MongoDB Atlas Cloud - Database as a service
- Andrew Watkins
Title | MongoDB Atlas Cloud - Database as a service |
|---|---|
Use | Provides the persistent storage for all Voluntarily platform data for both dev, test and production instances. |
Owner |
|
Location | |
Cost | Currently (01-2020) Free Tier. |
Billing |
|
Admins | Andrew, Viv |
MongoDB.Atlas is a cloud-hosted database as a service used by Voluntarily.nz
The management structure is:
Organisation - Pam Fergusson Charitable Trust
Project - Voluntarily.nz
Cluster - voluntarily-mongo-cluster-test
Cluster - voluntarily-mongo-cluster-prod
Previous management structure:
Used for alpha deployment through 2019.
Organisation - Andrew's Org - 2019-02-21
Project - Voluntarily.nz
Cluster - Cluster0
TODO: migrate alpha and beta data from original cluster to new one. placing new sign in creds in secure token.
voluntarily-mongo-cluster-test
Name | voluntarily-mongo-cluster-test |
|---|---|
Version | 4.2.2 |
Cluster Tier | M0 Sandbox ( free, no backup ) |
Region | AWS / Sydney (ap-southeast-2) |
Type | Replica Set - 3 nodes |
Limitations | https://docs.atlas.mongodb.com/reference/free-shared-limitations/ |
Access Whitelist | Open |
admin user | vly-admin |
client user | vly-client |
readonly user | vly-client-readonly |
voluntarily-mongo-cluster-prod
Name | voluntarily-mongo-cluster-prod |
|---|---|
Version |
|
Cluster Tier | To be created |
Region |
|
Type |
|
Limitations |
|
Access Whitelist | limit to AWS deployment network and Admin domain. |
|
|
Access Control
Current status of accounts
Admin Permissions Process
To be given admin rights you must:
Be a technical employee of Voluntarily
or be a trusted and experienced, long term contributor we have met in person.
have MFA enabled on your IAM account
Password policy allows alpha only passphrases but must be 15 chars or more.
To allocate a new admin the ‘Operations Manager’ using the Organisation Admin Account role will add a new account for the person assigning the required permissions.
Revoking Permissions
Access will be revoked for a person:
No longer meeting the above requirements.
Not contributing a change to the platform for more than 12 months.
Any action causing malicious harm to the project/code base.
Any action breaking the code of conduct towards others.
Any illegal activity
Auditing Permissions and Changes
Asset protection and disaster recovery
Backup Process
Test environments run in free tier clusters and do not have automated backups. In order to preserve the data in alpha and beta run x/atlas/alpha-dump or x/atlas/beta-dump from time to time.
The production system will be built with an integral backup facility.
Risk of losing access to service
If a malicious third party gained access to the organisation admin credentials or was able to sign in as an org admin or project admin they would be in a position to:
copy all the data from the database
delete all the data
change permissions preventing access by other admins and the online platform
If we broke terms of use or failure to pay bills from the service provider we may be prevented from operating the database.
Impact of losing access to service
Loss of the database service would completely prevent the Voluntarily platform from being used.
Impact of a data breach
A data breach would have a significant reputational impact on PFCT and Voluntarily.
Recovery process
Recovery would require:
Establishing a new MongoDB instance on suitable infrastructure
Restoring the database from a backup
updating the deployments to use the new DB.
This could take up to 1 day assuming the backups are available and networks operating.