12/introducing-new-amazon-ebs-general-purpose-volumes-gp3/
[2] https://aws.amazon.com/ebs/general-purpose/17 votes -
Add Switzerland Regions
Hello, our product heavily relies on mongo atlas and we're very happy with it. However, several of our (corporate) clients would like their application data to be hosted in Switzerland (for compliance/data protection reasons). I would love the ability to setup a Swiss only Atlas cluster for those clients, but the closes options we have in Germany only. Either cloud provider will be fine (ideally Azure). Many of your (future) clients would certainly welcome this too (banks! luxury! healthcare! pharma! transportation! public services!) - thanks for listening :)
1 vote
- Don't see your idea?