Atlas
- A brief description of what you are looking to do
- How you think this will help
- Why this matters to you
137 results found
-
Support the regions parameter of a network peering container
In the API documentation you mention a regions parameter usable when creating a network container with a network smaller than /18. In terraform there is no such parameter. I would like to see that supported (for creating networks smaller than /18 on GCP).
See: https://docs.atlas.mongodb.com/reference/api/vpc-create-container/#request-body-parameters
2 votesThis work is completed and in v0.9.0 of the provider.
-
Show all team users on one page
When we do SOC2 reviews, we have to take screenshots of the permissions various users have. Currently, a specific "team" in Atlas only shows 5 users at a time and is paginated. Taking screenshots of 5 users at a time is pretty tedious, so it would be amazing to have a page with the full list.
2 votes -
Change Azure snapshot backups from LRS to GRS
Sorry but this is a must. GRS is a 2 region datacenter backup, LRS only 1. Fire or disaster will take out everything if LRS is used.
2 votesHello,
We recently released a feature that we call Snapshot Distribution which allows any Atlas user to copy their backups into additional cloud provider regions that are supported in Atlas.
This allows you to store the backups in whatever region you prefer automatically. In the event of a disaster in a cloud provider region, Atlas will intelligently use a backup copy in an additional region for a restore.
You can read more about this in this blog, https://www.mongodb.com/blog/post/introducing-snapshot-distribution-atlas , and our docs, https://www.mongodb.com/docs/atlas/backup/cloud-backup/scheduling/#configure-service-to-automatically-copy-snapshots-to-other-regions .
-
DNS
In much the same way that Amazon RDS has a public/private setting, could you add a setting to Atlas that lets us make the DNS entries for our cluster resolve to their private IPs all the time instead of just inside a VPC?
This would improve security by routing our connection through a VPN into a VPC that has a peering connection with Atlas' VPC. To accomplish this now, one must to find the private IPs of a cluster and create local, manual DNS entries in a router or on a machine.
2 votes -
Add Atlas instance in Azure Norway
We host data that is preferred to reside in Norway. Do you have plans to expand to the newly added Azure Norway data center?
2 votes -
Add support for name as argument for the team data sources
Currently, there is a datasource for team, but it requires an ID as argument.
There are available APIs with look ups by ID but also by name.
Can we support the data source look up by name as well? That would be interesting as could avoid knowing the ID of the project or team and look up that ID via name.Thanks.
(Note Admin edit -> as project missing name as an argument was a regression that is corrected in v0.4.1. However team is still up for later consideration for name expansion so leaving for feedback.)
2 votesThank you all for the feedback!
Completed via PR https://github.com/mongodb/terraform-provider-mongodbatlas/pull/253, in 0.6.2 and greater. Note a small bug is being corrected via https://github.com/mongodb/terraform-provider-mongodbatlas/issues/277 and will be included in the next release.
-
Allow creation of API Keys and their Whitelists via Terraform
Currently it is not possible to create an Organization API Key via terraform and manage its IP Whitelist. This would be a very useful feature for large organizations: https://docs.atlas.mongodb.com/reference/api/apiKeys-orgs-create-one/
2 votesWhile this was not added to Terraform, support now exists for MongoDB Atlas Programmatic API key generation within Vault, which due to the sensitive nature of API keys this seemed a better fit for the functionality.
HashiCorp Vault 1.4 – https://www.mongodb.com/blog/post/manage-atlas-database-secrets-hashicorp-vault -
Shared-Tier (M2 & M5 Clusters) Snapshot and Restore Jobs Resource in Terraform
Shared-Tier (M2 & M5 Clusters) Snapshot and Restore Jobs Data Sources are on the near-term roadmap for the MongoDB Atlas Terraform Provider, but is there any interest in also having a Terraform Resource as well? This way users will be able to create, update, and destroy these resources as well.
Note: there is no DELETE http method in Atlas Admin API for either Shared-Tier Snapshot or Restore Jobs (https://lnkd.in/e3-GZH6M). So this will likely have to be supported first before team can create the associated Terraform resource which is likely going to be some time away.
1 voteReleased as part of v1.11.0, try today and thank you for all the feedback!
-
Allow creation of free cluster (M0) through Coudformation & CDK
This is already supported trough API and implemented in Terraform. I would like to see this extended to Cloudformation and CDK.
1 vote -
Add v1.5 API support to Terraform to support asymmetric hardware
We use a base tier MongoDB cluster (M20) and an analytics tier (M30), where they are of different sizes due to different business requirements.
Currently this is not supported by Terraform unless tiers use the same hardware (e.g. either both are set to M20 or M30).
See the error message below.
Error: error reading MongoDB Cluster (development): GET https://cloud.mongodb.com/api/atlas/v1.0/groups/1234567890/clusters/development: 400 (request "ASYMMETRICHARDWAREINVALID") Asymmetric hardware is not supported by the v1.0 API. Please use the v1.5 API instead. Documentation for the v1.5 API is available at https://docs.atlas.mongodb.com/reference/api/clusters-advanced/.
Please add v1.5 API support to Terraform to support asymmetric hardware.
1 vote -
AtlasBasic CDK
AtlasBasic CDK should include an option to create to serverless cluster as opposed to dedicated/shared.
1 vote -
Make optimized connection strings available from api
When creating a cluster that has Optimized Connection Strings as documented here: https://www.mongodb.com/docs/atlas/connect-to-database-deployment/#improve-connection-performance-for-sharded-clusters-behind-a-private-endpoint, those connection strings do not appear to be available through the Atlas API, and thus not available through the Terraform provider.
Since legacy connection strings are not the default anymore, it would be important to make those optimized strings available through API and Terraform.
In addition it would be nice to be able to get the legacy connection strings for old drivers even if the cluster qualifies for optimized connection strings. Those legacy connection strings are simply not populated unless the cluster was initially a replicaset…
1 votethis feature has been released as part of v1.10.0. thank you for the feedback.
for more details see: https://registry.terraform.io/providers/mongodb/mongodbatlas/latest/docs/resources/advanced_cluster#connection_strings.private_endpoint.#.srv_shard_optimized_connection_string
-
Add Enable Extended Storage Sizes in terraform project settings
Add an Enable Extended Storage Sizes flag in terraform project settings
Example:
resource "mongodbatlasproject" "default" {
name = var.name
orgid = "TEST"iscollectdatabasespecificsstatisticsenabled = true
isdataexplorerenabled = true
isperformanceadvisorenabled = true
isrealtimeperformancepanelenabled = true
isschemaadvisorenabled = true
isextendedstorage_sizes = true
}1 votehi this feature has been release as part of v1.10.0. thank you for the feedback.
for more details see: https://registry.terraform.io/providers/mongodb/mongodbatlas/latest/docs/resources/project#is_extended_storage_sizes_enabled
-
Add a datasource for members of an organization
Problem: The
mongodbatlas_teams
resource only works with email addresses of user accounts which are existing members of the organization at apply time¹, and Team memberships can't (yet?) be managed via Identity Federation (third-party SAML IdP).Solution: If there was a datasource using the "Get All Organization Users" API² to return a list of organization members, that data could be used to filter the
usernames
input attribute of themongodbatlas_teams
resource to only add valid users.Workaround: We're using a Python script as an external datasource to get the data needed to perform said filtering.
¹: An error is thrown when…
1 votethis feature has has been released as part of v1.10.0 release. thank you for the feedback.
for more details see: https://registry.terraform.io/providers/mongodb/mongodbatlas/latest/docs/data-sources/organizations
-
Support webhook notification type for alert configurations
The
mongodbatlas_alert_configuration
allows me to define a notification withtype
ofWEBHOOK
but I can't complete the configuration because it doesn't seem to support any arguments to provide the webhook URL and webhook secret/integration key.Please add support for the webhook URL and secret, since otherwise the
WEBHOOK
type notification can't be used. Thanks1 vote -
Enable setting encryption at rest details for project
Please allow us to set the encryption at rest KMS details for the project when we create the project
1 voteThis is available and supported.
https://www.mongodb.com/docs/atlas/atlas-operator/stable/ak8so-encryption-at-rest-customer-keys/
-
Datadog integration for US5
Hi I am using US5 datadog, and as I learned that Atlas only supports US1, it would be great if the integration with US5 is also added.
1 voteThe US5 Datadog site is available in Atlas.
-
Granular permissions via roles / hashicorp vault
We are using the Hashicorp Vault Atlas plugin in order to generate credentials for Atlas.
We are able to generate roles on the Atlas end and then use those roles to provision vault users.
However, I don't see a way to restrict those roles to just certain resources/clusters.
So the user can access all the deployments in a project.
It should be possible to restrict roles to certain resources only.1 voteHi,
This has already been added some time ago. You need to specify the scopes you want to include, here's the code - https://github.com/hashicorp/vault-plugin-database-mongodbatlas/blob/master/mongodbatlas.go#L206. It should be an array like roles, but with the resource name and then if it's a cluster or data lake (see scopes here: https://www.mongodb.com/docs/atlas/reference/api/database-users-create-a-user/). I hope that helps!
Best,
Melissa
-
Backup Snapshot datasource and Restore Job resource and datasource for Shared clusters
The following resources/datasources work only for dedicated clusters (M10 and above).
mongodbatlascloudbackupsnapshots
mongodbatlascloudbackupsnapshotrestorejobThis is because they call the /backup/snapshots and
/backup/restoreJobs Atlas API endpoints respectively.There are different API endpoint for shared-tier clusters (M2/M5):
/backup/tenant/snapshots
/backup/tenant/restoresWould it be possible to have new equivalent datasources/resources for shared-tier clusters or modify the existing datasources/resources to accommodate shared-tier clusters?
Thanks in advance.
1 voteReleased as part of v1.11.0, try today and thank you for all the feedback!
-
Improve OKTA Location Detection
Hi,
This is really a message for your security / authentication engineers.
When you use Okta PUSH MFA, the popup on my mobile device reads "Did you just try to sign in? near Ashburn, Virginia, United States"
I am not near Ashburn, that's your server location. We use Okta Push at our company and had the same issue. It's a simple fix, tell your engineers to add:
'X-Forwarded-For': <users ip>,
With the user IP address that is sent to Okta, and it should geolocate properly. This is a small, albeit actual security issue with MongoDB, as I cannot safely differentiate…
1 voteThank you for your kind feedback. This issue has been fixed and Okta Push app should show now show the correct location. Thank you!
- Don't see your idea?