We would like to provide users an access to database from our VPN to browse the data with some database tools - this access should be read only. As for now if somebody connected via VPN and uses production credentials he will be able to write to the database. To be able to configure it I think Atlas should provide a IP whitelist/blacklist during the user creation becaouse global Access Lists are not enough.