Atlas
- A brief description of what you are looking to do
- How you think this will help
- Why this matters to you
7 results found
-
Granular Permissions
Right now Mongo Atlas allows you to assign two types of roles to all the users: Organization and Project, and for each set it gives you some predefined roles.
The problem with this is you can't have any kind of granular control of what permission is assigned to each user. (e.g. to allow a user to create a trigger through Mongo Stitch it needs the Project Owner role).
This is a major setback as I'm giving my coworkers more access than needed.
A good solution would be to have something like the database access control in this part so we…
380 votes -
Support GCP IAM for Cluster Authentication
Achieve feature parity with AWS IAM cluster authentication support.
79 votesThank you for your patience. Connecting Atlas clusters with GCP service accounts (workload identity federation) is in development and currently planned to be available in Q1 2024 (which is subject to change). The functionality will require MongoDB 7 in Atlas and initially will be supported in Java, Node, Python, C#/.NET, and Go drivers.
-
Authentification on Azure (IAM)
Hello,
We absolutely need a more modern authentication method than using LDAPS to authenticate users against the MongoDB databases that we deploy with Atlas. When will we see a modern authentication service at this level? Ideally, we want cloud functionality equivalent to AWS IAM but on Azure.
14 votes -
API Key Expiration date
We have a security reqirement that secrets must expire after 2 years.
Therefore it would be awesome if MongoDB Atlas API Keys would support an expiration date.
Somethig similar exists for the IP Whitelisting. Here we have the option to remove IP Whitelist entries after er certain time period. But for API Keys it would be better to have an expiration date and keep the API Key in the list even if its expired.
In addition it would be good to have a daily notification once the expiration date is ahead less than 30 day.
11 votes -
API Improvements - OpenAPI and more auth options
The API should be documented with OpenAPI to allow better tooling.
Ideally using the above OpenAPI spec you could auto generate a SDK or API client for popular languages.
Lastly, the API should accept authentication options other than digest. There is very poor support for digest authentication by popular HTTP clients. I don't like trying to implement security protocols myself, as there is often some quirk I have not fully understood that ends up leaving me less secure than I hoped.
In many questions online when searching for information about digest authentication, the person asking the question is asking about…
11 votes -
atlas portal ip whitelist
We were given this idea from a security audit.
From a security-in-depth perspective we would like to be able to restrict logins on the atlas portal to only whitelisted IP's, this would be analog as to how API whitelisting works at the organization level.
This is to prevent login's other than from our permitted sites.7 votes -
Remove the requirement to have an API Access List CIDR before being able to manage backup schedules
The issue is described in this github issue, specifically in the linked comment: https://github.com/mongodb/terraform-provider-mongodbatlas/issues/222#issuecomment-855905952
Here is the requirement as described in the API docs: Remove All Cloud Backup Schedules
Removes all cloud backup schedules for the specified cluster. "This schedule defines when MongoDB Cloud takes scheduled snapshots and how long it stores those snapshots. To use this resource, the requesting API Key must have the Project Atlas Admin role and an entry for the project access list."
https://www.mongodb.com/docs/atlas/reference/api-resources-spec/#tag/Cloud-Backups/operation/deleteAllBackupSchedulesOur request is that the requirement to have an API Access List to manage backup policies be removed.
At the very least,…
3 votes
- Don't see your idea?