[SERVER-22084] Add IP-based login restrictions for users/roles Created: 07/Jan/16 Updated: 28/Jul/17 Resolved: 28/Jul/17 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Security |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | New Feature | Priority: | Major - P3 |
| Reporter: | Stennie Steneker (Inactive) | Assignee: | DO NOT USE - Backlog - Platform Team |
| Resolution: | Done | Votes: | 3 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||||||
| Sprint: | Platforms 2017-08-21 | ||||||||||||
| Participants: | |||||||||||||
| Case: | (copied to CRM) | ||||||||||||
| Description |
|
MongoDB currently relies on RBAC, bind IPs, and external firewalls to limit network exposure. As a further improvement for defense in depth, IP restrictions could be implemented at a user or role level to mitigate the risk of privileged accounts being used from unintended origin IPs. |
| Comments |
| Comment by Andrew Morrow (Inactive) [ 28/Jul/17 ] |
|
This feature has been implemented as of the upcoming MongoDB 3.5.11 development release, and will be available for testing during the 3.6 RC release series. |