Mongo IAM auth with IRSA

Hi folks,

We have been trying to connect with Mongo Atlas using the IAM auth feature from a POD in EKS. For some reason, its not detecting the IAM role associated with the pod via IRSA. Instead its trying to use the role associated with the worker node. Any thoughts on what could be wrong?

We are using the mongo-go-driver.

Thanks in advance!

1 Like

I’d love to see this supported as well.

Currently, I’m looking at is to emulate behavior by calling sts:AssumeRoleWithWebIdentity to get the access key ID, secret access key, and session token. That all then is passed in when creating the Mongo client. It’d be nice to have this taken care of in the client so I don’t have to roll a custom implementation.

See IRSA support · Issue #8 · mongodb/pymongo-auth-aws · GitHub for an issue and proposed patch.