MongoDB Atlas

How to integrate MongoDB with Apono to manage JIT access to Clusters, Databases and Collections

Suggest Edits

A document database used to build highly available and scalable internet applications

Overview

  • Self Service Access - Empower your developers to gain self-servable access to databases using Slack.
  • Automated Approval Workflows - Create approval workflows for specific sensitive databases/collections.
  • Review Access - View a detailed access audit of who was granted access to which databases with what permission level and why.

How to Integrate MongoDB Atlas

Creating a Project Owner API Key

  • Apono requires a project owner in the cluster's project so it can provision.*
  1. Creating an API Key with Project Owner role

Run the following Atlas CLI command:
Make sure to replace #PROJECT_ID with the project-id that contains the cluster you want to integrate

atlas projects apiKeys create --desc cli-created --projectId "#PROJECT_ID" --role GROUP_OWNER

Copy the Public and Private API Keys in the response

  1. Storing the secret in your environment secret store.

AWS
Using aws-cli, to store the secret in AWS Secret Manager.
Make sure to replace #SECRET_NAME,#REGION, #PUBLIC_KEY, #PRIVATE_KEY

aws secretsmanager create-secret --name "#SECRET_NAME" --tags '[{"Key":"apono-connector-read","Value":"true"}]' --region #REGION --secret-string '{
    "public_key":"'"#PUBLIC_KEY"'",
    "private_key":"'"#PRIVATE_KEY"'"
}'

GCP
You can also store the secret in Google Secret Store if you use Google Cloud.

Connecting to Apono

  1. Open Integrations Catalog
  2. Click on MongoDB integration card
  3. Select the Connector, this is the Connector which is installed in the same AWS account as the MongoDB Atlas instance
  4. Type in a friendly name for the integration
  5. Fill in the Project Id and Cluster Name

Assign the Secret

Use the respective secret which was stored in the Secret Store of your choice previously in this guide.

  1. Click Create

👍

Hurray!

You've successfully integrated Apono with your MongoDB. You should now see the new integration in your Connected Integrations.

You can now use this integration in your existing or new Access Flow. Check this guide out for more information on creating your first Access Flow in Apono.

Updated about 1 month ago