Drivers
1 result found
-
Support for EKS Service Account Credentials in MONGODB-AWS
Support for EKS Service Account Credentials in MONGODB-AWS
It would be great to be able to authenticate to MongoDB using EKS service accounts.
Currently, the order in which Drivers MUST search for credentials is:
Credentials passed through the URI
Environment variables
ECS endpoint if and only if AWS_CONTAINER_CREDENTIALS_RELATIVE_URI is set.
EC2 endpoint
(https://pymongo.readthedocs.io/en/stable/examples/authentication.html#mongodb-aws)It is possible use the AWS_ROLE_ARN and AWS_WEB_IDENTITY_TOKEN_FILE environment variables injected into the pod by EKS to assume the service account role and get temporary security credentials, which could then be passed to the uri as described in AssumeRole (https://pymongo.readthedocs.io/en/stable/examples/authentication.html#assumerole).
The boto client…
30 votesThis has now been completed in most drivers.
- MongoDB Java driver EKS Service Account support is in driver version 4.8.0
- MongoDB C Driver EKS Service Account support is in driver version 1.2.4
- MongoDB C# Driver EKS Service Account support is in driver version 2.19.0
- MongoDB Go Driver EKS Service Account support is in driver version 1.12.0
- MongoDB Node.JS Driver EKS Service Account support is in driver version 5.1.0
- MongoDB Python Driver EKS Service Account support is in driver version 4.4.0
- MongoDB Ruby Driver EKS Service Account support is in driver version 2.19.0
- MongoDB Rust Driver EKS Service Account support is in driver version 2.6.0
If you have any questions please reach out!
Rachelle
- Don't see your idea?