Atlas
- A brief description of what you are looking to do
- How you think this will help
- Why this matters to you
19 results found
-
Allows to share Cloud Provider Backup Snapshot with customer's Cloud Provider account
What is the problem that needs to be solved? Add an option (as it was in mLab) that allows to share the Cloud Provider Backup Snapshot (EBS Snapshot [1], in case of AWS) for Atlas Cluster with customer's Cloud Provider account. This action is easier, quicker and cheaper for customers than manually downloading the Atlas Snapshot.
Why is it a problem? (the pain) A) Operational pain: as of now (2020-02-18), if you require to execute disaster recovery scenario with restoration of your Atlas Cluster data outside of Atlas Clusters you'll need to create a Cloud Provider Backup Snapshot Restore job…
16 votesWe do not have plans to do this. However we have released a new feature that allows you to schedule an export of your backup. https://docs.atlas.mongodb.com/backup/cloud-backup/export/
-
Pausing MongoDB Atlas Cluster with option of start/end time
There is a parameter available for cluster resource to pause the cluster. With this parameter, we have to flip the status from pause to unpause whenever needed.
I am looking for separate resource (like maintenance window) where one can configure to pause the cluster for specific window (start/end time)
Example: I want to pause all non-prod clusters by Friday evening 5 PM EST and resume the cluster 7 AM EST. With trigger it is possible, but we do have hundreds of deployments. It would be great if we have resource where customer can specify their own timing to pause and…
15 votes -
More Fine-Grained Custom Roles
Our developers need to access databases from home or an office location from time to time.
They are not Project Owners and should not have broad sweeping administrative privileges over the databases.
In some cases they may be outsource workers who would only have read-only views on the data.
However, they do need to be able to connect to the databases.
Currently, you need a Project Owner role to be able to add an IP address to the whitelist and allow remote access.
Please add the ability to create custom roles for Atlas users, which would enable us to create…15 votesThank you for detailed feedback. Fine-grained custom roles is one of the projects we are actively working. Please follow the progress with https://feedback.mongodb.com/forums/924145/suggestions/39906208. I'm closing this ticket.
-
MongoDb cloud Atlas terraform plugin for Oracle Cloud Infrastructure(OCI)
Hello Team,
Looking forward to collaborating with MongoDb Cloud Atlas team to develop a custom-ready terraform plugin for Oracle Cloud Infrastructure similar to the ones we have for AWS, Azure, and GCP. Currently, we are deploying Mongo DB clusters in OCI IAAS. The plugin we develop will be really helpful for OCI customers who would like to have their MongoDB deployed on OCI platform. Looking forward to a positive revert.15 votesPer Andrew’s comment, since this is not directly related to the Terraform MongoDB Atlas Provider I am setting this suggestion to declined. Thank you.
-
Ability to create/update a temporary Database user using terraform
Hi
Presently, we can only create permanent database users via Terraform Modules. The creation of temporary DB users is only allowed through the UI or by consuming MongoDb Atlas's APIs. In addition, the "deleteAfterDate" property is only applicable for a temporary user already existent. The point is to avoid using "null_resource" and "local-exec" in our Terraform Modules.8 votes -
Vault should return users only once they can be used
Currently, the Vault Plugin immediately returns the MongoDB users after they are created in Atlas. However, they have not been rolled out to the actual nodes yet. Immediately using them on a cluster will fail.
Unfortunately MongoDB does not want to provide a fixed maximum time to wait, as the time apparently depends on many factors, including how many clusters are in a project, or if there are other changes being rolled out.
It would be a much simpler and better user experience if the Vault plugin would only return the user once it is actually usable, even if that…
7 votesHi all,
This request was first made via a Vault repo issue: https://github.com/hashicorp/vault-plugin-database-mongodbatlas/issues/10 We investigated the options with the Vault engineering team and the conclusion, from the issue is:
"We have researched the options to address this feature request and discussed it with the Vault engineering team. After this it became apparent that there is no safe and solid way to do this and it would be better to continue to function as most secrete engines do, which results in an eventually consistent experience in regard to secret creation. I encourage those who need to know when the database credential is fully available to use the status endpoint mentioned earlier in this issue, https://docs.atlas.mongodb.com/reference/api/clusters-check-operation-status/)."
Thank you,
Melissa
-
Atlas does not automatically rotate the Key Version Resource ID used for Google Cloud key management.
Basically, when a new version of the key is being created in GCP, Atlas Terraform provider does not accept primary or newest value for version argument.
We cannot use the data source to filter on the version that is primary or the "newest" https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/kms_crypto_key_version, it will default to 1. We have to specify the version #. But we need this to be fully automated.
I found this issue which seems to show the same situation, but it’s from 2020…
https://github.com/hashicorp/terraform-provider-google/issues/5688MongoDB Support mentioned we could use the AWS KMS which supports automatic key rotation.
So we are suggesting implementing…
6 votes -
Standardize case for region values
Depending on the resource, the case for the region value changes from uppercase with underscores (US_ EAST _1) to lowercase with dashes (us-east-1). This presents an unnecessary challenge when working with the provider. It would be much cleaner, easier to work with, and prone to fewer errors if all resources accepted us-east-1.
6 votes -
Provide an option to disable password auth for database users
Currently, it is not possible securely create a user in a terraform DevOps pipeline, since "Passwords may show up in Terraform related logs" according to the documentation. If the password was no longer required to create a user, we could avoid this issue by only using certificate authentication.
5 votes -
Create Org via API
This sort of exists in another request (https://feedback.mongodb.com/forums/924145-atlas/suggestions/44280954-create-organization-using-api-or-terraform-in-atla), but it may be buried because it's not super clear in the request name.
Basically, let us programmatically create Orgs via API.
For context, we're hoping to use this to let us automatically generate/scaffold up all of the infrastructure needed to "self-deploy" a full stack serverless application for clients. We don't want to do passthrough billing, and we want to keep client environments completely separated. Being able to spin up via API is critical for this to go smoothly.
3 votesThis work is in progress. Please follow it with https://feedback.mongodb.com/forums/924145-atlas/suggestions/44280954-create-organization-using-api-or-terraform-in-atla; closing this feedback item.
-
mongodbatlas_cluster should wait until cluster is operational
mongodbatlas_cluster
is regarded "created" before it's operational, which breaks things if you need to use attributes that aren't yet available, likeconnection_strings
.This issue is acknowledged in the provider docs:
connection_strings - Set of connection strings that your applications use to connect to this cluster. More info in Connection-strings. Use the parameters in this object to connect your applications to this cluster. To learn more about the formats of connection strings, see Connection String Options. NOTE: Atlas returns the contents of this object after the cluster is operational, not while it builds the cluster.
(...)
Private connection strings may…
3 votes -
Get the successful and failure authentication logs
We would like to be able to get the successful and failure authentication logs to the Atlas platform. This is a requirement from our CISO team. They also would like to have notification mails if we have failure login attempts.
As suggested from the support engineer in Case:00982240, I'm logging a feature request.
2 votes -
Add Duo in the MFA provider
Is it possible to add Duo in the MFA option list ?
2 votesHello, thank you for your feedback.
Duo or any other authenticator can be used with MongoDB Atlas. Please use Authenticator App option while setting up MFA, and use your Duo app during regisration.
We do not consider to support Duo push notifications. In order to login with push notifications, please configure Okta Verify mobile app as your MFA method.
Thank you,
fuat
-
Allow Monitoring IOPS Credit Balance for AWS gp2 volumes
Allow users to monitor their IOPS balance on burstable gp2 storage volumes.
See I/O Credits and burst performance in
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volume-types.html2 votes -
Allow Database User Password Encryption
There should be a way to encrypt the password for database user resource. Currently, it's optional, so either you need to reset or create the password manually or via rest Api's. There shouldn't be two different methods to configure one resource.
2 votesNote the database password is not optional. Additional information was not provided so not sure of the specifics of the request (assuming it may be perhaps longer term management of the password?). If there are any questions around this resource feel free to reach out directly. Also the MongoDB Atlas Vault plugin could be useful for those looking for ephemeral secrete management: https://www.mongodb.com/atlas/hashicorp-vault. Thank you!
-
Remove limit for sending invitations terraform-provider-mongodbatla
Remove limit for sending invitations using the terraform plugin terraform-provider-mongodbatla. Currnetly there is a limit of sending 10 invitations per minute per IP. That makes this plugin pretty much useless.
1 vote -
Hourly Backup Export Option
We can capture cluster snapshots every hour. However we are limited by the Snapshot Backup S3 Export feature to only being able to export daily. From a DR perspective, this gives us a 24hr RPO which is not great.
It would be nice if we could export more frequently (hourly, 4h, 12h) for example.
1 vote -
Backi
We need the ability to backup every 5 mins, 15 mins is possible
At the moment it's only hourly ?1 votePlease see our Continuous Cloud Backup offering in Atlas, https://www.mongodb.com/docs/atlas/backup/cloud-backup/overview/#continuous-cloud-backups . This allows you to restore to a specific point in time between your backups instead of taking backups every 5 minutes.
-
Support for 1Password for MFA
Our company password & MFA share system runs in 1Password, so it would be awesome to have that supported as an MFA option :)
1 voteHello,
Thank you for feedback. You can use 1Password or any mobile authenticator with MongoDB Atlas. Please use "Authenticator App" option during MFA set up and register with your preferred authenticator app.
Thank you,
Fuat
-
- Don't see your idea?