Atlas
- A brief description of what you are looking to do
- How you think this will help
- Why this matters to you
138 results found
-
Support a broader range of 2FA providers
Introduce compatibility with additional 2FA providers for Atlas customers, such as:
- Authy
- Microsoft Authenticator
- Okta Verify
- Duo1 vote -
LDAP configuration using Terraform
We would like to be able to use Terraform to configure LDAP authentication/authorization on projects.
The functionality is available via the API:
https://docs.atlas.mongodb.com/reference/api/ldaps-configuration/However, go-client-mongodb-atlas does not have these endpoints implemented, so that would need to be done before this functionality is included in the provider.
36 votesLDAP is now available in versions 0.9.0 of the provider.
-
Cluster Termination Protection
It is possible to quickly delete an entire cluster, for example through terraform, if you're not careful.
It would be great to have a "Termination Protection" feature that can only be disabled in the Admin UI and not via the public APIs.
In terraform I could then enable it like so
resource "mongodbatlas_cluster" "my_cluster" { enable_delete_protection = true }When I would run
terraform destroythe cluster should not be destroyed and instead the API returns an error saying that the Cluster has Termination Protection enabled. If I want to disable it, I can login to the Admin UI, select…66 votesYou can now set "Termination Protection" for your Atlas cluster. For more information, see https://www.mongodb.com/docs/atlas/cluster-additional-settings/#termination-protection
-
Allow to set teams to users by Federated Authentication
When an Atlas User logs in by a Federated Authentication (like Okta) there is only a "Default User Role" to control its permission, so all users get the same role. And after that, we must manually add to teams, or change their roles. It would be better to allow the IdP to set (and update) the groups/teams for each user automatically.
32 votesThis has been released —> https://docs.atlas.mongodb.com/security/manage-role-mapping
You can now map IDP groups to Atlas Roles between Orgs and Projects. We do not support mapping to teams, that is not planned.
-
DNS
In much the same way that Amazon RDS has a public/private setting, could you add a setting to Atlas that lets us make the DNS entries for our cluster resolve to their private IPs all the time instead of just inside a VPC?
This would improve security by routing our connection through a VPN into a VPC that has a peering connection with Atlas' VPC. To accomplish this now, one must to find the private IPs of a cluster and create local, manual DNS entries in a router or on a machine.
2 votes -
Add 1 second granularity to ATLAS metrics
At present the finest granularity of ATLAS metrics is 1 minute ,as the metrics are averaged by 1 minute , this would not provide info on spikes lasting less than few seconds
reducing the granularity to 1 second would give more insight21 votes10-second level granularity for Atlas projects is available with M40+ clusters. More information on this is available here: https://www.mongodb.com/docs/atlas/monitor-cluster-metrics/#std-label-premium-monitoring
-
Service status
Well, my DB is down... I would like to have a link to a page where you list real time status of your services and if down, the current status of the ongoing fix
1 vote -
Mongodb 4.2 pit_enabled argument on mongodbatlas_cloud_provider_snapshot_restore_job
While version 0.4.0 of the MongoDB Atlas Terraform provider did introduce the pitenabled argument on the mongodbatlascluster resource, it does not appear that the mongodbatlascloudprovidersnapshotrestore_job was updated to be able to restore from a point-in-time.
Currently, the option is available in the Web UI but there is no way to automate it via Terraform scripts.
1 voteThese options will be included with the release we will cut shortly, v0.6.0. Thank you for the feedback and please continue to provide it either here or directly to melissa.plunkett@mongodb.com.
-
Enable the use of the timeouts { ... } block in resource declarations.
Enable the use of the timeouts { ... } block in resource declarations. I consistently get a timeout error on destroy of resources:
Error: error deleting MongoDB Private Endpoints Connection(5e4e93f3c0073240658e5b1f): timeout while waiting for state to become 'DELETED, FAILED' (last state: 'DELETING', timeout: 2m0s)
1 voteThe timeout on this resource has been increased (https://github.com/mongodb/terraform-provider-mongodbatlas/issues/151) and since then we’ve seen no reports hitting the timeout before completion of the deletion. If this is encountered again please file an issue at https://github.com/mongodb/terraform-provider-mongodbatlas/issues/ letting us know what resource is hitting a timeout, what version of the provider and terraform you are using, and any relevant logs.
Thank you!
-
Add a resource to configure the backup policy for Cloud Provider Snapshots
Please add support to change the backup policy for Cloud Provider Snapshots.
This is the API I am referring to:
https://docs.atlas.mongodb.com/reference/api/cloud-provider-snapshot-schedule-modify-one/Thanks.
6 votesThis is now out in version 0.5.1 of the provider. Once CPS in enabled the Atlas default schedule is imported and can be modified via terraform configuration (however if you chose to use the default no modification is needed). https://www.terraform.io/docs/providers/mongodbatlas/r/cloud_provider_snapshot_backup_policy.html
-
Add Atlas instance in Azure Norway
We host data that is preferred to reside in Norway. Do you have plans to expand to the newly added Azure Norway data center?
2 votes -
Add support for name as argument for the team data sources
Currently, there is a datasource for team, but it requires an ID as argument.
There are available APIs with look ups by ID but also by name.
Can we support the data source look up by name as well? That would be interesting as could avoid knowing the ID of the project or team and look up that ID via name.Thanks.
(Note Admin edit -> as project missing name as an argument was a regression that is corrected in v0.4.1. However team is still up for later consideration for name expansion so leaving for feedback.)
2 votesThank you all for the feedback!
Completed via PR https://github.com/mongodb/terraform-provider-mongodbatlas/pull/253, in 0.6.2 and greater. Note a small bug is being corrected via https://github.com/mongodb/terraform-provider-mongodbatlas/issues/277 and will be included in the next release.
-
Ability to create mongodbatlas database user with certificate X.509
It would be great to have the ability to create mongodbatlas database user with certificate X.509 and get back certificate encoded or not in the output.
1 voteThis has been released in version 0.4.0
https://www.terraform.io/docs/providers/mongodbatlas/r/database_user.html
and
https://www.terraform.io/docs/providers/mongodbatlas/r/x509_authentication_database_user.htmlMore info on 0.4.0:
https://www.mongodb.com/blog/post/new-major-version-of-terraform-mongodb-atlas-provider -
gsuite access
I'd love to see better integration with google services as authentication provider. The current workflow of manually setting up the identity providers/domains in atlas & custom saml endpoints(even without a preset) is pretty complicated imo.
1 voteWe now support Login/Register with Google without having to setup SAML.
-
Provide `replSetName` vs. `snapshotId` mapping in `GET /groups/{GROUP-ID}/clusters/{CLUSTER-NAME}/backup/snapshots` Public API call for each
What is the problem that needs to be solved? Provide
replSetNamevs.snapshotIdmapping inGET /groups/{GROUP-ID}/clusters/{CLUSTER-NAME}/backup/snapshotsPublic API call for eachsnapshotId.Why is it a problem? (the pain) You're doing automated disaster recovery (restore from Atlas to on-prem via Manual Restore) scenario and you need to know which
snapshotId(and its corresponding.tar.gzfile) is related to which Atlas Cluster Shard/Config Server Replica Set. E.g.5e442aa4cf09a2352527536b=Cluster0-shard-0,5e442aa4cf09a23525275370=Cluster0-shard-1,5e442aa4cf09a23525275375=Cluster0-config-0.3 votes -
OKTA integration logo is not provided with documentation resources
OKTA integration logo is not provided with documentation resources
https://docs.atlas.mongodb.com/security-ldaps-okta/Please, make sure engineers/integration admins do not deal with copyrighted content and spend time in graphical arts
Please, add necessary resources following best presentation options and recommendations from OKTA for the button logo (or refer to me if you like my sample)
Attached example we created from some picture over "the internets" ?
Thanks!
1 voteMongoDB Cloud is now included in the Okta Integration Catalog as a pre built tile. It has a logo.
-
Enable the use of AWS PrivateLink in Terraform
MongoDB Atlas provides the ability to configure AWS PrivateLink to connect customer VPCs with MongoDB Atlas. I would like to see this capability exposed through Terraform.
3 votesThis has been released in version 0.4.0
https://www.terraform.io/docs/providers/mongodbatlas/r/private_endpoint.html
and
https://www.terraform.io/docs/providers/mongodbatlas/r/private_endpoint_interface_link.htmlMore info on 0.4.0:
https://www.mongodb.com/blog/post/new-major-version-of-terraform-mongodb-atlas-provider -
Define Default Backup Policy
The ability to save a custom backup policy as the default, so all new clusters don't have to be customized to meet the backup policy requirements.
6 votesHello,
I am pleased to announce that we have released our backup feature called Backup Compliance Policy, that enables the ability to define a default backup policy.
Backup Compliance Policy allows organizations to configure a project-level policy to prevent the deletion of backups before a predefined period, guarantee all clusters have backup enabled, ensure that all clusters have a minimum backup retention and schedule policy in place, and more.
With these controls, you can more easily satisfy data protection requirements (e.g., AppJ, DORA, immutable / WORM backups, etc.) without the need for manual processes.
Please note that the Backup Compliance Policy can not be disabled without MongoDB support once enabled so please make sure to read our documentation thoroughly before enabling.
-
Allow creation of API Keys and their Whitelists via Terraform
Currently it is not possible to create an Organization API Key via terraform and manage its IP Whitelist. This would be a very useful feature for large organizations: https://docs.atlas.mongodb.com/reference/api/apiKeys-orgs-create-one/
2 votesWhile this was not added to Terraform, support now exists for MongoDB Atlas Programmatic API key generation within Vault, which due to the sensitive nature of API keys this seemed a better fit for the functionality.
HashiCorp Vault 1.4 – https://www.mongodb.com/blog/post/manage-atlas-database-secrets-hashicorp-vault -
Don't show prompt to enable 2FA when Google login is used
Since you can't do it, it's a bit annoying to have the yellow banner across the screen.
1 vote
- Don't see your idea?