[SERVER-22084] Add IP-based login restrictions for users/roles Created: 07/Jan/16  Updated: 28/Jul/17  Resolved: 28/Jul/17

Status: Closed
Project: Core Server
Component/s: Security
Affects Version/s: None
Fix Version/s: None

Type: New Feature Priority: Major - P3
Reporter: Stennie Steneker (Inactive) Assignee: DO NOT USE - Backlog - Platform Team
Resolution: Done Votes: 3
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
related to SERVER-22085 Bypass authentication when connecting... Backlog
is related to SERVER-15461 Mechanism to allow restricting auth b... Closed
Backwards Compatibility: Fully Compatible
Sprint: Platforms 2017-08-21
Participants:
Case:

 Description   

MongoDB currently relies on RBAC, bind IPs, and external firewalls to limit network exposure.

As a further improvement for defense in depth, IP restrictions could be implemented at a user or role level to mitigate the risk of privileged accounts being used from unintended origin IPs.



 Comments   
Comment by Andrew Morrow (Inactive) [ 28/Jul/17 ]

This feature has been implemented as of the upcoming MongoDB 3.5.11 development release, and will be available for testing during the 3.6 RC release series.

Generated at Thu Feb 08 03:59:20 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.