Skip to content

MongoDB Atlas Keys

Service Name: MongoDB Atlas

Service Description: MongoDB Atlas is a fully-managed cloud database service for MongoDB, offering automated provisioning, scaling, and operations of MongoDB deployments in the cloud. It provides database as a service functionality, allowing developers to focus on application development rather than database management.

Service Address: https://www.mongodb.com/cloud/atlas

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the project level in MongoDB Atlas to limit access to specific IP addresses or CIDR blocks.

Secret Access Scope: MongoDB Atlas API keys grant programmatic access to MongoDB Atlas resources and services, allowing management of clusters, users, backups, and other Atlas features.

Secret Revokement URL: https://cloud.mongodb.com/v2#/org/{ORG_ID}/access/apiKeys

Secret Example: abcdefghijklmnopqrstuvwxyz0123456789ABCDEFG

Suspicious Activity Investigation Instructions:

  • Review the MongoDB Atlas Activity Feed for unusual operations or access patterns
  • Check for unauthorized cluster creation, modification, or deletion
  • Monitor for unexpected user additions or permission changes
  • Examine database access logs for suspicious queries or connection attempts
  • Verify if any unexpected IP addresses have been added to the IP access list

Mitigation Instructions:

  • Log in to the MongoDB Atlas dashboard
  • Navigate to Access Manager → API Keys
  • Locate the compromised API key
  • Click the trash icon to delete the key
  • Create a new API key with appropriate permissions if needed
  • Review and update IP access lists to restrict access to trusted IP addresses only
  • Enable advanced security features like multi-factor authentication
  • Audit all project members and their permission levels
  • Review database users and their roles to ensure proper access controls