<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 09:01:16 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[JAVA-4118] Add support for EKS when using AWS Iam roles for database authentication</title>
                <link>https://jira.mongodb.org/browse/JAVA-4118</link>
                <project id="10006" key="JAVA">Java Driver</project>
                    <description>&lt;p&gt;Currently Mongodb java driver supports authenticating against a database using AWS IAM roles, unfortunately this is only supported for applications running on EC2 or ECS tasks, it does not support Elastic Kubernetes Service - unless you grant the role at the node level which would mean every pod on that node gets access to that role and goes against the principal of least privilege.&lt;/p&gt;

&lt;p&gt;EKS recently introduced &lt;a href=&quot;https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts-technical-overview.html&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;IAM Roles for service accounts&lt;/a&gt;&#160;which basically gives pods an IAM role, this is exposed as an environment variable with an open id connect token that can get handed to AWS sts for a set of temporary creds (much like ECS/EC2).&lt;/p&gt;

&lt;p&gt;This improvement would be fantastic especially for those who are running on kubernetes in AWS.&lt;/p&gt;</description>
                <environment></environment>
        <key id="1692432">JAVA-4118</key>
            <summary>Add support for EKS when using AWS Iam roles for database authentication</summary>
                <type id="2" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14711&amp;avatarType=issuetype">New Feature</type>
                                            <priority id="2" iconUrl="https://jira.mongodb.org/images/icons/priorities/critical.svg">Critical - P2</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="9">Done</resolution>
                                        <assignee username="rachelle.palmer@mongodb.com">Rachelle Palmer</assignee>
                                    <reporter username="hsadafi@vistaprint.com">houtan sadafi</reporter>
                        <labels>
                    </labels>
                <created>Tue, 27 Apr 2021 03:28:20 +0000</created>
                <updated>Thu, 12 Jan 2023 15:33:17 +0000</updated>
                            <resolved>Thu, 12 Jan 2023 15:31:36 +0000</resolved>
                                                    <fixVersion>4.8.0</fixVersion>
                                    <component>Authentication</component>
                    <component>Kubernetes</component>
                                        <votes>4</votes>
                                    <watches>7</watches>
                                                                                                                <comments>
                            <comment id="5109252" author="rachelle.palmer" created="Thu, 12 Jan 2023 15:31:36 +0000"  >&lt;p&gt;Hello all,&lt;br/&gt;
This feature has been delivered in the Java driver version 4.8.0. Please see our release notes &lt;a href=&quot;https://www.mongodb.com/docs/drivers/java/sync/current/whats-new/#std-label-version-4.8&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;here&lt;/a&gt; and let us know if you have any feedback.&lt;/p&gt;

&lt;p&gt;Thank you!&lt;br/&gt;
Rachelle&lt;/p&gt;</comment>
                            <comment id="4383409" author="JIRAUSER1261250" created="Tue, 1 Mar 2022 15:33:53 +0000"  >&lt;p&gt;thank you Jeffrey&lt;/p&gt;</comment>
                            <comment id="4383400" author="jeff.yemin" created="Tue, 1 Mar 2022 15:31:02 +0000"  >&lt;p&gt;&lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=oliver.allan%40metrobank.plc.uk&quot; class=&quot;user-hover&quot; rel=&quot;oliver.allan@metrobank.plc.uk&quot;&gt;oliver.allan@metrobank.plc.uk&lt;/a&gt; I opened &lt;a href=&quot;https://jira.mongodb.org/browse/KAFKA-297&quot; title=&quot;Support configuration of an AWS credential callback&quot; class=&quot;issue-link&quot; data-issue-key=&quot;KAFKA-297&quot;&gt;&lt;del&gt;KAFKA-297&lt;/del&gt;&lt;/a&gt; to track support for AWS credential callback within Kafka connector.&lt;/p&gt;</comment>
                            <comment id="4373648" author="JIRAUSER1261250" created="Thu, 24 Feb 2022 09:33:31 +0000"  >&lt;p&gt;I dont think it helps in my case as I am using Kafka Connect&lt;/p&gt;</comment>
                            <comment id="4262241" author="jeff.yemin" created="Tue, 21 Dec 2021 18:11:05 +0000"  >&lt;p&gt;&lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=hsadafi%40vistaprint.com&quot; class=&quot;user-hover&quot; rel=&quot;hsadafi@vistaprint.com&quot;&gt;hsadafi@vistaprint.com&lt;/a&gt; and anyone else watching this issue, we&apos;d like to get feedback about whether &lt;a href=&quot;https://jira.mongodb.org/browse/JAVA-4292&quot; title=&quot;AWS credential refreshing&quot; class=&quot;issue-link&quot; data-issue-key=&quot;JAVA-4292&quot;&gt;&lt;del&gt;JAVA-4292&lt;/del&gt;&lt;/a&gt; provides sufficient support to handle this use case.&lt;/p&gt;</comment>
                            <comment id="4048804" author="jeff.yemin" created="Thu, 9 Sep 2021 21:56:42 +0000"  >&lt;p&gt;Linked to &lt;a href=&quot;https://jira.mongodb.org/browse/JAVA-4292&quot; title=&quot;AWS credential refreshing&quot; class=&quot;issue-link&quot; data-issue-key=&quot;JAVA-4292&quot;&gt;&lt;del&gt;JAVA-4292&lt;/del&gt;&lt;/a&gt;, which proposes an alternative approach for enabling applications to use EKS.&lt;/p&gt;</comment>
                            <comment id="3996787" author="JIRAUSER1261250" created="Thu, 12 Aug 2021 08:16:00 +0000"  >&lt;p&gt;Hi Ross&lt;/p&gt;

&lt;p&gt;Could you update on where this is please? Any rough ETA (very rough will do!) would be appreciated&lt;/p&gt;

&lt;p&gt;Really need this on a project we are working on&#160;&lt;/p&gt;

&lt;p&gt;Thanks&lt;/p&gt;

&lt;p&gt;Oli&lt;/p&gt;</comment>
                            <comment id="3743275" author="ross@10gen.com" created="Wed, 28 Apr 2021 10:45:56 +0000"  >&lt;p&gt;Hi &lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=hsadafi%40vistaprint.com&quot; class=&quot;user-hover&quot; rel=&quot;hsadafi@vistaprint.com&quot;&gt;hsadafi@vistaprint.com&lt;/a&gt;,&lt;/p&gt;

&lt;p&gt;Thanks for the PR, that&apos;s super helpful and has given me a good scope of whats required. No need to do PR&apos;s for other languages. &lt;/p&gt;

&lt;p&gt;In general for our specification process, if and when a feature is accepted and added to the specification then drivers can start planning implementations. This helps ensure that driver features don&apos;t diverge and helps with the planning process of supporting new features.&lt;/p&gt;

&lt;p&gt;To set expectations, depending on backlogs this may not be scheduled for a while but I will update this ticket once I have more information.&lt;/p&gt;

&lt;p&gt;Ross&lt;/p&gt;</comment>
                            <comment id="3742215" author="JIRAUSER1259771" created="Tue, 27 Apr 2021 19:19:10 +0000"  >&lt;p&gt;Hi Ross,&lt;/p&gt;

&lt;p&gt;I opened a draft pull request on &lt;a href=&quot;https://github.com/mongodb/mongo-java-driver/pull/700&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;github&lt;/a&gt;. &lt;/p&gt;

&lt;p&gt;Withe regards to support, i am happy to try and implement this in the C# and go drivers, but there are a lot of drivers to support and i doubt i can get them all done. Does this mean this feature will not be merged (if the PR is acceptable) until all drivers have that feature lined up?&lt;/p&gt;

&lt;p&gt;Warmly,&lt;br/&gt;
Houtan&lt;/p&gt;</comment>
                            <comment id="3741164" author="ross@10gen.com" created="Tue, 27 Apr 2021 14:44:58 +0000"  >&lt;p&gt;Hi &lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=hsadafi%40vistaprint.com&quot; class=&quot;user-hover&quot; rel=&quot;hsadafi@vistaprint.com&quot;&gt;hsadafi@vistaprint.com&lt;/a&gt;,&lt;/p&gt;

&lt;p&gt;Thanks for the ticket, we&apos;d be interested in a PR, so please do link to one if you can. &lt;/p&gt;

&lt;p&gt;Just to let you know that we&apos;d have to ensure that support for pod level IAM roles is specified to be added and tested across all drivers.&lt;/p&gt;

&lt;p&gt;All the best,&lt;/p&gt;

&lt;p&gt;Ross&lt;/p&gt;

&lt;p&gt;&#160;&lt;/p&gt;</comment>
                            <comment id="3740335" author="JIRAUSER1259771" created="Tue, 27 Apr 2021 03:31:29 +0000"  >&lt;p&gt;I have forked the java driver repo and implemented the required change. I am happy to submit the pull request linking to this ticket.&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10011">
                    <name>Depends</name>
                                            <outwardlinks description="depends on">
                                        <issuelink>
            <issuekey id="1710421">DRIVERS-1746</issuekey>
        </issuelink>
                            </outwardlinks>
                                                        </issuelinktype>
                            <issuelinktype id="10320">
                    <name>Documented</name>
                                                                <inwardlinks description="is documented by">
                                                        </inwardlinks>
                                    </issuelinktype>
                            <issuelinktype id="10010">
                    <name>Duplicate</name>
                                            <outwardlinks description="duplicates">
                                        <issuelink>
            <issuekey id="1820963">JAVA-4234</issuekey>
        </issuelink>
                            </outwardlinks>
                                                                <inwardlinks description="is duplicated by">
                                        <issuelink>
            <issuekey id="1757998">JAVA-4179</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                            <issuelinktype id="10012">
                    <name>Related</name>
                                            <outwardlinks description="related to">
                                        <issuelink>
            <issuekey id="1870014">JAVA-4292</issuekey>
        </issuelink>
                            </outwardlinks>
                                                                <inwardlinks description="is related to">
                                        <issuelink>
            <issuekey id="1992188">KAFKA-297</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                        <customfield id="customfield_10011" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Backwards Compatibility</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10038"><![CDATA[Fully Compatible]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_13552" key="com.go2group.jira.plugin.crm:crm_generic_field">
                        <customfieldname>Case</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[[5002K00000uzCQ0QAM, 5002K00000xCnDwQAK, 5006R00001lQylVQAS]]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                    <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10257" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Documentation Changes</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10250"><![CDATA[Needed]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hr3ncv:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            </customfields>
    </item>
</channel>
</rss>