MongoByte MongoDB Logo

Welcome to the new MongoDB Feedback Portal!

{Improvement: "Your idea"}
We’ve upgraded our system to better capture and act on your feedback.
Your feedback is meaningful and helps us build better products.

Add new feedback Subscribe
Status Submitted
Categories Database
Created by Guest
Created on Aug 24, 2023

RELATED FEEDBACK

Allow to define access to DBs/collections by prefix or pattern.

Please extend ACL to support prefixes (or regex) in the database name/collection. Currently only allowed ALL (when empty string provided) or exact db/collection matching when provided. Use case: Several services are using the same cluster but need to be isolated. Every service can get readWriteAnyDatabase but only to databases prefixed by some prefix. Services need to create new databases on the fly, so it is not possible to define a list of databases upfront. For example - rwRoleForService1 allows "update", "insert", and "remove" operations only on databases prefixed by "service1-" (sevice1-db1, sevice1-db2, ....) { role: "rwRoleForService1", privileges: [ { { resource: { db: "service1-", collection: "", dbPatternType: PREFIX }, actions: [ "update", "insert", "remove" ] }, }, ... ], ... } dbPatternType/collectionPatternType can be: LITERAL (by default) - A literal resource name. PREFIX - A prefixed resource name. REGEX - Will perform pattern matching.
  • Attach files