MongoDB Atlas is one of the supported plugins for the HashiCorp Vault Database Secrets Engine and allows for the programmatic generation of unique, ephemeral MongoDB Database User credentials in MongoDB Atlas Projects.
The plugin is included from version 1.4 of Vault.
Please note: If you would like to install a different version of this plugin than the one that is bundled with Vault, versions v0.2.0 onwards of this plugin are incompatible with Vault versions before 1.6.0 due to an update of the database plugin interface.
Support for the HashiCorp Vault Database Secrets Engine - MongoDB Atlas is provided under MongoDB Atlas support plans. Please submit support questions within the Atlas UI. Vault support is via HashiCorp.
Bugs should be filed under the Issues section of this repo.
Feature requests can be submitted in the Issues section or directly to MongoDB - just select the Vault plugin as the category or vote for an already suggested feature.
- Database Secrets Engine for MongoDB Atlas - Docs
- Database Secrets Engine for MongoDB Atlas - API Docs
- MongoDB Atlas Website
- Vault Website
Please note: HashiCorp takes Vault's security and their users' trust very seriously, as does MongoDB.
If you believe you have found a security issue in Vault or with this plugin, please responsibly disclose by contacting HashiCorp at [email protected] and contact MongoDB directly via [email protected] or open a ticket (link is external).
In order to perform acceptance testing, you need to provide all of the necessary information to
connect to a MongoDB Atlas Project. All ATLAS_*
environment variables must be
provided in order for the acceptance tests to run properly. A cluster must be
available during the test. A
free tier cluster
can be provisioned manually to test.
Environment variable | Description |
---|---|
ATLAS_PUBLIC_KEY | The Atlas API public key |
ATLAS_PRIVATE_KEY | The Atlas API private key |
ATLAS_PROJECT_ID | The desired project ID or group ID |
ATLAS_CLUSTER_NAME | The desired cluster's name, e.g., vault-project.xyz.mongodb.net |
ATLAS_ALLOWLIST_IP | The public IP of the machine that the test is being performed |
Then you can run make testacc
to execute the tests.