Atlas policies
In the MongoDB atlas portal, there should be a way to configure policies across an organization. ie: policies to restrict users from creating clusters from certain cloud providers (ie: azure), restrict users from creating databases of a certain size, etc.
John
shared this idea
-
Björn
commented
This would be very useful so we do not have to struggle with fine grained permissions / roles on the control plane but simply have a policy mechanism for the whole organization. Especially in the context of App Services where everybody has to be Project Owner to do something useful it seems to be a simple solution to just prevent unwanted features (like not allowing anonymous authentication or whitelisting of ips not known to the enterprise or disabling ssl or or or ... there seems to be some points where this can made thinks easier for enterprises or regulated companies like us.
-
Charlie
commented
A large financial customer wants to ensure that clusters can only be deployed to specific cloud providers and regions based on policy. Could we add an Atlas security control that limited the available cloud providers and regions for cluster creation/configuration for a given Atlas org or project?
-
Amede Agbessi
commented
Without impacting the multi-Cloud feature, it should be good to restrict (via some policies) the creation of a MongoDB cluster to a single CSP (AWS, Google Cloud, Azure) which might be the only one the user will have displayed, and which would be for example the one from which the subscription is made.
For example, if my subscription is made on AWS, I would like to give the possibility of creating a MongoDB cluster only on AWS which in the case would be the only CPS displayed.