MongoDB Atlas

How to integrate MongoDB with Apono to manage JIT access to Clusters, Databases and Collections

Suggest Edits

A document database used to build highly available and scalable internet applications

Overview

  • Self Service Access - Empower your developers to gain self-servable access to databases using Slack.
  • Automated Approval Workflows - Create approval workflows for specific sensitive databases/collections.
  • Restricted Third Party Access - Grant third-party (customer or vendor) time-based access to specific databases with MFA verification.
  • Review Access - View a detailed access audit of who was granted access to which databases with what permission level and why.

How to Integrate MongoDB Atlas

Creating a Project Owner API Key

- Apono requires a project owner in the cluster's project so it can provision.

  1. Creating an API Key with Project Owner role
    Run the following Atlas CLI command:
    Make sure to replace #PROJECT_ID with the project-id that contains the cluster you want to integrate

    atlas projects apiKeys create --desc cli-created --projectId "#PROJECT_ID" --role GROUP_OWNER

    Copy the Public and Private API Keys in the response

  2. Storing the secret in your environment secret store.

    AWS
    Using aws-cli, to store the secret in AWS Secret Manager.
    Make sure to replace #SECRET_NAME,#REGION, #PUBLIC_KEY, #PRIVATE_KEY

    aws secretsmanager create-secret --name "#SECRET_NAME" --tags '[{"Key":"apono-connector-read","Value":"true"}]' --region #REGION --secret-string '{    
    "public_key":"'"#PUBLIC_KEY"'",
    "private_key":"'"#PRIVATE_KEY"'"
}'

    GCP
    You can also store the secret in Google Secret Store if you use Google Cloud.


Connecting to Apono

  1. Open Integrations Catalog
  2. Click on MongoDB integration card
  3. Select the Connector, this is the Connector which is installed in the same AWS account as the MongoDB Atlas instance
  4. Type in a friendly name for the integration
  5. Fill in the Project Id and Cluster Name

Assign the Secret

AWS
Use the respective secret which was stored in AWS Secret Manager previously in this guide.

  • Select the secret from the Secret Manager according to the appropriate AWS account and region
  1. Click Create

👍

Hurray!

You've successfully integrated Apono with your MongoDB. You should now see the new integration in your Connected Integrations.

You can now use this integration in your existing or new Access Flow. Check this guide out for more information on creating your first Access Flow in Apono.

Updated 2 months ago

What’s Next