Need network whitelisting of API key for CI and Terraform
Hi great Mongo people.
The API key under organizational settings operates under a whitelisting model. There is currently no way (I can see) to open the key to 0.0.0.0/0.
But in use cases where you make calls to Atlas to manage infrastructure through Terraform (like I do) and use a CI SAAS tool like Gitlab (like I do) that is built on a cloud (like GCP) there is an insane amount of whitelisting that is required. Also, about every 3rd run I have to come in and add another white list IP so that my Terraform can run.
Could you please make 0.0.0.0/0 a possible entry?
Thank you!
-
Hi John,
While it's not a best practice (which is why Atlas discourages) you can in fact combine multiple CIDRs to achieve 0.0.0.0 e.g. by adding two rules: 0.0.0.0/1 and 128.0.0.0/1
I suggest doing this only if you're certain you've got appropriate key management hygiene in place and ideally only for testing
-Andrew -
John commented
More times today.
https://cloud.mongodb.com/api/atlas/v1.0/orgs/5fa2e0daba5abf44004c7ddf/teams/612fda7742786164b2db8bac: 403 (request "IP_ADDRESS_NOT_ON_ACCESS_LIST")I hope this gets enabled soon.
-
John commented
Got it 50% of the runs today
Error: error getting Team information: GET https://cloud.mongodb.com/api/atlas/v1.0/orgs/5fa2e0daba5abf44004c7ddf/teams/6130efe0cf8f0c05e77e065e: 403 (request "IP_ADDRESS_NOT_ON_ACCESS_LIST") IP address 34.138.163.27 is not allowed to access this resource.
│