Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DOCSP-45808-atlas-required-roles #707

Closed
wants to merge 3 commits into from
Closed

DOCSP-45808-atlas-required-roles #707

wants to merge 3 commits into from

Conversation

ajhuh-mdb
Copy link
Collaborator

@ajhuh-mdb ajhuh-mdb commented Jan 6, 2025
edited
Loading

DESCRIPTION

  • Adds required Atlas roles to Compass in preparation for DE content migration. Specifies that the roles are specifically for Atlas clusters.

STAGING

JIRA

https://jira.mongodb.org/browse/DOCSP-45808

Self-Review Checklist

  • Is this free of any warnings or errors in the RST?
  • Is this free of spelling errors?
  • Is this free of grammatical errors?
  • Is this free of staging / rendering issues?
  • Are all the links working?

External Review Requirements

What's expected of an external reviewer?

@netlify Netlify
Copy link

netlify bot commented Jan 6, 2025
edited
Loading

Deploy Preview for docs-compass ready!

Name Link
🔨 Latest commit 8b38e02
🔍 Latest deploy log https://app.netlify.com/sites/docs-compass/deploys/677d676465e49f0008d27334
😎 Deploy Preview https://deploy-preview-707--docs-compass.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

jason-price-mongodb
jason-price-mongodb approved these changes Jan 6, 2025
View reviewed changes
Copy link
Collaborator

@jason-price-mongodb jason-price-mongodb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ajhuh-mdb LGTM with suggestions. Cheers.

source/collections.txt Outdated Show resolved Hide resolved
source/create-agg-pipeline.txt Outdated Show resolved Hide resolved
source/create-agg-pipeline.txt Outdated Show resolved Hide resolved
source/documents/delete-multiple.txt Outdated Show resolved Hide resolved
source/documents/delete.txt Outdated Show resolved Hide resolved
source/documents/insert.txt Outdated Show resolved Hide resolved
source/documents/modify-multiple.txt Outdated Show resolved Hide resolved
betsybutton
betsybutton reviewed Jan 9, 2025
View reviewed changes
Copy link

@betsybutton betsybutton left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for doing this! Also, I noticed that most of these pages make it look like you need these specific roles to perform these actions in Compass. Are there other changes that will be made to make it clear that these restrictions only apply to Data Explorer? Specifically, there's a notion of control plane roles and data plane roles that I do not want to conflate in our documentation. Compass users do not need these roles in order to execute these actions; only DE users need them. This is an unfortunate reality until control plane and data plane auth are unified

source/databases.txt
Comment on lines +54 to +56
- :authrole:`Project Owner` or :authrole:`Organization Owner`
- :authrole:`Project Data Access Admin`
- :authrole:`Project Data Access Read/Write`
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do organization and project owner roles imply that these users are able to do the same things as the other roles? Would it be enough to say "at least" Project Data Access Read/Write and Project Data Access Admin? (Genuine question, I'm not sure if there's a standard we need to follow here to also include the owner roles)

This applies to all other relevant places in the PR as well

source/indexes.txt
Comment on lines +77 to +85
Required Roles
--------------

To :ref:`create <compass-create-index>`,
:ref:`drop <compass-drop-an-index>`, or :ref:`hide <compass-hide-an-index>`
indexes, you must have access provided by at least one of the following roles:

- :authrole:`Project Owner` or :authrole:`Organization Owner`
- :authrole:`Project Data Access Admin`
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's possible to view indexes with the Project Data Access Read/Write, Project Data Access Read Only, and Project Data Access Admin roles as well. Is that worth calling out separately?

@ajhuh-mdb
Copy link
Collaborator Author

Closing this PR because we've opted to move all the required roles information to the Atlas UI landing page.

@ajhuh-mdb ajhuh-mdb closed this Jan 16, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@betsybutton betsybutton betsybutton left review comments

@jason-price-mongodb jason-price-mongodb jason-price-mongodb approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ajhuh-mdb @betsybutton @jason-price-mongodb