Atlas
- A brief description of what you are looking to do
- How you think this will help
- Why this matters to you
1360 results found
-
A new role for security auditing purposes
Currently MongoDB Atlas provides two read only roles at project level ("Project Read Only", and " Project Data Access Read Only").
"Project Data Access Read Only" seems to allow access to the data also, while "Project Read Only" role does not allow access to the logs. (https://www.mongodb.com/docs/atlas/reference/user-roles/)
For security officers (internal/external), they need to access to the logs (audit, access, etc) and also to review the configuration; but don't need access to the data.
Therefore, I would like to request a new project level role for security officers with following features.
- access to "Download Logs"
- access…7 votes -
Atlas metrics granularity after 48 hours
For metrics older than 48 hours, the data is presented in 1-hour intervals. This level of granularity is often too coarse for a thorough examination of past events and trends. Such a broad view can obscure smaller yet significant details critical for understanding and resolving performance issues that occurred in the past.
Suggested Improvement:
having a smaller granularity value for historical metrics beyond the 48-hour timeframe. Providing data in smaller intervals would greatly enhance our ability to conduct in-depth analyses and diagnose past performance issues accurately. This would be particularly beneficial for conducting detailed investigations of historical data and identifying…
7 votes -
Better auditing of App Service actions in Activity Feed
The Activity Feed should show who has created an app in the App Services. Currently this is not the case, instead you will find the following information in the Activity Feed:
A user(or Code Deployment) has deployed changes successfully to an App Service.
7 votes -
Use kubernetes Atlas operator to create and manage only users
We are already managing the Atlas project using terraform and do not want to have two separate tools managing the same resource. We would still like to generate atlas users automatically through the operator. If there was a method of just providing the project ID as a string like we are able to in the terraform resource definition, this would not be a problem.
7 votesWe're planning an investigation into this in Q2 (May-July for us). It's something more than one customer has asked for and allowing an Atlas ID to be used rather than a reference for another K8s resource feels like a reasonable approach.
No commitments for now till we've investigated in a little more detail.
-
"Deviation from Norm" and "Frog Boil" type alerting
Currently Atlas only alerts us when CPU reaches a critical threshold such as 90%. We would like to see additional types of alerts to detect issues sooner, including the following.
- “Deviation from norm” - A given metric is X% worse than the Y-hour average at the same time window for the past Z days (e.g. “CPU today at 4am is much worse than the average of 3am ~ 4am for the past 7 days”.)
- “Frog boils” - A given metric is becoming progressively X% worse over Y hours / days / weeks (e.g. "CPU usage is 10% higher on average…
7 votes -
Atlas project capacity should be discoverable
Atlas project capacity should be discoverable. Based on documentation, it seems project capacity is dependent on various factors and can be arbitrarily increased via support request. We currently do not know how many clusters/nodes we have available to deploy in a given project and that is critical information to inform planning at scale.
7 votes -
Retrieve latest/max oplog timestamp via the Atlas Administration API
At the moment the latest/max oplog timestamp can be retrieved via the Atlas UI in the backups section for point in time restores. This feedback post is to make this information available as part of the atlas administration api.
For example, in the UI it states:
You can only restore up to this oplog timestamp: 1692580549 and this increment: 1.
Would be good to have this value available to be retrieved via the API for restores requiring oplog timestamp values in this format.
7 votes -
Activate bypass saml only for select users
We have recently activated SAML SSO on our Organization and we would like to only have 1 user that is able to bypass SSO as like a "break the glass" user in case our IDP fails. It would be ideal that not every user is able to use the bypass url.
Currently any users can use the bypass sso url
7 votes -
Webhook
Currently alert notification configuration allows webhook targets with a secret configuration. This limits us in terms of which webhooks could be configured. There are multiple webhooks which do not support secret configuration rather support Headers to be passed with authentication details.
This request is to support additional set of header to be passed/added in the webhook configuration for alert notification.
For example, during alert notification configuration I should be allow to configure additional set of headers like Authorization: "Basic cdge....==" and Source: "Atlas"; with Webhook URL configuration which is further used by target to first authorise POST call made by…
7 votes -
Select exclusive copy snapshot from different region to restore for testing DR from copy snapshot.
We have "Additional backup policy" feature enabled which will copy our snapshot to other region.As part of DR testing we want to exlusively select copy snapshot in other region to restore to perform DR.In the current cluster I don't see an option specifically to select snapshot from other region.
7 votes -
Allow multiregion sharded clusters to have Primary nodes in multiple regions
For multi-region sharded clusters, the primaries for each shard remain in a single (highest priority) region in Atlas. If these primaries can be spread across multiple regions, that will a) provide consistent average response time for applications that connect from multiple regions as active-active b) Limit the blast radius if the highest priority region is unavailable c) Better distribution of workload from an application side.
This architecture is currently possible with EA deployments but not with Atlas.
7 votes -
Associate domains to an IDP at Organization level rather than for entire mongodb.com
At this time domain to IDP associations apply to entire mongodb.com. This makes it very difficult for large companies that have several independent departments to use mongodb.com. Some departments might want to create separate Atlas organizations and others simply access Support section of mongodb.com web-site. They wouldn't want to share an IDP created within one Atlas organization.
One possible approach to addressing this issue is for an Atlas organization to have a distinct sub-domain on mongodb.com (e.g. bigco-org-a.mongodb.com). Another approach would be to have a field for Atlas Organization name on logon page.
7 votes -
Control KMIP Key Rotation Timing
We need the ability to change the automatic key rotation time for our cluster. Currently the automatic rotation is set at 90 days but we cannot specify the time at which the rotation should occur. We want to avoid automatic key rotation activity during business hours.
7 votes -
Allow API Access via Private Endpoint Connection
To automate processes ATLAS Admin API is used but does only work if your cluster is not connected via Private Endpoint.
7 votes -
Create Atlas App Services and Link Them To Clusters with Terraform
It would be great to create App Services (Realm Apps) and then create the service link to an Atlas Cluster with Terraform.
This is so that Trigger resources can be created fully within Terraform, rather than having to hack together API calls, CLI commands or manual steps.
7 votes -
Add option to "Explain" a query from the "Profiler" page.
The profiler page shows a list of queries with metadata about them. It would be great to have the option to "explain" any query from this view, or in the slide-out view after clicking on a query.
7 votes -
REST API for sizing and pricing information
To keep our configuration on optimized terms we need a way to keep sizing and pricing data of the configuration on our side up to date. We have to get this information automatically for example via REST API.
This would help us to be up to date concerning
- Tier sizing: e.g. tier, RAM, CPU, min HDD, price included HDD, max HDD
- Pricinig: e.g. how much $ per hour / month for tier ***, with XX GB HDD and RAM, KMS encryption, backup and so on7 votes -
Expose API for Self-Service Increase of the Clusters per Project Limit
Give Atlas users the ability to increase the number of clusters they can create in a single project above the 25 cluster limit without having to file a support ticket.
7 votes -
Atlas User permissions/role by Cluster
It would be very helpful to restrict/allow access to clusters within an Atlas project, by Atlas user. This can be achieved with database users, but Atlas users have all or nothing access to the clusters within a project.
7 votes -
Add ability to chose the new primary node when you perform a test election
There's a "test failover" option, which shuts down the primary and forces an election. However, you have no control over which new primary will be elected (just the preferred region) which sometimes does not work as expected.
It would be really useful if you have the possibility to manually chose which node will be elected as the new primary.
7 votes
- Don't see your idea?