Go Driver: Allow Client Side Field Level Encryption (CSFLE) to use IAM Role credentials credentials with KMS access
In order to get the MongoDB csfle lib to work with AWS KMS, we need to set
the following provider details (IAM user credentials) explicitly: accessKeyId and secretAccessKey.
It is common and more secure practice for applications to be able to get temporary credentials using IAM roles which will have accessKeyId, secretAccessKey and sessionToken - https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html.
Currently, the Go Driver does not support sending 'sessionToken' along with provider details.
The libmongocrypt library has this support now - https://github.com/mongodb/libmongocrypt/pull/153.
It would be great if Go driver has this support.2 votes
According to https://jira.mongodb.org/browse/GODRIVER-914 the connection string is only meant to specify the auth database. However, many of the official MongoDB drivers and tools also use the database specified in the connection string as the default if commands are run without specifying a database name.
The Go driver should either mirror this behaviour found in other drivers, or a parameter should be added to the connection string to allow a default database to be explicitly defined.2 votes
The Extended JSON encoder does not support encoding arrays and slices by themselves. The decoder does support decoding JSON arrays into slices. Add support for encoding arrays and slices to a JSON array.1 vote
It would be great if driver can auto update createdat and updatedat timestamp/date1 vote
- Don't see your idea?