Hello,

One of our client 'Renault' has recently started using Atlas. They have configured a multi-region atlas cluster using AWS private link. 

Developers in the team want to use a compass, but the problem is Renault can not allow the ips of the individual machines to be whitelisted on Atlas. They also do not want to create separate users for every developer. So what they were trying is this : 

• Create a Bastian Linux host ( in the same vpc as application, which has access to Atlas via private link)
• Install compass on Bastian 
• On database create a different user like read-only, read-write etc. 
• For each user connected to compass using Bastian host, they verify the rights in vault and give them access to the database using either read-only user or read-write user. 

They have done similar thing with Dbeaver, as debeaver allows the credentials to be passed via a configuration file. 

Would it be possible to consider this functionality in the Future ? 

For now they cant use compass, for this reason, I suggested them to use LDAP for every account but 

1. This will increase the maintenance of LDAP groups 
2. They cant make LDAP server available to Atlas due to security reasons.

Let me know if there is any workaround, would be happy to consider that