mingo-app / mingo

Found a bug? have a FR ?
60 stars 2 forks source link

[FR] Passwordless authentication via AWS #598

Open dbartholomae opened 1 year ago

dbartholomae commented 1 year ago

Is your feature request related to a problem? Please describe. Instead of hardcoding credentials, we use AWS SSO and passwordless authentication to authenticate with our Mongo Atlas db. Devs need to be able to authenticate via AWS SSO against Mongo to be able to access it.

Describe the solution you'd like It would be great to be able to define an AWS Profile and a role name, and then Mingo uses the credentials for that profile to assume the role and authenticate via this role.

Describe alternatives you've considered We are also looking into Studio 3T for this.

Additional context See https://www.mongodb.com/docs/atlas/security/passwordless-authentication/

MartinLoeper commented 1 year ago

I am currently evaluating the same option.

Background Half our team uses Mingo as their primary client to work with data in MongoDB Atlas.
I want to enable AWS IAM authentication so we can switch to temporary credentials which are 2FA protected via AWS SSO.

Issue Some clients, including Mingo support AWS IAM through static configuration.
However, we need a way to dynamically inject the session token via environment variables or the like.

Other MongoDB clients face similar issues, see the following discussion regarding aws-vault and MongoDB Compass: https://github.com/99designs/aws-vault/issues/1221