MongoByte MongoDB Logo

Welcome to the new MongoDB Feedback Portal!

{Improvement: "Your idea"}
We’ve upgraded our system to better capture and act on your feedback.
Your feedback is meaningful and helps us build better products.

Add new feedback Subscribe
Status Completed
Categories Atlas
Created by Guest
Created on Sep 24, 2020

RELATED FEEDBACK

Support GCP IAM for Cluster Authentication

Achieve feature parity with AWS IAM cluster authentication support.
  • ADMIN RESPONSE
    Aug 1, 2025
    Your applications can now access Atlas Clusters with Google Service Accounts using MongoDB Workload Identity Federation ( https://www.mongodb.com/docs/atlas/workload-oidc/ ( https://www.mongodb.com/docs/atlas/workload-oidc/ ) ). The feature is supported by MongoDB 7.0.11 dedicated clusters (M10 and above). For your workforce access, we recommend to use Workforce Identity Federation ( https://www.mongodb.com/docs/atlas/workforce-oidc/ ( https://www.mongodb.com/docs/atlas/workforce-oidc/ ) ) with your corporate identity provider. Thank you for your feedback.
  • Attach files
  • Guest
    Mar 12, 2024
    This is technically done with MongoDB 7.0 and OIDC authentication through Identity Federation.
    Reply
  • Guest
    Sep 22, 2023
    I agree with @fulton Prioritizing Workload Identity Federation (IAM) is most valuable.
    Reply
  • Guest
    Sep 20, 2023
    Hello, also requesting this. Since MongoDB Atlas doesn't support crossproject service accounts, this raise security and responsibility issues over the service account keys in our organization. Workforce Identity Federation is needed to prevent this. Best Regards, Ilyas
    Reply
  • Guest
    Mar 13, 2023
    The current ordering priority is not ideal. Generally we do not want individual users accessing the database, so why are you prioritizing Workforce Identity Federation to access clusters using SSO? If a user needs to access a cluster directly (in an emergency) it's maybe once every few years. The highest imperative is for application to access databases securely. The application has the highest access and security needs. Therefore prioritizing Workload Identity Federation (IAM) is most valuable. IAM access makes it easier for developers to build new applications to work with the database (instead of touching the database directly). Why is Atlas choosing to support Workforce Identity Federation first?
    Reply
  • Guest
    Mar 1, 2023
    Last secret in our deployment that we need to get rid off. This would be a tremendous help.
    Reply
  • Guest
    Sep 27, 2022
    This idea was raised 2 years ago, are there any plans to put this on the roadmap ? This is critical for security reasons. Especially since it's already possible with AWS: https://www.mongodb.com/docs/atlas/security/passwordless-authentication/
    Reply
  • Guest
    Oct 19, 2021
    Would be very nice to have this so we can use workload identity in GCP GKE clusters to eliminate yet another credential to distribute.
    Reply
  • Guest
    Oct 11, 2021
    It should be fairly easy to get transparent identity federation where you can choose to grant Azure, AWS or GCP service accounts access. See https://cloud.google.com/iam/docs/workload-identity-federation for inspiration
    Reply
  • Guest
    Mar 17, 2021
    Great idea! Thank you!
    Reply
  • Guest
    Mar 16, 2021
    Great idea!
    Reply
  • Guest
    Feb 12, 2021
    Hi Geoffrey, It's worth emphasizing that AzureAD with Domain Services can present the LDAPS protocol which Atlas supports
    Reply
  • Guest
    Feb 11, 2021
    I need this also on Azure.
    Reply
  • Guest
    Oct 7, 2020
    Hi Ion, Can you help share a little bit about your use case, and what this would help you achieve? Thank you -Andrew
    Reply
  • Guest
    Oct 6, 2020
    yessssssssssss we want this
    Reply