I’m just getting started with MongoDB Atlas, and I have a couple of questions that I haven’t found an answer for browsing through UI/Docs.
First, I keep reading that I can scale the cluster, modify replicationfactor, but I can’t find any settings like that when setting up an instance, but I see it can be specified at cluster creation time, using the API. Nor can I edit the cluster to change it. Is it specific to a certain tier? I’m focused on dedicated tiers, currently, but have started with an M10 to start, though I expect that to grow as we continue on the project.
Second, regarding permissions. It looks like there are two layers of user access within a project. One is at the Atlas project level, the other is at the Database Access level. The latter, I assume, only allowing access to the DB and not Atlas. Database Access configuration allows me to specify which cluster/DB the user can access (same for Data API).
But, when I assign permissions to an org level user within a project, it doesn’t appear that I can specify which database they can write to. So, it seems the only way to get that separation would be to create a separate project.
My usecase here is to have a project dedicated to a team, and houses prod and non-prod clusters. I want to grant my users access to the Atlas project, so they can have visibility into various aspects of the project (beyond the DB), but only certain people should be able to write/admin certain instances that way.
Thanks for any suggestions or clarification. Hopefully, these questions have enough context.
Could you please elaborate or clarify “replication factor” and what your use case is for changing this is? In saying so, If you’re wanting to expand your cluster with additional electable nodes , I would refer to the Add Electable Nodes documentation for further information and instructions on how to do so. Please note that configuration of high availability and workload isolation nodes is only possible on M10+ tier clusters.
For this part of your question, the Atlas UI Authorisation documentation talks about permissions and use cases of what creating more projects under single organisation provides. Also, Atlas User Roles specifically describes Organization roles and Project roles which can be assigned to particular Atlas users
The following Atlas User Roles documentation which describes details both the Organization roles and Project roles which can be assigned to particular Atlas users.
For your use case, you can assign / grant particular Atlas users with the Project Read Only or Project Data Access Read Only roles so that they can have visibility to the Atlas UI in certain parts of a specific project.
However, I am not aware of all the requirements so please go through the details of each assignable role and update the user’s accordingly based off your access policies / requirements
You can then assign suitable write/admin Project roles to additional Atlas users based on your needs. However, please study the descriptions for each of the jobs on this page to ensure you assign the relevant roles to the appropriate individuals.
I hope the above documentation is helpful for you. If you have any further queries, please provide details on the requirements like:
environmental setup (staging, prod, dev)
workflow process regarding what restrictions and permissions are needed for which users while logging in the Atlas organisation.