Atlas
- A brief description of what you are looking to do
- How you think this will help
- Why this matters to you
449 results found
-
LDAP Users shouldn't be successfully authenticated if not authorized
Today, if you login with proper LDAP credentials to an Atlas cluster, you are authenticated into that cluster, even if you are not authorized to have access. This is not at all how databases should work, nor is it how most databases do work today. If a user is not authorized, that connection should fail immediately.
Allowing successful authentication, even when not authorized, can increase the security vector for ddos attempts as well as causes confusion when successful attempts are logged, even though the user was not authorized to see data.
Please reject any non-authorized user from connecting to an…
4 votes -
Google Private Service Connect
Greeting from Fivetran!
This is somewhat related to https://feedback.mongodb.com/forums/924145-atlas/suggestions/45272014-allow-customers-to-specify-the-number-of-service-a . Having 50 service attachments is not scalable for us which requires 50 IP addresses for each PSC. We have a large customer base and having each of them create PSC would require a lot of IP addresses and would quickly exhaust our subnets.
From the support case it seems that the decision to use 50 PSC attachments comes from the fact that GCP load balancer does not allow more than one pool of servers per service attachment and that the ports are passed through as is as opposed to AWS…
4 votes -
Add more information to "We are deploying your changes..." blue bar
Occasionally we see the deployment blue bar but aren't sure exactly what is being done. It would be very useful to have a link to click to see what changes are currently being pushed out.
4 votes -
Add project user role to Create App Services apps
(Creating on behalf of a customer.)
Create an Atlas project user role to only allow Create App Services apps (similar to the Atlas Search index creator role we have.4 votes -
Atlas UI Show Snapshot ID in web
Please provide a capability to show the snapshot ID of a snapshot in the web GUI, currently we have to make an API call to get the snapshot-id
4 votes -
AWS multi-region key (CMK)
While using AWS multi-region key, if a customer selects a new region for their CMK, Atlas will trigger a key rotation process which could take some time to complete depending on the disk usage. Can we introduce native support for AWS multi-region key so Atlas does not have to re-encrypt data if CMK ID is the same in the new region.
https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html
4 votes -
Transactions support for Merge operation in aggregation pipeline
Hi Team,
can we consider supporting the transactions when we use $merge stage in mongodb aggregation pipeline?
https://docs.mongodb.com/manual/reference/operator/aggregation/merge/#restrictionsWe have a requirement where we need to use the merge stage in pipeline and we would like to ensure automaticity in the transaction.
The aggregation pipeline we are building can merge multiple documents into the same collection and we would like to have either all or none by using transactions and the current merge operation cant support it.
thank you
4 votes -
Support GCP Private Services Access to Atlas
Hello,
this is a request to support Private Service Access for Atlas deployments on GCP. Today, our options with Atlas are IP access lists or VPC Peering. However, these options create downstream limitations for our organizations. Additionally, only one peering connection can be made per Atlas project, which also limits us.
Thanks
4 votes -
Allow designating some team members to administer team membership
Currently adding and removing members from team requires Organization Owner privileges. We would like to distribute management of team membership to users without having to grant them root privileges on Atlas account.
The feature would allow us to designate some team members as admins for the team, and they could then add/remove team members. This is in similar in concept to how Github implements team maintainers for a GitHub Team.
4 votes -
Atlas Capacity Check for Cluster Creation or Changes
When creating large new clusters sometimes Atlas does not have enough resources available from the cloud provider. When this happens a restore or cluster change fails without reporting what the actual issue is.
Solution: Verify available capacity and issue a warning or error if it is possible that the operation will fail & recommend opening a support ticket (or have a dialog to automatically do so listing the details)
4 votes -
Include cluster labels with Invoices API response.
Using the Invoices API to aggregate cluster costs by label involves cross-referencing the Cluster API. Including cluster label information as part of the Invoices response would eliminate this extra step.
4 votes -
Add API endpoint for Organizational Settings
To be able to change and read Organizational Settings in an automated matter, support for Organizational Settings should be added to the Mongo Atlas API.
4 votes -
domain names in access whitelist
Allow domain names in whitelist for IP address. (And rename whitelist to allowlist).
I have a server (app) on heroku. It has a domain name. I don't have a dedicated ip address range. But if I could put my domain name in (myapp.herokupapp.com or myapp.com if I get that name from godaddy), then when my server connects, you could do a DNS lookup of the domain names in the whitelist, and allow connection from those. And then, my app, and many others would be more secure. People could also use dynamic dns to support connections from their home computers, more…
4 votes -
LDAP Authentication: Allow Private Endpoint to the customer
Currently, LDAP Authentication from Atlas to a customer's LDAP service can go via the Internet or via VPC peering. In lieu of VPC peering, I propose using a Private Endpoint FROM Atlas TO a customer VPC that hosts the LDAP service.
NOTE: This would NOT be using the same Private Endpoint connection that Atlas currently supports today, which allows customers to reach their clusters privately (Customer -> Atlas).
This would be an additional Private Endpoint in the other direction (Atlas -> Customer).Advantages of using Private Endpoint vs VPC peering:
* Security: The customer VPC is not exposed to Atlas,…4 votes -
Improve database access tab
Managing permissions for users is a pain right now. It's a lot of clicks, it quickly becomes messy and sometimes the modal closes without saving changes.
It would be a lot easier if we could import a CSV containing all permissions for a certain user (user name, permission type, database name, collection name)
4 votes -
Increase maximum storage size for M60 servers
Currently the maximum storage size allowed for an M60 tier is 4TB. Our cluster is approaching this size, and we're facing having to shard our data, which we would really prefer not to do.
I understand that the maximum sizes are selected for performance reasons, but not every cluster is the same - ours is doing just fine and not struggling at all at this data size, and we would like to be able to continue to grow over time.
4 votes -
Ability to add multiple IP's to the whitelist and download the current whitelisted IP's
If I want to add comma separated IP's it is not possible. We have to add each IP painfully from the UI. Please allow to add comma or semicolon separated IP's to be added at once.
Also, why can't I download the current whitelisted IP's as a CSV or other file?
4 votes -
invoice should show support costs under project and not organization
We need the support costs (in our case Atlas Pro) to show up for each cluster under the project on the invoice. Right now, it shows up as a separate line item in a lump sum under the organization. It makes it difficult or impossible to properly bill the individual cost centers for support costs for their clusters.
If those costs showed up next to the clusters within the project, it would be easy to say project1 goes to cost center 1, but now we have to do project 1 goes to cost center 1 plus some percentage of the…
4 votes -
Shorter Temporary Durations for Network Access whitelist
Hello,
it would be nice if you could add options for temporary whitelist entries that are shorter than 6 hours. Often in our Team we find ourselves just needing to whitelist an ip for a short amount of time to look up some documents or fix a bug.
For that case it would be nice to have additional shorter options like 3h, 1h, 30m, 15m.Thanks for taking a look
4 votes -
Migration Tutorial Video
I did a live migration from mLab to Atlas quite recently. Although, the steps for migration were simple and easy to execute it took me alot of time to get over the fear of migrating without losing any data. A tutorial video of the entire process would have calmed my nerves and helped me take a lot less time in the process.
4 votes
- Don't see your idea?