Security Features and Setup¶

➤ Required Configurable Security Features. You must set up the following required security features:

Whitelist

Atlas only allows client connections to the cluster from entries in the project’s whitelist. To connect, you must add an entry to the whitelist. To set up the whitelist for the project, see Add Entries to the Whitelist.

For Atlas clusters deployed on Google Cloud Platform or Microsoft Azure, add the IP addresses of your GCP or Azure services to Atlas project IP whitelist to grant those services access to the cluster.
User Authentication/Authorization

Atlas requires clients to authenticate to access the clusters, i.e. the MongoDB databases. You must create MongoDB users to access the database. To set up MongoDB users to your clusters, see Add MongoDB Users.

To access clusters in a project, users must belong to that project. Users can belong to multiple projects. See Atlas Users and Teams.

➤ Optional Security Feature. Atlas provides the following optional security feature that you can set up:

VPC Peering (AWS Only)

Atlas supports VPC peering with other AWS VPCs in the same region. To use VPC Peering, see Set up VPC Peering Connection.
Two Factor Authentication

Atlas supports Two Factor Authentication (2FA) to help users control access to their Atlas accounts. To use 2FA, see Two Factor Authentication.
User Authentication/Authorization with LDAP

Atlas supports performing user authentication and authorization with LDAP. To use LDAP, see Set up User Authentication and Authorization with LDAP.
Database Auditing

Atlas supports auditing all system event actions. To use database auditing, see Set up Database Auditing.

➤ Non-configurable Security Features. The following non-configurable security features are inherent to Atlas: