Documentation Link - https://docs.atlas.mongodb.com/security-aws-kms/

Hello Team,

Recently, we have Introduced the ability to use an AWS IAM role to authorize Atlas to access: - AWS KMS encryption keys for customer key management as documented here.

Therefore, customer cannot use an AWS IAM user for new clusters anymore.

However, I still can see that our document mentions about an IAM user. Therefore, could you please update our document accordingly to change it to an AWS IAM role.

For example)

Have an AWS IAM user with sufficient privileges. 

In addition to that, can you please add an note to make sure that the new IAM role can access the old CMK when switching their Atlas project from credentials-based access to role-based access to their encryption keys AND changing the CMK at the same time? I have a customer who had an issue when switching credential based encryption at rest to role based encryption at rest AND the KMS keys were also being switched from the old keys as the new IAM role didn't have privileges to access the old CMK.