Enforce policy not just for password, but for all kind of configuration.

Hi Renato, A few notes: MongoDB Atlas database users do have the concept of an expiration time (we call these temporary users). It's true that for MongoDB's SCRAM user/pass authentication option, Atlas does not allow you to define password rules: You can however look at using our Vault secrets engine integration which can do a lot of this for you: https://www.vaultproject.io/docs/secrets/databases/mongodbatlas Separately Atlas does support three other authentication options: - Passwordless X.509 client side certificates - LDAP which allows you to bring your own identity provider which can have its own rules (this model requires that Atlas cluster nodes be able to reach your LDAP service over the network, however) - and finally, with the introduction of MongoDB 4.4 beta: AWS IAM User/Role based authentication. Cheers -Andrew