Database
296 results found
-
x509 authentication with other certificate's components than (O,OU,DC)
In some entities (e.g. ours), the O, OU, DC triplet is not detailled enough or not appropriate, which makes it impossible to authenticate through x509.
For exemple, in our entity, the O and OU are the same for all certificates (because all servers are in the same Organisation Unit), and the DC field is not used. We do use other fields though.
Because of that, we can't use the x509 authentication feature, although it is strongly asked for by the security Team.Would it be possible to enhance the x509 authentication mechanism to allow more flexibility for the authentication's fields?
6 votes -
Get metadata about source client connection that submitted a given change
Currently with change streams it is impossible to know who or what connection initiated the changes.
It would be a good feature to have to be able to receive some data about the source client connection that initiated a change.
My particular use case is the following:
I have an app that connects to Atlas. (source client connection)
I can subscribe to change streams and then execute some logic when it applies.That app can scale to multiple instances.
Each instance subscribes to the change streams.
But I only want each instance to execute the logic that applies to only…5 votes -
Unique index in sharded cluster
For enforcing uniqueness in a sharded cluster, the officially recommended approach provided here https://docs.mongodb.com/manual/tutorial/unique-constraints-on-arbitrary-fields/#std-label-shard-key-arbitrary-uniqueness is simplistic and in production environment it brings non-trivial amount of work. Some considerations:
- Ephemeral issues might cause inconsistencies between the two collections (for example, unique index collection update succeeded but not the main collection) and make some unique keys not useable.
- There are many changes needed (we're using ORM Mongoose, there are many hooks for it to change) for enforce this universally.
What we ended up doing is to use distributed ephemeral locks (a TTLed MongoDB collection) to lock on the unique keys before adding…
5 votes -
NoTableScan at the collection level
NoTableScan at the collection level instead of mongod level.
5 votes -
Add expression indexes
An expression index is one where the value being indexed is the result of an expression, like lower casing a string.
http://en.wikipedia.org/wiki/Expression_index
http://www.postgresql.org/docs/8.1/static/indexes-expressional.html5 votes -
Support for Ubuntu 20.4 in MongoDB Server version 4.2
Per the Server Support Matrix https://docs.mongodb.com/manual/installation/ support for Ubuntu 20 is in MongoDB Server version 4.4+ but not 4.2.
We would like to see the currently supported MongoDB Server version 4.2 available on the Ubuntu 20.4 LTS distribution.5 votes -
Reduce the minimum value for watchdogPeriodSeconds
The storage watchdog attempts to create, write, and read a test file in critical directories every 10 seconds.
The watchdogPeriodSeconds parameter controls how often these a thread checks to ensure at least one check has succeeded since the last check.
The minimum value for watchdogPeriodSeconds is 60 seconds. This means that in the worst case, the mongod could be unable to write for up to 2 minutes before the watchdog asserts and kills the stalled node. That is a very long time for a primary node to be stalled in a busy cluster.
It does make sense that watchdogPeriodSeconds must…
5 votes -
Kafka audit event streaming
Provide Kafka Topic as a write target for database auditing and database message logging.
https://docs.mongodb.com/manual/core/auditing/
Auditing is currently limited to a local and editable JSON/BSON file or the system console log.
The SYSLOG is not recommended by MongoDB. "The syslog message limit can result in the truncation of the audit messages. The auditing system will neither detect the truncation nor error upon its occurrence."5 votes -
Collection Comments
I would like the ability to attach comments to a collection so that other people using the data can get some understand of context or important Readme/FAQ that I would need to share.
5 votes -
Ability to see historical `serverStatus.uptime` counter info on MongoDB Server process
What is the problem that needs to be solved? Store (historically)
serverStatus.uptimecounter info on MongoDB Server process, so that it will be possible to trackserverStatus.uptimechanges through the time.Why is it a problem? (the pain) As of now (2020-02-25) there's no way to see historical info of MongoDB Server process restarts since
serverStatus.uptimecounter is restarted every time MongoDB Server process is restarted. There's no other way (other than going into MongoDB Server process logs) to know if the process was restarted and when it was restarted. If you'd like to calculate MongoDB Server process availability, you'll…5 votes -
Extend schema validation to be able to enforce referential integrity between collections
Where a relational database uses 2 tables to store a 1:many "parent - child" relationship between entities, MongoDB mostly stores the child documents in an array file as part of the parent document. This automatically ensures referential integrity in that
- a child document cannot be inserted or updated to refer to a non-existent parent, and
- a parent document cannot be deleted such that it leaves "orphaned" child documentsHowever, there are situations where the number and/or size of the child documents makes embedding them all in their parent unworkable, due to the 16 megabyte document size limit if…
4 votes -
Budget limit for serverless pay as you go mode
I was looking at the serverless pay-as-you-go option for my DB so I could have continuous backup and snapshots but I found it too risky. Currently, the only protection user has is alerts when RPUs go over a certain budget threshold. I would like to be able to set a budget limit that would prevent me from going over pre-set daily budget. If you would get hit with DOS or some other brute force attack you could rack up lots of traffic and get an unexpected bill without a potential limit.
4 votes -
Use a private peering that resolves to the private IP address of your LDAP server.
We need to consume an LDAP server traffic through Private Endpoints. In the documentation we find that only creating a public endpoint it's possible but we have a security restriction. Our TAM suggested create a feedback request to the product owner.
tks!4 votes -
Display Recovery time during restore process.
Team,
Currently Mongo DB restoration process not giving any recovery time estimate when restore process start and because of that we are not able to plan time window for other critical process to start which is depend on restore and not able to communicate exact time when system will be available.
Please include this feature in upcoming release.
4 votes -
Enforced Password Complexity
Please allow for the enforcement of password complexity:
- Setting a password policy that restricts users to a certain level of complexity (e.g 10 chars with special characters)4 votes -
Make IAM database user authentication compatible with AWS SSO
We are in the process of implementing AWS SSO across our Organisation and wanted to tie this in with mongodb-aws for database authentication.
Unfortunately we have been informed the 2 services are not compatible.This would be a really useful add on to improve management of our systems.
4 votes -
Data masking policy
Implement Data masking similar to Schema Validation in Mongo so that customer can define a server-side data masking policy to mask the results of a query and a new role which will give explicit permission to users for reading unmasked data
4 votes -
Deny Privilege
Provide the ability to explicitly deny a privilege on a specific resource.
Example: Grant the privilege to perform the find action on all collections in the test database except "test.secrets".
4 votes -
Extend db.collection.distinct() to work with multiple fields in a compound key
Currently the distinct() command finds the unique set of values for a SINGLE specified field across a collection or view. For example:
db.staff.distinct("last_name" )If there is an index on the lastname field, the DISTINCTSCAN plan can use that index and the operation is very fast.
To find the unique values for a set of more than one fields, the $group aggregation stage has to be used like this:
db.staff.aggregate([
{$group: {id: {FName: "$firstname", LName: "$last_name"}} ]);This operation does not really need the $group functionality, as it is not calculating a sum/min/max/average/etc value using the…
4 votes -
wired
wiredTiger open files usage
Currently WT uses a file per collection and index, leading in some scenarios to extremely high number of open files/dhandles.
Is there any plan to support one file/dhandle per database?
4 votes
- Don't see your idea?